Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] A little security -- we don't want too much though

Date: Wed, 25 May 2011 06:05:03 -0500
From: Zachary Miller <zmiller@xxxxxxxxxxx>
Subject: Re: [Condor-users] A little security -- we don't want too much though

> 3. I would like to add to the config on our dedicated master matchmaker:
> SOME_NAME = A, B, C
> 
> where SOME_NAME will prevent any other host but those listed from
> submitting jobs to the pool.
> 
> 4. What is SOME_NAME?

ALLOW_ADVERTISE_SCHEDD = A, B, C

this will prevent any other schedd from registering itself with the collector.
and if you aren't registered with the collector, the negotiator will not
consider any jobs from that schedd.

so that setting just needs to be set on the collector machine, but there's no
harm in setting it globally across the pool.


> 5. Does any other config on any other machine need changing too?

that should do.  as you mentioned yourself, host-based security is fallible,
but it's a good start.


cheers,
-zach

Follow-Ups:
- Re: [Condor-users] A little security -- we don't want too much though
  - From: Ian Cottam

References:
- Re: [Condor-users] A little security -- we don't want too much though
  - From: Dan Bradley
- Re: [Condor-users] A little security -- we don't want too much though
  - From: Ian Cottam

Prev by Date: Re: [Condor-users] A little security -- we don't want too much though
Next by Date: Re: [Condor-users] A little security -- we don't want too much though
Previous by thread: Re: [Condor-users] A little security -- we don't want too much though
Next by thread: Re: [Condor-users] A little security -- we don't want too much though
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [Condor-users] A little security -- we don't want too much though