Re: [HTCondor-users] security defaults

["John (TJ) Knoeller" <johnkn@xxxxxxxxxxx>]

    condor_config_val  use security:host_based

will show you the value of the meta-knob that we set by default in the 
base condor_config.
( The "use SECURITY : HOST_BASED"  statement is set at around line 44 of 
condor_config.)

   condor_config_val -dump ^allow_

will show you the values of all of the knobs whose names begin with ALLOW_

   condor_config_val -dump ^allow_ -verbose

Will also show you were in your config files the allow knobs were defined

-tj


On 6/24/2014 4:03 AM, Pek Daniel wrote:
> Hi,
>
> I'd like to know the default values for all the ALLOW_*, DENY_*,
> HOSTALLOW_* and HOSTDENY_* macros (I'm using 8.1.6).
>
> When I don't set any of these macros explicitly, condor_config_val
> -dump | grep ALLOW tells me nothing relevant, so everything should be
> denied, but in fact it's not.
>
> My guess would be that the authorization defaults are controlled by
> "use SECURITY : FOO" default configuration sets, but I couldn't find
> the exact specification of these configuration sets. And if this is
> the case, why these configuration sets don't set up the corresponding
> ALLOW_* and DENY_* macros properly queriable by condor_config_val (or
> do I query them in the wrong way?)?
>
> I'd like to understand exactly what's happening inside HTCondor
> security-wise, as security is crucial in our application.
>
> Thanks,
> Daniel
> _______________________________________________
> HTCondor-users mailing list
> To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
> subject: Unsubscribe
> You can also unsubscribe by visiting
> https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
>
> The archives can be found at:
> https://lists.cs.wisc.edu/archive/htcondor-users/