Base Users Guide: 
| ||
|---|---|---|
| Prev | Appendix C. 411 Secure Information Service Internals | Next |
411get [--all] [--master=url] [--conf] [--pub] [--shared] [--local] [file] |
Retrieves and decrypts 411 messages. Prints resulting file to stdout. When invoked with no files, 411get will list the available 411 messages.
The following options are available:
--all Retrieves and writes all available 411 messages from the most attractive master. Does not print output to stdout, nor ask for confirmation before overwriting files.
--master The url of a 411 master server to use. Defaults to "http://10.1.1.1:372/411.d/" or whatever is present in "/etc/411.conf". If given, this master takes precedence over those listed in the configuration file.
--file, --local Assume the file is local, ie present in the current directory. Does not use http to retrieve the file. Decrypts and prints the file contents.
--conf The configuration file to use. Defaults to "/etc/411.conf".
--pub The location of the cluster public RSA key. Defaults to /etc/411-security/master.pub.
--shared The location of the cluster shared key. Defaults to /etc/411-security/shared.key
The master servers, along with their quality score, are listed in the /etc/411.conf file on compute nodes.
411put [--411dir=dir] [--urldir=dir] [--see] [--noalert] [--alert=channel] [--411name] [--pub] [--priv] [--comment=char] [--chroot=dir] [--chroot-here] [--group=group] file1 file2 ... |
Encrypts and publishes files using the 411 secure information service. Will send a broadcast message to client nodes by default, alerting them of a changed file.
The following options are available:
--chroot=dir Turn "dir" into the root directory of the destination file. This allows files to be located in a different place on the master and clients.
Example: 411put --chroot=/var/411/groups/compute /var/411/groups/compute/etc/passwd |
Will put "/var/411/groups/compute/etc/passwd" on compute nodes as "/etc/passwd".
--chroot-here A convenience option, equivalent to --chroot=$PWD.
--group=name A 411 group for this file. Clients will ignore 411 messages in groups which they are not a part of. Allows 411 files to be published to a subset of the cluster. Name is path-like: "Compute/green", or "/Compute/green". Spaces are ok: "a space/yellow" is a valid group name as well.
--comment The comment character for this file. Used to place a descriptive header without disrupting normal operations. Often set to "#". Default is none.
--411dir The local directory to place encrypted 411 messages. Defaults to "/etc/411.d/". Be careful about the permissions of this directory.
--urldir The web directory where 411 messages are available. Defaults to "/411.d/".
--see Shows the encrypted file contents on stdout.
--noalert Suppresses alert message.
--411name Prints the 411 message name for the file. Provided for convenience.
--pub The location of the 411 master public RSA key. Defaults to a 1024 bit key in "/etc/411-security/master.pub". This file should have permissions 0444 (read by all) and be owned by root.
--priv The location of the 411 master private RSA key. Defaults to a 1024 bit key in "/etc/411-security/master.key". This file should exist only on the master node and be owned by root and have permissions 0400 (read only by root).
--make-shared-key Generate a new random shared key. The key is a 256 random number encoded in base64.