-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authorized users in security.pp #94
Comments
Absolutely.
Hmm..that's interesting, cannot say I've tried it. It is definitely not a trivial config
If you preserve the default behaviour, this should be fine. |
What I propose precisely, is:
That's the problem : a user not having set use_password_auth will get changes in his authorization files (condor_pool disappearance). |
I just noticed that use_password_auth is enabled in the default configuration; thus I think these changes can be quite seamless, it would only impact those who disabled it. |
security.pp includes authorizations for user condor_pool, but this user is supposed to exist only if password auth is used: could we condition it to use_password_auth = true ?
Meanwhile, replacing the default machine_list_prefix by condor@$(UID_DOMAIN)/ (instead of condor_pool@$(UID_DOMAIN)/) would be interesting for configs using root as condor_user:
I can be wrong, but I think you still need another user than root@domain to be authorized, the most obvious one is condor@domain.
I can propose commits to do this. However, this would be a change with a strong impact on the default configurations.
The text was updated successfully, but these errors were encountered: