My cluster is multi tenancy of few groups using docker, each group gets the correct volumes based on the group. So one group cannot access other group underline storage.
Currently im using version 8.8 and if tomorrow i will upgrade to version 9 there will be a new option docker_network (I think) so in theory the user will be able to do something that i didn't thought about.
From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> on behalf of Jason Patton <jpatton@xxxxxxxxxxx>
Sent: Tuesday, May 4, 2021, 19:27
To: HTCondor-Users Mail List
Subject: Re: [HTCondor-users] Submit classad whitelist
Hi David,
We do provide some configuration macros to provide a set of attributes that cannot be changed once set, and furthermore you can enforce certain values using either submit transforms (to override user-given values) or submit requirements (to enforce that
users set certain values). The config macros of note are the four starting here:
I know these don't really solve the question of how to whitelist attributes, can you maybe describe a little more about the scenario that you're trying to solve or prevent?
Jason Patton