Man page - condor_token_request_auto_approve(1)
Packages contas this manual
- condor_run(1)
- condor_master(1)
- condor_q(1)
- classads(1)
- condor_annex(1)
- condor_check_password(1)
- condor_preen(1)
- condor_vacate(1)
- condor_updates_stats(1)
- condor_install(1)
- condor_on(1)
- gidd_alloc(1)
- condor_procd(1)
- condor_continue(1)
- classad_eval(1)
- condor_wait(1)
- condor_advertise(1)
- get_htcondor(1)
- condor_userprio(1)
- condor_ssh_to_job(1)
- condor_token_list(1)
- condor_qsub(1)
- condor_token_request_approve(1)
- condor_job_router_info(1)
- condor_router_q(1)
- condor_hold(1)
- condor_transform_ads(1)
- condor_release(1)
- condor_suspend(1)
- condor_rmdir(1)
- condor_qedit(1)
- condor_findhost(1)
- condor_upgrade_check(1)
- condor_restart(1)
- condor_token_request_list(1)
- condor_rm(1)
- condor_check_userlogs(1)
- condor_fetchlog(1)
- condor_set_shutdown(1)
- condor_submit(1)
- condor_token_create(1)
- condor_vacate_job(1)
- condor_off(1)
- condor_ping(1)
- condor_chirp(1)
- condor_urlfetch(1)
- condor_router_history(1)
- procd_ctl(1)
- condor_now(1)
- condor_gpu_discovery(1)
- condor_dagman(1)
- condor_reschedule(1)
- condor_who(1)
- condor_version(1)
- condor_userlog(1)
- condor_evicted_files(1)
- condor_token_request_auto_approve(1)
- condor_history(1)
- condor_ssh_start(1)
- condor_prio(1)
- condor_transfer_data(1)
- condor_update_machine_ad(1)
- condor_reconfig(1)
- condor_watch_q(1)
- condor_power(1)
- condor_router_rm(1)
- condor_submit_dag(1)
- condor_tail(1)
- condor_sos(1)
- condor_top(1)
- htcondor(1)
- condor_store_cred(1)
- condor_config_val(1)
- condor_token_request(1)
- condor_pool_job_report(1)
- condor_ssl_fingerprint(1)
- condor_drain(1)
- condor_adstash(1)
- condor_status(1)
- condor_gather_info(1)
- condor_remote_cluster(1)
- condor_stats(1)
- condor_token_fetch(1)
- condor_configure(1)
- condor_test_token(1)
apt-get install condor
Manual
| CONDOR_TOKEN_REQUEST_AUTO_APPROVE(1) | HTCondor Manual | CONDOR_TOKEN_REQUEST_AUTO_APPROVE(1) |
NAME
condor_token_request_auto_approve - HTCondor Manual
generate a new rule to automatically approve token requests
SYNOPSIS
condor_token_request_auto_approve -netblock network -lifetime val [-pool pool_name] [-name hostname] [-type type] [-debug]
condor_token_request_auto_approve [-help ]
DESCRIPTION
condor_token_request_auto_approve will install a temporary auto-approval rule for token requests. Any token request matching the auto-approval rule will be immediately approved instead of requiring administrator approval
Automatic request approval is intended to help administrators initially setup their cluster. To install a new rule, you must specify both a network and a lifetime; requests are only approved if they come from that given source network, are within the rule lifetime, are limited to ADVERTISE_SCHEDD or ADVERTISE_STARTD permissions, and are for the condor identity. When a condor_startd or condor_schedd is started and cannot communicate with the collector, they will automatically generate token requests that meet the last two conditions.
It is not safe to enable auto-approval when users have access to any of the involved hosts or networks.
To remove auto-approval rules, run condor_reconfig against the remote daemon.:
By default, condor_token_request_auto_approve will install rules at the local condor_collector; by specifying a combination of -pool, -name, or -type, the tool can request tokens in other pools, on other hosts, or different daemon types.
OPTIONS
- -debug
- Causes debugging information to be sent to stderr, based on the value of the configuration variable TOOL_DEBUG.
- -help
- Display brief usage information and exit.
- -lifetime value
- Specify the lifetime, in seconds, for the auto-request rule to be valid.
- -name hostname
- Request a token from the daemon named hostname in the pool. If not specified, the locally-running daemons will be used.
- -netblock network
- A netblock of the form IP_ADDRESS / SUBNET_MASK specifying the source of authorized requests. Examples may include 129.93.12.0/24 or 10.0.0.0/26.
- -pool pool_name
- Request a token from a daemon in a non-default pool pool_name.
- -type type
- Request a token from a specific daemon type type. If not given, a condor_collector is used.
EXAMPLES
To automatically approve token requests to the default condor_collector coming from the 10.0.0.0/26 subnet for the next 10 minutes:
$ condor_token_request_auto_approve -lifetime 600 -netblock 10.0.0.0/26 Successfully installed auto-approval rule for netblock 10.0.0.0/26 with lifetime of 0.17 hours Remote daemon reports no un-approved requests pending.
EXIT STATUS
condor_token_request_auto_approve will exit with a non-zero status value if it fails to communicate with the remote daemon or has insufficient authorization. Otherwise, it will exit 0.
SEE ALSO
condor_token_request(1), condor_token_request_approve(1)
AUTHOR
Center for High Throughput Computing, University of Wisconsin-Madison
AUTHOR
HTCondor Team
COPYRIGHT
1990-2024, Center for High Throughput Computing, Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, US. Licensed under the Apache License, Version 2.0.
| March 8, 2026 |