Account Management - calab-ntu/gpu-cluster GitHub Wiki

Add Users

Migrate existing users from spartan to tumaz

  1. sudo -i

  2. Copy the whole line that contains the target user from spartan:/etc/passwd and append it to tumaz:/etc/passwd

    don't modify UID and GID!

  3. Copy the whole line that contains the target user from spartan:/etc/shadow and append it to tumaz:/etc/shadow

    don't modify any characters!

  4. Keep NIS database up-to-date and release it to NIS clients

    /usr/lib/yp/ypinit -m
#hit [ctrl]-d 
#hit [y]

  5. Make home directory for migrating user

    mkhomedir_helper <user ID>

  6. Copy name and email of new account to the end of /projectW/job_log/emails

When make home directory (mkhomedir_helper) for migrating user on ubuntu, this function will automatically set up in .bashrc.

# If not running interactively, don't do anything
case $- in
    *i*) ;;
     *) return;;
esac

Directory /etc/skel/ is used to initiate the home directory when a user is first created. So you could modify the /etc/skel/.bashrc directly. By doing so, all new users will not encounter the same issue.

Adding new users

  1. ssh tumaz

  2. sudo -i

  3. Add new coming user with the specified UID†/GID‡

    useradd NewID -m --uid UID --gid GID -c "FullName (Email)"

  4. Set password (under sudo -i)

    passwd NewID

  5. Open tumaz:/etc/passwd and edit environment from sh to bash

  6. Cut the line NewID:x:1003:1004:,,,:/home/tester2:/bin/bash (appear on the last line) and paste it to the proper position. e.g., Master

  7. Add 1 to the number following next† (In this case 1053->1054)

    vim /etc/passwd

  8. Keep NIS database up-to-date and release it to NIS clients

    /usr/lib/yp/ypinit -m
#hit [ctrl]-d 
#hit [y]

  9. Check the ownership for all user on eureka00:/home and tumaz:/home

    eureka $ ls -l /home/NewID
tumaz  $ ls -l /home/NewID

  10. Initiate eureka environment

    su NewID@eureka
sh /work1/shared/eureka/helper_script/ssh_first_time.sh

  11. Set quota (ext4) on tumaz:/home/NewID for new user (do NOT modify the numbers below)
    a. ssh OurLabID@tumaz
    b. sudo -i
    c. setquota -u NewID 1024M 1024M 0 0 /
    d. quota -vs NewID (check)

  12. Add new account information to LDAP server database.

    1. Grep new user information from /etc/passwd: grep [new account] /etc/passwd > new_acc
    2. Convert passwd to ldap file: /usr/share/migrationtools/migrate_passwd.pl ./new_acc > new_acc.ldif
    3. Add new user to LDAP data base: ldapadd -x -W -D "cn=admincalab,dc=tumaz,dc=gpucluster,dc=calab" -f new_acc.ldif
    4. Refresh LDAP informaiton on NASes
      1. eater: Control Panel > Domain / LDAP > LDAP users > Refresh LDAP data
      2. eater: Control Panel > Domain / LDAP > LDAP users > Refresh LDAP data
      3. pacific: Control Panel > Domain / LDAP > LDAP users > Refresh LDAP data

  13. Set quota (btrfs) on ironman:/work1 for new user

    1. Login to ironman DSM
    2. File Station > gpucluster1 > Create > Folder
    3. Name new folder as new user name
    4. root@eureka:chmod 755 /work1/UserName
    5. root@eureka:chown UserName:group /work1/UserName

  14. Set quota (btrfs) on ironman:/work1 for new user

    1. Login to ironman DSM

    2. Control Panel > Domain / LDAP > LDAP users > Choose new user > Edit > Quota
    3. gpucluster1 > 500 G > Apply

  15. Copy name and email of new account to the end of /projectW/job_log/emails

  16. Generate google authenticator key for user

    1. su [New User]
    2. google-authenticator and press enter to apply default settings.
    3. Copy the key and paste to the email for user

  17. Mail to the new user include following content:

    • Server IP and port
    • Account name and password
    • Authentication key

† UID is the number following "next"
Open tumaz:/etc/passwd, then you will see...

###############################################
#  computational astrophysics lab (next 1053) #
###############################################

‡ GID is 1000 if this new coming user is in calab; otherwise, ask Prof. Schive.

Change user UID

  1. @tumaz Modify /etc/passwd
  2. @tumaz Refresh NIS by /usr/lib/yp/ypinit -m > "ctrl-D" > "y"
  3. @tumaz Modify LDAP account node
    1. Create an modify.ldif with content: 
      dn:          cn=tester,dc=tumaz,dc=gpucluster,dc=calab
changeType:  modify
replace:     uidNumber
uidNumber:   [New UID]
    2. ldapmodify -h 127.0.0.1 -W -D "cn=admincalab,dc=tumaz,dc=gpucluster,dc=calab" -f modify_user.ldif
  4. @ironman, eater & pacific Refresh LDAP data in DSM
  5. @eureka & spock Change ownership of user files find /home/[user name] -uid [old uid] -exec chown -h [new uid] {} + ref. https://askubuntu.com/questions/16700/how-can-i-change-my-own-user-id

Change user group

  1. Switch to super user. 
    su
  2. Change user group 
    usermod -g [gid] [user name]
  3. Change group of folders and files belongs to the user 
    chown -R [user name]:[group name] [target folder]

Delete Users

  1. ssh OurLabID@tumaz
  2. sudo -i
  3. Delete user
    1. userdel [username]
    2. /usr//lib/yp/ypinit -m
#hit [ctrl]-d 
#hit [y]
    3. Edit /etc/passwd
  4. Delete user files and directories
    1. @tumaz
      rm -r /home/[username]
    2. @ironman and eater
      1. ssh [OurLabID]@ironman/eater
      2. sudo -i
      3. btrfs subvolume delete [target directory]

SSH access

  1. Edit /etc/ssh/sshd_config 
       # Disable ssh access for all non-root users
   AllowUsers root

   # Allow ssh access to a particular user or group
   AllowUsers user_name

   # Deny ssh access to a particular user or group
   DenyUsers user_name
  2. Restart the ssh daemon 
    systemctl restart sshd

Find support

Back up or Move data to Other place.

  1. Copy files from source path to target. rsync -avh [source] [target] > rsync.rep 2> rsync.error &

  2. Check if there is lost file or directory by using tool wrote in /work1/xuanshan/file_consistancy_check/file_check.sh Replace the target and source path in the file and execute.


Links

⚠️ **GitHub.com Fallback** ⚠️