irods OSauth - UPPMAX/irods GitHub Wiki

Enable OSauth in iRODS on u5.

• Documentation on iRODS.org

Edit: :

iRODS/config/config.mk

Delete # on the line: :

OS_AUTH = 1

and set the path of the key file (e.g. /opt/iRODS/config/irods.key) : :

ifdef OS_AUTH
OS_AUTH_KEYFILE = /opt/iRODS/config/irods.key
endif

run ./irodssetup in irods main folder to make the new OS auth enable irods.

Generate a key file for example: :

dd if=/dev/random of=irods.key bs=1024 count=2

(Type "irods.key" as location, and leave passphrase blank)

Change the persmission of the secret key file: :

chmod 400 iRODS/config/irods.key

Make the binary executable and "setuid": :

chmod 4755 iRODS/clients/icommands/bin/genOSAuth

Users set their irodsAuthScheme variable in their .irodsEnv file (or in their environment) to 'OS' or 'os'. (We need to figure out a procedure to make this for the users)

Create user with the same name as OS/LDAP with iadmin mkuser. (No need to create any password!)