Re: [HTCondor-users] Permission problem

[Zachary Miller <zmiller@xxxxxxxxxxx>]

On Fri, May 01, 2015 at 10:54:50AM -0300, Angelo Fausti Neto wrote:
> Dear all,
> 
> >
> > we are running
> > $CondorVersion: 7.8.5 Oct 09 2012 BuildID: 68720 $
> >
> > on CentOS 6.3  rocks cluster
> > $CondorPlatform: x86_64_rhap_6.3 $

That is a relatively old version, and many important bug and security fixes
have been made.  So, if possible I would highly recommend using a release from
the 8.2.X series.


> >
> > [angelofausti@nc02 ~]$ cat /var/opt/condor/log/StartLog | grep PERMISSION
> >
> > 04/30/15 23:44:15 PERMISSION DENIED to unauthenticated@unmapped from host
> > 10.1.1.1 for command 440 (MATCH_INFO), access level NEGOTIATOR: reason:
> > NEGOTIATOR authorization policy contains no matching ALLOW entry for this
> > request; identifiers used for this        host: 10.1.1.1,ferocks.local,
> > hostname size = 1, original ip address = 10.1.1.1
> >
> > any suggestion?

Check the value of ALLOW_NEGOTIATOR (or HOSTALLOW_NEGOTIATOR) in your config
file.  You can do this by running the command:

  condor_config_val ALLOW_NEGOTIATOR

For some reason, ferocks.local and 10.1.1.1 do not match anything in that list,
which is why you see the error.


Cheers,
-zach