Mailing List ArchivesPublic Access |
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif){kind=logo}
|
Mailing List ArchivesPublic Access |
|
_______________________________________________Hi,maybe you try to submit jobs first using accountinggroups and us the map file in a second stage as a security measure ?+AcctGroupUser="doesnotExit"Then on the sched you need:AccountingGroup = strcat(AcctGroupUser, ".", Owner)This would set the accountinggroup to whatever your user wants it to be. You can use the map file to check if this accountinggroup is correct and put the job on hold if it is not and you can also do a mapping from what the user wished to your own scheme using regex or the map file ....Âbestchristoph
--
Christoph Beyer
DESY Hamburg
IT-Department
Notkestr. 85
Building 02b, Room 009
22607 Hamburg
phone:+49-(0)40-8998-2317
mail: christoph.beyer@xxxxxxxVon: rmorgan466@xxxxxxxxx
An: "htcondor-users" <htcondor-users@xxxxxxxxxxx>
Gesendet: Freitag, 24. April 2020 15:47:01
Betreff: Re: [HTCondor-users] Accounting GroupsThanks for the explanation.ÂIn my submit file if I have+AcctGroupUser="doesnotExit"My map file looks like this:* userA AcctGroupUser_userA_fixI submit a job as userA and run condor_q -l . In AcctGroupUser="userA" and AcctGroup = undefinedIs that expected?ÂOn Fri, Apr 24, 2020 at 2:44 AM <christoph.beyer@xxxxxxx> wrote:_______________________________________________Hi,you can use the map file to check if the user that submitted the job is in the group he claims to be in. If it turns out that the user did choose a group he is not a member of (according to your map file) you can send the job to hold with an according hold-reason like "wrong accounting group" or something similiar.Of course you can omitt that if you trust your users or if you set the groups yourself on the sched.Bestchristoph
--
Christoph Beyer
DESY Hamburg
IT-Department
Notkestr. 85
Building 02b, Room 009
22607 Hamburg
phone:+49-(0)40-8998-2317
mail: christoph.beyer@xxxxxxxVon: rmorgan466@xxxxxxxxx
An: "htcondor-users" <htcondor-users@xxxxxxxxxxx>
Gesendet: Donnerstag, 23. April 2020 23:34:41
Betreff: Re: [HTCondor-users] Accounting GroupsI was able to get further. Thanks to this,Âhttps://indico.cern.ch/event/817927/contributions/3570542/attachments/1913668/3162964/ScheddTransforms.pdfSCHEDD_CLASSAD_USER_MAP_NAMES = $(SCHEDD_CLASSAD_USER_MAP_NAMES) GroupsÂCLASSAD_USER_MAPFILE_Groups = /path/to/mapfileÂJOB_TRANSFORM_NAMES = AssignGroupÂJOB_TRANSFORM_AssignGroup @=endÂ[ copy_Owner="AcctGroupUser"; copy_AcctGroup="RequestedAcctGroup"; eval_set_AcctGroup=usermap("AssignGroup",AcctGroupUser,AcctGroup); ]Â@endOn my CM, I now haveGROUP_NAMES = AcctGroupUserGROUP_QUOTA_AcctGroupUser_userA = 100That should set userA quota to 100.is thisÂcorrect? Also, what is the purpose of the mapfile? I know it must exist but not sure why we need it.ÂOn Thu, Apr 23, 2020 at 12:40 PM Rita <rmorgan466@xxxxxxxxx> wrote:I set the following belowRestarted condor. Submitted a job. And now, I see in my condor_userprio my username and resource used. Is this a good way to validate the change? Now that user accounting groups are squared away, How can I enforce the quota?JOB_TRANSFORM_NAMES = AssignGroup JOB_TRANSFORM_AssignGroup = [ eval_set_AccountingGroup = userMap("Groups",Owner,AccountingGroup); ]On Thu, Apr 23, 2020 at 12:19 PM Gregory Thain <gthain@xxxxxxxxxxx> wrote:
On 4/23/20 10:46 AM, rmorgan466@xxxxxxxxx wrote:
> Hi.
>
> I was wondering if there were any advancements on how to manage
> account groups. Each user will have an accounting group in my setup. I
> want to explicitlyÂset the number of jobs a user can run. I don't want
> a user to use another accounting group. If a user runs without an
> accounting group, their jobs shouldn't run. Is this possible?
With schedd transforms, the schedd can now automatically assign an
accounting group to a user based on a mapping file the admin sets up.Â
Some details are given here, though we hope to improve the documentation:
https://htcondor.readthedocs.io/en/latest/admin-manual/policy-configuration.html?highlight=usermap#job-transforms
-greg
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/
----- Get your facts first, then you can distort them as you please.--
----- Get your facts first, then you can distort them as you please.--
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/
----- Get your facts first, then you can distort them as you please.--
_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users
The archives can be found at:
https://lists.cs.wisc.edu/archive/htcondor-users/