Re: [Condor-users] A little security -- we don't want too much though

[Ian Cottam <Ian.Cottam@xxxxxxxxxxxxxxxx>]

Many thanks - will give it a go!
-Ian
ps: I thought I'd already tried this
but some machines that can flock to our pool
were still showing up. I may have made a mistake,
so will try again.





On 25/05/2011 12:05, "Zachary Miller" <zmiller@xxxxxxxxxxx> wrote:

>> 3. I would like to add to the config on our dedicated master matchmaker:
>> SOME_NAME = A, B, C
>> 
>> where SOME_NAME will prevent any other host but those listed from
>> submitting jobs to the pool.
>> 
>> 4. What is SOME_NAME?
>
>ALLOW_ADVERTISE_SCHEDD = A, B, C
>
>this will prevent any other schedd from registering itself with the
>collector.
>and if you aren't registered with the collector, the negotiator will not
>consider any jobs from that schedd.
>
>so that setting just needs to be set on the collector machine, but
>there's no
>harm in setting it globally across the pool.
>
>
>> 5. Does any other config on any other machine need changing too?
>
>that should do.  as you mentioned yourself, host-based security is
>fallible,
>but it's a good start.
>
>
>cheers,
>-zach
>
>_______________________________________________
>Condor-users mailing list
>To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
>subject: Unsubscribe
>You can also unsubscribe by visiting
>https://lists.cs.wisc.edu/mailman/listinfo/condor-users
>
>The archives can be found at:
>https://lists.cs.wisc.edu/archive/condor-users/
>


-- 
Ian Cottam
IT Services for Research
Faculty of EPS
The University of Manchester