Home > Veritas Cluster Server Manual Pages

HALOGIN (1M)

Maintenance Commands

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
FILES

NAME

halogin - utility that enables users to authenticate themselves in secure or non-secure VCS environments for the purpose of executing VCS commands

SYNOPSIS

halogin username [password]

halogin -endsession host

halogin -endallsessions

halogin -help

DESCRIPTION

The halogin command line utility provides users the means to authenticate themselves in VCS cluster environments, which may be secure or non-secure. A secure cluster uses Symantec Product Authentication Service utilities, while a non-secure cluster does not.

Once authenticated on a host, VCS grants users authorization to use VCS commands at a predetermined privilege level. The privilege level specifies that a VCS user can perform certain operations (read, write, or execute) on certain objects (systems, groups, or resources).

The halogin command stores the encrypted authentication information in the user's local home directory. The user may enter subsequent haxxx commands without having to login and enter a password until the credential expires.

The Symantec Product Authentication Service utilities combined with the VCS interfaces (the command line and graphical user interfaces) use a hierarchy of brokers to certify VCS users and issue a credential. Short term credentials, called user credentials, last twenty-four hours. Long term credentials, called service credentials, last two years.

VCS user privilege levels include:

Guest: Has read-only access to the configuration, that is, the capability to display and list information.
Operator: Has read-execute access to the configuration, that is, the capability to perform operations to take objects online and offline
Administrator: Has read-write-execute access to the configuration, that is, full access with the capability to change the configuration

Users need to set the following environment variables to enable the use of halogin in a secure environment. In a non-secure environment, only VCS_HOST need be set.

VCS_HOST - set to the name of the host where the VCS engine is running.
VCS_DOMAIN - set to the name of the domain to which the user belongs.
VCS_DOMAINTYPE - set to the type of the VxSS domain to which the user belongs: unixpwd, nt, nis, nisplus, or vx. If this variable is not set, the domain type defaults to "vx".

OPTIONS

username [password]

Log in as username with the password password. The user must have set the appropriate environment variables, depending on whether the cluster runs in a secure or non-secure mode. If password is not supplied, halogin interactively prompts for it.

-endsession host

Delete the halogin session credentials on host where the commands are run.

-endallsessions

Delete halogin session credentials on all hosts.

-help

Display options available for halogin.

FILES

$HOME/.VRTSat - Directory where user credentials are stored (secure cluster environment only).