Configuration to enable LSF daemon startup control

Startup by users other than root (UNIX-only)

The LSF daemon startup control feature is enabled for UNIX hosts by defining the LSF_STARTUP_USERS and LSF_STARTUP_PATH parameters in the lsf.sudoers file. Permissions for lsf.sudoers must be set to 600. For Windows hosts, this feature is already enabled at installation when the services admin group is defined.

Configuration file	Parameter and syntax	Default behavior
lsf.sudoers	LSF_STARTUP_USERS=all_admins	Enables LSF daemon startup by users other than root when LSF_STARTUP_PATH is also defined. Allows all UNIX users defined as LSF administrators in the file lsf.cluster.`cluster_name` to start LSF daemons as root by running the lsadmin and badmin commands. Not recommended due to the security risk of a non-root LSF administrator adding to the list of administrators in the lsf.cluster`.cluster_name` file. Not required for Windows hosts because all users with membership in the services admin group can start LSF daemons.
LSF_STARTUP_USERS="`user_name1` `user_name2` …" LSF_STARTUP_USERS=`user_name`	Enables LSF daemon startup by users other than root when LSF_STARTUP_PATH is also defined. Allows the specified user accounts to start LSF daemons as root by running the lsadmin and badmin commands. Specify only cluster administrator accounts; if you add a non-administrative user, the user can start—but not shut down—LSF daemons. Separate multiple user names with a space. For a single user, do not use quotation marks.
	LSF_STARTUP_PATH=`path`	Enables LSF daemon startup by users other than root when LSF_STARTUP_USERS is also defined. Specifies the directory that contains the LSF daemon binary files. LSF daemons are usually installed in the path specified by the LSF_SERVERDIR parameter defined in the cshrc.lsf, profile.lsf, or lsf.conf files. Important: For security reasons, you should move the LSF daemon binary files to a directory other than LSF_SERVERDIR or LSF_BINDIR. The user accounts specified by LSF_STARTUP_USERS can start any binary in the LSF_STARTUP_PATH.

Configuration file

Parameter and syntax

Default behavior

lsf.sudoers

LSF_STARTUP_USERS=all_admins

Enables LSF daemon startup by users other than root when LSF_STARTUP_PATH is also defined.
Allows all UNIX users defined as LSF administrators in the file lsf.cluster.cluster_name to start LSF daemons as root by running the lsadmin and badmin commands.
Not recommended due to the security risk of a non-root LSF administrator adding to the list of administrators in the lsf.cluster.cluster_name file.
Not required for Windows hosts because all users with membership in the services admin group can start LSF daemons.

LSF_STARTUP_USERS="user_name1 user_name2 …"

LSF_STARTUP_USERS=user_name

Enables LSF daemon startup by users other than root when LSF_STARTUP_PATH is also defined.
Allows the specified user accounts to start LSF daemons as root by running the lsadmin and badmin commands.
Specify only cluster administrator accounts; if you add a non-administrative user, the user can start—but not shut down—LSF daemons.
Separate multiple user names with a space.
For a single user, do not use quotation marks.

LSF_STARTUP_PATH=path

Enables LSF daemon startup by users other than root when LSF_STARTUP_USERS is also defined.
Specifies the directory that contains the LSF daemon binary files.
LSF daemons are usually installed in the path specified by the LSF_SERVERDIR parameter defined in the cshrc.lsf, profile.lsf, or lsf.conf files.
Important:
For security reasons, you should move the LSF daemon binary files to a directory other than LSF_SERVERDIR or LSF_BINDIR. The user accounts specified by LSF_STARTUP_USERS can start any binary in the LSF_STARTUP_PATH.

EGO administrator login bypass

For both UNIX and Windows hosts, you can bypass the EGO administrator login for res and sbatchd by defining the parameters LSF_EGO_ADMIN_USER and LSF_EGO_ADMIN_PASSWORD in the lsf.sudoers file.

Configuration file	Parameter and syntax	Default behavior
lsf.sudoers	LSF_EGO_ADMIN_USER=Admin	Enables a user or script to bypass the EGO administrator login prompt when LSF_EGO_ADMIN_PASSWD is also defined. Applies only to startup of res or sbatchd. Specify the Admin EGO cluster administrator account.
LSF_EGO_ADMIN_PASSWD=`password`	Enables a user or script to bypass the EGO administrator login prompt when LSF_EGO_ADMIN_USER is also defined. Applies only to startup of res or sbatchd. Specify the password for the Admin EGO cluster administrator account.

Configuration file

Parameter and syntax

Default behavior

lsf.sudoers

LSF_EGO_ADMIN_USER=Admin

Enables a user or script to bypass the EGO administrator login prompt when LSF_EGO_ADMIN_PASSWD is also defined.
Applies only to startup of res or sbatchd.
Specify the Admin EGO cluster administrator account.

LSF_EGO_ADMIN_PASSWD=password

Enables a user or script to bypass the EGO administrator login prompt when LSF_EGO_ADMIN_USER is also defined.
Applies only to startup of res or sbatchd.
Specify the password for the Admin EGO cluster administrator account.