[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] Preserving output-transferred directory permissions?
- Date: Wed, 05 Oct 2016 17:22:27 -0500
- From: Todd Tannenbaum <tannenba@xxxxxxxxxxx>
- Subject: Re: [HTCondor-users] Preserving output-transferred directory permissions?
On 9/28/2016 8:37 PM, Michael Pelletier wrote:
The output transfer process seems to be manipulating or applying a umask
to the file permissions on the directories it creates while transferring
output files back from scratch space.
At least on Linux/Mac platforms, for non-directory files, the output
transfer process preserves the file permissions while ignoring the
umask. Unfortunately, as you suspected, I think the code to preserve
file permissions on subdirectories applies a umask of 022. There does
not appear to be a knob to override this.
I think this is a bug. I will try to get it patched before our next
point release. A ticket for this appears at
Thanks for reporting this issue.
hope the above helps,
For example, I submit a job which creates a directory and a subdirectory
and sets permissions:
transfer_input_files = /bin/mkdir
+PreCmd = "mkdir"
+PreArguments = "-p mode775dir/subdir"
transfer_output_files = mode775dir
executable = /bin/chmod
arguments = 775 mode775dir/subdir
transfer_executable = false
should_transfer_files = yes
I would expect that the output-transferred “subdir” would have mode 775,
with group-write permissions, since that’s what it was set to on the
exec node. However, it comes back with 755 permissions.
It does appear that there’s some manner of umask at work, because I can
set it to 700, 750, etc., and those permissions are preserved, but write
permissions for anyone but owner are apparently stripped during the
voyage from scratch space to initialdir.
Is there a knob for this? They’d like to have output data writable by
all members of the project team since it makes it easier for them to
manage their output data volume without superuser intervention. We run
all our stuff as owner due to our security audit requirements, so
there’s no concern connected with a translation from a slot uid to the
submitter uid. We just want to be able to set the right file permissions
on the output without having to do a DAG.
Thanks for any suggestions!
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
You can also unsubscribe by visiting
The archives can be found at:
Todd Tannenbaum <tannenba@xxxxxxxxxxx> University of Wisconsin-Madison
Center for High Throughput Computing Department of Computer Sciences
HTCondor Technical Lead 1210 W. Dayton St. Rm #4257
Phone: (608) 263-7132 Madison, WI 53706-1685