Difference between revisions of "GLExec TransientPilotJobs"
From PDP/Grid Wiki
Jump to navigationJump to searchm |
|||
| (6 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | When you use | + | When you use [[gLExec]] with transient directories and input sandboxes, it's important that you create a writable directory for your target job, and you do this in a safe and portable way. |
In general, the setup of the batch system and OS at a site does not guarantee that the pilot job and the target user share a common group, even though in practice the 'top-level' VO group will usually be in common. However, it's not easy to identity this most-generic group. In these cases, you need to do two things: | In general, the setup of the batch system and OS at a site does not guarantee that the pilot job and the target user share a common group, even though in practice the 'top-level' VO group will usually be in common. However, it's not easy to identity this most-generic group. In these cases, you need to do two things: | ||
| − | * Create a temporary directory for the target job using glexec. We provide a proof-of-principle implementation on how to create such a directory, and clean up after yourself at | + | * Create a temporary directory for the target job using glexec. We provide a proof-of-principle implementation on how to create such a directory, and clean up after yourself at http://ndpfsvn.nikhef.nl/viewvc/mwsec/trunk/mwsec-utils/mkgltempdir/. It will usually be inside a temporary, transient area specific to the pilot job. |
* ensure that this directory is reachable for the target job. This may mean making the 'upstream' directory traversable (not but necessarily readable) by the world. | * ensure that this directory is reachable for the target job. This may mean making the 'upstream' directory traversable (not but necessarily readable) by the world. | ||
| + | |||
| + | = MkGlTempDir = | ||
| + | |||
| + | When creating a temporary directory in a world-writable area, you should take appropriate care to prevent race-condition vulnerabilities (the same ones that the old tempnam(3) suffers from). The script <tt>mkgltempdir</tt> helps to do that, but if you find any potential weaknesses, '''please let us know''': | ||
| + | |||
| + | Usage: mkgltempdir [-h] [-r [-f] gltmp_directory] | ||
| + | [-t targetdir-mode] [-m parentmode] [directory] | ||
| + | |||
| + | Create a directory owned by the glexec target user in a secure fashion. | ||
| + | The path of the directory created is printed to stdout. | ||
| + | |||
| + | -h print a help text | ||
| + | -t targetdir-mode permissions of the target directory created, a leading 0 is automatically added | ||
| + | (default: 0700, i.e. unreadable by the glexec invoker) | ||
| + | -m parentmode permissions for the current user on the parent tree, a leading 0 is automatically added | ||
| + | (default: 0755, and should traversable for target uid) | ||
| + | -r gltmp_dir remove the target directory previously created by | ||
| + | $progname. Directory must be empty, unless -f | ||
| + | is also specified. | ||
| + | -f force removal of target directory, see above under -r | ||
| + | -v print version number | ||
| + | |||
| + | directory base directory in which target directory is created | ||
| + | (default: current value of \$TMPDIR or, if unset, /tmp) | ||
| + | |||
| + | Return value is 0 if directory was successfully created, non-zero otherwise. | ||
| + | |||
| + | |||
| + | Download the utility at: | ||
| + | * http://software.nikhef.nl/dist/mwsec/rpm/ (RPM repositories) | ||
| + | * http://software.nikhef.nl/security/mkgltempdir/ (source tarball) | ||
| + | * http://ndpfsvn.nikhef.nl/viewvc/mwsec/trunk/mwsec-utils/mkgltempdir/ (SVN source) | ||
Latest revision as of 11:48, 8 March 2013
When you use gLExec with transient directories and input sandboxes, it's important that you create a writable directory for your target job, and you do this in a safe and portable way.
In general, the setup of the batch system and OS at a site does not guarantee that the pilot job and the target user share a common group, even though in practice the 'top-level' VO group will usually be in common. However, it's not easy to identity this most-generic group. In these cases, you need to do two things:
- Create a temporary directory for the target job using glexec. We provide a proof-of-principle implementation on how to create such a directory, and clean up after yourself at http://ndpfsvn.nikhef.nl/viewvc/mwsec/trunk/mwsec-utils/mkgltempdir/. It will usually be inside a temporary, transient area specific to the pilot job.
- ensure that this directory is reachable for the target job. This may mean making the 'upstream' directory traversable (not but necessarily readable) by the world.
MkGlTempDir
When creating a temporary directory in a world-writable area, you should take appropriate care to prevent race-condition vulnerabilities (the same ones that the old tempnam(3) suffers from). The script mkgltempdir helps to do that, but if you find any potential weaknesses, please let us know:
Usage: mkgltempdir [-h] [-r [-f] gltmp_directory]
[-t targetdir-mode] [-m parentmode] [directory]
Create a directory owned by the glexec target user in a secure fashion.
The path of the directory created is printed to stdout.
-h print a help text
-t targetdir-mode permissions of the target directory created, a leading 0 is automatically added
(default: 0700, i.e. unreadable by the glexec invoker)
-m parentmode permissions for the current user on the parent tree, a leading 0 is automatically added
(default: 0755, and should traversable for target uid)
-r gltmp_dir remove the target directory previously created by
$progname. Directory must be empty, unless -f
is also specified.
-f force removal of target directory, see above under -r
-v print version number
directory base directory in which target directory is created
(default: current value of \$TMPDIR or, if unset, /tmp)
Return value is 0 if directory was successfully created, non-zero otherwise.
Download the utility at:
- http://software.nikhef.nl/dist/mwsec/rpm/ (RPM repositories)
- http://software.nikhef.nl/security/mkgltempdir/ (source tarball)
- http://ndpfsvn.nikhef.nl/viewvc/mwsec/trunk/mwsec-utils/mkgltempdir/ (SVN source)
