Add warning not to use AuthType=auth/none if any security is desired.

ad04b4f2 · Moe Jette · 0f27bda4 · ad04b4f2 · ad04b4f2 · ad04b4f2
Commit ad04b4f2 authored 21 years ago by Moe Jette
--- a/doc/html/quickstart_admin.html
+++ b/doc/html/quickstart_admin.html
@@ -74,7 +74,10 @@ per the SLURM configuration.</p>
 <h3>Infrastructure</h3>
 <p>All communications between SLURM components are authenticated. The authentication 
 infrastructure used is specified in the SLURM configuration file and options include: 
-<a href="http://www.theether.org/authd/">authd</a>, munged and none.</p>
+<a href="http://www.theether.org/authd/">authd</a>, munged and none.
+The default authentication infrastructure is "none". This permits any user to execute 
+any job as another user. This may be fine for testing purposes, but certainly not for production 
+use. <b>Configure some AuthType value other than "none" if you want any security.</b></p>
 <p>Quadrics MPI works directly with SLURM on systems having Quadrics interconnects. 
 For non-Quadrics interconnect systems, <a href="http://www.lam-mpi.org/">LAM/MPI</a> 
 is the preferred MPI infrastructure. LAM/MPI uses the command <i>lamboot</i> to 
@@ -338,7 +341,7 @@ adev0: scontrol shutdown
 <td colspan="3"><hr> <p>For information about this page, contact <a href="mailto:slurm-dev@lists.llnl.gov">slurm-dev@lists.llnl.gov</a>.</p>
 <p><a href="http://www.llnl.gov/"><img align=middle src="lll.gif" width="32" height="32" border="0"></a></p>
 <p class="footer">UCRL-WEB-201790<br>
-Last modified January 15, 2004</p></td>
+Last modified February 12, 2004</p></td>
 </tr>
 </table>
 </td>

--- a/doc/man/man5/slurm.conf.5
+++ b/doc/man/man5/slurm.conf.5
-.TH "slurm.conf" "5" "January 2004" "Morris Jette" "Slurm configuration file"
+.TH "slurm.conf" "5" "February 2004" "Morris Jette" "Slurm configuration file"
 .SH "NAME"
 slurm.conf \- Slurm configuration file 
 .SH "DESCRIPTION"
@@ -22,6 +22,8 @@ components.
 Acceptable values at present include "auth/none" and "auth/authd".
 The default value is "auth/none", which means the UID included in 
 communication messages is not verified. 
+This may be fine for testing purposes, but 
+\fBdo not use "auth/none" if you desire any security\fR.
 "auth/authd" indicates that Brett Chun's authd is to be used (see
 "http://www.theether.org/authd/" for more information).
 All SLURM daemons and commands must be restarted for a change in 

--- a/etc/slurm.conf.example
+++ b/etc/slurm.conf.example
@@ -131,8 +131,12 @@
 # o Define the authentication method for communicating between SLURM
 #   components
 #
-# "auth/none"  : no authentication, the default
+# "auth/none"   : no authentication, the default
-# "auth/authd" : Brent Chun's authd
+# "auth/authd"  : Brent Chun's authd
+# "auth/munge": LLNL's munge
+#
+# WARNING: The use of "auth/none" permits any user to execute jobs as any 
+# other user. This may be fine for testing purposes, but do not use it in production.
 #
 # AuthType=auth/none