<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>This sounds like a solution for singularity. <br>
</p>
<a class="moz-txt-link-freetext" href="http://singularity.lbl.gov/">http://singularity.lbl.gov/</a><br>
<br>
You could use the Lua script to restrict what is permitted to run
via barring anything that isn't a specific singularity script. Else
you could use either prolog scripts to act as emergency fall back in
case the lua script doesn't catch it.<br>
<br>
-Paul Edmon-<br>
<br>
<div class="moz-cite-prefix">On 1/15/2018 8:31 AM, John Hearns
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAPqNE2VKanFnVXrduN0wGCxpf6_ee9A5H6c_ZkHzmOobeDzAvA@mail.gmail.com">
<div dir="ltr">
<div>Juan, me kne-jerk reaction is to say 'containerisation'
here.</div>
<div>However I guess that means that Slurm would have to be able
to inspect the contents of a container, and I do not think
that is possible.</div>
<div>I may be very wrong here. Anyone?</div>
<div><br>
</div>
<div><br>
</div>
<div>However have a look at thre Xalt stuff from TACC</div>
<div><a
href="https://www.tacc.utexas.edu/research-development/tacc-projects/xalt"
moz-do-not-send="true">https://www.tacc.utexas.edu/research-development/tacc-projects/xalt</a></div>
<div><a href="https://github.com/Fahey-McLay/xalt"
moz-do-not-send="true">https://github.com/Fahey-McLay/xalt</a></div>
<div><br>
</div>
<div><br>
</div>
<div>Xalt is intended to instrument your cluster and collect
information on what software is being run and exactly what
libraries are being used.</div>
<div>I do not think it has any options for "Nope! You may not
run this executable on this partition"</div>
<div>However it might be worth contacting the authors and
discussing this.</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 15 January 2018 at 14:20, Juan A.
Cordero Varelaq <span dir="ltr"><<a
href="mailto:bioinformatica-ibis@us.es" target="_blank"
moz-do-not-send="true">bioinformatica-ibis@us.es</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">But what
if the user knows the path to such application (let's say
python command) and executes it on the partition he/she
should not be allowed to? Is it possible through lua scripts
to set constrains on software usage such as a limited shell,
for instance?<br>
<br>
In fact, what I'd like to implement is something like a
limited shell, on a particular node for a particular
partition and a particular program.
<div class="HOEnZb">
<div class="h5"><br>
<br>
<br>
On 12/01/18 17:39, Paul Edmon wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px
0px
0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid">You
could do this using a job_submit.lua script that
inspects for that application and routes them
properly.<br>
<br>
-Paul Edmon-<br>
<br>
<br>
On 01/12/2018 11:31 AM, Juan A. Cordero Varelaq wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px
0px
0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid">Dear
Community,<br>
<br>
I have a node (20 Cores) on my HPC with two
different partitions: big (16 cores) and small (4
cores). I have installed software X on this node,
but I want only one partition to have rights to run
it.<br>
Is it then possible to restrict the execution of an
specific application to a given partition on a given
node?<br>
<br>
Thanks<br>
<br>
</blockquote>
<br>
<br>
</blockquote>
<br>
<br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>