Job Security

LSF has features for controlling job security. This allows you to set the access control level to jobs by users (including user group, queue, and cluster administrators). This is useful for large environments where many groups may share the same cluster and it may be a security threat to allow some users to view job details and summary information. With access control levels configured, you may prevent users (including administrator users) from viewing other user’s job information through LSF commands including bjobs, bjdepinfo, bread, bstatus, bhist, and bacct.

Note: There are no rights restrictions for the primary administrator. They may always see all job detail information.

Note: On UNIX platforms, there is no rights restriction for root. On Windows platforms, the Windows administrator is treated as a regular user.

Note: Job information security (access control level) is not supported on LSF express edition.

Job information types

There are two kinds of job information which will be viewed by users:

Summary Information:

Obtained from bjobs with options other than -l, such as -aps, -fwd, -p, -ss, -sum, -W, -WF, -WP, -WL, etc.
Detail Information:

Obtained from bjobs -l, bjobs -UF, bjobs -N, bjdepinfo, bread, and bstatus.

There are two kinds of user rights which will determine what kind of information a user can view for a job:

Basic rights: User can see all summary information.
Detail rights: User can see all detail information.