Re: [HTCondor-users] docker universe and centos 6

[Dimitri Maziuk <dmaziuk@xxxxxxxxxxxxx>]

On 9/5/19 10:06 AM, Dimitri Maziuk via HTCondor-users wrote:
> On 9/5/2019 8:18 AM, Bockelman, Brian wrote:
> 
>> Which use is it complaining about? 'condor' user or a target user?
> 
> Target user: Dockerfile creates condor user w/ ids matching ours. (You
> could get omit that if you put them on SSO server but we have problems
> with that and systemd tempfiles so we moved them to /etc files instead.)

Sorry, I was in a meeting and was writing this and listening to
something entirely different at the same time.

So,

1. we moved out condor user and group out of openldap and into
/etc/(group|passwd) a while back because
a) it's more convenient when deploying a dedicated worker node and
b) race conditions in systemd's universe.

Dockerfile I posted sets those in ENV up top. Edit to suit your pool.

2. If the node is to run jobs as a target user and those jobs create
files on bind-mounted volumes, they'll need to use correct uid/gid.
Technically they don't need the password database, they just need
uid/gid numbers, but I have no idea if condor would let them do that.

-- 
Dimitri Maziuk
Programmer/sysadmin
BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu

Attachment: signature.asc
Description: OpenPGP digital signature