Bug 42 – per job prologue ownership/permission problem

Bug 42 - per job prologue ownership/permission problem

Summary:

per job prologue ownership/permission problem

Status:	NEW

Product:	TORQUE
Component:	pbs_mom
Version:	2.4.x
Platform:	PC Linux

Importance:	P5 normal
Assigned To:	Glen

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2009-12-20 15:41 MST by stijn.deweirdt
Modified:	2009-12-20 15:41 MST (History)
CC List:	0 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description stijn.deweirdt 2009-12-20 15:41:42 MST

specifying a per job prologue (or epilogue) script requires requires more then
user read/write permissions in case of root-sqaused (or similar) filesystem

howto reproduce:
make a directory that owned by user test
(as root on machine A)
mkdir -p /test/dir/scripts
chmod 700 /test/dir
chown -R test.test /test

(this is a common setting for a homedirectory)

export /test using NFS with root-squash option

on machine B:
create user test (same UID/GID)
mount /test from machine A

--> if root_squash is enabled/works, as root, you get a permission denied error
on the /test/dir/scripts directory (try ls /test/dir/scripts) 

if you do this as user test, it works 
su - test 
ls /test/dir/scripts

the problem now is that pbs_mom runs as root, and thus has no access to teh per
job userscript, and this then fails with 
 LOG_ERROR::run_pelog, prolog/epilog failed,
file: /test/dir/scripts/epilogue, exit: 13, cannot stat

this part of the code should be executed as user who submitted the job (and has
proper access to the files)

(or at least update the documentation, but then per-job prolog scripts don't
make alot of sense in certain common environments, unless people are willing to
give up on security)