Re: [HTCondor-users] condor_ssh_to_job broken with 8.8 on CentOS 7

[Oliver Freyermuth <freyermuth@xxxxxxxxxxxxxxxxxx>]

Dear Steffen,

Am 27.02.19 um 16:27 schrieb Oliver Freyermuth:
> I guess that's also not feasible for RHEL 6 / RHEL 7, so I'd rather wait
> for Greg to take a shot at a good fix in HTCondor, e.g. by rewriting "-a" to the list of flags
> (as you proposed) and making the addition of "-U" conditional.

Just a small heads-up: While we've been discussing, Greg has already committed a fix for the nsenter issue:
https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=6934
That works in conjunction with https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=6931 to treat both singularity
with setuid root and without in the correct way (I think). 

Now, to my current knowledge, only two issues remain:
- For an interactive job, Singularity will exit as soon as the dummy "sleep" is killed by 
  /usr/libexec/condor/condor_ssh_to_job_shell_setup , since attaching to the namespace does not enhance the lifetime of the Singularity container
  (so just patching out the "kill" does not solve it). 
- When attaching to a job, I get (after patching environment to have bash and /bin in PATH):
  ---------------------------------------------------------- 
  bash: cannot set terminal process group (-1): Inappropriate ioctl for device
  bash: no job control in this shell
  ---------------------------------------------------------- 
  But that is still before Greg's recent commits, so maybe this already improved. 

In any case, so many thanks to Greg for working on this! :-)

Cheers,
	Oliver

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature