Specify scheduler (daemon service) user

Follow the PBS Pro Design Document Guidelines.

Overview

This design is to let the scheduler run as a non-root user.
The scheduler does not really need to run as root, it can do everything it needs to without root permissions. This will increase the security of the machine.

Technical Details

There will be a new pbs.conf variable called PBS_DAEMON_SERVICE_USER.

Setting

It will be set by:
 - editing /etc/pbs.conf
 - setting PBS_DAEMON_SERVICE_USER in the environment when doing an rpm install

By default, it will not be set.
If not set, it will be "root".

Reading

This will be read by:

  • server
    • Server writes/creates files and those files need to be write/readable by PBS_DAEMON_SERVICE_USER.
    • If PBS_DAEMON_SERVICE_USER is changed, the server must be restarted.
  • scheduler
    • Scheduler needs to verify that files can be read/executed by scheduler. If the file/directory permissions are wrong, it will log and error and exit.
    • If the scheduler is run as root, it will switch user to PBS_DAEMON_SERVICE_USER
    • If PBS_DAEMON_SERVICE_USER is changed, the scheduler must be restarted.
  • pbsfs
    • pbsfs sets fairshare usage, and needs to write a file that is readable by the scheduler
    • If pbsfs is run as root, it will switch user to PBS_DAEMON_SERVICE_USER
  • habitat script
    • This script creates sched_priv and sched_logs, both which need to be read/writable by PBS_DAEMON_SERVICE_USER
  • pbs_probe
    • This command will check the permissions of sched_priv and sched_logs, and can fix the permissions if incorrect.

Logs

When the scheduler finds incorrect permissions, the scheduler will log "<dir/file name> has incorrect permissions, make sure it is owned by <current user>"

Packaging

The pbs_sched binary will now be packaged with 755 permissions, so the PBS_DAEMON_SERVICE_USER can execute it.

PTL Changes

pbs_benchpress

pbs_benchpress will now accept a new parameter daemon-user, a colon separated list of daemon service users.

pbs_testusers.py

DAEMON_USER has been added to pbs_testusers, so that pbs_config --make-ug will make a new user.
However, since the default is still root, DAEMON_SERVICE_USER is defined as a copy of ROOT_USER.
Testers will be able to use the created daemon user by using the daemon-user parameter for benchpress, as said above.

Caveats

The following deprecated features will no longer work:

  • mom dynamic resources
  • rmget
  • load_balancing
  • lowest_load option of smp_cluster_dist

Schedulers that aren't run by root might not be able to query MoM for MoM dynamic resources (mom_dyn_res scripts) via rmget

Admins should make sure server_dyn_res scripts are owned and executable by PBS_DAEMON_SERVICE_USER

If PBS_DAEMON_SERVICE_USER is changed after installation, the admin must change the ownership of these files/directories manually.

  • sched_priv
  • sched_logs
  • Any server_dyn_res scripts

If peer scheduling is enabled, PBS_DAEMON_SERVICE_USER must be a manager on the peer server.

When the scheduler starts, it will check if sched_priv/sched_logs is owned by the current user; if not, the scheduler will terminate.

If PBS_DAEMON_SERVICE_USER is changed, the server and scheduler must be restarted.

Possible Future Improvements

These are possible future improvements that can be iterations on this feature.

  • If PBS_DAEMON_SERVICE_USER is set, and you run the scheduler or pbsfs as root, it could become the daemon service user instead of requiring root to change user.




OSS Site Map

Project Documentation Main Page

Developer Guide Pages