[GE users] "locking down" grid machines

Bryan Bayerdorffer bryan.bayerdorffer at analog.com
Wed May 12 23:16:16 BST 2004


See http://gridengine.sunsource.net/servlets/ReadMsg?msgId=11365&listName=users


> Boone J. Severson wrote:
> 
>> Hello,
>>
>> Since implementing SGE on our compute servers we've had a few cases 
>> where people think they're just too busy to learn the command line 
>> switches to qsub and qrsh so they just directly "ssh" into the 
>> machine, bypassing the grid submit host and our complexes/hard 
>> resources configs that we've got. It was ok in the beginning because 
>> it was just a few known users, but now qmon is noting that several 
>> queues are being disabled due to processor load when the grid is 
>> unaware of any users being assigned to those queues.  >:(
>>
>> Is there a method for locking down non-superuser access to a (SuSE 
>> Linux 9.0) machine except for qrsh/qsub? I'm guessing our IS/IT group 
>> won't enjoy creating customized /etc/passwd files but if that's the 
>> only option we'll have to consider it.
>>
>> Any and all input would be appreciated since I can't imagine this is 
>> the first time "grid abuse" has happened.
>>
>> Thanks,
>> Boone Severson
> 
> 

-- 
  .. ..-. ..- -.-. .- -. .-. . .- -.. - .... .. ... --. . - .- .-.. .. ..-. .
Bryan Bayerdorffer        bryan at meatspace.net           bryan at spd.analog.com
                      (Wit's End Computation Center)       (Analog Devices)

"'National Security' is the root password to the Constitution."
                                                                 -- Phil Karn

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe at gridengine.sunsource.net
For additional commands, e-mail: users-help at gridengine.sunsource.net




More information about the gridengine-users mailing list