[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] condor_config_val request refused



I just thought of another thing that could be the problem:

The user that is running the "condor_config_val -rset" must also be part of the ALLOW_CONFIG authorization list.  I think by default that list is empty.  So suppose you wanted the "condor" user to be able to change those values, and only from the local host, you should also add this line to your condor_config:
	ALLOW_CONFIG = condor@$(UID_DOMAIN)/$(IP_ADDRESS)

Even after you solved the first problem from the earlier email, you'd probably hit this issue as well.


Cheers,
-zach


ïOn 10/15/20, 12:47 PM, "HTCondor-users on behalf of Zach Miller" <htcondor-users-bounces@xxxxxxxxxxx on behalf of zmiller@xxxxxxxxxxx> wrote:

    Hello,

    You don't actually want to use the "DEFRAG." prefix here.  It is the condor_master daemon that is looking at the "SETTABLE_ATTRS_CONFIG" variable to see what is allowed to be set.  I would just omit the prefix entirely and put this in your config file:
    	SETTABLE_ATTRS_CONFIG = DEFRAG_MAX_WHOLE_MACHINE,DEFRAG_MAX_CONCURRENT_DRAINING,DEFRAG_DRAINING_MACHINE_PER_HOUR

    Don't forget to reconfig the master, then try again and let me know if that did the trick.


    Cheers,
    -zach


    On 10/15/20, 11:16 AM, "HTCondor-users on behalf of Mihai Ciubancan" <htcondor-users-bounces@xxxxxxxxxxx on behalf of ciubancan@xxxxxxxx> wrote:

        Hello,

        I have issues setting some values through condor_config_val:

        condor_config_val  -rset "DEFRAG_MAX_WHOLE_MACHINES = 15"
        Attempt to set configuration "DEFRAG_MAX_WHOLE_MACHINES = 15" on master
        condor1atlas.nipne.ro
        <192.168.181.11:9618?addrs=192.168.181.11-9618+[--1]-9618&noUDP&sock=32084_88a9>
        failed.

        And In MasterLog I get the message:
        10/15/20 19:12:20 WARNING: Someone at 192.168.181.11 is trying to modify
        "DEFRAG_MAX_WHOLE_MACHINES"
        10/15/20 19:12:20 WARNING: Potential security problem, request refused

        I have set SETTABLE_ATRS_CONFIG and ENABLE_RUNTIME_CONFIG
        DEFRAG.SETTABLE_ATTRS_CONFIG =
        DEFRAG_MAX_WHOLE_MACHINE,DEFRAG_MAX_CONCURRENT_DRAINING,DEFRAG_DRAINING_MACHINE_PER_HOUR
        ENABLE_RUNTIME_CONFIG = TRUE

        I also tried with DEFRAG.SETTABLE_ATTRS_ADMINISTRATOR but it doesn't work.

        Do you know what I'm missing?

        Regards,
        Mihai




        Dr. Mihai Ciubancan
        IT Department
        National Institute of Physics and Nuclear Engineering "Horia Hulubei"
        Str. Reactorului no. 30, P.O. BOX MG-6
        077125, Magurele - Bucharest, Romania
        http://www.ifin.ro
        Work:   +40214042360
        Mobile: +40761345687
        Fax:    +40214042395

        _______________________________________________
        HTCondor-users mailing list
        To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
        subject: Unsubscribe
        You can also unsubscribe by visiting
        https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users

        The archives can be found at:
        https://lists.cs.wisc.edu/archive/htcondor-users/


    _______________________________________________
    HTCondor-users mailing list
    To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
    subject: Unsubscribe
    You can also unsubscribe by visiting
    https://lists.cs.wisc.edu/mailman/listinfo/htcondor-users

    The archives can be found at:
    https://lists.cs.wisc.edu/archive/htcondor-users/