Skip to content

Commit

Permalink
Merge pull request #609 from JaimeFrey/V23_9_0-HTCONDOR-2549-daemon-d…
Browse files Browse the repository at this point in the history
…omain

HTCONDOR-2549 daemon domain
  • Loading branch information
ColeBollig authored Jul 19, 2024
2 parents 89eff07 + 496f504 commit 7825fa6
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 10 deletions.
16 changes: 7 additions & 9 deletions config/05-ce-auth-defaults.conf
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ DENY_ADMINISTRATOR = anonymous@*, *@unmapped
DENY_DAEMON = anonymous@*, *@unmapped

# Defaults authorizations
SUPERUSERS = condor@daemon.htcondor.org/$(FULL_HOSTNAME), root@daemon.htcondor.org/$(FULL_HOSTNAME)
FRIENDLY_DAEMONS = condor@daemon.htcondor.org/$(FULL_HOSTNAME) condor@child/$(FULL_HOSTNAME)
SUPERUSERS = condor@$(UID_DOMAIN)/$(FULL_HOSTNAME), root@$(UID_DOMAIN)/$(FULL_HOSTNAME)
FRIENDLY_DAEMONS = condor@$(UID_DOMAIN)/$(FULL_HOSTNAME) condor@child/$(FULL_HOSTNAME)
# Setting the UID_DOMAIN appends @users.htcondor.org to GUMS mappings.
UID_DOMAIN = users.htcondor.org
USERS = *@users.htcondor.org
Expand All @@ -28,14 +28,12 @@ UNMAPPED_USERS = ssl@unmapped

# Authz settings for each daemon. Preferably, change the templates above
ALLOW_READ = *
ALLOW_WRITE = $(FRIENDLY_DAEMONS)
SCHEDD.ALLOW_WRITE = $(USERS), [email protected]/$(FULL_HOSTNAME)
COLLECTOR.ALLOW_ADVERTISE_MASTER = $(FRIENDLY_DAEMONS)
COLLECTOR.ALLOW_ADVERTISE_SCHEDD = $(FRIENDLY_DAEMONS)
COLLECTOR.ALLOW_ADVERTISE_STARTD = $(UNMAPPED_USERS), $(USERS)
SCHEDD.ALLOW_NEGOTIATOR = [email protected]/$(FULL_HOSTNAME)
ALLOW_WRITE = $(USERS), condor@$(UID_DOMAIN)/$(FULL_HOSTNAME)
ALLOW_ADVERTISE_MASTER = $(FRIENDLY_DAEMONS)
ALLOW_ADVERTISE_SCHEDD = $(FRIENDLY_DAEMONS)
ALLOW_ADVERTISE_STARTD = $(UNMAPPED_USERS), $(USERS)
ALLOW_NEGOTIATOR = condor@$(UID_DOMAIN)/$(FULL_HOSTNAME)
ALLOW_DAEMON = $(FRIENDLY_DAEMONS)
C_GAHP.ALLOW_DAEMON = $(ALLOW_DAEMON)
ALLOW_ADMINISTRATOR = $(SUPERUSERS)
QUEUE_SUPER_USERS = condor, root

Expand Down
1 change: 0 additions & 1 deletion config/mapfiles.d/50-common-default.conf
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,4 @@
###############################################################################

CLAIMTOBE /.*/ anonymous@claimtobe
FS /^(root|condor)$/ \[email protected]
FS /(.*)/ \1

0 comments on commit 7825fa6

Please sign in to comment.