Generating a HPE Ezmeral Data Fabric User Ticket
Describes what a user ticket is, and how to generate a user ticket.
A user ticket file is stored in /tmp
and can only be read by that user. To
generate a HPE Ezmeral Data
Fabric user ticket, run the following command:
maprlogin password
This command prompts for the user's password, then generates a HPE Ezmeral Data Fabric user ticket
associated with the UNIX user ID. By default, tickets on Linux systems are
generated in the /tmp
directory and are named in the form
maprticket_<UID>
. Tickets on Windows systems are generated in the
%TEMP%/
directory and are named in the form
maprticket_<username>
. To change the default location, change the value of the
MAPR_TICKETFILE_LOCATION
environment variable.
mapr
user can impersonate any user, including
user root
.maprlogin print
command, with the ticket file, to see when
the ticket expires. You can renew the ticket until the renewal date
mentioned.To illustrate a typical work flow, suppose a user wants to access two clusters, cluster1
and cluster2. During this session, a user logs in as root
to
cluster1, gets a HPE Ezmeral
Data Fabric user ticket, and displays the ticket contents with the
maprlogin print
command.
root@qa-node113:~/SecurityInstall# maprlogin password
[Password for user 'root' at cluster 'cluster1': ]
MapR credentials of user 'root' for cluster 'cluster1' are written to '/tmp/maprticket_0'
root@qa-node113:~/SecurityInstall#
First Ticket for Cluster 1
root@qa-node113:~/SecurityInstall# maprlogin print
Opening keyfile /tmp/maprticket_0
qasecurity1: user = root, created = 'Wed Sep 11 14:19:02 PDT 2013', expires = 'Wed Sep 25 14:19:02 PDT 2013', RenewalTill = 'Fri Oct 11 14:19:02 PDT 2013', uid = 0, gids = 0, 42
root@qa-node113:~/SecurityInstall#
Now the root
user logs in to cluster2. The maprlogin
command returns a ticket for cluster2. This ticket is stored in the common ticket file.
Commands now have access to both tickets.
root@qa-node113:/opt/mapr/conf# maprlogin password -cluster cluster2
[Password for user 'root' at cluster 'cluster2': ]
MapR credentials of user 'root' for cluster 'cluster2' are written to '/tmp/maprticket_0'
Showing Tickets for both Clusters
root@qa-node113:/opt/mapr/conf# maprlogin print
Opening keyfile /tmp/maprticket_0
qasecurity1: user = root, created = 'Thu Sep 12 11:07:54 PDT 2013', expires = 'Thu Sep 26 11:07:54 PDT 2013', RenewalTill = 'Sat Oct 12 11:07:54 PDT 2013', uid = 0, gids = 0, 42
qasecurity2: user = root, created = 'Thu Sep 12 15:20:49 PDT 2013', expires = 'Thu Sep 26 15:20:49 PDT 2013', RenewalTill = 'Sat Oct 12 15:20:49 PDT 2013', uid = 0, gids = 0, 500
root@qa-node113:/opt/mapr/conf#