Re: [slurm-users] Site factor plugin example?
Hello Loris, "Loris Bennett" writes: > Did you ever find an example or write your own plugin which you could > provide as a example? I'm afraid not (though I didn't persevere, because for the moment we are trying to encourage our users not to waste resources with a different approach). But, in any case, I would still be interested in a site factor plugin example, because I might revisit this in the future. Cheers, -- Ángel de Vicente Research Software Engineer (Supercomputing and BigData) Tel.: +34 922-605-747 Web.: http://research.iac.es/proyecto/polmag/ GPG: 0x8BDC390B69033F52 smime.p7s Description: S/MIME cryptographic signature
Re: [slurm-users] Slurm versions 23.02.6 and 22.05.10 are now available (CVE-2023-41914)
Tim Wickberg wrote: > A number of race conditions have been identified within the > slurmd/slurmstepd processes that can lead to the user taking ownership > of an arbitrary file on the system. Is it any different than the CVE-2023-41915 in PMIx or does it just have an additional number but it's the same issue? Or did anyone mis-type the number? I couldn't find any information on CVE-2023-41914. Gerhard
Re: [slurm-users] Slurm versions 23.02.6 and 22.05.10 are now available (CVE-2023-41914)
If you look at the downloads page, this has happened before: https://www.schedmd.com/archives.php This should probably be updated as well, to indicate the new floor after this CVE. But the point is, basically, you’re going to hit this if you don’t upgrade at least every ~18 months. -- #BlackLivesMatter || \\UTGERS, |---*O*--- ||_// the State | Ryan Novosielski - novos...@rutgers.edu || \\ University | Sr. Technologist - 973/972.0922 (2x0922) ~*~ RBHS Campus || \\of NJ | Office of Advanced Research Computing - MSB A555B, Newark `' On Oct 13, 2023, at 06:22, Taras Shapovalov wrote: Oh, does this mean that no one should use Slurm versions <= 21.08 any more? Best regards, Taras From: slurm-users on behalf of Bjørn-Helge Mevik Sent: Thursday, October 12, 2023 11:56 To: slurm-us...@schedmd.com Subject: Re: [slurm-users] Slurm versions 23.02.6 and 22.05.10 are now available (CVE-2023-41914) Taras Shapovalov writes: > Are the older versions affected as well? Yes, all older versjons are affected. -- B/H
Re: [slurm-users] Slurm versions 23.02.6 and 22.05.10 are now available (CVE-2023-41914)
On 10/13/23 12:22, Taras Shapovalov wrote: Oh, does this mean that no one should use Slurm versions <= 21.08 any more? SchedMD recommends to use the currently supported versions (currently 22.05 or 23.02). Next month 23.11 will be released and 22.05 will become unsupported. The question for sites is whether they can accept running software that contains known security holes? That goes for Slurm as well as all other software such as the Linux kernel etc. etc. We don't yet know the CVE score for CVE-2023-41914, but SchedMD's description of the fixes sounds pretty serious. IMHO, your organization's IT security policy should be consulted in order to answer your question. /Ole
Re: [slurm-users] Slurm versions 23.02.6 and 22.05.10 are now available (CVE-2023-41914)
Oh, does this mean that no one should use Slurm versions <= 21.08 any more? Best regards, Taras From: slurm-users on behalf of Bjørn-Helge Mevik Sent: Thursday, October 12, 2023 11:56 To: slurm-us...@schedmd.com Subject: Re: [slurm-users] Slurm versions 23.02.6 and 22.05.10 are now available (CVE-2023-41914) Taras Shapovalov writes: > Are the older versions affected as well? Yes, all older versjons are affected. -- B/H
Re: [slurm-users] Site factor plugin example?
Hi Angel, Angel de Vicente writes: > Hello, > > I want to experiment with writing our own site factor plugin. In the > documentation I found the API details > (https://slurm.schedmd.com/site_factor.html), but it would be much > easier for me if I had some example site factor plugin to start with. > > Do you know of any examples that can set me in the right direction? Did you ever find an example or write your own plugin which you could provide as a example? Cheers, Loris -- Dr. Loris Bennett (Herr/Mr) ZEDAT, Freie Universität Berlin
