Nice !!, I think this gives a much more detailed insight into the problem I am facing !.
Thanks a lot! 2014-10-02 15:51 GMT+02:00 <je...@schedmd.com>: > > Brigham Young University has developed a number of web interfaces to > SLurm. See: > https://marylou.byu.edu/documentation/slurm/script-generator > https://marylou.byu.edu/utilization/ > > Their Javascript tool to generate batch job scripts is here: > https://github.com/BYUHPC/BYUJobScriptGenerator > > > > > > Quoting José Román Bilbao Castro <jrbc...@idiria.com>: > > Thanks Lech, >> >> That is something to start with. The problem is that I plan to add >> submission in the future and don't want to start something that will have >> to be changed too much with time. So I would prefer to be able to firstly >> execute any slurm command from my webserver and for any user... >> >> Regards, >> >> Jose >> >> 2014-10-02 15:28 GMT+02:00 Lech Nieroda <lech.nier...@uni-koeln.de>: >> >> Hello José, >>> >>> you might be interested in ubmod or its successor open xdmod. It's a >>> system that queries SLURM regularly, writes the data into its own >>> database >>> and makes it available via webserver. You'd probably have to implement >>> proper security measures for user management. >>> >>> Regards, >>> Lech >>> >>> (sent from mobile) >>> Am 02.10.2014 14:38 schrieb =?ISO-8859-1?Q?Jos=E9_Rom=E1n_Bilbao_Castro?= >>> < >>> jrbc...@idiria.com>: >>> >>> Thanks Brian, >>> >>> So you propose to have something like an intermediate database that maps >>> web portal users to system users and make all calls internally from the >>> webserver, right?. I just wanted to avoid the intermediate step for >>> simplicity, but it seems to be a bad practice. >>> >>> So, regarding the second step... what is the safest and more logical >>> manner of invoking slurm commands from the webserver?. I mean, at the >>> end I >>> must pass some credentials for the right user... Or should I have a >>> tomcat >>> user that belongs to the sudo group and call invoke commands as another >>> user?. I am totally lost and need some thread to start pulling from it. >>> >>> Thanks again, >>> >>> Jose >>> >>> >>> 2014-10-02 13:23 GMT+02:00 Brian B. <for...@gmail.com>: >>> >>> Hello Jose, >>>> >>>> It is never a good idea to have the public facing credentials be the >>>> same >>>> as the private credentials. That is if your public facing server is >>>> compromised your internal system is compromised. The limited cases where >>>> direct internal access are needed (e.g. SSH) should be handled by >>>> hardened >>>> servers. >>>> >>>> Allowing users to input executable commands on a webpage is also not a >>>> good security practice. This is essentially how the shellshock bug >>>> works. >>>> >>>> This is just my take on things but I would suggest building a different >>>> system. >>>> >>>> -- >>>> Regards, >>>> Brian >>>> >>>> On Oct 2, 2014, at 06:40, José Román Bilbao Castro <jrbc...@idiria.com> >>>> wrote: >>>> >>>> Hi all, >>>> >>>> First of all, this is my very first message to the list and don't even >>>> know if this is the proper place to port this message. >>>> >>>> I am facing a simple project that should allow a slurm user to monitor >>>> his jobs running on a slurm server. I have been looking at the Slurm >>>> authentication API but I cannot find anything useful for me as this >>>> seems >>>> to be applied to users already logged in the system. My question is >>>> where >>>> to start looking at (technologies, web development frameworks, etc...) >>>> to >>>> be able to enter a user/password on the web browser that coincides with >>>> that of the Linux user, send the credentials to the server, execute a >>>> slurm >>>> command on behalf of that user and print results back... >>>> >>>> May be this is a very complex question, but I have not much experience >>>> in >>>> web development and how it should be done to link slurm commands >>>> execution, >>>> specific user authorization, etc... >>>> >>>> Thanks in advance, >>>> >>>> Jose >>>> >>>> -- >>>> >>>> >>>> *José Román Bilbao Castro* >>>> >>>> Ingeniero Consultor >>>> +34 901009188 >>>> >>>> *jrbc...