File: reloadcustompasswdfile.rst

package info (click to toggle)
ecflow 5.16.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 52,220 kB
  • sloc: cpp: 273,994; python: 22,754; sh: 3,643; perl: 774; xml: 333; f90: 204; ansic: 141; makefile: 63
file content (91 lines) | stat: -rw-r--r-- 3,336 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
 

.. _reloadcustompasswdfile_cli:

reloadcustompasswdfile
**********************







.. rubric:: Output of :code:`--help=reloadcustompasswdfile`



The following help text is generated by :code:`ecflow_client --help=reloadcustompasswdfile`

::

   
   reloadcustompasswdfile
   ----------------------
   
   Reload the server custom password file.
   
   The custom password file (authentication) is used by the server to authenticate a 'user' by
   verifying if the password provided by the user matches the one held by the server. This
   particular file is used for authentication of users that explicitly specify the user name
   (either via the environment variable ECF_USER or the --user option).
   
   This mechanism should be used when most users use the machine login name, but a few users
   specify their own user name, in which case the password must also be explicitly provided.
   
   The file path is specified as the ECF_CUSTOM_PASSWD environment variable, both for the
   client and server, and is loaded only by the server on *startup*. This means that the file
   contents can be updated (i.e., add/remove users), but the file location cannot change during
   the server execution.
   
   The server automatically loads the password file content as part of the startup procedure.
   
   The ECF_CUSTOM_PASSWD environment variable is used to specify the password file location,
   considering that
    - On the server the default file name is <host>.<port>.ecf.custom_passwd
    - On the client the default file name is ecf.custom_passwd
   
   The format of the file is same for client and server:
   
   
   4.5.0
   # comment
   <user> <host> <port> <passwd> # comment
   
   The following is an example
   
   4.5.0 # the version
   fred machine1 3142 xxyyyd
   fred machine2 3133 xxyyyd # comment
   bill machine2 3133 xxyggyyd
   
   Notice that the same user may appear multiple times (associated with different host/port).
   This allows the client to use the same password file to contact multiple servers.
   
   For the password authentication to work, ensure the following:
    - The password is defined for the client and server
    - On the server, add at least the server administrator to the password file
      Note: If an empty password file (i.e., containing just the version) is used,
            no user is allowed access.
    - On the client, the password file should be readable only by the 'user' itself
   
   Usage:
    --reloadcustompasswdfile
   
   The client considers, for both user and child commands, the following environment variables:
   
     ECF_HOST <string> [mandatory*]
       The main server hostname; default value is 'localhost'
     ECF_PORT <int> [mandatory*]
       The main server port; default value is '3141'
     ECF_SSL <any> [optional*]
       Enable secure communication between client and server.
     ECF_HOSTFILE <string> [optional]
       File that lists alternate hosts to try, if connection to main host fails
     ECF_HOSTFILE_POLICY <string> [optional]
       The policy ('task' or 'all') to define which commands consider using alternate hosts.
   
   The options marked with (*) must be specified in order for the client to communicate
   with the server, either by setting the environment variables or by specifying the
   command line options.