Statistics
| Branch: | Tag: | Revision:

one / share / man / oneuser.1 @ f3d57119

History | View | Annotate | Download (6.78 KB)

1
.\" generated with Ronn/v0.7.3
2
.\" http://github.com/rtomayko/ronn/tree/0.7.3
3
.
4
.TH "ONEUSER" "1" "August 2015" "" "oneuser(1) -- manages OpenNebula users"
5
.
6
.SH "NAME"
7
\fBoneuser\fR \- manages OpenNebula users
8
.
9
.SH "SYNOPSIS"
10
\fBoneuser\fR \fIcommand\fR [\fIargs\fR] [\fIoptions\fR]
11
.
12
.SH "OPTIONS"
13
.
14
.nf
15

    
16
 \-r, \-\-read\-file           Read password from file
17
 \-\-sha1                    The password will be hashed using the sha1
18
                           algorithm
19
 \-\-ssh                     SSH Auth system
20
 \-\-x509                    x509 Auth system for x509 certificates
21
 \-k, \-\-key path_to_private_key_pem Path to the Private Key of the User
22
 \-c, \-\-cert path_to_user_cert_pem Path to the Certificate of the User
23
 \-\-driver driver           Driver to autehnticate this user
24
 \-a, \-\-append              Append new attributes to the current template
25
 \-\-x509_proxy              x509 Auth system based on x509 proxy certificates
26
 \-\-proxy path_to_user_proxy_pem Path to the user proxy certificate
27
 \-\-time x                  Token duration in seconds, defaults to 36000 (10
28
                           h)\. To reset the token set time to 0\.To generate
29
                           a non\-expiring token use \-1 (not valid for ssh
30
                           and x509 tokens)\.
31
 \-\-force                   Force one_auth file rewrite
32
 \-l, \-\-list x,y,z          Selects columns to display with list command
33
 \-d, \-\-delay x             Sets the delay in seconds for top command
34
 \-f, \-\-filter x,y,z        Filter data\. An array is specified with
35
                           column=value pairs\.
36
 \-\-csv                     Write table in csv format
37
 \-x, \-\-xml                 Show the resource in xml format
38
 \-n, \-\-numeric             Do not translate user and group IDs
39
 \-\-describe                Describe list columns
40
 \-v, \-\-verbose             Verbose mode
41
 \-h, \-\-help                Show this message
42
 \-V, \-\-version             Show version and copyright information
43
 \-\-user name               User name used to connect to OpenNebula
44
 \-\-password password       Password to authenticate with OpenNebula
45
 \-\-endpoint endpoint       URL of OpenNebula xmlrpc frontend
46
.
47
.fi
48
.
49
.SH "COMMANDS"
50
.
51
.IP "\(bu" 4
52
create \fIusername\fR [\fIpassword\fR] Creates a new User Examples: oneuser create my_user my_password oneuser create my_user \-r /tmp/mypass oneuser create my_user \-\-ssh \-\-key /tmp/id_rsa oneuser create my_user \-\-ssh \-r /tmp/public_key oneuser create my_user \-\-x509 \-\-cert /tmp/my_cert\.pem valid options: read_file, sha1, ssh, x509, key, cert, driver
53
.
54
.IP "\(bu" 4
55
update \fIuserid\fR [\fIfile\fR] Update the template contents\. If a path is not provided the editor will be launched to modify the current content\. valid options: append
56
.
57
.IP "\(bu" 4
58
quota \fIuserid\fR [\fIfile\fR] Set the quota limits for the user\. If a path is not provided the editor will be launched to modify the current quotas\.
59
.
60
.IP "\(bu" 4
61
batchquota \fIrange|userid_list\fR [\fIfile\fR] Sets the quota limits in batch for various users\. If a path is not provided the editor will be launched to create new quotas\.
62
.
63
.IP "\(bu" 4
64
defaultquota [\fIfile\fR] Sets the default quota limits for the users\. If a path is not provided the editor will be launched to modify the current default quotas\.
65
.
66
.IP "\(bu" 4
67
umask \fIrange|userid_list\fR [\fImask\fR] Changes the umask used to create the default permissions\. In a similar way to the Unix umask command, the expected value is a three\-digit base\-8 number\. Each digit is a mask that disables permissions for the owner, group and other, respectively\.
68
.
69
.IP "" 4
70
.
71
.nf
72

