Command Usage: samadmin v8_1_5 samadmin modify k5login
|  |
Command Description:
This command will modify the contents of the Fermilab ~sam/.k5login file,
adding and/or removing the specified principals. Your changes will be committed
in the specified cvs repository, and the file will be copied to all accounts listed
in the 'k5loginSubscription' file.
You must be logged in as user 'sam' on one of the 'master' FNAL nodes in order
to run this command. The 'master' FNAL nodes are:
['d0mino.fnal.gov', 'd0ora1.fnal.gov', 'd0ora3.fnal.gov', 'd0ora2.fnal.gov', 'bagend.fnal.gov']
NOTE ALSO: problems have been seen when using WRQ Reflections as your
means of logging in as user 'sam' on a 'master' node, probably due to
not coming in via FNAL kerberized ssh. If you use WRQ Reflections, a
suitable workaround is:
1) log in normally (as yourself) to a kerberized FNAL node.
2) kinit -F <username>/root # obtain credentials
3) ssh <masterNode>.fnal.gov -l sam # make sure this is the
# FNAL kerberized ssh
# (usually /usr/krb5/bin/ssh)
and proceed from there.
Example:
samadmin modify k5login --add=newShifter/root@FNAL.GOV,sam/d0/new.sam.node@FNAL.GOV \
--remove=oldShifter/root@FNAL.GOV,sam/d0/old.sam.node@FNAL.GOV
Usage:
samadmin modify k5login [--options] [-flags]
Where:
--options:
--add=<value> # comma-separated list of entries to be added
--corbaCallTimeout=<value> # time in seconds for CORBA method calls to return before timing out (default: 0; zero implies no timeout)
--cvsroot=<value> # name of alternate CVS repository (default: "cvsuser@cdcvs.fnal.gov:/cvs/cd")
--remove=<value> # comma-separated list of entries to be removed
--retryInterval=<value> # retry interval base in seconds; will multiply this base times retryCount (default: 5)
--retryJitter=<value> # retry jitter, random jitter added to base retry interval times retryCount (default: 5)
--retryMaxCount=<value> # number of times to retry CORBA calls for retriable exceptions (default: 25; zero implies no retries)
-flags:
-c # automatically close all servants after each method call
-d # debug mode
-s # retrySilently mode (do not issue messages to stderr on proxy retries)
-t # time-it mode (print additional info on timings)
-v # verbose mode
Must specify at least one of:
--add=<value> OR --remove=<value>
Required Data Types:
add : SamStringList
corbaCallTimeout : int
cvsroot : string
remove : SamStringList
retryInterval : int
retryJitter : int
retryMaxCount : int
You may omit "-c" if the $SAM_PYAPI_AUTO_CLOSE_SERVANTS environmental variable is set.
You may omit "--corbaCallTimeout=<value>" if the $SAM_PYAPI_CORBA_CALL_TIMEOUT environmental variable is set.
You may omit "--retryInterval=<value>" if the $SAM_PYAPI_RETRY_INTERVAL environmental variable is set.
You may omit "--retryJitter=<value>" if the $SAM_PYAPI_RETRY_JITTER environmental variable is set.
You may omit "--retryMaxCount=<value>" if the $SAM_PYAPI_RETRY_MAX_COUNT environmental variable is set.
You may omit "-s" if the $SAM_PYAPI_RETRY_SILENTLY environmental variable is set.
UNIX ExitStatus:
Success : 0
Unhandled exceptions : 127
See Also: