[209] in athena10
Cluster machine reset idea
daemon@ATHENA.MIT.EDU (Timothy G Abbott)
Fri May 23 20:56:39 2008
Date: Fri, 23 May 2008 20:55:54 -0400 (EDT)
From: Timothy G Abbott <tabbott@MIT.EDU>
To: athena10@mit.edu
Message-ID: <Pine.LNX.4.64L.0804301714350.29779@mega-man.mit.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
One problem that we will probably experience with running Debian-based
cluster machines is that users will su to root and then apt-get install
some packages containing programs that they want to run for that session.
The cluster maintainance code would then have to be responsible for
removing any such packages cleanly.
I thought of the idea of having (most of) the filesystem tree that you see
when you login graphically be a chroot containing an LVM snapshot of the
actual Athena source filesystem, which is then destroyed when you log out.
Directories that want to survive past the user logging out, like /home,
/tmp, various parts of /var, etc. would be bind-mounted from the source
filesystem, and thus preserved when users log out.
I would not intend this to be a security measure, but instead a mechanism
for making it difficult for users to accidentally reconfigure cluster
machines.
I'm not convinced that this idea doesn't have serious problems, but some
variation on it might be a good way to support temporarily installing
software on cluster machines using apt.
-Tim Abbott
