With the user commands, the HSM Appliance admin can create (add) additional named users and assign them roles of greater or lesser capability on the system. The admin can also lock (disable), unlock (enable) such accounts, set/reset their passwords, or delete them entirely, as needed.
Users without the "admin" role cannot execute any "user" command, even to change their own password. They should use my password set command to change their own password.
The current implementation creates named users that are separate from the roles that those users can hold. The purpose is to allow administrators to assign any of the roles to multiple people, to allow logged tracking, by name, of the actions of each user in a given role (this was not possible previously when the role was the user, and only one of each could exist).
| Name | (short) | Description |
|---|---|---|
| add | a | Add Luna Shell user |
| delete | de | Delete a named Luna Shell user |
| list | l | List the Luna Shell user accounts |
| enable | e | Enable a locked Luna Shell user (with whatever roles are assigned to that user) |
| disable | di | Disable a Luna Shell user (but the user still exists with role(s) assigned |
| password | p | Set User Password |
| role | ro | > User Role Commands |