RE: [condor-users] Restrict access to certain user/RemoteUser expression query

["Paul Wilson" <p.b.wilson@xxxxxxxxx>]

Here is the proper negotiatorlog.

-----Original Message-----
From: owner-condor-users@xxxxxxxxxxx
[mailto:owner-condor-users@xxxxxxxxxxx] On Behalf Of Alexander Klyubin
Sent: 29 March 2004 13:21
To: condor-users@xxxxxxxxxxx
Subject: Re: [condor-users] Restrict access to certain user/RemoteUser
expression query

Paul,

Here's my best guess. Similar to how RANK expression is defined in terms

of Owner, I think you should use Owner instead of RemoteUser in your 
Requirements expression. RemoteUser, according to the manual, is the 
name of the user whose job is currently occupying the machine, whereas 
Owner is the user whose job is being matched. So, if I am correct, then 
your current setup allows starting of a job of any user provided the 
machine is *at the moment* occupied by 'charaka' or 'paul'.

Regards,
Alexander

Paul Wilson wrote:
> Alexander.
> 
>  
> 
> The exact expression is: (as reported via condor_config_val from the 
> master node)
> 
>  
> 
> [root@viognier home]# condor_config_val -name tokay.ucl.ac.uk
Requirements
> 
>  
> 
> (RemoteUser == "charaka@xxxxxxxxxxxxxxxxxxx" || RemoteUser == 
> "paul@xxxxxxxxxxxxxxxxxx")
> 
>  
> 
> .So the brackets are there.
> 
>  
> 
> BTW, tokay.ucl.ac.uk is a dual processor machine, so I see vm1 and vm2

> in condor_status.
> 
>  
> 
> Paul
> 
>  
> 
>  
> 
>  
> 
> -----Original Message-----
> From: owner-condor-users@xxxxxxxxxxx 
> [mailto:owner-condor-users@xxxxxxxxxxx] On Behalf Of Alexander Klyubin
> Sent: 29 March 2004 11:50
> To: condor-users@xxxxxxxxxxx
> Subject: Re: [condor-users] Restrict access to certain user/RemoteUser

> expression query
> 
>  
> 
> Can this be caused by missing quotes around paul@xxxxxxxxxxxxxxxxxx in
> 
> the Requirements expression?
> 
>  
> 
> Alexander
> 
>  
> 
> Paul Wilson wrote:
> 
>>  Hi
> 
>>
> 
>> 
> 
>>
> 
>>  I have 6 machines I want to restrict to just 2 of my users to run
their
> 
>>  Java jobs.
> 
>>
> 
>> 
> 
>>
> 
>>  To do this Condor FAQ 7.2 specifies using:
> 
>>
> 
>> 
> 
>>
> 
>>  Requirements = (RemoteUser == "userfoo@xxxxxxx")
> 
>>
> 
>> 
> 
>>
> 
>>  In the config of the machines in question.
> 
>>
> 
>> 
> 
>>
> 
>>  I've added the following line in the condor.config.local file to
machine
> 
>>
> 
>>  tokay@xxxxxxxxxx
> 
>>
> 
>> 
> 
>>
> 
>>  Requirements = (RemoteUser == "charaka@xxxxxxxxxxxxxxxxxx
> 
>>  <mailto:charaka@xxxxxxxxxxxxx>" ||RemoteUser ==
paul@xxxxxxxxxxxxxxxxxx
> 
>>  <mailto:paul@xxxxxxxxxxxxxxxxxx>)
> 
>>
> 
>> 
> 
>>
> 
>>  Then applied condor_reconfig.
> 
>>
> 
>> 
> 
>>
> 
>>  viognier.ucl.ac.uk is the submit host, charaka and paul are the
users on
> 
>>  this submit host that I want to allow to use this machine.
> 
>>
> 
>> 
> 
>>
> 
>>  From Viognier:
> 
>>
> 
>> 
> 
>>
> 
>>  $ condor_config_val -name tokay@xxxxxxxxx <mailto:tokay@xxxxxxxxx>
> 
>>  Requirements
> 
>>
> 
>> 
> 
>>
> 
>>  returns the correct expression.
> 
>>
> 
>> 
> 
>>
> 
>>  Yet, user vinay@xxxxxxxxxxxxxxxxxx still has his jobs matched to
> 
>>  tokay.ucl.ac.uk and run there.
> 
>>
> 
>> 
> 
>>
> 
>>  Why is this and is there something I'm missing?
> 
>>
> 
>> 
> 
>>
> 
>>  The pool is v6.4.7, Linux master/submit node and windows
execute-only 
> nodes.
> 
>>
> 
>> 
> 
>>
> 
>>  Cheers,
> 
>>
> 
>> 
> 
>>
> 
>>  Paul.
> 
>>
> 
>> 
> 
>>
> 
>> 
> 
>>
> 
>> 
> 
>>
> 
>> 
> 
>>
> 
>> 
> 
>>
> 
>> 
> 
>>
> 
>> 
> 
>>
>

Attachment: Negotiatorlog
Description: Binary data