Permalink
Browse files

tches for cgroup devices support

third patch adds the man page and an example.
0003_bull_cgroup_devices_doc_add_allowed_devices_support-2.3.0-0.pre7.patch
Patch from Yiannis Georgiou, Bull.
  • Loading branch information...
1 parent 35c2877 commit 3ff4eb9bfc21c1d2e89058221768c6783aade5f4 @jette jette committed Jul 25, 2011
Showing with 20 additions and 0 deletions.
  1. +1 −0 Makefile.am
  2. +1 −0 Makefile.in
  3. +12 −0 doc/man/man5/cgroup.conf.5
  4. +6 −0 etc/cgroup_allowed_devices_file.conf.example
View
1 Makefile.am
@@ -12,6 +12,7 @@ EXTRA_DIST = \
etc/init.d.slurmdbd \
etc/cgroup.conf.example \
etc/cgroup.release_common.example \
+ etc/cgroup_allowed_devices_file.conf.example \
autogen.sh \
slurm.spec \
README.rst \
View
1 Makefile.in
@@ -379,6 +379,7 @@ EXTRA_DIST = \
etc/init.d.slurmdbd \
etc/cgroup.conf.example \
etc/cgroup.release_common.example \
+ etc/cgroup_allowed_devices_file.conf.example \
autogen.sh \
slurm.spec \
README.rst \
View
12 doc/man/man5/cgroup.conf.5
@@ -136,6 +136,18 @@ If configured to "yes" then constrain the job's allowed devices based on GRES
allocated resources. It uses the devices subsystem for that.
The default value is "no".
+.TP
+\fBAllowedDevicesFile\fR=<path_to_allowed_devices_file>
+If the ConstrainDevices field is set to "yes" then this file has to be used to declare
+the devices that need to be allowed by default for all the jobs. The current implementation
+of cgroup devices subsystem works as a whitelist of entries, which means that in order to
+isolate the access of a job upon particular devices we need to allow the access on all
+the devices, supported by default and then deny on those that the job does not have the
+permission to use. The default value is "/etc/slurm/cgroup_allowed_devices_file.conf". The syntax of
+the file accepts one device per line and it permits lines like /dev/sda* or /dev/cpu/*/*.
+See also an example of this file in etc/allowed_devices_file.conf.example.
+
+
.SH "EXAMPLE"
.LP
.br
View
6 etc/cgroup_allowed_devices_file.conf.example
@@ -0,0 +1,6 @@
+/dev/null
+/dev/urandom
+/dev/zero
+/dev/sda*
+/dev/cpu/*/*
+/dev/pts/*

0 comments on commit 3ff4eb9

Please sign in to comment.