No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionStorage V100R006C20 Object Storage Service Security Maintenance 03

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Account List

Account List

This section lists the accounts used in the Object Storage Service.

Table 2-1 lists the accounts.

Table 2-1  Account list

Type

Account

Description

Operating system

root

Log in to the operating system as user root for system maintenance.

omuser

Use SSH to remotely log in to the system as user omuser for routine maintenance.

obsbilling

Billing account of the object storage service compatible with Amazon S3 APIs, used to communicate with the billing center.

omsftp
The omsftp account is used to:
  • Export event and quota information from the DeviceManager.
  • Import license file using CLI command.

Operation & Maintenance Tool

admin

Use the default account to log in to the system and implement deployment. After the deployment is complete, log in to the system as the super administrator to expand and upgrade the system.

DeviceManager and CLI

admin

Log in to DeviceManager or CLI using the super administrator admin to manage Object Storage Cluster.

omuser

Log in to DeviceManager or CLI using the administrator omuser to manage Object Storage Cluster.

securityAdmin

Data encryption administrator that can manage key files, including regenerating, backing up, and recovering key files.

NOTICE:
This account exists only when data encryption is enabled during system deployment.

iBMC

root

Manage and maintain the node device.

BIOS

-

Basic input/output system that provides hardware setting and control functions.

GRUB

-

A manager for starting multiple operating systems.

Database

gaussdba

Used to log in to the Cloud_upf database that stores information about accounts and users of the object storage service.

gaussdba

Used to log in to the Cloud_mdc database that stores information about accounts and users of the object storage service.

The internal accounts used in the Object Storage Cluster can only be used to manage the system and cannot be used to log in to the system or change the password, as shown in Table 2-2.

You can log in to the Linux operating system and run the userdel command to delete the account.. However, if the account is deleted, some system functions work incorrectly. Do not perform this operation.
Table 2-2  Internal system account list

System User

Usage

daemon

System account for controlling background processes

nobody

Default anonymous Linux account

messagebus

Account for transmitting messages among system processes

haldaemon

Account for monitoring hardware status changes

sshd

SSHD daemon

postfix

Account for the Postfix service

polkituser

Account for enhancing the permissions of and setting permission policies for non-root users

ntp

Account for Network Time Protocol (NTP)

news

Account used by various news servers and related programs in various modes

dhcpd

Account for the DHCPD service

snasuser

Account for starting internal system processes

qemu

Internal account for virtual machine

obs

Account for internal communication of object storage service

gaussdba

Internal operating system account to run database of object storage service

dnsmasq

Account for virtual component

zabbix

Internal account used by OpsMonitor for monitoring

The object storage service of the Object Storage Cluster has the internal accounts shown in Table 2-3, which are only used to perform internal management.
NOTE:
Internal accounts cannot be deleted.
Table 2-3  Internal accounts of the object storage service

Type

Account

Description

Database

upfdb

Internal communication account of the object storage service database.

Default password: IngS739_H

NOTE:
To change the password, run change system gaussdb_password upfdb on the CLI. The new password is also generated at random.

mdcdb

Internal communication account of the object storage service database.

Default password: IngS739_H

NOTE:
To change the password, run change system gaussdb_password mdcfdb on the CLI. The new password is also generated at random.

Account management interface

Admin

Interface used to manage accounts, certificates, and actions of the object storage service (compatible with Amazon S3 APIs).

NOTE:
The initial AK/SK of the account is generated at random when the system is installed. To change the AK/SK of the account, run change object_storage_compatible_s3_poe_admininfo on the CLI.

Internal communication

SystemUnitedUserId

Account used when the internal module accesses the object storage service.

NOTE:
The initial AK/SK of the account is generated at random when the system is installed. To change the AK/SK of the account, run change object_storage_compatible_s3_poe_accountinfo on the CLI.
Translation
Download
Updated: 2019-02-01

Document ID: EDOC1100016657

Views: 5169

Downloads: 5

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next