Man page - pam_sge_authorize(8)

Packages contains this manual

Package:  gridengine-exec
apt-get install gridengine-exec

Manuals in package:
• pam_sge-qrsh-setup(8)
• sge_shepherd(8)
• pam_sge_authorize(8)
• sge_execd(8)
• sge_coshepherd(8)
Documentations in package:
• gridengine-exec

Manual

pam_sge_authorize

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLE
SEE ALSO
AUTHOR

---

NAME

pam_sge_authorize - PAM module to control access to SGE hosts

SYNOPSIS

pam_sge_authorize [ options ]

DESCRIPTION

This PAM module limits access via ssh (1) etc. to Grid Engine hosts only to users who currently have a job running on the host. The expectation is that this limits their impact on any other users of the host.

OPTIONS

execd_spool_dir= dir

Specify the spool directory in which to find the active_jobs directory as dir / hostname /active_jobs . Default: /opt/sge/default/spool .

bypass_users= user_list

The module ignores access by users with unames in the comma-separated user_list . There is a limit of 30 users. root is always allowed access.

max_sleep= max_sleep

A non-zero max_sleep allows desynchronization of accesses to the spool directory. The module sleeps for a random period t , where 0<= t <= max_sleep microseconds before accessing the spool directory. This probably isn’t useful. Default: 0.

debug

Send debugging information to syslog.

EXAMPLE

On a typical GNU/Linux system, add something like the following to /etc/pam.d/sshd , e.g. at the top.

account required /opt/sge/lib/lx-amd64/pam_sge_authorize.so \
bypass_users=foo,bar,baz,qux spool_dir=/opt/sge/execd_spool

On some systems it might be necessary to copy pam_sge_authorize.so into, say, /lib/security , and instead use it as

auth required pam_sge_authorize.so

SEE ALSO

ssh (1), pam (7), pam.conf (4).

AUTHOR

TACC. Man page by Dave Love, based on material from Bill Barth, TACC.

---