chuser

6.2.4.2 chuser

Change attributes of a user, or upload API keys.

Purpose

The chuser command allows you to change an attribute for an existing Exascale user, or manage API keys for a user.

Syntax

chuser user-ID [ --attributes attribute=value[,attribute=value]... ]
       [ --privilege privileges ] [ --public-key-file1 public-key ] 
       [ --public-key-file2 public-key ] [ --public-key-file3 public-key ] 
       [ --rm-public-key1 ] [ --rm-public-key2 ] [ --rm-public-key3 ]

Command Options

The options for the chuser command are:

user-ID: Identifies the unique user ID for the user that is the subject of the operation. You can use the lsuser command to find the ID for each user.
--attributes: Optionally specifies values for attributes of the user.

Use the describe chuser command to see details about the user attributes you can change. See also Describing Resources and Attributes.
--privilege: Changes the user's privileges. The privileges value is a list of one or more privileges of the form [+|-]privilege-1|privilege-2|....

A privilege is one of the following: no_privilege, cellsrv, egs, ers, syseds, usreds, bsm, bsw, ms, vlt_manage, vlt_use, vlt_read, vlt_inspect, cl_admin, cl_operator, cl_monitor, on_behalf_of, user_create, system_restore, rest_vault_client, rest_volume_client. For descriptions, see Cluster Level Privileges.

no_privilege cannot be combined with any other type of privileges, otherwise an error is returned.

Vault top-level privileges (vlt_manage, vlt_use, vlt_read, and vlt_inspect) are mutually exclusive. If any two or more are combined, an error is returned.

Cluster privileges (cl_admin, cl_operator, and cl_monitor) are mutually exclusive. If any two or more are combined, an error is returned.

An optional plus sign (+) at the beginning of the privilege string indicates that the specified privileges are added to the user's existing privileges. An optional minus sign (-) at the beginning of the privilege string indicates that the specified privileges are removed from the user's existing privileges. Otherwise, the user's existing privileges are overwritten by the specified privileges.
--public-key-file1: Uploads a public key in slot 1.
--public-key-file2: Uploads a public key in slot 2.
--public-key-file3: Uploads a public key in slot 3.
--rm-public-key1: Deletes the public key in slot 1.
--rm-public-key2: Deletes the public key in slot 2.
--rm-public-key3: Deletes the public key in slot 3.

Examples

Example 6-29 Change the Name of a User

In this example, the name of the specified user is changed to SCOTTY.

@> chuser 59f6dce4-5687-4728-8751-acfe99089be2 --attributes name=SCOTTY

Example 6-30 Assign the Vault Top-Level Read Privilege to a User

In this example, the vault top-level read privilege is assigned to the specified user.

@> chuser 59f6dce4-5687-4728-8751-acfe99089be2 --privilege vlt_read

Example 6-31 Upload a Public Key for a User

In this example, the public key contained in the file new-pub.pem is uploaded into public key slot 1 for the specified user.

@> chuser 59f6dce4-5687-4728-8751-acfe99089be2 --public-key-file1 new-pub.pem

Example 6-32 Delete a Public Key Associated With a User

In this example, the key in public key slot 1 is deleted for the specified user.

@> chuser 59f6dce4-5687-4728-8751-acfe99089be2 --rm-public-key1

Parent topic: Security and User Management