Acquiring and creating accounts on "pilatus"

Background

• pilatus is an SGI Altix 3800. It was originally acquired under the CFI New Opportunities program in 2002/2003 with Arne Storjohann as the Principal Investigator.
• CFI New Opportunities 2003/2004 with Jeff Orchard as Principal Investigator, proposed an expansion of pilatus to bring it to a total of 64 CPUs, 112 gb RAM, 4 tb disk
• CFI New Opportunites 2004/2005 with Kevin Hare as Principal Investigator, has proposed a 32 gb RAM expansion

Requesting an account

• To request an account, a researcher should be a one of members of either of the CFI New opportunities groups, or a collaborator with one of those researchers
  • CFI New Opportunities 2002 Members
  • CFI New Opportunities 2003 Members
  • CFI New Opportunities 2004 Members
• The request should be made to Arne Storjohann or through CSCF Research Support - LawrenceFolland

Creating the account

• authorized CSCF staff will do the following to create the account:
  • login as root on pilatus (ssh as root from cscf.cs)
    • groupadd -g gid userid
    • useradd -m -c "User's Fullname" -u uid -g gid userid
    • This will create a group, user, and home directory for the user.
      • What userid to use? On cscf.cs you can use idregistry Request Type=User userid (or Type=Group) - for the group you must use the long userid
      • If the userid/group do not already exist, then do the following from cscf.cs as root:
        • idregistry require userid
        • idregistry require userid t=g
  • (where userid should be their shortened UWuserid, if on-campus, or something like userid-inst if off-campus, eg: jsmith-wlu for John Smith at Wilfrid Laurier)
  • this will create /home/userid, their own group, and set /bin/bash as the default shell

Setting the password

• when the account is first created (or when a user forgets their password):
  • login as root
  • # passwd userid
  • assign a randomly-generated (preferably) password (Note: the command "apg" can be used on cscf.cs to generate a selection of sample passwords)
  • contact the user, preferably by phone, but email if necessary and tell them the password. Let them know that they should login right away and change the password using the passwd command
    • alternatively - create a file called "pilatus.passwd" in their home directory on the CS core, put the password there and send them email letting them know where to find it. Make sure the file is owned by the user and permissions are 600
  • to access the system, they can do the following:
    • ssh pilatus.cs.uwaterloo.ca -l userid (where userid is the one we assigned)

Changing user information

• if you want to change the full name, use chfn:
  • eg: # chfn -f "Users Fullname - Institution" userid

Add the user to the pilatus mailing list

• We maintain a mailing list for pilatus users, here:
  • https://lists.uwaterloo.ca/mailman/listinfo/pilatus
  • mailing list: pilatus@lists
  • Robyn and Lawrence are administrators for the list, or the user can register themselves, here.

Re-enabling a disabled account

• login as root on pilatus (ssh as root from cscf.cs), eg: for user "userid":

pilatus:~ # chsh -s /bin/bash userid
Changing login shell for userid.
Shell changed.

Passwords from Core CS environment

Simply copying and pasting the encrypted password string into /etc/shadow doesn't work. (In fact, ale will then refuse to acknowledge that user as really existing.) This will have to wait until pilatus is xhiered.

-- LawrenceFolland - 29 Nov 2004