How to add some AFS users on a machine managed by Quattor ?

For example, I would like to add AFS user joel and ycalas on a machine (for example volhcb01). The steps to follow are:

  • Check that this AFS accounts are in /etc/passwd.

  • Log in on volhcb01 (using my AFS account ycalas).

  • Type the following command line:

          LEAFAddAccess --objecttype=host --objectname=volhcb01 --interactive joel,ycalas
The documentation of this command is obtained by:
[lxadm03-14:23:55] /afs/ (9) > LEAFAddAccess --help
This is LEAFAddAccess version 1.2

         --objectname=<hostname> or <clustername> or <systemname>

         --get (if only the current setup is looked for)
         --interactive=<login1, ...,loginN>
         --root=<login1, ...,loginN>
         --rm_interactive=<login1, ...,loginN>
         --rm_root=<login1, ...,loginN>


Note: may use CDB_USER and CDB_PASSWORD environment variables
       create a cdb config file called in the current working directory containing:
       enter them from STDIN when asked for.

The following options are available:

 --cgi  <string>
        (default: 'leaftoolssuite')
        Name of the cgi module
 --debug  <integer>
        set the debugging level to <1..5>.
        Flag to be used if you simply wants to find out what the current setup is.
        displays this help message.
 --interactive  <string>
        list of logins to be given interactive access, comma separated
 --logfile  <string>
        (default: '/tmp/LEAFAddAccess.log.15097')
        log path/filename to use
 --objectname  <string>
        name of the object
 --objecttype  <string>
        host or cluster or system ?
        suppress application output to stdout.
 --rm_interactive  <string>
        list of logins to be removed interactive access, comma separated
 --rm_root  <string>
        list of logins to be removed root access, comma separated
 --root  <string>
        list of logins to be given root access, comma separated
 --server  <string>
        (default: 'lxservb02')
        Server for the SOAP interface (production=lxservb02, developments=lxdev08)
        Only test connection to server.
        print more details on operations.
        prints current version and exits.

[lxadm03-14:35:30] /afs/ (10) >

  • Execute on the target machine (volhcb01) the following command line:

[root@volhcb01 root]# ncm-ncd --conf access_control

[INFO] NCM-NCD version 1.2.3 started by root at: Fri Jun 30 14:24:35 2006
[INFO] executing configure on components....

[INFO] running component: access_control
[INFO] Sudo access controled.
[INFO] configure on component access_control executed, 0 errors, 0 warnings


[OK]   0 errors, 0 warnings executing configure
[root@volhcb01 root]#

How to remove some AFS users on a machine managed by Quattor ?

  • On lxadm: LEAFAddAccess --objecttype=host --objectname=volhcb01 --rm_interactive ycalas

  • On volhcb01: ncm-ncd --conf access_control

How to put a machine in production/maintenance ?

Use the function sms found in /afs/

  • To put the machine in production: /afs/ set production.
  • To put the machine in maintenance: /afs/ set maintenance test.

The documentation can be obtained with the --help option:

[root@voatlas01 root]# /afs/ --help
Unknown option: help

Usage: /afs/ get <hostname> [hostname...]
           set <state> <reason> <comment> <hostname> [hostname...]
           clear <state> <reason> <hostname> [hostname...]
           default <hostname> [hostname...]
           history <hostname> [hostname...]

        options --user=<username> --pwd=<password>

        Valid states and their reasons:

              production       none
              maintenance      "installation and stress test"
                               "vendor call"
                               "hardware tests"
                               "ip renumbering"
                               "os upgrade"
                               "kernel upgrade"
                               "change cluster"
              standby          quiescing
                               "os upgrade"
                               "kernel upgrade"
                               "change cluster"

Please use perldoc /afs/ for further information

[root@voatlas01 root]#

How to use SPMA ?

  • Log on the machine as root.
  • run Note that there is an option --noaction to see what would be done.
Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r3 - 2006-08-09 - YvanCalas
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    Main All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback