spear AFS Account

The spear AFS account is used to start/kill standalone processes on connie and beldar including PV gateway, ALH, iocLogMsgServer, Channel Watcher, iocConsole, and Unix soft IOCs. This account is "password-less" to prevent password-sharing. For more detail on SSH and AFS at SLAC, see Secure Shell (SSH) at SLAC, SSH and Shared Accounts, and the SLAC AFS Users' Guide.

Adding a New AFS User

The owner of the spear account Stephanie or Ken must: The new user can now ssh into the spear account without entering a password. From unix:
ssh -l spear <connie, beldar, remulak>
If you are unable to ssh into the spear account, check that your AFS token is valid. To obtain an AFS token, type kinit if it's been over 24 hours since the your last login. Also, once you ssh as spear, you retain your own token and not a spear token (ie, any files created in spear space will be owned by you, not spear).

Allowing a New User to Login to a SPEAR AFS Unix Machine

Stephanie or Ken enters the following command on a slac public machine:
/usr/local/bin/netgroup_adm adduser -group u-spear-servers -user <user_name>
Wait up to 30 minutes to see the change take effect. To see the current list of allowed users, login to a slac public machine like rhel6-64 and enter:
netgroup u-spear-servers

SPEAR EPICS | EPICS Home | SPEAR Home | ICD Home | SPEAR Sharepoint | SSRL Computing/Networking | SSRL Home | SLAC Computing | SLAC Networking | SLAC Home

Contact: Stephanie Allison
Last Modified: Aug 27, 2015