<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>We've taken the per-user-namespace approach, as my boss
documented here:
<a class="moz-txt-link-freetext" href="http://tech.ryancox.net/2013/07/per-user-tmp-and-devshm-directories.html">http://tech.ryancox.net/2013/07/per-user-tmp-and-devshm-directories.html</a></p>
<p>This setup makes sure that all user processes are in their own
namespace, whether they're launched by slurm or not. We do put
them inside a subdir of /tmp, but you could probably do something
similar that puts them into /scratch.</p>
<p>Lloyd</p>
<p><br>
</p>
<div class="moz-cite-prefix">On 7/11/19 9:19 AM, Douglas Duckworth
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAAKHBKn8rEgWWj8nkGmLqgksLh+-hCVT+kht57CKvtn+=N0-vg@mail.gmail.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div dir="ltr">Hello
<div><br>
</div>
<div>I am wondering if it's possible to hide a file system,
that's world writable on compute node, logically within
Slurm. That way any job a user runs cannot possible access
this file system.</div>
<div><br>
</div>
<div>Essentially we define $TMPDIR as /scratch, which Slurm
cleans up in epilogue scripts, but some users still keep
writing to /tmp instead which we do not want. We would use
tmpwatch to clean up /tmp but I would rather just prevent
people from writing to it within Slurm.</div>
<div><br>
</div>
<div>Thanks</div>
<div>Doug</div>
<div><br clear="all">
<div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr"
style="font-size:small">Thanks,</div>
<div dir="ltr"
style="font-size:small"><br>
Douglas
Duckworth,
MSc, LFCS<br>
HPC System
Administrator<br>
<span
style="font-size:12.8px"><a
href="https://scu.med.cornell.edu" target="_blank"
moz-do-not-send="true">Scientific
Computing Unit</a></span></div>
<div dir="ltr"
style="font-size:small">Weill
Cornell
Medicine</div>
<div
style="font-size:small">1300
York Avenue</div>
<div
style="font-size:small">New
York, NY 10065</div>
<div dir="ltr"
style="font-size:small">
<div>E: <a
href="mailto:doug@med.cornell.edu"
target="_blank" moz-do-not-send="true">doug@med.cornell.edu</a><br>
O:
212-746-6305<br>
F:
212-746-8690<br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<pre class="moz-signature" cols="72">--
Lloyd Brown
HPC Systems Administrator
Office of Research Computing
Brigham Young University
<a class="moz-txt-link-freetext" href="http://marylou.byu.edu">http://marylou.byu.edu</a></pre>
</body>
</html>