Man pages sections > man8 > pam_sge_authorize

pam_sge_authorize - PAM module to control access to SGE hosts

pam_sge_authorize(8) System Manager's Manual pam_sge_authorize(8)

NAME

pam_sge_authorize - PAM module to control access to SGE hosts

SYNOPSIS

pam_sge_authorize [options]

DESCRIPTION

This PAM module limits access via etc. to Grid Engine hosts only to users who currently have a job running on the host. The expectation is that this limits their impact on any other users of the host.

OPTIONS

execd_spool_dir=dir
Specify the spool directory in which to find the active_jobs directory as dir/hostname/active_jobs. Default: /opt/sge/default/spool.
bypass_users=user_list
The module ignores access by users with unames in the comma-separated user_list. There is a limit of 30 users. root is always allowed access.
max_sleep=max_sleep
A non-zero max_sleep allows desynchronization of accesses to the spool directory. The module sleeps for a random period t, where 0<=t<=max_sleep microseconds before accessing the spool directory. This probably isn't useful. Default: 0.
debug
Send debugging information to syslog.

EXAMPLE

On a typical GNU/Linux system, add something like the following to /etc/pam.d/sshd, e.g. at the top.
account required /opt/sge/lib/lx-amd64/pam_sge_authorize.so \ bypass_users=foo,bar,baz,qux spool_dir=/opt/sge/execd_spool
On some systems it might be necessary to copy pam_sge_authorize.so into, say, /lib/security, and instead use it as
 
auth required pam_sge_authorize.so

SEE ALSO

AUTHOR

TACC. Man page by Dave Love, based on material from Bill Barth, TACC.
2010-11-25 Debian Sid