diff --git a/sources/core/modules/runner/bipbip.in b/sources/core/modules/runner/bipbip.in index 43615882..46dd1e1f 100755 --- a/sources/core/modules/runner/bipbip.in +++ b/sources/core/modules/runner/bipbip.in @@ -382,11 +382,18 @@ my $epilogue_exec_file; if (is_conf("EPILOGUE_EXEC_FILE")){ $epilogue_exec_file = get_conf("EPILOGUE_EXEC_FILE"); } - my $passive_job_hook_exec_file; if (is_conf("PASSIVE_JOB_HOOK_EXEC_FILE")){ $passive_job_hook_exec_file = get_conf("PASSIVE_JOB_HOOK_EXEC_FILE"); } +my $deploy_cosystem_job_exec_system; +if (is_conf("DEPLOY_COSYSTEM_JOB_EXEC_SYSTEM")){ + $deploy_cosystem_job_exec_system = get_conf("DEPLOY_COSYSTEM_JOB_EXEC_SYSTEM"); + if (($deploy_cosystem_job_exec_system ne "none") and ($deploy_cosystem_job_exec_system ne "systemd-run")) { + oar_error("[bipbip $Job_id] Invalid configuration for DEPLOY_COSYSTEM_JOB_EXEC_SYSTEM: '$deploy_cosystem_job_exec_system' is unsupported\n"); + # Don't exit, because it causes the job to be stuck in 'Launching' state... + } +} my @oarexec_files = ($OAR_Tools_module_filepath,"$ENV{OARDIR}/oarexec"); my $host_to_connect_via_ssh = $hosts[0]; @@ -436,6 +443,7 @@ my %data_to_transfer = ( prologue => $prologue_exec_file, epilogue => $epilogue_exec_file, passive_job_hook => $passive_job_hook_exec_file, + deploy_cosystem_job_exec_system => $deploy_cosystem_job_exec_system, tmp_directory => OAR::Tools::get_default_oarexec_directory, detach_oarexec => $Detach_oarexec, cpuset_full_path => $oarexec_cpuset_path diff --git a/sources/core/modules/runner/oarexec b/sources/core/modules/runner/oarexec index a170835d..5b90db49 100755 --- a/sources/core/modules/runner/oarexec +++ b/sources/core/modules/runner/oarexec @@ -298,13 +298,23 @@ if (!defined($shell)){ print("[oarexec $Job_id] error: user $Job->{job_user} does not exist on this node, $host\n"); exit(7); } +my $uid = $pass_info[2]; my @cmd; my $stdin_script_to_send; +my $oardo_become_user = $Job->{job_user}; if ( $Job->{mode} eq "PASSIVE" ){ my $str; ($str, $stdin_script_to_send) = OAR::Tools::get_oarexecuser_perl_script_for_oarexec($Node_file,$Job_id,$Job->{array_id},$Job->{array_index},$Job->{user},$shell,$Job->{launching_directory},$Job->{stdout_file},$Job->{stderr_file},$Res_file,$Job->{name},$Job->{project},$Job->{walltime},$Job->{walltime_seconds},$Job->{job_env},$Job->{command}); @cmd = ("oardodo","perl","-e",$str); + if ((defined($Job->{types}->{deploy}) or defined($Job->{types}->{cosystem})) and defined($Job->{deploy_cosystem_job_exec_system})) { + if ($Job->{deploy_cosystem_job_exec_system} eq "systemd-run") { + $oardo_become_user = ""; + @cmd = ("oardodo","systemd-run","-q","--uid=$uid","--pipe","--wait","--collect","--service-type=exec","--slice=user-$uid.slice","perl","-e",$str); + } elsif ($Job->{deploy_cosystem_job_exec_system} eq "none") { + # Use regular command by default + } + } } #resolve terminal type problems @@ -463,7 +473,7 @@ if ($Job->{mode} eq "PASSIVE"){ close(STDIN); open(STDIN, "<& pipe_stdin_read"); - $ENV{OARDO_BECOME_USER} = $Job->{job_user}; + $ENV{OARDO_BECOME_USER} = $oardo_become_user; umask(oct($Old_umask)); exec(@cmd); warn("[ERROR] Cannot find @cmd\n"); diff --git a/sources/core/qfunctions/oarsub b/sources/core/qfunctions/oarsub index e3307f8f..90d4b1ad 100755 --- a/sources/core/qfunctions/oarsub +++ b/sources/core/qfunctions/oarsub @@ -52,6 +52,7 @@ my $remote_host; my $remote_port; my $Deploy_hostname; my $Cosystem_hostname; +my $Deploy_cosystem_job_exec_system; my $Cpuset_field; my $Cpuset_path; my $Host = hostname ; @@ -165,6 +166,7 @@ sub connect_job($$$){ OAR::Sub::close_db_connection(); my @passinfo = getpwnam($lusr) or die("Cannot retreive system information for user $lusr\n"); my $shell=$passinfo[8]; + my $uid=$passinfo[2]; unless ((defined($xauth_path)) and (-x $xauth_path) and ($ENV{DISPLAY} =~ /^[\w.-]*:\d+(?:\.\d+)?