The SLURM FAQ seems to suggest two ways to use PAM to restrict user access to compute nodes. The method I tried was to configure on a compute node (rhel6.2) the pam_slurm.so file in the /etc/pam.d config file (system-auth-ac) as: "account required /lib64/security/pam_slurm.so"
[scotty] (slurm) slurm> rpm -qf /lib64/security/pam_slurm.so slurm-pam_slurm-2.4.1-Bull.3.bl6.20120719.x86_64 When I login to the node after the above change via ssh I get this in /var/log/secure: Aug 22 09:41:28 scotty sudo: PAM unable to dlopen (/lib64/security/pam_slurm.so): /usr/lib64/libslurm.so.24: undefined symbol: hwloc_get_obj_by_depth Aug 22 09:41:28 scotty sudo: PAM adding faulty module: /lib64/security/pam_slurm.so [scotty] (slurm) slurm> rpm -qf /usr/lib64/libslurm.so.24 slurm-2.4.1-Bull.3.bl6.20120719.x86_64 hwloc and hwloc-devel are both installed. I was still able to login to the node whether the node was allocated by slurm for the user or not. I tried the same setup on another cluster (sles11.2) and got very different results. On that cluster the above error still shows in the secure log but I could no longer login to the node whether I had the node allocated or not (even as user root). The additional line in the secure log file in that instance was: '1345588648 2012 Aug 21 15:37:28 doug3 authpriv err login Module is unknown'. I had to reboot to runlevel 1 in order to back out the PAM config change of pam_slurm.so in order to restore user access to the node. Is there a configuration step that I am missing or some system limitation that I might have? This is the first time I've ever tried to configure slurm to use PAM. Any help is appreciated.
