Richard Hierlmeier's Weblog
- All
- General
- Grid Engine
Username/Password authentation with sdmadm
SDM user normally an X.509 certificate stored in the in a java keystore to authenticate a user against SDM daemons. However if the keystore is not accessible from host also user name password authentication can be used. The following example shows how it works:
Assume that an administrator want to know the status of the JVMs a the SDM system, however there is no keystore for the user available on the workstation. By invoking a sdmadm show_jvm you will get the following error:
% sdmadm show_jvm
Error: permission denied
With the -ppw switch the user name/password authentication is activated:
% sdmadm -ppw show_jvm
username [root] > sdm_admin
password >
name host state used_mem max_mem message
-------------------------------------------------------------------------------------------
cs_vm master STARTED 10M 113M
executor_vm node1 STARTED 2M 31M
...
The user name password authentication works only if the following requirements are fulfilled:
- the user name be in the SDM admin user list:
- SDM uses the
authuserbinary which comes the the Grid Engine distribution. This binary can be found at$SGE_ROOT/utilbin/<arch>. It must have the correct permissions otherwise the it will not work.
% sdmadm show_admin_user
admin_user
----------
sge_admin
Additional users can be added with sdmadm add_admin_user.
% ls -l $SGE_ROOT/utilbin/sol-sparc64/authuser
-r-s--x--x 1 root root 554760 2008-05-26 13:37 /opt/sge62/utilbin/sol-sparc64/authuser
Posted at 04:42PM May 26, 2008 by rhierlmeier in Service Domain Manager |