Appendices > Appendix I: Security Overview

Appendix I: Security Overview

The authorization model for TORQUE changed in version 4.0.0 from pbs_iff to a daemon called trqauthd. The job of the trqauthd daemon is the same as pbs_iff. The difference is that trqauthd is a resident daemon whereas pbs_iff is invoked by each client command. pbs_iff is not scalable and is prone to failure under even small loads. trqauthd is very scalable and creates the possibility for better security measures in the future.

trqauthd and pbs_iff Authorization Theory

The key to security of both trqauthd and pbs_iff is the assumption that any host which has been added to the TORQUE cluster has been secured by the administrator. Neither trqauthd nor pbs_iff do authentication. They only do authorization of users. Given that the host system is secure the following is the procedure by which trqauthd and pbs_iff authorize users to pbs_server.

Client utility makes a connection to pbs_server on a dynamic port.
Client utility sends a request to trqauthd with the user name and port.
trqauthd verifies the user ID and then sends a request to pbs_server on a privileged port with the user ID and dynamic port to authorize the connection.
trqauthd reports results of the server to client utility.

Both trqauthd and pbs_iff use Unix domain sockets for communication from the client utility. Unix domain sockets have the ability to verify that a user is who they say they are by using security features that are part of the file system.