Provided by: condor_23.4.0+dfsg-1ubuntu4_amd64
NAME
condor_token_request_auto_approve - HTCondor Manual generate a new rule to automatically approve token requests
SYNOPSIS
condor_token_request_auto_approve -netblock network -lifetime val [-pool pool_name] [-name hostname] [-type type] [-debug] condor_token_request_auto_approve [-help ]
DESCRIPTION
condor_token_request_auto_approve will install a temporary auto-approval rule for token requests. Any token request matching the auto-approval rule will be immediately approved instead of requiring administrator approval Automatic request approval is intended to help administrators initially setup their cluster. To install a new rule, you must specify both a network and a lifetime; requests are only approved if they come from that given source network, are within the rule lifetime, are limited to ADVERTISE_SCHEDD or ADVERTISE_STARTD permissions, and are for the condor identity. When a condor_startd or condor_schedd is started and cannot communicate with the collector, they will automatically generate token requests that meet the last two conditions. It is not safe to enable auto-approval when users have access to any of the involved hosts or networks. To remove auto-approval rules, run condor_reconfig against the remote daemon.: By default, condor_token_request_auto_approve will install rules at the local condor_collector; by specifying a combination of -pool, -name, or -type, the tool can request tokens in other pools, on other hosts, or different daemon types.
OPTIONS
-debug Causes debugging information to be sent to stderr, based on the value of the configuration variable TOOL_DEBUG. -help Display brief usage information and exit. -lifetime value Specify the lifetime, in seconds, for the auto-request rule to be valid. -name hostname Request a token from the daemon named hostname in the pool. If not specified, the locally-running daemons will be used. -netblock network A netblock of the form IP_ADDRESS / SUBNET_MASK specifying the source of authorized requests. Examples may include 129.93.12.0/24 or 10.0.0.0/26. -pool pool_name Request a token from a daemon in a non-default pool pool_name. -type type Request a token from a specific daemon type type. If not given, a condor_collector is used.
EXAMPLES
To automatically approve token requests to the default condor_collector coming from the 10.0.0.0/26 subnet for the next 10 minutes: $ condor_token_request_auto_approve -lifetime 600 -netblock 10.0.0.0/26 Successfully installed auto-approval rule for netblock 10.0.0.0/26 with lifetime of 0.17 hours Remote daemon reports no un-approved requests pending.
EXIT STATUS
condor_token_request_auto_approve will exit with a non-zero status value if it fails to communicate with the remote daemon or has insufficient authorization. Otherwise, it will exit 0.
SEE ALSO
condor_token_request(1), condor_token_request_approve(1)
AUTHOR
Center for High Throughput Computing, University of Wisconsin-Madison
AUTHOR
HTCondor Team
COPYRIGHT
1990-2024, Center for High Throughput Computing, Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, US. Licensed under the Apache License, Version 2.0. Apr 14, 2024 CONDOR_TOKEN_REQUEST_AUTO_APPROVE(1)