maprlogin Command Syntax
Describes the different arguements and options for the maprlogin command line tool.
The /opt/mapr/bin/maprlogin
command line tool enables users to log into
secure MapR clusters. Users authenticate themselves to the cluster with a maprticket
that
can be generated in the following ways:
- Run
maprlogin password
to authenticate with username and password. - Run
maprlogin generateticket
to request a service or cross-cluster ticket for use by an external application or user account (based on the current user's ticket). - Run
maprlogin kerberos
after generating a Kerberos ticket with thekinit
command.
For more details about different ways to generate tickets, see Tickets.
Argument or Option |
Description |
Default |
---|---|---|
|
Simulates runtime behavior during authentication. |
N/A |
|
Name of the cluster to log into. |
First cluster name in the |
|
Length of time before the ticket expires, specified in one of the following formats:
Password-generated tickets are bounded by the CLDB duration and renewal properties that are set for the cluster:
For password-generated tickets, if See config. NOTE: The
service , servicewithimpersonation ,
and crosscluster tickets may have a very long lifetime;
their duration is not bounded by these properties. For service and crosscluster
tickets, the default value is LIFETIME. |
|
generateticket
|
Generates a service ticket for another user or application. The user who
runs the maprlogin command with this option must already have
a user ticket and must have fc (full control) ACL
authorization on the cluster. See acl set. |
N/A |
|
Indicates the presence of a Kerberos ticket. |
N/A |
-out
|
A safe directory location where the ticket will be stored. Can be used with
You must specify a location when generating service tickets. (This requirement ensures that other tickets are not overwritten.) |
(default applies to non-service tickets only) |
|
The user's UNIX password. |
N/A |
|
Prints ticket of any type and contains information including the cluster
name, the user ID, the date when the ticket was created, the ticket
expiration date, and whether user can impersonate other users. In the
service tickets, the value for |
N/A |
renew
|
Renews the ticket, given a duration that does not cause the ticket to exceed its
maximum lifetime. The original |
N/A |
|
Total lifetime of the ticket, specified in one of the following formats:
If NOTE: Service and crosscluster tickets are not bounded by these properties.
For example, assume that the
The ticket will expire after 30 days unless it is renewed. If a Using the same example, if you renew a ticket on the 29th day of its life, you can renew it for up to 61 days. You can renew a ticket incrementally, for some number of days at a time, as long as you do not exceed the original renewal value. |
2592000 seconds (30 days)
|
-ticketfile |
Optional with print and renew commands.
Specifies the path to ticket file, if different from default. If this is not
specified, the command looks for the ticketfile
(maprticket_<uid> ) in the default location, which is
/tmp on Linux and %TEMP% on Windows
systems or in the location specified by the environment variable,
$MAPR_TICKETFILE_LOCATION . |
|
-type
|
Required ticket type for the
|
No default; -type must be set in the
maprlogin generateticket command. |
|
UNIX user name on the MapR cluster. For
|
|