@idiria.com <jrbc...@idiria.com>**http://www.idiria.com >>>> <http://www.idiria.com/>* <*http:// <http://%20%20/>www.idiria.com/ >>>> <http://www.idiria.com/>*> >>>> >>>> >>>> -- >>>> Idiria Sociedad Limitada - Aviso legal >>>> >>>> Este mensaje, su contenido y cualquier fichero transmitido con él está >>>> dirigido únicamente a su destinatario y es confidencial. Por ello, se >>>> informa a quien lo reciba por error ó tenga conocimiento del mismo sin >>>> ser >>>> su destinatario, que la información contenida en él es reservada y su >>>> uso >>>> no autorizado, por lo que en tal caso le rogamos nos lo comunique por la >>>> misma vía o por teléfono (+ 34 690207492), así como que se abstenga de >>>> reproducir el mensaje mediante cualquier medio o remitirlo o entregarlo >>>> a >>>> otra persona, procediendo a su borrado de manera inmediata. >>>> >>>> Idiria Sociedad Limitada se reserva las acciones legales que le >>>> correspondan contra todo tercero que acceda de forma ilegítima al >>>> contenido de cualquier mensaje externo procedente del mismo. >>>> >>>> Para información y consultas visite nuestra web http://www.idiria.com >>>> >>>> >>>> >>>> Idiria Sociedad Limitada - Disclaimer >>>> This message, its content and any file attached thereto is for the >>>> intended recipient only and is confidential. If you have received this >>>> e-mail in error or had access to it, you should note that the >>>> information >>>> in it is private and any use thereof is unauthorised. In such an event >>>> please notify us by e-mail or by telephone (+ 34 690207492). Any >>>> reproduction of this e-mail by whatsoever means and any transmission or >>>> dissemination thereof to other persons is prohibited. It should be >>>> deleted >>>> immediately from your system. >>>> >>>> Idiria Sociedad Limitada reserves the right to take legal action against >>>> any persons unlawfully gaining access to the content of any external >>>> message it has emitted. >>>> >>>> For additional information, please visit our website >>>> http://www.idiria.com >>>> >>>> >>>> >>>> >>>> >>> >>> -- >>> >>> >>> *José Román Bilbao Castro* >>> >>> Ingeniero Consultor >>> +34 901009188 >>> >>> *jrbc...@idiria.com <jrbc...@idiria.com>**http://www.idiria.com >>> <http://www.idiria.com/>* <*http:// <http://%20%20/>www.idiria.com/ >>> <http://www.idiria.com/>*> >>> >>> >>> -- >>> Idiria Sociedad Limitada - Aviso legal >>> >>> Este mensaje, su contenido y cualquier fichero transmitido con él está >>> dirigido únicamente a su destinatario y es confidencial. Por ello, se >>> informa a quien lo reciba por error ó tenga conocimiento del mismo sin >>> ser >>> su destinatario, que la información contenida en él es reservada y su uso >>> no autorizado, por lo que en tal caso le rogamos nos lo comunique por la >>> misma vía o por teléfono (+ 34 690207492), así como que se abstenga de >>> reproducir el mensaje mediante cualquier medio o remitirlo o entregarlo a >>> otra persona, procediendo a su borrado de manera inmediata. >>> >>> Idiria Sociedad Limitada se reserva las acciones legales que le >>> correspondan contra todo tercero que acceda de forma ilegítima al >>> contenido de cualquier mensaje externo procedente del mismo. >>> >>> Para información y consultas visite nuestra web http://www.idiria.com >>> >>> >>> >>> Idiria Sociedad Limitada - Disclaimer >>> This message, its content and any file attached thereto is for the >>> intended recipient only and is confidential. If you have received this >>> e-mail in error or had access to it, you should note that the information >>> in it is private and any use thereof is unauthorised. In such an event >>> please notify us by e-mail or by telephone (+ 34 690207492). Any >>> reproduction of this e-mail by whatsoever means and any transmission or >>> dissemination thereof to other persons is prohibited. It should be >>> deleted >>> immediately from your system. >>> >>> Idiria Sociedad Limitada reserves the right to take legal action against >>> any persons unlawfully gaining access to the content of any external >>> message it has emitted. >>> >>> For additional information, please visit our website >>> http://www.idiria.com >>> >>> >>> >>> >>> >>> >> >> -- >> >> >> *José Román Bilbao Castro* >> >> Ingeniero Consultor >> +34 901009188 >> >> *jrbc...