SchedMD - Slurm Support – Full Text Ticket Listing
- Home
- | New
- | Browse
- | Search
- | [?]
- | Reports
- | Help
- | New Account
- | Log In
- | Forgot Password
| Summary: | How to restrict user access to partitions | ||
|---|---|---|---|
| Product: | Slurm | Reporter: | CERFACS <csg> |
| Component: | Configuration | Assignee: | David Bigagli <david> |
| Status: | RESOLVED INFOGIVEN | QA Contact: | |
| Severity: | 4 - Minor Issue | ||
| Priority: | --- | CC: | alex.mamach, brian, da |
| Version: | 14.11.4 | ||
| Hardware: | Linux | ||
| OS: | Linux | ||
| Site: | CERFACS | Slinky Site: | --- |
| Alineos Sites: | --- | Atos/Eviden Sites: | --- |
| Confidential Site: | --- | Coreweave sites: | --- |
| Cray Sites: | --- | DS9 clusters: | --- |
| Google sites: | --- | HPCnow Sites: | --- |
| HPE Sites: | --- | IBM Sites: | --- |
| NOAA SIte: | --- | NoveTech Sites: | --- |
| Nvidia HWinf-CS Sites: | --- | OCF Sites: | --- |
| Recursion Pharma Sites: | --- | SFW Sites: | --- |
| SNIC sites: | --- | Tzag Elita Sites: | --- |
| Linux Distro: | --- | Machine Name: | |
| CLE Version: | Version Fixed: | ||
| Target Release: | --- | DevPrio: | --- |
| Emory-Cloud Sites: | --- | ||
|
Description
CERFACS
2015-10-12 19:10:14 MDT
Hello have you look at the AllowPartition parameter in slurm.conf. http://slurm.schedmd.com/slurm.conf.html David Hi David I do not find any AllowPartition parameter in slurm.conf documentation. Do you mean AllowGroups ? Thanks. Isabelle Sorry for the confusion indeed I mistyped it. Should be AllowedGroups, the list of user groups that are allowed to submit jobs to a given partition. David Sorry for the confusion indeed I mistyped it. Should be AllowedGroups, the list of user groups that are allowed to submit jobs to a given partition. David David, Could you please tell me if this AllowGroups corresponds to accounts defined in slurm with the command sacctmgr create account name=group1 or is it refering to unix group? Thanks for your reply. Isabelle It is referring to unix groups. David David, So it is not really what i need, because,i would like to give access to a subset of users belonging to the same unix group. Isabelle Hi, can you split the groups? Alternatively you can create users specifying partition they have access to using the sacctmgr command. For example: sacctmgr update user david account=sys set partition=giove then you have to use AccountingStorageEnforce=associations in your slurm.conf. After reconfiguring the user david can only submit jobs to partition giove, attempts to use other partition will be rejected. David Is it possible to add partition to already existing users? I am trying to add the partition bigmem to user dast but i get an error : # sacctmgr update user dast account=default set partition=bigmem Unknown option: partition=bigmem Use keyword 'where' to modify condition Thanks. Isabelle It is my understanding that you can only do it when the user is added. David One of my colleagues pointed out that you could also use a submission plugin to validate which user can submit to what partition. You can read about submission plugin in the slurm.conf man page in the JobSubmitPlugins paragraph. David David, I have created a new unix group called bigprod and associate the partition bigprod with this group with the parameter AllowGroups=bigprod in slurm.conf file I belong to this group (but as secondary group) [dast@nemo1 ~]$ groups info bigprod [dast@nemo1 ~]$ salloc --partition bigprod salloc: error: Job submit/allocate failed: Invalid account or account/partition combination specified but my request is rejected when i want to use this partition. Does it mean the group should be only the primary unix group and not a secondary one? Thanks. Isabelle Sorry, just forgot my last comment... It is working, it was just that i have not well declared the association on my account. So, i will use this method of group to restrict partition access. Thanks a lot for your help. Regards Isabelle Good to know it is working. Let us know if you have any other question. David Info given. David Info given, safe to update |