[HTCondor-users] Inconsistency in authorizations for condor_userprio

[Bert DeKnuydt <Bert.DeKnuydt@xxxxxxxxxxxxxxxx>]

Hello Condorists ...

I run HTCondor 9.0.8, on Rocky in this case, but that is irrelevant.

As root, from the Negotiator, or from another node I get:

> [root@aries8 ~]# condor_userprio -setceiling deknuydt@xxxxxxxxxxxxxxxx 
> 123
The ceiling of deknuydt@xxxxxxxxxxxxxxxx was set to 123

--> Works as expected

[root@aries8 ~]# condor_userprio -setfactor deknuydt@xxxxxxxxxxxxxxxx 1
set priority factor failed: Not an administrator and authorization maps 
(NEGOTIATOR_CLASSAD_USER_MAP_NAMES) is not set.

--> This nags and does nothing.

For all clarity, I do have ADMINISTRATOR rights:

[root@aries8 ~]# condor_ping  -address "<10.87.24.157:9618>" -table 
ADMINISTRATOR
         Instruction Authentication Encryption Integrity Decision 
Identity
       ADMINISTRATOR       PASSWORD        AES       AES    ALLOW 
condor_pool@xxxxxxxxxxxxxxxx

I don't get what is going on here:

1) The first needs no particular extra security, but the second, with 
similar implications to
the user, claims it does.

2) I cannot find any mention of NEGOTIATOR_CLASSAD_USER_MAP_NAMES in the 
documentation.  I guess
it might be a map to map ordinary users to get some additional rights?

Seems I'm missing something here.  IIRC, in earlier 9.0.* this did NOT 
happen.

Regards, B. DeKnuydt