[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Migrating to version 8

On 6/19/2020 11:44 AM, Xavier OUVRARD wrote:
Dear all,

I am in the process of migrating to version 8. Some of the nodes are already in version 8.6.11, and everything works perfectly even with the central manager in the latest 7 version.

condor_status and condor_q commands work on that machine

If I push to version 8.8.9 then I am unable to submit jobs; I get errors when submitting of type:

ERROR: Failed to connect to local queue manager
SECMAN:2007:Failed to end classad message.

Is the condor_schedd running on the same machine where you are running condor_submit, or is it remote?

While logged onto the submit machine (presumably the same place where condor_submit gave you the above errors), try the following troubleshooting commands:

First, is the condor_schedd running?  Check with  "ps auxw | grep condor_schedd" assuming you are on Linux...

Next, condor_ping is a useful tool for debugging this.  What do the following commands have to say?

    condor_ping -table READ WRITE
    condor_ping -verbose READ WRITE

With condor_ping, it can show what authentication methods the client (condor_submit) is trying, and what method the server is accepting, which could provide some clues...

Also it may be handy if you sent along what sort of security/authentication you are expecting, and/or a dump of your security configuration via the output from the command:

   condor_config_val -v -dump SEC

I have already disable all security settings in the config.d condor file of the node with:


Note that write operations with the job queue (e.g. submitting jobs with condor_submit) will always be authenticated unless you explicitly set QUEUE_ALL_USERS_TRUSTED=True in the condor_config file(s) on the submit host. ** I DO NOT RECOMMEND THIS, ESP IF HTCONDOR WAS STARTED AS ROOT, UNLESS YOU REALLY UNDERSTAND THE IMPLICATIONS **, as this could enable anybody with access to the schedd to impersonate other users without any credentials. See the Manual for more info here.

What has changed between 8.6.11 and 8.8.9 on the security side (what has been enforced)?

The Version History and Release Notes section of the manual will always have a section on highlights when upgrading from one stable release to the next; see


Hope the above helps,