Opened 6 years ago

Closed 5 years ago

#1490 closed defect (fixed)

Gain privileges before execd kills rogue processes

Reported by: markdixon Owned by: Mark Dixon <m.c.dixon@…>
Priority: normal Milestone:
Component: sge Version: 8.1.6
Severity: minor Keywords:
Cc:

Description

The rogue process detection enabled when USE_CGROUPS=1 attempts to kill
processes as the sge admin user. As that user doesn't normally have the
privileges to do so, this patch temporarily gains the privileges of the
daemon's starting user (typically root) before killing processes.

Mark
--


Mark Dixon Email : m.c.dixon@…
HPC/Grid Systems Support Tel (int): 35429
Information Systems Services Tel (ext): +44(0)113 343 5429
University of Leeds, LS2 9JT, UK


0001-Gain-privileges-before-execd-kills-rogue-processes.patch

Attachments (1)

0001-Gain-privileges-before-execd-kills-rogue-processes.patch (1.1 KB) - added by markdixon 6 years ago.
Added by email2trac

Download all attachments as: .zip

Change History (2)

Changed 6 years ago by markdixon

Added by email2trac

comment:1 Changed 5 years ago by Mark Dixon <m.c.dixon@…>

  • Owner set to Mark Dixon <m.c.dixon@…>
  • Resolution set to fixed
  • Status changed from new to closed

In 4694/sge:

Fix #1490: Gain privileges before execd kills rogue processes
The rogue process detection enabled when USE_CGROUPS=1 attempts to kill
processes as the sge admin user. As that user doesn't normally have the
privileges to do so, this patch temporarily gains the privileges of the
daemon's starting user (typically root) before killing processes.

Note: See TracTickets for help on using tickets.