Ticket #1480: 0001-Prevent-root-owned-files-in-execd-active_job-spool-a.patch

File 0001-Prevent-root-owned-files-in-execd-active_job-spool-a.patch, 1.7 KB (added by markdixon, 6 years ago)

Added by email2trac

  • source/daemons/execd/exec_job.c

    From 198370629074fedc0c2d930792902f9a3b4f929b Mon Sep 17 00:00:00 2001
    From: Mark Dixon <m.c.dixon@leeds.ac.uk>
    Date: Thu, 3 Oct 2013 21:20:43 +0100
    Subject: [PATCH] Prevent root-owned files in execd active_job spool area
    
    The new cgroup/cpuset code uses a couple of routines for switching
    effective uid/gid which appear to be causing some problems.
    
    Some of the side symptoms include the following files in the execd spool
    sometimes being owned by root:
    
      active_jobs/<JID>.<TASK>/config
      active_jobs/<JID>.<TASK>/environment
      active_jobs/<JID>.<TASK>/pe_hostfile
      active_jobs/<JID>.<TASK>/<NUM>.<HOST>/
    
    That last entry is a directory created for a SLAVE task. It being
    root-owned can cause jobs to fail with a "can't open pid file" error
    message.
    
    The execd appears to have the correct euid/egid when entering the cgroup
    code, so I have removed the offending function calls. I don't know if
    there's a good reason for them that I've not noticed in limited testing.
    ---
     source/daemons/execd/exec_job.c |    2 --
     1 files changed, 0 insertions(+), 2 deletions(-)
    
    diff --git a/source/daemons/execd/exec_job.c b/source/daemons/execd/exec_job.c
    index b460c08..4c5b204 100644
    a b int sge_exec_job(sge_gdi_ctx_class_t *ctx, lListElem *jep, lListElem *jatep, 
    408408      /* Make cgroups/cpuset directories.  */
    409409      if (0 == used_slots && mconf_get_use_cgroups()) {
    410410         errno = 0;
    411          sge_switch2admin_user();
    412411         make_job_cgroups (job_id, ja_task_id); /* writes own warnings */
    413          sge_switch2start_user();
    414412      }
    415413
    416414      /* increment used slots */