[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] PERMISSION DENIED log in StartLog for command 440 (MATCH_INFO)

Yes, that is expected. The negotiator and collector daemons should only be running on one machine (which we call the Central Manager). What value is the parameter ALLOW_NEGOTIATOR set to in the Condor configuration file on your compute nodes?

On Mar 11, 2014, at 3:40 AM, éææ <kyleqian@xxxxxxxxx> wrote:

yes, they are on the same machine. But I see this log on my compute nodes, in StartLog file, and collector is not running on them. Is this ok?

2014-3-6 AM6:37ä "Jaime Frey" <jfrey@xxxxxxxxxxx>åéï
On Feb 24, 2014, at 1:53 AM, éææ <kyleqian@xxxxxxxxx> wrote:

I find this log entry in StartLog file:
02/24/14 10:29:46 slot4: State change: claiming protocol successful
02/24/14 10:29:46 slot4: Changing state: Unclaimed -> Claimed
02/24/14 10:29:46 PERMISSION DENIED to unauthenticated@unmapped from host for command 440 (MATCH_INFO), access level NEGOTIATOR: reason: NEGOTIATOR authorization policy contains no matching ALLOW entry for this request; identifiers used for this host:,amax.local, hostname size = 1, original ip address =

the last log entry will repeat many times for every slot. It seems that some settings for negotiator are not correct. What should I do to correct this?

This is controlled by the ALLOW_NEGOTIATOR configuration parameter. The default setting allows connections from the machine running the condor_collector daemon. Are your condor_negotiator and condor_collector running on the same machine (the usual case)? Is that machine

Thanks and regards,
Jaime Frey
UW-Madison HTCondor Project