-
Notifications
You must be signed in to change notification settings - Fork 108
vm access to other user
ssh [my-vm-name].cern.ch sqlite3 /data/srv/current/auth/frontend/users.db
Now create the role (If you want to test different roles and permission you can add more roles and give the different dn different role - i.e. - 'production-operator', 'web-service', 't0-operator', 'data-manager'
Following access for only for submitting and viewing the application. (foo role will be in default role - you can remove that)
sqlite> insert into role values (1, 'admin') sqlite> insert into role values (2, 'production-operator') sqlite> insert into user_group values (1, 'reqmgr') sqlite> insert into user_group values (2, 'dataops')
adding specific user to contact (here 'vocms0192'), but any other user information can be found in CRIC service (https://cms-cric.cern.ch/accounts/user/query/?json&preset=roles)
sqlite> insert into contact values (2, 'Service', 'vocms0192', 'vocms0192', '/DC=ch/DC=cern/OU=computers/CN=wmagent/vocms0192.cern.ch');
sqlite> insert into group_responsibility values (55, 1, 1);
sqlite> insert into group_responsibility values (55, 2, 2);
In some cases, if other developers need to access and debug some testing in your vm following instruction to do that. (Giving access to your machine with caution and when it is not needed anymore remove the access)
> ssh [my-vm-name].cern.ch
> sudo su -
# other users has to have cern account
> addusercern [other_user_id]
# give all the permission to start and stop server
> /usr/bin/visudo
or
> visudo
# add following line under
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
other_user_id ALL=(ALL) NOPASSWD: ALL