Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
Thank you for your responses and apologies for responding until now. For Todd's question. I was able to verify that the script is being executed by the Apache user with uid 48.
IIRC, the default client authentication method list is FS, GSI. If the apache user can't write (create directories) to the directory (usually /tmp) that FS uses, it will fall back on trying GSI (and failing spectacularly, since you don't have it configured). If you try touching a file (or creating a directory) in /tmp from the script the web interface uses to submit jobs, what happens?
(FYI, if you run the submit command with CONDOR_TOOL_DEBUG set to D_SECURITY in the environment, and the -debug command line flag, you should see more about what HTCondor is actually trying to do.)
Also, if you have no authentication at all, you'd need to configure your ALLOW_* settings to be host-based. It's also possible that HTCondor doesn't allow unauthenticated job submission to happen at all, even if the security settings would otherwise allow it. You could try using CLAIM_TO_BE instead of not doing authentication at all. (CLAIM_TO_BE is intended only for testing -- it trusts whatever the client says -- but if you can't get anything else to work, it's worth a try.)
- ToddM