[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] A little security -- we don't want too much though
- Date: Wed, 25 May 2011 06:05:03 -0500
- From: Zachary Miller <zmiller@xxxxxxxxxxx>
- Subject: Re: [Condor-users] A little security -- we don't want too much though
> 3. I would like to add to the config on our dedicated master matchmaker:
> SOME_NAME = A, B, C
> where SOME_NAME will prevent any other host but those listed from
> submitting jobs to the pool.
> 4. What is SOME_NAME?
ALLOW_ADVERTISE_SCHEDD = A, B, C
this will prevent any other schedd from registering itself with the collector.
and if you aren't registered with the collector, the negotiator will not
consider any jobs from that schedd.
so that setting just needs to be set on the collector machine, but there's no
harm in setting it globally across the pool.
> 5. Does any other config on any other machine need changing too?
that should do. as you mentioned yourself, host-based security is fallible,
but it's a good start.