[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] Authentication issue
- Date: Mon, 15 Sep 2014 06:32:49 -0500
- From: Zachary Miller <zmiller@xxxxxxxxxxx>
- Subject: Re: [HTCondor-users] Authentication issue
On Mon, Sep 15, 2014 at 11:43:03AM +0200, Pek Daniel wrote:
> I get this message in my CollectorLog on host a.b.c.d,X.Y.Z every time
> after a 'service condor restart' on host:
First question: During "normal operation" (i.e. before a restart) do
you see this in the log at all? If you run "condor_status -collector"
do you see an ad for the Collector?
> It looks like a locally sent commnd. This message is in the
> CollectorLog, and it's an UPDATE_COLLECTOR_AD, so I guess the daemon
> sends a command to itself (?).
> The strange part is unauthenticated@unmapped. I have these settings on
> every nodes:
For some special cases, including when a daemon sends commands to itself, it
does so using a differnt mechanism than the normal security methods. This is
why it's not using GSI or KERBEROS, and likely why you are ending up with the
unauthenticated@unmapped canonical name. However, the same authorization
policies are still being applied.
The good news is in this particular case, it probably isn't really a problem
and is just noise in the log, but it is definitely something I need to look
into. Thanks for the report... I will investigate, make a ticket, and get back