.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "ONEUSER" "1" "March 2015" "" "oneuser(1) -- manages OpenNebula users"
.
.SH "NAME"
\fBoneuser\fR - manages OpenNebula users
.
.SH "SYNOPSIS"
\fBoneuser\fR \fIcommand\fR [\fIargs\fR] [\fIoptions\fR]
.
.SH "OPTIONS"
.
.nf

 \-r, \-\-read\-file           Read password from file
 \-\-sha1                    The password will be hashed using the sha1
                           algorithm
 \-\-ssh                     SSH Auth system
 \-\-x509                    x509 Auth system for x509 certificates
 \-k, \-\-key path_to_private_key_pem Path to the Private Key of the User
 \-c, \-\-cert path_to_user_cert_pem Path to the Certificate of the User
 \-\-driver driver           Driver to autehnticate this user
 \-a, \-\-append              Append new attributes to the current template
 \-\-x509_proxy              x509 Auth system based on x509 proxy certificates
 \-\-proxy path_to_user_proxy_pem Path to the user proxy certificate
 \-\-time x                  Token duration in seconds, defaults to 36000 (10
                           h)\. To reset the token set time to 0\.To generate
                           a non\-expiring token use \-1 (not valid for ssh
                           and x509 tokens)\.
 \-\-force                   Force one_auth file rewrite
 \-l, \-\-list x,y,z          Selects columns to display with list command
 \-d, \-\-delay x             Sets the delay in seconds for top command
 \-f, \-\-filter x,y,z        Filter data\. An array is specified with
                           column=value pairs\.
 \-\-csv                     Write table in csv format
 \-x, \-\-xml                 Show the resource in xml format
 \-n, \-\-numeric             Do not translate user and group IDs
 \-\-describe                Describe list columns
 \-v, \-\-verbose             Verbose mode
 \-h, \-\-help                Show this message
 \-V, \-\-version             Show version and copyright information
 \-\-user name               User name used to connect to OpenNebula
 \-\-password password       Password to authenticate with OpenNebula
 \-\-endpoint endpoint       URL of OpenNebula xmlrpc frontend
.
.fi
.
.SH "COMMANDS"
.
.IP "\(bu" 4
create \fIusername\fR [\fIpassword\fR] Creates a new User Examples: oneuser create my_user my_password oneuser create my_user \-r /tmp/mypass oneuser create my_user \-\-ssh \-\-key /tmp/id_rsa oneuser create my_user \-\-ssh \-r /tmp/public_key oneuser create my_user \-\-x509 \-\-cert /tmp/my_cert\.pem valid options: read_file, sha1, ssh, x509, key, cert, driver
.
.IP "\(bu" 4
update \fIuserid\fR [\fIfile\fR] Update the template contents\. If a path is not provided the editor will be launched to modify the current content\. valid options: append
.
.IP "\(bu" 4
quota \fIuserid\fR [\fIfile\fR] Set the quota limits for the user\. If a path is not provided the editor will be launched to modify the current quotas\.
.
.IP "\(bu" 4
batchquota \fIrange|userid_list\fR [\fIfile\fR] Sets the quota limits in batch for various users\. If a path is not provided the editor will be launched to create new quotas\.
.
.IP "\(bu" 4
defaultquota [\fIfile\fR] Sets the default quota limits for the users\. If a path is not provided the editor will be launched to modify the current default quotas\.
.
.IP "\(bu" 4
umask \fIrange|userid_list\fR [\fImask\fR] Changes the umask used to create the default permissions\. In a similar way to the Unix umask command, the expected value is a three\-digit base\-8 number\. Each digit is a mask that disables permissions for the owner, group and other, respectively\.
.
.IP "" 4
.
.nf

If mask is not given, or if it is an empty string, the umask will
be unset
.
.fi
.
.IP "" 0