$/)) { $ENV{DISPLAY}=""; } @@ -222,10 +224,20 @@ sub connect_job($$$){ if (defined($interactive_job_hook_file)) { $interactive_job_hook_cmd = "if test -x $interactive_job_hook_file; then oardodo $interactive_job_hook_file \$\$,\$PPID:$lusr:$job_id:$job->{name}:$job->{project}:$moldable->{moldable_walltime}; else true; fi && "; } + + my $oardodo_cmd = "OARDO_BECOME_USER=$job_user oardodo bash --noprofile --norc -c '$str'"; + if (defined($types->{cosystem}) or defined($types->{deploy}) or ($#hosts < 0)) { + if ($Deploy_cosystem_job_exec_system eq "systemd-run") { + $oardodo_cmd = "oardodo systemd-run -q --uid=$uid --pty --wait --collect --service-type=exec --slice=user-$uid.slice /bin/bash --noprofile --norc -c '$str'"; + } elsif ($Deploy_cosystem_job_exec_system eq "none") { + # Use regular command by default + } + } + if ($ENV{DISPLAY} ne ""){ - $cmd[$i] = "bash -c '${interactive_job_hook_cmd}echo \$PPID >> $oarsub_pids && ($xauth_path -q extract - \${DISPLAY/#localhost:/:} | OARDO_BECOME_USER=$lusr oardodo $xauth_path merge -) && [ \"$lusr\" != \"$job_user\" ] && OARDO_BECOME_USER=$lusr oardodo bash --noprofile --norc -c \"chmod 660 \\\$HOME/.Xauthority\" ;TTY=\$(tty) && test -e \$TTY && oardodo chown $job_user:oar \$TTY && oardodo chmod 660 \$TTY' && OARDO_BECOME_USER=$job_user oardodo bash --noprofile --norc -c '$str'";$i++; + $cmd[$i] = "bash -c '${interactive_job_hook_cmd}echo \$PPID >> $oarsub_pids && ($xauth_path -q extract - \${DISPLAY/#localhost:/:} | OARDO_BECOME_USER=$lusr oardodo $xauth_path merge -) && [ \"$lusr\" != \"$job_user\" ] && OARDO_BECOME_USER=$lusr oardodo bash --noprofile --norc -c \"chmod 660 \\\$HOME/.Xauthority\" ;TTY=\$(tty) && test -e \$TTY && oardodo chown $job_user:oar \$TTY && oardodo chmod 660 \$TTY' && $oardodo_cmd";$i++; }else{ - $cmd[$i] = "bash -c '${interactive_job_hook_cmd}echo \$PPID >> $oarsub_pids && TTY=\$(tty) && test -e \$TTY && oardodo chown $job_user:oar \$TTY && oardodo chmod 660 \$TTY' && OARDO_BECOME_USER=$job_user oardodo bash --noprofile --norc -c '$str'";$i++; + $cmd[$i] = "bash -c '${interactive_job_hook_cmd}echo \$PPID >> $oarsub_pids && TTY=\$(tty) && test -e \$TTY && oardodo chown $job_user:oar \$TTY && oardodo chmod 660 \$TTY' && $oardodo_cmd";$i++; } #essential: you become oar instead of the user @@ -553,6 +565,14 @@ if (!defined($Cosystem_hostname)){ $Cosystem_hostname = $remote_host; } +$Deploy_cosystem_job_exec_system = get_conf("DEPLOY_COSYSTEM_JOB_EXEC_SYSTEM"); +if (!defined($Deploy_cosystem_job_exec_system)) { + $Deploy_cosystem_job_exec_system = "none"; +} +if (($Deploy_cosystem_job_exec_system ne "none") and ($Deploy_cosystem_job_exec_system ne "systemd-run")) { + die("[ERROR] Bad configuration for DEPLOY_COSYSTEM_JOB_EXEC_SYSTEM: '$Deploy_cosystem_job_exec_system' is unsupported\n"); +} + $Cpuset_field = get_conf("JOB_RESOURCE_MANAGER_PROPERTY_DB_FIELD"); $Cpuset_path = get_conf("CPUSET_PATH"); diff --git a/sources/core/tools/oar.conf.in b/sources/core/tools/oar.conf.in index a4fbca8b..c50d0de6 100644 --- a/sources/core/tools/oar.conf.in +++ b/sources/core/tools/oar.conf.in @@ -87,6 +87,15 @@ DEPLOY_HOSTNAME="127.0.0.1" COSYSTEM_HOSTNAME="127.0.0.1" # Configuration for module: server, user, api +# Specify what system to use for the execution on the deploy and cosystem frontends +# Possible values are: +# none: just run in a bash shell (default) +# systemd-run: use systemd-run +# systemd-run executes the job processes in user slices managed by systemd, which +# could easily allow to set resource limits through cgroups. +#DEPLOY_COSYSTEM_JOB_EXEC_SYSTEM="systemd-run" +# Configuration for module: server, user, api + # Specify the database field to use to fill the file on the first node of the # job in $OAR_NODE_FILE (default is 'network_address'). Only resources with # type=default are displayed in this file.