CLI 用户配置示例

要显示 CLI 用户和角色界面，可按照以下示例将 NIS 用户 "brendan" 添加到系统中，并授予重新启动 HTTP 服务的权限。其中包括创建该授权对应的角色。

首先创建称为 "webadmin" 的角色：

caji:> configuration roles
caji:configuration roles> role webadmin
caji:configuration roles webadmin (uncommitted)> set
   description="web server administrator" 
                   description = web server administrator (uncommitted)
caji:configuration roles webadmin (uncommitted)> commit
caji:configuration roles> show
Roles:

NAME             DESCRIPTION
basic            Basic administration
webadmin         web server administrator

我们已创建 "webadmin" 角色，现在将添加重新启动 HTTP 服务的授权。本示例还显示了 Tab 补齐功能的输出，其中列出了有效的输入，这在确定有效的范围和过滤器选项时非常有用：

caji:configuration roles> select webadmin
caji:configuration roles webadmin> authorizations
caji:configuration roles webadmin authorizations> create
caji:configuration roles webadmin auth (uncommitted)> set scope=tab 
ad           cluster      net          schema       update       
alert        hardware     replication  stat         user         
appliance    nas          role         svc          worksheet    
caji:configuration roles webadmin auth (uncommitted)> set scope=svc
                         scope = svc
caji:configuration roles webadmin auth (uncommitted)> show
Properties:
                         scope = svc
                       service = *
              allow_administer = false
               allow_configure = false
                 allow_restart = false

caji:configuration roles webadmin auth (uncommitted)> set service=tab 
*               ftp             ipmp            nis             ssh
ad              http            iscsi           ntp             tags
smb            identity        ldap            routing         vscan
datalink:igb0   idmap           ndmp            scrk            
dns             interface:igb0  nfs             snmp            
caji:configuration roles webadmin auth (uncommitted)> set service=http
                       service = http (uncommitted)
caji:configuration roles webadmin auth (uncommitted)> set allow_restart=true
                 allow_restart = true (uncommitted)
caji:configuration roles webadmin auth (uncommitted)> commit
caji:configuration roles webadmin authorizations> list
NAME       OBJECT                               PERMISSIONS
auth-000   svc.http                             restart

现在即已创建角色，接下来可进入用户部分来创建用户 "brendan" 并分配角色 "webadmin"：

caji:configuration roles webadmin authorizations> cd ../../..
caji:configuration> users
caji:configuration users> netuser brendan
caji:configuration users> show
Users:

NAME                     USERNAME                 UID        TYPE
Brendan Gregg            brendan                  130948     Dir
Super-User               root                     0          Loc

caji:configuration users> select brendan
caji:configuration users brendan> show
Properties:
                       logname = brendan
                      fullname = Brendan Gregg
              initial_password = *************
            require_annotation = false
                         roles = basic
                    kiosk_mode = false
                  kiosk_screen = status/dashboard

Children:
                       exceptions => Configure this user's exceptions
                      preferences => Configure user preferences
caji:configuration users brendan> set roles=basic,webadmin
                         roles = basic,webadmin (uncommitted)
caji:configuration users brendan> commit

用户 "brendan" 现在应该可以使用其 NIS 密码登录，并可在设备上重新启动 HTTP 服务。