AppLogic 2.7/2.8 Documentation The latest production release is AppLogic 3.0.30
User Management Commands
The following commands are supported:
| Command | Description |
|---|
| list | Show list of users |
| info | Show a user's profile |
| create | Add a new user |
| destroy | Delete an existing user |
| set | Modify a user's profile |
| unlock | Removes the temporary login lockout for user. |
Notes:
- anyone can add/remove users
- only name & password are required to create a new user, all other values are optional
- anyone can modify the settings of any user (i.e., there's no user privilege levels, any user is an 'admin')
list
| Description: | Show a list of registered users |
| Syntax: | user list [ --batch ] |
| Arguments: | None. | |
| Examples: | user list - List registered users |
| Notes: | None. |
Typical Output
eric@example.com UFO
jessie@example.com Jessie
lion@example.com Maybe Nameless
peter@example.com My Number Is 123
Output Example in --batch Mode
user: id='eric@example.com', realname='UFO'
user: id='jessie@example.com', realname='Jessie'
user: id='lion@example.com', realname='Maybe Nameless', lockout=287
user: id='peter@example.com', realname='My Number Is 123'
info
| Description: | Show a user profile |
| Syntax: | user info name [ --batch ] |
| Arguments: | name | Name of the user to display |
| Examples: | user info lion@example.com - Show user profile for 'lion@example.com' |
| Notes: | The SSH key is not shown, even if one is configured. |
Typical Output
comment =
lockout = 287 sec (time remaining until user can make another login attempt)
realname = Maybe Nameless
create
| Description: | Add a new user |
| Syntax: | user create name pwd=- [key1=value1 ...] |
| Arguments: | name | Name of the user to add. The name should be a valid e-mail address, on which the user can receive e-mails. The same name should also be used for registering a Bugzilla account (optional). |
| pwd=- | Prompt for user's password. If the standard input is not a terminal device, it will not print a prompt and expect only one copy of the password on 'stdin' (this can be used for batch operations, to set the password from a file). |
| Examples: | user create myuser pwd=- Create new user and prompt for password |
| Notes: | This command adds the specified user to the grid controller's database. The new username/password can be used to log into the grid controller through the AppLogic visual interface. To enable the new user to access the command-line interface, an ssh key must be added, either with the add command or later, using user set. |
All of the user profile settings that can be configured with the set command can also be used with the create command. See the set command below for more information. |
| The user password is case-sensitive, may consist of any standard keyboard characters [a-z,A-Z,0-9,and special characters] with the exception of ' ' (space), and must have a length between 6 and 64 characters inclusive. |
| Although it is possible to specify the actual user password on the command line (i.e., replace pwd=- with pwd=passwd), it is not recommended because someone could hit the up arrow and see the user's password. |
destroy
| Description: | Delete an existing user |
| Syntax: | user destroy name |
| Arguments: | name | Name of the user to delete |
| Examples: | user destroy myuser - Delete 'myuser' |
| Notes: | This command removes the specified user from the grid's controller. It also removes the user's SSH key, if one was set up, disabling the user's access to the command-line interface as well. |
set
| Description: | Modify a user profile |
| Syntax: | user set name [key1=value1] [key2=value2] ... |
| Arguments: | name | Name of the user to modify |
| keyN=ValueN | One or more profile property settings. The table below explains the available settings. |
| Examples: | user set myuser pwd=- - Set new password for 'myuser' by asking the user for it |
| pwd | Password. The password can be set either directly, by supplying the password string on the command line, or typed to a 'shadow-display' password prompt that does not reveal the entered characters. The shadow entry option is selected by using a single '-' character as the password, i.e. pwd=- . The 'shadow display' mode works differently depending on whether the input is a terminal device or not. For a terminal, a prompt is displayed and the password has to be entered twice. For non-terminal input nothing is displayed and the password string is simply read from the input stream once.
 The pwd=- option should ALWAYS be used to prevent others from potentially seeing the password by hitting the up arrow key. |
| The user password is case-sensitive, may consist of any standard keyboard characters [a-z,A-Z,0-9,and special characters] with the exception of ' ' (space), and must have a length between 6 and 64 characters inclusive. |
| realname | The real name of the user. This is intended as the 'display' name, used to address the user in GUI prompts. |
| comment | Arbitrary text, saved with the user's profile. |
| sshkey | an SSH public key to install as the user's access key to the CLI. The string provided for this property must be of the form
ssh-rsa base-64 encoded key or
ssh-dsa base-64 encoded key .
This is the form found in the "public key" file produced by the ssh-keygen command from the OpenSSH tool set. Note that SSH clients other than the one from OpenSSH can be used as well - most of them have the ability to export a public key in the OpenSSH format. Note that since the key string contains a space, the entire value has to be enclosed in quotes, e.g. "sshkey=ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAm1g4ZHEPwKDGDrNfBIK30jhkHv? ..." (the example is truncated, the SSH keys are usually a few hundred characters in length. Using copy-and-paste is highly recommended :) |
unlock
| Description: | Removes the temporary login lockout placed on the specified user ID if repeated attempts to login were made with a wrong password. |
| Syntax: | user unlock name |
| Arguments | name | Name of the user for which to remove the temporary login lockout. |
| Examples: | user unlock myuser@3tera.com - remove temporary login lockout for 'myuser@3tera.com' |
| Notes: | |
-- BeckyH - 23 May 2006
Copyright © CA 2005-2011. All Rights Reserved.
AppLogic27 Web