[slurm-users] Kernel keyrings on Slurm node inside Slurm job
Yair Yarom
irush at cs.huji.ac.il
Thu Aug 25 12:08:17 UTC 2022
I hope UsePAM won't get deprecated. I can understand the dangers, and
indeed to use it for limits seems weird (nowadays), but it's a nice hook to
have and we use it for other purposes: pam_setquota for /tmp quota per
user; Setting the per user /run/user/ directory (usually systemd sets this
up, but systemd doesn't play nicely with slurm); Fixing some cgroup mess we
have in our system; And calling pam_loginuid.
For a different solution - maybe calling keyctl in a TaskProlog can solve
this issue.
On Thu, 25 Aug 2022 at 12:37, Ole Holm Nielsen <Ole.H.Nielsen at fysik.dtu.dk>
wrote:
> On 8/25/22 11:15, Matthias Leopold wrote:
> > Thanks for the hint. I wasn't aware of UsePAM. At first it looks
> tempting,
> > but then I read some bug reports and saw that it's an "alternative way
> of
> > enforcing resource limits" and is considered an "older deprecated
> > functionality".
> >
> > https://bugs.schedmd.com/show_bug.cgi?id=4098
>
> Warning: Do NOT configure UsePAM=1 in slurm.conf (this advice can be found
> on the net). See
>
> https://wiki.fysik.dtu.dk/niflheim/Slurm_configuration#configure-prologflags
>
> /Ole
>
>
--
/| |
\/ | Yair Yarom | System Group (DevOps)
[] | The Rachel and Selim Benin School
[] /\ | of Computer Science and Engineering
[]//\\/ | The Hebrew University of Jerusalem
[// \\ | T +972-2-5494522 | F +972-2-5494522
// \ | irush at cs.huji.ac.il
// |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schedmd.com/pipermail/slurm-users/attachments/20220825/b5d867ff/attachment.htm>
More information about the slurm-users
mailing list