[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] Help on running HTCondor as root
- Date: Fri, 16 Oct 2015 19:10:42 +0200 (CEST)
- From: Francesco Prelz <Francesco.Prelz@xxxxxxxxxx>
- Subject: Re: [HTCondor-users] Help on running HTCondor as root
On Fri, 16 Oct 2015, Greg Thain wrote:
Perhaps I'm missing something, but can you start Condor as a non-root user?
To the best of my understanding (as I don't know -yet- all the
details of Tommaso's work) he *was* trying to run as a nonpriv user,
but as he was accessing most of the system install via Parrot, the
setuid-root bit in some of the system (or CMS) utilities was getting
squashed, leading him to desperately try running with USER_FINAL==root.
I do believe that condor will staunchly prevent that...
However, back in 2009 I contributed into Parrot a nice patch to handle
a local overlay cache and that could become useful here. If the
Parrot mountfile (or equivalent -M option) has an entry that looks
where /another/path/... points to a small tree (local to the VM running
Condor) containing all and only the needed setuid-root utilities, this
should do the trick. Specifying LOCAL in the Parrot mountfile can also
help, but that gets applied to a full path, so would require to list all
the setuid-root files.
There may be better ways, we'll try...
INFN - Milan