Logging in to a running Legion system
Table of Contents
Other relevant on-line documents:
The Legion tutorials offer quick and simple instructions for various key procedures for a Legion system. More complete explanations of all of the procedures discussed here are available on separate pages, and can be found by clicking on the icon.
Depending on how your system is set up, you may need to set up your access to your system before you can run Legion commands. This will probably involve running a command such as this:
$ . ~legion/setup.sh
The exact syntax will depend on what kind of shell you are using and where your Legion files are installed (i.e., the value of ~legion will depend on your individual Legion net). Consult your system administrator for more information.
$ source ~legion/setup.csh
- Legion comes with security features that can be enabled or not, as appropriate to your system. If your system adminstrator chooses to use them, they will be enabled when the system is first initialized. In a secured system all users must have a user id and must log in before starting to work. Your system's log in procedure may differ from what is described here: please see your system administrator for exact instructions. The default system requires that all users have user ids and passwords. This allows Legion to keep track of your objects and to know what kind of user privileges you have. It also prevents malicious users from interfering with your objects or gaining illicit access to your system.
- When you log in to a Legion system you are identified by a special object called the AuthenticationObject: this object contains your password, initial implicit parameters (the Legion equivalent of a the Unix "environment"), and other information. AuthenticationObjects are created when you create a user id. When an authenticated user runs a Legion process a certificate confirming his or her identify is passed along to verify that this person has permission to run the process. This certificate is created and signed by your AuthenticationObject.
- You need a user id before you can log in. Ask your system administrator to create one for you, if necessary. You log in with the legion_login command. The system will request your password and verify your identity and your security privileges.
There are two ways to use the legion_login command.
- You can use it to log in: run the command with your user id or with no arguments at all. The legion_login process will put you in a new sub-shell, and will continue to run. Any processes that you start from within this shell will be accompanied by a copy of your AuthenticationObject's certificate. This method is explained in more detail below.
To log in with the user id bob, enter:
$ legion_login /users/bob
Or, you can run legion_loginwith no parameters, if you prefer:
Legion login: /users/bob
Notice that in both cases you need to use the full path name (/users/bob). To exit from bob's shell, type exit:
Objects created in your shell will be owned by you and only you will be able to use them.
- Or, instead of starting a sub-shell you can use legion_login with the -e flag to execute a specific command with your log in privileges. This option uses your AuthenticationObject to certify your identity for only that specific process (this is similar to the behavior of Unix rsh).
For example, to use legion_login to execute legion_cat on object bob, enter:
$ legion_login /users/nemo -e legion_cat -c /home/nemo/bob
- If you can't remember whether or not you are logged in or which user id you are using, run the legion_whoami command. Your output will look something like this:
- This means that you are logged in as user nemo. If you are not logged in or your system administrator has not enabled security there will be no output.
While logged in, you can change your password and other parameters of your environment. The password may be changed with the legion_passwd command. Note that you must include your user name:
$ legion_passwd /users/nemo
New Legion password: xxxx
Retype new password: xxxx