.
.IP "\(bu" 4
login \fIusername\fR Creates the login token for authentication\. The token can be used together with any authentication driver\. The token will be stored in $HOME/\.one/one_auth, and can be used subsequently to authenticate with oned through API, CLI or Sunstone\.
.
.IP "" 4
.
.nf

Example, request a valid token for a generic driver (e\.g\. core auth, LDAP\.\.\.):
  oneuser login my_user \-\-time 3600

Example, generate and set a token for SSH based authentication:
  oneuser login my_user \-\-ssh \-\-key /tmp/id_rsa \-\-time 72000

Example, same using X509 certificates:
  oneuser login my_user \-\-x509 \-\-cert /tmp/my_cert\.pem
                        \-\-key /tmp/my_key\.pk \-\-time 72000

Example, now with a X509 proxy certificate
  oneuser login my_user \-\-x509_proxy \-\-proxy /tmp/my_cert\.pem
                        \-\-time 72000
valid options: ssh, x509, x509_proxy, key, cert, proxy, time, force
.
.fi
.
.IP "" 0

.
.IP "\(bu" 4
key DEPRECATED, use login to generate auth files\.
.
.IP "" 4
.
.nf

Shows a public key from a private SSH key\. Use it as password
for the SSH authentication mechanism\.
valid options: key
.
.fi
.
.IP "" 0

.
.IP "\(bu" 4
delete \fIrange|userid_list\fR Deletes the given User
.
.IP "\(bu" 4
passwd \fIuserid\fR [\fIpassword\fR] Changes the given User\'s password valid options: read_file, sha1, ssh, x509, key, cert, driver
.
.IP "\(bu" 4
chgrp \fIrange|userid_list\fR \fIgroupid\fR Changes the User\'s primary group
.
.IP "\(bu" 4
addgroup \fIrange|userid_list\fR \fIgroupid\fR Adds the User to a secondary group
.
.IP "\(bu" 4
delgroup \fIrange|userid_list\fR \fIgroupid\fR Removes the User from a secondary group
.
.IP "\(bu" 4
chauth \fIuserid\fR [\fIauth\fR] [\fIpassword\fR] Changes the User\'s auth driver and its password (optional) Examples: oneuser chauth my_user core oneuser chauth my_user core new_password oneuser chauth my_user core \-r /tmp/mypass oneuser chauth my_user \-\-ssh \-\-key /home/oneadmin/\.ssh/id_rsa oneuser chauth my_user \-\-ssh \-r /tmp/public_key oneuser chauth my_user \-\-x509 \-\-cert /tmp/my_cert\.pem valid options: read_file, sha1, ssh, x509, key, cert, driver
.
.IP "\(bu" 4
list Lists Users in the pool valid options: list, delay, filter, csv, xml, numeric, describe
.
.IP "\(bu" 4
show [\fIuserid\fR] Shows information for the given User valid options: xml
.
.IP "\(bu" 4
encode \fIusername\fR [\fIpassword\fR] Encodes user and password to use it with ldap
.
.IP "" 0
.
.SH "ARGUMENT FORMATS"
.
.IP "\(bu" 4
file Path to a file
.
.IP "\(bu" 4
range List of id\'s in the form 1,8\.\.15
.
.IP "\(bu" 4
text String
.
.IP "\(bu" 4
groupid OpenNebula GROUP name or id
.
.IP "\(bu" 4
userid OpenNebula USER name or id
.
.IP "\(bu" 4
userid_list Comma\-separated list of OpenNebula USER names or ids
.
.IP "\(bu" 4
password User password
.
.IP "" 0
.
.SH "LICENSE"
OpenNebula 4\.12\.3 Copyright 2002\-2015, OpenNebula Project (OpenNebula\.org), C12G Labs
.
.P
Licensed under the Apache License, Version 2\.0 (the "License"); you may not use this file except in compliance with the License\. You may obtain a copy of the License at http://www\.apache\.org/licenses/LICENSE\-2\.0