[GE users] "locking down" grid machines

Boone J. Severson severson at cray.com
Wed May 12 22:11:27 BST 2004


    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "ISO-8859-10" character set.  ]
    [ Some special characters may be displayed incorrectly. ]

Hello,

Since implementing SGE on our compute servers we've had a few cases 
where people think they're just too busy to learn the command line 
switches to qsub and qrsh so they just directly "ssh" into the machine, 
bypassing the grid submit host and our complexes/hard resources configs 
that we've got. It was ok in the beginning because it was just a few 
known users, but now qmon is noting that several queues are being 
disabled due to processor load when the grid is unaware of any users 
being assigned to those queues.  >:(

Is there a method for locking down non-superuser access to a (SuSE Linux 
9.0) machine except for qrsh/qsub? I'm guessing our IS/IT group won't 
enjoy creating customized /etc/passwd files but if that's the only 
option we'll have to consider it.

Any and all input would be appreciated since I can't imagine this is the 
first time "grid abuse" has happened.

Thanks,
Boone Severson

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




More information about the gridengine-users mailing list