SlurmUser == root also has implications for strigger. It allows any user to set slurmctld executed striggers. This can be OK, or not, depending on your use cases and user community. User-specified strigger commands would run on the same node as the slurmctld process, and so the user-specified scripts could potentially consume resources on that node without much in the way of limit enforcement.
---- Doug Jacobsen, Ph.D. NERSC Computer Systems Engineer National Energy Research Scientific Computing Center <http://www.nersc.gov> [email protected] ------------- __o ---------- _ '\<,_ ----------(_)/ (_)__________________________ On Thu, May 24, 2018 at 11:43 AM Taras Shapovalov < [email protected]> wrote: > Hey guys, > > We always use the default value for SlurmUser, but now we have realized > that we don't really get why it is user slurm, but not root. Sometimes it > is useful to run SlurmctlProlog as root, but then slurmctld will also run > as root. Other workload managers are ok to run their control daemons as > root. Did you have something specific in mind when set this default value > in slurm.conf or it is just in case for security reasons? > > Best regards, > > Taras >
