All new accounts created on Gitlab now require administrator approval. If you invite any collaborators, please let Flux staff know so they can approve the accounts.

Commit 72fc6f2c authored by Kirk Webb's avatar Kirk Webb

Quick mod to stop an info leak.

bootlogs were persisting after experiment termination, only being replaced
when a particular node failed during TBSETUP (and hence sent back a boot
log to be stashed).  This was leaking info such as project and experiment
names, uids, groups.

For now the bootlog is being cleared as nodes come in to an experiment
via experiment swapin (inside nalloc).  running sched_reload or
sched_reserve will also call nalloc if the node is free, hence clearing
the bootlog as well.
parent eb680d4f
......@@ -78,6 +78,7 @@ my @oldnodes = ();
my @nodes = ();
my @need_consetup = 0;
my @need_history = ();
my @need_clearbl = ();
TBDebugTimeStamp("nalloc started");
#
......@@ -164,6 +165,8 @@ foreach my $n (@node_names) {
else {
# Freshly allocated nodes need a history entry.
push(@need_history, $n);
# ... and need to have their bootlogs purged.
push(@need_clearbl, $n);
}
#
......@@ -223,6 +226,14 @@ if (!$error && (!$noalloc || $partial) && @nodes) {
foreach my $n (@need_history) {
TBSetNodeHistory($n, TB_NODEHISTORY_OP_ALLOC, $UID, $pid, $eid);
}
# Clear boot logs - maybe this should be done before alloc?
# - only a small window of opportunity at any rate.
# This is sort of wasteful as it should be the same set of nodes
# as in the node history loop above, but that could change at some point.
foreach my $n (@need_clearbl) {
DBQueryWarn("delete from node_bootlogs where node_id='$n'");
}
}
# Now setup consoles if needed.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment