How To Add New Cluster User

From Biowiki
Jump to: navigation, search


How to add a new user to all nodes on the Babylon Cluster

This procedure is terrible and needs to be wrapped up in scripts. Volunteers?


User IDs (UIDs) start at 501 and get incremented by 1 for each new user.

People who actually work in the Holmes lab should be part of the holmeslab group (GID 500).

Make sure UIDs/GIDs are the consistent across all nodes! If you don't, this will wreak havoc and confusion for Sun Grid Engine and the NFS.

Add user to lorien

Everyone's home dir is on the NFS, so we have to create the user on the NFS server first, which will also create their home dir.

Log in to the node.

ssh root@lorien

What is the UID of the last user added?

tail /etc/passwd

Add the user (let's say the next free UID is 555). This will also create the user's group with the same name/GID as the username/UID, make the user part of that group, and add the user to the holmeslab group.

useradd -u 555 -G holmeslab -d /nfs/users/NEWUSERNAME -m NEWUSERNAME
# enter the user's password

If something goes wrong, delete the user and start over.

userdel -r NEWUSERNAME

Add user to garibaldi and sheridan

garibaldi and sheridan don't have passwordless SSH access.

The procedure is the same as for lorien, except that:

  1. We don't need to tell useradd to create the home dir.
  2. We don't need to ask the user to enter their password because we have their password hash from lorien, so we can use that.

Extract the password hash from lorien, and supply it to useradd on the other machines:

grep ^NEWUSERNAME /etc/shadow | cut -d: -f2 | ssh garibaldi 'useradd -u 555 -G holmeslab -d /nfs/users/NEWUSERNAME -p "$(cat)" NEWUSERNAME'
grep ^NEWUSERNAME /etc/shadow | cut -d: -f2 | ssh sheridan 'useradd -u 555 -G holmeslab -d /nfs/users/NEWUSERNAME -p "$(cat)" NEWUSERNAME'

Now we don't need to run the passwd command!

Add user to sinclair, if desired

Same procedure as for garibaldi and sheridan. This is only for genome browser people.

Add user to remaining nodes

Log in to the only node on the cluster where root has ssh-agent set up.

ssh sheridan

Run ssh-agent as root. This will give us passwordless SSH login into all cluster nodes (except garibaldi and sheridan).

su -
eval `ssh-agent -s`
# enter the extremely complicated super-secret passphrase

The next steps require that you have a file called hostnames that has all the host names in it. For nodes that were part of the cluster as of Nov 15, 2007, this file can be found in /nfs/users/avu/hostnames. If anything about the cluster changes, make sure you use the correct host name list! Also, make sure all nodes in the list are addressable by name (e.g. commands like ping HOSTNAME must work, so the host must be in /etc/hosts or some such).

Now, we iterate through all the hosts, running the user add commands on each. These are exactly the same as for adding a user to garibaldi or sinclair.

for i in $(cat ~avu/hostnames); do grep ^NEWUSERNAME /etc/shadow | cut -d: -f2 | ssh $i 'useradd -u 555 -G holmeslab -d /nfs/users/NEWUSERNAME -p "$(cat)" NEWUSERNAME'; done


-- Created by: Andrew Uzilov on 15 Nov 2007