If I read the security correctly, the BOINC_projects account cannot access
the BOINC executables directory to do anything. Projects run under the
BOINC_projects account, and thus could not initiate any call to the BOINC
command line,
jm7
Mark Pottorff
<[email protected]
m> To
Sent by: Charlie Fenton
<boinc_dev-bounce <[email protected]>, Rom
[email protected] Walton <[email protected]>
u> cc
BOINC dev
<[email protected]>
02/22/2010 12:52 Subject
PM Re: [boinc_dev] How to locate
boinccmd on client
Please respond to
[email protected]
When I say "BOINC App" I am referring to a BOINC project that sends WUs
comprised of simple script files that do things like:
boinccmd --get_state >out1.txt
and send their "results" back to the project (which hosts a website that
allows you to review the data and initiate control operations, which
in-turn creates WUs customized for your host machine).
So everything I (attempt to) do is running as the BOINC user, on the local
machine, from within the sandbox. I can see that the BOINC user may be
limited so far as snooping around the machine. That's what the sandbox is
for. That is why I cannot count on snooping around to locate the boinccmd.
And there could be more then one installed.
I don't typically install as a Windows service, so perhaps I'm missing
something. But sandboxes are made to keep things in, not out. Everything
required should already be in the same sandbox as my WU's "application"
script file from the slot directory.
So, if I hit the right boinccmd, it will change to the data directory that
I am running within, and not require a host name and password. Heck, I
could actually open the ..\..\gui_rpc_auth.cfg file if I use file seperator
appropriate for the host. But I still wouldn't know for certain where
boinccmd is if the user seperates the data directory from the BOINC client
code.
Running Microsoft's "System Idle Process" will never help cure cancer,
AIDS nor Alzheimer's. But running rose...@home just might!
http://boinc.bakerlab.org/rosetta/
--- On Mon, 2/22/10, Rom Walton <[email protected]> wrote:
From: Rom Walton <[email protected]>
Subject: RE: [boinc_dev] How to locate boinccmd on client
To: [email protected], "Charlie Fenton" <[email protected]>
Cc: "BOINC dev" <[email protected]>
Date: Monday, February 22, 2010, 11:28 AM
I'm afraid that isn't how it works.
Boinccmd attempts to lookup the password by opening up the gui_rpc_auth.cfg
file in the current directory ( On Windows, boinccmd changes the working
directory to the data directory before looking ). If gui_rpc_auth.cfg
cannot be opened it looks at the command line argument.
If BOINC is installed as a service on Windows, or in a sandbox
configuration on the Mac, then there are several permission issues to
contend with depending on how your application is to be executed.
When you say "BOINC App" are you referring to an application that the
volunteer launches to control BOINC, or are you referring to an application
that is launched by BOINC as a project application?
----- Rom
-----Original Message-----
From: [email protected] [
mailto:[email protected]] On Behalf Of Mark Pottorff
Sent: Monday, February 22, 2010 12:06 PM
To: Charlie Fenton
Cc: BOINC dev
Subject: Re: [boinc_dev] How to locate boinccmd on client
According to the doc, the requirement for GUI RPC password only applies
when you run boinccmd from some other subdirectory or machine. If I can
locate the boinccmd from the same directory as the active core client, and
contact the client via boinccmd rather then GUI RPC over the network, then
I'm expecting boinccmd to be fully functional without the password.
Are there other undocumented limitations on functionality? I see no mention
of any reduced level of functionality. Either you're allowed, or you're
not. Nor do I see any mention that Mac clients may not have boinccmd
available. So please advise.
I am tinkering with a "BOINC app" that allows monitoring and control of the
client via browser rather then a direct network connection. All interaction
to the client machine is done via BOINC scheduler and "application", so no
direct network connectivity is required (beyond the normal BOINC
client-pull scheduler protocol). How would you like to be able to abort a
bad task on your alpha cluster, or set the debug flags on one of your alpha
machines without having to actually locate the physical machine and run
down there to modify cc_config? ...or detach all of the machines in a
school system from a project, perhaps even uninstall BOINC, all from a
website?
I'm looking at installing BOINC client version upgrades as well, but need
to locate command line arguments to suppress GUI. I seem to recall there
are some, but haven't had a chance to track them down, so if anyone knows
off-hand, I need to get that in my notebook.
I still have a number of dots to connect before I am ready to launch an
alpha, but by all means contact me directly if you have interest in using
such a monitor and control system.
Running Microsoft's "System Idle Process" will never help cure cancer,
AIDS nor Alzheimer's. But running rose...@home just might!
http://boinc.bakerlab.org/rosetta/
--- On Sun, 2/21/10, Charlie Fenton <[email protected]> wrote:
From: Charlie Fenton <[email protected]>
Subject: Re: [boinc_dev] How to locate boinccmd on client
To: [email protected]
Cc: "BOINC dev" <[email protected]>
Date: Sunday, February 21, 2010, 4:55 PM
On 2/20/10, Mark Pottorff <[email protected]> wrote:
> I would like to find a reliable means of locating (on all supported
> platforms) the full path to the boinccmd executable from an application
> running in a slots directory.
At 9:29 PM -0300 2/20/10, Nicolás Alvarez wrote:
> On Mac, I think boinccmd isn't installed at all in the default package.
On the Mac, the user has the option of downloading the command-line version
of teh client which includes boinccmd. They normally would install it in
the standard BOINC Data directory at "/Library/Application Support/ BOINC
Data/".
But even if boinccmd _is_ installed, project applications do not have
access to the gui rpc password under sandbox security, so they can only
perform limited functions using boinccmd. I don't know if this is also
true on Windows.
What do you want your project application to do with boinccmd? In other
words, for what do you want your application to use boinccmd?
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
