By default, job submission requires a password and a valid user ID for a job to be executed.
You can change this rule at any time after installation by executing the cawrksec utility located in the $CAIGLBL0000\sche\bin directory. The utility allows only the uid 0 user to maintain the file and preserve the file permissions. The file can also be maintained using a UNIX/Linux text editor. For more information about using the cawrksec utility, see the online CA Reference.
The ExtNodeL.sch configuration file is located in the $CAIGLBL0000\sche\config directory. You can use this file to maintain policies that specify how password validation is to be performed based on the submitting node and user ID. The file must be owned by root, and only a uid of 0 may have write access to it. An individual entry in the file has the following format:
-n=nodename,user-id,flag
where:
Specifies the node from which the job is initiated; it can contain a trailing generic mask character.
Specifies a user ID to whom the rule applies; it can contain a trailing generic mask character.
Specifies D for disable (perform no password authorizations), E for enable (unless the proper password is supplied, the job will not run), or W for warn (check the password; if invalid, run the job but issue a warning message).
The following rule is the default rule in effect if you elected to enable password checking during installation. The rule states that for all nodes and all users password validation is to occur.
-n=*,*,E
The following rule is the default rule in effect if you elected to disable password checking during installation. The rule states that for all nodes and all users password validation is bypassed.
-n=*,*,D
The following combination of rules only enforces a password validation on user root and allows all other users to bypass password validation.
-n=*,*,D -n=*,root,E
The following combination of rules allows all users to bypass password validation unless the request comes from the node mars. In that case, password validation is enforced for all users. The last entry sets a warning type password validation for user root if it comes from a node other than mars.
-n=*,*,D -n=mars,*,E -n=*,root,W
Job Management scans the entire configuration file for a best match and uses that rule. It uses the node field as a high level qualifier when searching for a best match. For example, if the following entries are the only two entries in the file, any request coming from the node mars uses the enforce rule. The user root only uses the warning rule if the request comes from a node other than mars.
-n=mars,*,E -n=*,root,W
|
Copyright © 2010 CA.
All rights reserved.
|
|