Tutorial:
Logging in to a running Legion system


Table of Contents

  About the log in procedure
About AuthenticationObjects
Using legion_login
Checking your log in status

  Other relevant on-line documents:
  Logging in to a running Legion system
Legion graphical user interface
Introduction to Legion context space
Context-related commands
How to start remote programs in Legion
Sample makefile for remote programs
Object permissions
Legion tty objects
Running a PVM code in Legion
Running an MPI code in Legion
Quick list of all Legion commands
Usage of all Legion commands
Starting and shutting down Legion 1.5
Using Legion security features
Legion host and vault objects
Adding host and vault objects
The list of all on-line 1.5 tutorials


The Legion tutorials offer quick and simple instructions for various key procedures for a Legion system. More complete explanations of all of the procedures discussed here are available on separate pages, and can be found by clicking on the icon.

Depending on how your system is set up, you may need to set up your access to your system before you can run Legion commands. This will probably involve running a command such as this:

$ . ~legion/setup.sh

or

$ source ~legion/setup.csh
The exact syntax will depend on what kind of shell you are using and where your Legion files are installed (i.e., the value of ~legion will depend on your individual Legion net). Consult your system administrator for more information.


About the log in procedure
Legion comes with security features that can be enabled or not, as appropriate to your system. If your system adminstrator chooses to use them, they will be enabled when the system is first initialized. In a secured system all users must have a user id and must log in before starting to work. Your system's log in procedure may differ from what is described here: please see your system administrator for exact instructions. The default system requires that all users have user ids and passwords. This allows Legion to keep track of your objects and to know what kind of user privileges you have. It also prevents malicious users from interfering with your objects or gaining illicit access to your system.

About AuthenticationObjectsaltering the AuthenticationObject
When you log in to a Legion system you are identified by a special object called the AuthenticationObject: this object contains your password, initial implicit parameters (the Legion equivalent of a the Unix "environment"), and other information. AuthenticationObjects are created when you create a user id. When an authenticated user runs a Legion process a certificate confirming his or her identify is passed along to verify that this person has permission to run the process. This certificate is created and signed by your AuthenticationObject.


Using legion_loginmore about legion_login
creating new user ids
You need a user id before you can log in. Ask your system administrator to create one for you, if necessary. You log in with the legion_login command. The system will request your password and verify your identity and your security privileges.

There are two ways to use the legion_login command.

  1. You can use it to log in: run the command with your user id or with no arguments at all. The legion_login process will put you in a new sub-shell, and will continue to run. Any processes that you start from within this shell will be accompanied by a copy of your AuthenticationObject's certificate. This method is explained in more detail below.

    To log in with the user id bob, enter:

    $ legion_login /users/bob
    Password: xxxx
    $

    Or, you can run legion_loginwith no parameters, if you prefer:

    $ legion_login 
    Legion login: /users/bob
    Password: xxxx
    $

    Notice that in both cases you need to use the full path name (/users/bob). To exit from bob's shell, type exit:

    $ exit
    exit
    $

    Objects created in your shell will be owned by you and only you will be able to use them.

  2. Or, instead of starting a sub-shell you can use legion_login with the -e flag to execute a specific command with your log in privileges. This option uses your AuthenticationObject to certify your identity for only that specific process (this is similar to the behavior of Unix rsh).

    For example, to use legion_login to execute legion_cat on object bob, enter:

    $ legion_login /users/nemo -e legion_cat -c /home/nemo/bob
    Password: xxxx
    Bob's here.
    $

Checking your log in status
If you can't remember whether or not you are logged in or which user id you are using, run the legion_whoami command. Your output will look something like this:
$ legion_whoami
/users/nemo
$
This means that you are logged in as user nemo. If you are not logged in or your system administrator has not enabled security there will be no output.

While logged in, you can change your password and other parameters of your environment. The password may be changed with the legion_passwd command. Note that you must include your user name:

$ legion_passwd /users/nemo
New Legion password: xxxx
Retype new password: xxxx
Password changed.
$