@idiria.com <jrbc...@idiria.com>**http://www.idiria.com >> <http://www.idiria.com/>* <*http:// <http://%20%20/>www.idiria.com/ >> <http://www.idiria.com/>*> >> >> >> -- >> Idiria Sociedad Limitada - Aviso legal >> >> Este mensaje, su contenido y cualquier fichero transmitido con él está >> dirigido únicamente a su destinatario y es confidencial. Por ello, se >> informa a quien lo reciba por error ó tenga conocimiento del mismo sin ser >> su destinatario, que la información contenida en él es reservada y su uso >> no autorizado, por lo que en tal caso le rogamos nos lo comunique por la >> misma vía o por teléfono (+ 34 690207492), así como que se abstenga de >> reproducir el mensaje mediante cualquier medio o remitirlo o entregarlo a >> otra persona, procediendo a su borrado de manera inmediata. >> >> Idiria Sociedad Limitada se reserva las acciones legales que le >> correspondan contra todo tercero que acceda de forma ilegítima al >> contenido de cualquier mensaje externo procedente del mismo. >> >> Para información y consultas visite nuestra web http://www.idiria.com >> >> >> >> Idiria Sociedad Limitada - Disclaimer >> This message, its content and any file attached thereto is for the >> intended >> recipient only and is confidential. If you have received this e-mail in >> error or had access to it, you should note that the information in it is >> private and any use thereof is unauthorised. In such an event please >> notify >> us by e-mail or by telephone (+ 34 690207492). Any reproduction of this >> e-mail by whatsoever means and any transmission or dissemination thereof >> to >> other persons is prohibited. It should be deleted immediately from your >> system. >> >> Idiria Sociedad Limitada reserves the right to take legal action against >> any persons unlawfully gaining access to the content of any external >> message it has emitted. >> >> For additional information, please visit our website >> http://www.idiria.com >> > > > -- > Morris "Moe" Jette > CTO, SchedMD LLC > -- *José Román Bilbao Castro* Ingeniero Consultor +34 901009188 *jrbc...@idiria.com <jrbc...@idiria.com>**http://www.idiria.com <http://www.idiria.com/>* <*http:// <http://%20%20/>www.idiria.com/ <http://www.idiria.com/>*> -- Idiria Sociedad Limitada - Aviso legal Este mensaje, su contenido y cualquier fichero transmitido con él está dirigido únicamente a su destinatario y es confidencial. Por ello, se informa a quien lo reciba por error ó tenga conocimiento del mismo sin ser su destinatario, que la información contenida en él es reservada y su uso no autorizado, por lo que en tal caso le rogamos nos lo comunique por la misma vía o por teléfono (+ 34 690207492), así como que se abstenga de reproducir el mensaje mediante cualquier medio o remitirlo o entregarlo a otra persona, procediendo a su borrado de manera inmediata. Idiria Sociedad Limitada se reserva las acciones legales que le correspondan contra todo tercero que acceda de forma ilegítima al contenido de cualquier mensaje externo procedente del mismo. Para información y consultas visite nuestra web http://www.idiria.com Idiria Sociedad Limitada - Disclaimer This message, its content and any file attached thereto is for the intended recipient only and is confidential. If you have received this e-mail in error or had access to it, you should note that the information in it is private and any use thereof is unauthorised. In such an event please notify us by e-mail or by telephone (+ 34 690207492). Any reproduction of this e-mail by whatsoever means and any transmission or dissemination thereof to other persons is prohibited. It should be deleted immediately from your system. Idiria Sociedad Limitada reserves the right to take legal action against any persons unlawfully gaining access to the content of any external message it has emitted. For additional information, please visit our website http://www.idiria.com
