condor_token_request_auto_approve(1)

1CONDOR_TOKEN_REQUEST_AUTO_APPROVEH(T1C)ondor MaCnOuNaDlOR_TOKEN_REQUEST_AUTO_APPROVE(1)
2
3
4

NAME

6       condor_token_request_auto_approve - HTCondor Manual
7
8       generate a new rule to automatically approve token requests
9
10

SYNOPSIS

12       condor_token_request_auto_approve   -netblock   network  -lifetime  val
13       [-pool pool_name] [-name hostname] [-type type] [-debug]
14
15       condor_token_request_auto_approve [-help ]
16

DESCRIPTION

18       condor_token_request_auto_approve will  install  a  temporary  auto-ap‐
19       proval  rule  for  token  requests.   Any  token  request  matching the
20       auto-approval rule will be immediately approved  instead  of  requiring
21       administrator approval
22
23       Automatic request approval is intended to help administrators initially
24       setup their cluster.  To install a new rule, you must  specify  both  a
25       network  and  a  lifetime; requests are only approved if they come from
26       that given source network, are within the rule lifetime, are limited to
27       ADVERTISE_SCHEDD  or ADVERTISE_STARTD permissions, and are for the con‐
28       dor identity.  When a condor_startd or  condor_schedd  is  started  and
29       cannot communicate with the collector, they will automatically generate
30       token requests that meet the last two conditions.
31
32       It is not safe to enable auto-approval when users have access to any of
33       the involved hosts or networks.
34
35       To  remove  auto-approval rules, run condor_reconfig against the remote
36       daemon.:
37
38       By default, condor_token_request_auto_approve will install rules at the
39       local condor_collector; by specifying a combination of -pool, -name, or
40       -type, the tool can request tokens in other pools, on other  hosts,  or
41       different daemon types.
42

OPTIONS

44          -debug Causes  debugging  information to be sent to stderr, based on
45                 the value of the configuration variable TOOL_DEBUG.
46
47          -help  Display brief usage information and exit.
48
49          -lifetime value
50                 Specify the lifetime, in seconds, for the  auto-request  rule
51                 to be valid.
52
53          -name hostname
54                 Request  a  token from the daemon named hostname in the pool.
55                 If not specified, the locally-running daemons will be used.
56
57          -netblock network
58                 A netblock of the form IP_ADDRESS  /  SUBNET_MASK  specifying
59                 the  source  of  authorized  requests.   Examples may include
60                 129.93.12.0/24 or 10.0.0.0/26.
61
62          -pool pool_name
63                 Request  a  token  from  a  daemon  in  a  non-default   pool
64                 pool_name.
65
66          -type type
67                 Request  a  token  from  a specific daemon type type.  If not
68                 given, a condor_collector is used.
69

EXAMPLES

71       To automatically approve token requests to the default condor_collector
72       coming from the 10.0.0.0/26 subnet for the next 10 minutes:
73
74          $ condor_token_request_auto_approve -lifetime 600 -netblock 10.0.0.0/26
75          Successfully installed auto-approval rule for netblock 10.0.0.0/26 with lifetime of 0.17 hours
76          Remote daemon reports no un-approved requests pending.
77

EXIT STATUS

79       condor_token_request_auto_approve  will  exit  with  a  non-zero status
80       value if it fails to communicate with the remote daemon or has insuffi‐
81       cient authorization.  Otherwise, it will exit 0.
82

AUTHOR

87       Center for High Throughput Computing, University of Wisconsin-Madison
88

COPYRIGHT

90       Copyright  ©  1990-2019  Center for High Throughput Computing, Computer
91       Sciences Department, University of Wisconsin-Madison, Madison, WI.  All
92       Rights Reserved. Licensed under the Apache License, Version 2.0.
93

AUTHOR

95       HTCondor Team
96

COPYRIGHT

98       1990-2023,  Center for High Throughput Computing, Computer Sciences De‐
99       partment, University of Wisconsin-Madison, Madison,  WI,  US.  Licensed
100       under the Apache License, Version 2.0.
101
102
103
104
105                                 Oct 02, 20C2O3NDOR_TOKEN_REQUEST_AUTO_APPROVE(1)