[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Help on running HTCondor as root



On 10/19/2015 08:50 AM, Tommaso Boccali wrote:
(sorry if it is a double posting, I have multiple email addresses and often I mistake them ...)
ciao, thanks a lot.
I need some more time to identify the problem: for the moment it is not even clear which command is problematic.
I would bet on 'su': condor runs as root, receives a payload and want to run it. In order to do so it probably wants to change used, using either 'su' or 'sudo'.
fact is that client side I do not see error too clearly, so I need collector operators' help and that is slowing down the things quite a bit.


To be clear, HTCondor _really_ does not want to start user jobs as root, because such jobs could compromise the machine.  It double-checks that the uid of the job is not zero at the last minute before exec'ing it, just to be sure that no bugs have snuck in.  This particular check is what we are hitting here -- HTCondor thinks it is root, changes uid to the job in question (which fails, leaving us at root), and right before we would run the job, we notice that the job would be run as root, so we throw our hands up.

-greg