As far as I remember the easy way was to modify auth/munge not to trust root from particular host. Cheers, Marcin
W dniu środa, 30 września 2015 Christopher Samuel <sam...@unimelb.edu.au> napisał(a): > > On 30/09/15 01:07, Thomas Orgis wrote: > > > Given the traffic on this list on other topics, may I assume the > > answer to this question is "no", without being too rude? > > It's probably also that nobody has tried it (we certainly haven't), the > only people who are meant to have root access are those on our staff. > > > I might prepare a patch to limit administrative actions to localhost at > > some point in time. > > You probably want an optional configurable list of multiple CIDR IP > ranges in slurmdbd.conf as there's no guarantee that slurmdbd (which is > what sacctmgr will be talking to) is running on the same host as slurmctld. > > For instance we have many clusters talking back to a central host > running slurmdbd (and only slurmdbd) and have a variety of various > systems that talk to it for different tasks. > > All the best, > Chris > -- > Christopher Samuel Senior Systems Administrator > VLSCI - Victorian Life Sciences Computation Initiative > Email: sam...@unimelb.edu.au <javascript:;> Phone: +61 (0)3 903 55545 > http://www.vlsci.org.au/ http://twitter.com/vlsci >
