Home > Veritas Cluster Server Manual Pages


Maintenance Commands

Table of contents


halogin - utility that enables users to authenticate themselves in secure or non-secure VCS environments for the purpose of executing VCS commands


halogin username [password]

halogin -endsession host

halogin -endallsessions

halogin -help


The halogin command line utility provides users the means to authenticate themselves in VCS cluster environments, which may be secure or non-secure. A secure cluster uses Symantec Product Authentication Service utilities, while a non-secure cluster does not.

Once authenticated on a host, VCS grants users authorization to use VCS commands at a predetermined privilege level. The privilege level specifies that a VCS user can perform certain operations (read, write, or execute) on certain objects (systems, groups, or resources).

The halogin command stores the encrypted authentication information in the user's local home directory. The user may enter subsequent commands without having to login and enter a password until the credential expires.

The Symantec Product Authentication Service utilities combined with the VCS interfaces (the command line and graphical user interfaces) use a hierarchy of brokers to certify VCS users and issue a credential. Short term credentials, called user credentials, last twenty-four hours. Long term credentials, called service credentials, last two years.

VCS user privilege levels include:

* Guest:
Has read-only access to the configuration, that is, the capability to display and list information.
* Operator:
Has read-execute access to the configuration, that is, the capability to perform operations to take objects online and offline
* Administrator:
Has read-write-execute access to the configuration, that is, full access with the capability to change the configuration

Users need to set the following environment variables to enable the use of halogin in a secure environment. In a non-secure environment, only VCS_HOST need be set.
set to the name of the host where the VCS engine is running.
set to the name of the domain to which the user belongs.
set to the type of the VxSS domain to which the user belongs: unixpwd, nt, nis, nisplus, or vx. If this variable is not set, the domain type defaults to "vx".


username [password]
Log in as username with the password password. The user must have set the appropriate environment variables, depending on whether the cluster runs in a secure or non-secure mode. If password is not supplied, halogin interactively prompts for it.
-endsession host
Delete the halogin session credentials on host where the commands are run.
Delete halogin session credentials on all hosts.
Display options available for halogin.


$HOME/.VRTSat - Directory where user credentials are stored (secure cluster environment only).

$HOME/.vcspwd - File containing remembered session logins.


Copyright (c) 2008 Symantec.

All rights reserved.

Last updated: 07/03/2008
Copyright ©2009 Symantec Corporation
All rights reserved.