Configure Security

Altair Accelerator has 4 privilege levels: READONLY, USER, LEADER, ADMIN.

Locate the Security Configuration File: security.tcl

This file is in the server configuration directory, default $VOVDIR/../../vnc/vnc.swd/security.tcl and in the test setup, that is ~/ncadmin/vncdexin.swd/security.tcl.

Example: Least Restrictive Security

The least restrictive security grants everybody full access from any host. This should not be used in production.

# All users (+) are administrators from all hosts (+).
vtk_security + ADMIN +

Alternatively, a VovUserGroup may be utilized, to assign individuals in a group the ADMIN privilege. See the VovUserGroups page for more information on how to set up and administer these groups.

# Members of mygroup are administrators from all hosts (+).
vtk_security -group mygroup ADMIN +

Example: Most Restrictive

# No rule defined gives only the owner of the project ADMIN privileges 
# on the server host.

Example: Typical Case

The following example shows a typical security file, in which different privileges are granted to different users. Also notice the use of variables and VovUserGroups in this example.

In the example, mary is an administrator for any host, and dan is an administrator only for reno and milano. The user pat is a LEADER for her machine elko, and fred has USER privileges for 4 machines listed in the variable $allhosts. Members of the VovUserGroup "operators" have ADMIN rights on $allHosts.

set servers      { reno milano } 
set allhosts     { reno milano elko tahoe } 

vtk_security mary      ADMIN   +
vtk_security john      ADMIN   tahoe
vtk_security dan       ADMIN   $servers
vtk_security pat       LEADER  elko 
vtk_security fred      USER    $allhosts
vtk_security -group operators ADMIN   $allHosts