[slurm-users] Kernel keyrings on Slurm node inside Slurm job
Matthias Leopold
matthias.leopold at meduniwien.ac.at
Tue Aug 23 13:32:06 UTC 2022
Hi,
I want to access the kernel "user" keyrings inside a Slurm job on a
Ubuntu 20.04 node. I'm not an expert on keyrings (yet), I just
discovered that inside a Slurm job a keyring for "user: invocation_id"
is used, which seems to be shared across all users of the executing
Slurm node (other users can access/destroy my keys).
The structure in a session run from Slurm looks like this (when using
cifscreds):
Session Keyring
989278347 --alswrv 0 0 keyring: _ses
446567140 ----s-rv 0 0 \_ user: invocation_id
638050420 ----sw-v 35816 10513 \_ logon: cifs:d:itsc-test2
The structure in a SSH session looks like this (when using cifscreds):
Session Keyring
932177825 --alswrv 1000 1000 keyring: _ses
826996940 --alswrv 1000 65534 \_ keyring: _uid.1000
1006610690 ----sw-v 1000 1000 \_ logon: cifs:d:itsc-test2
I researched about this invocation_id and found a section on
"KeyringMode=" in systemd.exec man page, but that didn't really help me.
Can you explain to me how it would be possible to get "private" keyrings
inside a Slurm job on the executing node?
thx
Matthias
More information about the slurm-users
mailing list