csamuel at vpac.org
Mon Oct 18 22:00:15 MDT 2004
On Sat, 16 Oct 2004 03:39 am, torqueusers at supercluster.org wrote:
CAVEAT: We don't use Kerberos at VPAC, so I've never tried the following!
> Hi. I wanted to know if I could configure torque to use kerberos. And
This came up on the list a few months back, although I didn't see anyone say
that they actually got it working.
If you want to look at how PBS does its authentication at the moment (using
ruserok(3)) and convert that to Kerberos then you can find that in the file:
in the function:
The comments say:
* site_check_u - site_check_user_map()
* This routine determines if a user is privileged to execute a job
* on this host under the login name specified (in user-list attribute)
* As provided, this routine uses ruserok(3N). If this is a problem,
* It's replacement is "left as an exersize for the reader."
There might be a kuserok(3) variant you can slip in there instead, as long as
you do whatever magic Kerberos requires you to beforehand..
You can also tell the Torque configure process to use another program instead
of scp by doing (say):
SCP_PATH=/usr/local/bin/kcp ./configure --with-scp
You can check that's worked by doing:
grep SCP_PATH ./src/include/pbs_config.h
Playing around with configure it looks like it uses the value it's cached
previously in preference to the environment value, so you'll need to either
remove config.cache first or do a "make distclean" to make sure you've got a
Christopher Samuel - (03)9925 4751 - VPAC Systems & Network Admin
Victorian Partnership for Advanced Computing http://www.vpac.org/
Bldg 91, 110 Victoria Street, Carlton South, VIC 3053, Australia
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://www.supercluster.org/pipermail/torqueusers/attachments/20041019/776ba19e/attachment.bin
More information about the torqueusers