ACCESS_LIST(5) File Formats Manual ACCESS_LIST(5) NAME access_list - Univa Grid Engine access list file format DESCRIPTION Access lists are used in Univa Grid Engine to define access permissions of users to the cluster via the global configuration (see sge_conf(5)) and job classes (see sge_job_class(5)). They define access permissions to hosts (see host_conf(5)), queues (see queue_conf(5)), parallel envi- ronments (see sge_pe(5)), projects (see project(5)) and they allow to define limits for multiple users via resource quotas (see sge_resource_quota(5)) A list of currently configured access lists can be displayed via the qconf(1) -sul option. The contents of each enlisted access list can be shown via the -su switch. The output follows the access_list format description. New access lists can be created and existing can be modi- fied via the -au and -du options to qconf(1). Departments are a special form of access list that additionally allow assignment of functional shares and override tickets. Note, Univa Grid Engine allows backslashes (\) be used to escape new- line (\newline) characters. The backslash and the newline are replaced with a space (" ") character before any interpretation. There are several predefined access lists that gain access to certain functionalities of a Univa Grid Engine system: arusers The access control list allows users that are referenced to sub- mit and control advance reservations (see qrsub(1)). deadlineusers Users mentioned in this access control list can specify a dead- line for jobs either during the submission with qsub(1) -dl or after submission with the qalter(1) -dl switch. sessionusers GDI sessions have been introduced with Univa Grid Engine 8.2. Such objects can be created, modified and deleted by managers or users that are members of the sessionusers access control list. The list will be defined during a default installation of Univa Grid Engine but it will be empty. Either users can be added to give them permissions to create, modify and deleted own session objects or the sessionusers access control list can be deleted to give all users permissions. sudomasters see sudoers below. sudoers sudomasters and sudoers access lists are used in combination with the Univa Grid Engine Rest Service. Users mentioned in sudomasters can trigger commands on behalf of different users that have to be specified in sudoers so that corresponding Univa Grid Engine requests are accepted and executed. This functional- ity is available since Univa Grid Engine 8.3. FORMAT The following list of access_list parameters specifies the access_list content: name The name of the access list as defined for userset_name in sge_types(1). type The type of the access list, currently one of ACL, or DEPT or a com- bination of both in a comma separated list. Depending on this parameter the access list can be used as access list only or as a department. oticket The amount of override tickets currently assigned to the department. fshare The current functional share of the department. entries The entries parameter contains the comma separated list of those UNIX users (see user_name in sge_types(1)) or those primary UNIX groups that are assigned to the access list or the department. By default only a user's primary UNIX group is used; secondary groups are ignored as long as the qmaster_param ENABLE_SUP_GRP_EVAL is not defined. Only symbolic names are allowed. A group is differentiated from a user name by pre- fixing the group name with a '@' sign. Pure access lists allow enlist- ing any user or group in any access list. When using departments, each user or group enlisted may only be enlisted in one department, in order to ensure a unique assignment of jobs to departments. To jobs whose users do not match with any of the users or groups enlisted under entries the defaultdepartment is assigned, if existing. SEE ALSO host_conf(5), sge_conf(5), sge_intro(1), sge_job_class(5), sge_types(1), project(5), qconf(1), sge_pe(5), queue_conf(5). COPYRIGHT See sge_intro(1) for a full statement of rights and permissions. Univa Grid Engine File Formats UGE 8.5.4 ACCESS_LIST(5)