Categories

ID #1417

How do I restrict access of certain modules to specific users?

I have software with limited licenses that I only want certain users to have access to. How do I make sure only those users can load the modules for that software?

You can accomplish this by putting the modules in question in a different directory than the rest of the modules. Then in the /etc/profile.d/modules.sh script you can add some logic that will only add that directory to the path for certain users.

For example, you can move the information for a module to /cm/shared/secret. You can then modify the /etc/profile.d/modules.sh script to have logic that looks for a specific user id. If it matches then it appends the "secret" directory to the MODULEPATH_TMP variable.  In this example /cm/shared/secret was used, but you can specify any path that is generally available to users. The beginning of that script has an additional 'if' statement nested in the 'if' statement that matches non-root users:

 

if [ "$ENABLE_LMOD" == "0" ];then
  if [ ´id -u´ -ne 0 ]; then
    MODULEPATH_TMP=/cm/local/modulefiles:/cm/shared/modulefiles
    PATH_TMP=/sbin:/usr/sbin:/cm/local/apps/environment-modules/4.0.0/bin
    if [ $USER == 'cmtest' ] ; then
      MODULEPATH_TMP=$MODULEPATH_TMP:/cm/shared/secret
    fi
  else
...

When logging in as the 'cmtest' user you should be able to see the module when running 'module avail'. If you want to have those modules loaded by default for the user, then you can modify their .bashrc, loading the module when they log in.

Tags: -

Related entries:

You cannot comment on this entry