[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[HTCondor-users] Problems with ENCRYPT_EXECUTE_DIRECTORY on Windows
- Date: Fri, 24 Apr 2020 04:56:04 +0000
- From: "Hitchen, Greg (IM&T, Kensington WA)" <Greg.Hitchen@xxxxxxxx>
- Subject: [HTCondor-users] Problems with ENCRYPT_EXECUTE_DIRECTORY on Windows
I've been having a play with encryption on a small test pool that consists of one linux Central Manager,
one windows 2016 server Submit Node, and one windows 10 Execute Node. All are running htcondor 8.8.7 64 bit versions.
Enabling encryption for communications works OK using:
SEC_DEFAULT_ENCRYPTION = REQUIRED
SEC_DEFAULT_CRYPTO_METHODS = 3DES, BLOWFISH
Enabling encryption of the execute directory using:
ENCRYPT_EXECUTE_DIRECTORY = True
produces errors about permission denied to the execute folder.
To make sure I'm not doing anything dumb I have a couple of questions:
Should the encrypt execute directory statement be on the submit node, execute node, or both?
I have tried on both, but it doesn't seem to appear in the job ad correctly unless I also add it to the
actual submit file, and not just the condor_config file on the submit node, i.e. the job ad with
it ONLY in the config file contains:
EncryptExecuteDirectory = false
whereas with it in the submit file (as well as the condor_config file) the job ad contains:
EncryptExecuteDirectory = true
Regardless of that I still get permission denied errors. Condor runs as a system service and SYSTEM
has full access permissions on the execute folder.
Thanks for any help.