Devices permission reset

GPU Unix Graphics Linux
#1

Hi,

I’m using Ubuntu 18.04 and running Nvidia driver version 440.33.01

I would like to have permission 0660 on all nvidia devices. Only root user can have access to GPU cards.

I added drivers options

cat /etc/modprobe.d/nvidia.conf 
options NVreg_DeviceFileMode=0660 NVreg_ModifyDeviceFiles=0

After reboot, devices still have 0666 permission.

ls -alrt /dev/nvidia*
crw-rw-rw- 1 root root 195, 255 Jan  8 14:27 /dev/nvidiactl
crw-rw-rw- 1 root root 195,   0 Jan  8 14:27 /dev/nvidia0
crw-rw-rw- 1 root root 237,   0 Jan  8 14:27 /dev/nvidia-uvm
crw-rw-rw- 1 root root 237,   1 Jan  8 14:27 /dev/nvidia-uvm-tools
crw-rw-rw- 1 root root 195,   1 Jan  8 14:27 /dev/nvidia1
crw-rw-rw- 1 root root 195,   2 Jan  8 14:27 /dev/nvidia2
crw-rw-rw- 1 root root 195, 254 Jan  8 14:27 /dev/nvidia-modeset

When I change the permissions:

chmod 0660 /dev/nvidia{0,1,2}

It works, BUT the value reset to 0666 when I run

nvidia-smi

command or system reboot.

I also disabled nvidia-persistenced
service without success.

Aany idea why this behavior?

How can I force the permission to 0660 ?

Thank you.

#2

You need to recreate your initrd to make the changes to /etc/modprobe.d/nvidia.conf effective.

Note that there is no proper rights management for the nvidia device files. They are expected to be rw for everyone, otherwise things don’t work. That’s why nvidia-modprobe exists. It’s suid root and will (among other things) fixup everything to be 0666. nvidia-smi calls it if necessary.

#3

Hi,

I did

# update-initramfs -u -k all 
# update-grub

After reboot permission still 0666

I checked the loaded options:

#head -7 /proc/driver/nvidia/params
Mobile: 4294967295
ResmanDebugLevel: 4294967295
RmLogonRC: 1
ModifyDeviceFiles: 1
DeviceFileUID: 0
DeviceFileGID: 0
DeviceFileMode: 438

It seems that the driver is ignoring options and loading default values!

#4

The content of your /etc/modprobe.d/nvidia.conf file is not correct. It should read

options nvidia NVreg_DeviceFileMode=0660

You forgot ‘nvidia’ – and NVreg_ModifyDeviceFiles=0 means to not create /dev/nvidia* nodes at all.

#5

Problem solved, thank you for your help.

But, I wanted only to modify /dev/nvidia{0,1,2}.

The driver seems to modify also /dev/nvidiactl

#6

Well I have little cluster and with old version of nvidia driver I can hide devices from users and I manupulate device permission in SGE prolog epilog script.

After upgrade, unfortunately (or not) devices permission now revert to the values given in the driver options.

I have to find another solution to share GPUs between users using old SGE scheduler.

Many thanks again.