Mike,
Thanks for the response. We have done some additional testing, and it looks as though NFS is not our problem. It seems as though the xgrid agent job is being started with increased restrictions as compared with Tiger.
We tested this by doing the following:
1) We created a /scratch directory on the agent machine, and place a data file in the directory.
2) We then submitted a job that tried to copy the file to the local xgrid working directory.
This job runs successfully on Tiger, but on Leopard, we get permission issues. In addition, this test would run correctly on Tiger if the directory was hosted on NFS, whereas the same permission issue occurs on Leopard.
So, my questions have been morphed into the following: has Leopard increased the restrictions on the shell that is used to run the job on the agent? Is there anyway to modify the way that the xgrid agent job is started? How are the priviledges set for the job?
This may be a moot point once we move to a complete Leopard shop and make use of Kerberos, but we'd like to test this prior to moving the whole cluster over to Leopard.
Dale Schack
Thrust Belt Imaging Inc.
On Thursday, December 06, 2007, at 10:54AM, "Mike Mackovitch" <email@hidden> wrote:
>On Wed, Dec 05, 2007 at 06:05:04PM -0800, Ernest Prabhakar wrote:
>> Hi Dale,
>>
>> On Dec 5, 2007, at 5:47 PM, Dale Schack wrote:
>>> It turns out that the user "nobody" no longer has the ability to read the
>>> NFS mounted directories. My question to the group is this: has anyone
>>> tried using Xgrid on Tiger Server, with Leopard clients, reading data via
>>> NFS? Have there been any changes with respect to NFS and security that
>>> may be the cause of this change?
>>
>> I can't be sure this is _your_ issue, but NFS in Leopard now users Kerberos
>> for authentication instead of userid. I'm not sure which is the default,
>
>Kerberized NFS is not on by default on NFS exports.
>It needs to be explicitly configured on the export.
>So this wouldn't be causing any problem unless the
>Leopard NFS client was explicitly requiring Kerberos
>with the mount option: -o sec=krb5
>
>Dale,
>
>We'll need some more details to try to figure out what the
>problem is in your case.
>
>Is the NFS file system mounting successfully on the client
>or is the mount failing? How is it being mounted? Is it
>automounted? What mount options are used? Are there any
>NFS messages in /var/log/system.log on the client or server?
>
>Does the "nobody" user have the same UID/GID on the client and
>the server?
>
>Would it be possible to get a tcpdump capture file showing the
>full network packets when it isn't working? Start the following
>command on the server (where the last argument is the actual name
>or IP address of the client):
>
>sudo tcpdump -ns0 -w /tmp/packets.pcap host CLIENT_NAME_OR_IP
>
>Reproduce the problem, then Ctrl-C the tcpdump command and forward me
>the packets.pcap file (don't send it everyone on the mailing list)....
>or attach it to a bug report: http://bugreporter.apple.com
>
>Thanks!
>--macko
>
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xgrid-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/xgrid-users/email@hidden
This email sent to email@hidden