    
73
If mask is not given, or if it is an empty string, the umask will
74
be unset
75
.
76
.fi
77
.
78
.IP "" 0
79

    
80
.
81
.IP "\(bu" 4
82
login \fIusername\fR Creates the login token for authentication\. The token can be used together with any authentication driver\. The token will be stored in $HOME/\.one/one_auth, and can be used subsequently to authenticate with oned through API, CLI or Sunstone\.
83
.
84
.IP "" 4
85
.
86
.nf
87

    
88
Example, request a valid token for a generic driver (e\.g\. core auth, LDAP\.\.\.):
89
  oneuser login my_user \-\-time 3600
90

    
91
Example, generate and set a token for SSH based authentication:
92
  oneuser login my_user \-\-ssh \-\-key /tmp/id_rsa \-\-time 72000
93

    
94
Example, same using X509 certificates:
95
  oneuser login my_user \-\-x509 \-\-cert /tmp/my_cert\.pem
96
                        \-\-key /tmp/my_key\.pk \-\-time 72000
97

    
98
Example, now with a X509 proxy certificate
99
  oneuser login my_user \-\-x509_proxy \-\-proxy /tmp/my_cert\.pem
100
                        \-\-time 72000
101
valid options: ssh, x509, x509_proxy, key, cert, proxy, time, force
102
.
103
.fi
104
.
105
.IP "" 0
106

    
107
.
108
.IP "\(bu" 4
109
key DEPRECATED, use login to generate auth files\.
110
.
111
.IP "" 4
112
.
113
.nf
114

    
115
Shows a public key from a private SSH key\. Use it as password
116
for the SSH authentication mechanism\.
117
valid options: key
118
.
119
.fi
120
.
121
.IP "" 0
122

    
123
.
124
.IP "\(bu" 4
125
delete \fIrange|userid_list\fR Deletes the given User
126
.
127
.IP "\(bu" 4
128
passwd \fIuserid\fR [\fIpassword\fR] Changes the given User\'s password valid options: read_file, sha1, ssh, x509, key, cert, driver
129
.
130
.IP "\(bu" 4
131
chgrp \fIrange|userid_list\fR \fIgroupid\fR Changes the User\'s primary group
132
.
133
.IP "\(bu" 4
134
addgroup \fIrange|userid_list\fR \fIgroupid\fR Adds the User to a secondary group
135
.
136
.IP "\(bu" 4
137
delgroup \fIrange|userid_list\fR \fIgroupid\fR Removes the User from a secondary group
138
.
139
.IP "\(bu" 4
140
chauth \fIuserid\fR [\fIauth\fR] [\fIpassword\fR] Changes the User\'s auth driver and its password (optional) Examples: oneuser chauth my_user core oneuser chauth my_user core new_password oneuser chauth my_user core \-r /tmp/mypass oneuser chauth my_user \-\-ssh \-\-key /home/oneadmin/\.ssh/id_rsa oneuser chauth my_user \-\-ssh \-r /tmp/public_key oneuser chauth my_user \-\-x509 \-\-cert /tmp/my_cert\.pem valid options: read_file, sha1, ssh, x509, key, cert, driver
141
.
142
.IP "\(bu" 4
143
list Lists Users in the pool valid options: list, delay, filter, csv, xml, numeric, describe
144
.
145
.IP "\(bu" 4
146
show [\fIuserid\fR] Shows information for the given User valid options: xml
147
.
148
.IP "\(bu" 4
149
encode \fIusername\fR [\fIpassword\fR] Encodes user and password to use it with ldap
150
.
151
.IP "" 0
152
.
153
.SH "ARGUMENT FORMATS"
154
.
155
.IP "\(bu" 4
156
file Path to a file
157
.
158
.IP "\(bu" 4
159
range List of id\'s in the form 1,8\.\.15
160
.
161
.IP "\(bu" 4
162
text String
163
.
164
.IP "\(bu" 4
165
groupid OpenNebula GROUP name or id
166
.
167
.IP "\(bu" 4
168
userid OpenNebula USER name or id
169
.
170
.IP "\(bu" 4
171
userid_list Comma\-separated list of OpenNebula USER names or ids
172
.
173
.IP "\(bu" 4
174
password User password
175
.
176
.IP "" 0
177
.
178
.SH "LICENSE"
179
OpenNebula 4\.13\.80 Copyright 2002\-2015, OpenNebula Project (OpenNebula\.org), C12G Labs
180
.
181
.P
182
Licensed under the Apache License, Version 2\.0 (the "License"); you may not use this file except in compliance with the License\. You may obtain a copy of the License at http://www\.apache\.org/licenses/LICENSE\-2\.0