Logging into a running Legion system


About the AuthenticationObject
A user who logs in to a Legion system (with a user id) is identified by the LOID of a special object called the AuthenticationObject: this LOID contains the user's password, initial implicit parameters (the Legion equivalent of a the Unix "environment"), and other information. The utilities legion_passwd, legion_set_implicit_params, legion_set_acl, legion_get_implicit_params, and legion_get_acl, can be used to retrieve or change this information. When an authenticated user runs a process, a certificate confirming his or her identify is passed along to verify that the user has permission to run the process. This certificate is created and signed by the user's AuthenticationObject.

AuthenticationObjects must be permanent in order to be useful. If an AuthenticationObject is destroyed, its associated LOID, which identifies the user to the rest of the system, is lost. There is no way to generate an identical LOID for a new AuthenticationObject.


More about legion_initialize_users
Enter the command
$ legion_initialize_users
This step should be done only once. It will create the AuthenticationObject class, which remain in the system. The output of the command will look something like this:
$ legion_initialize_users
Creating AuthenticationObject class and implementation
Created class with LOID 1.01.69000000..000001fc0b11...
Transferred 1065216 bytes
Registering with /class/AuthenticationObjectClass
Setting architecture to linux
$
This means that the AuthenticationObject class has been created and assigned a LOID, and that its context name has been added to (registered with) the class context.