Home
Altair FlowTracer Administrator Guide
This manual is aimed at the person who will be the administrator for FlowTracer. This person will be responsible for configuring the network resources, setting up the licensing, and establishing security and access rules for the system.
Security
The VOV security model consists of assigning a Security Code to each client or client group (VovUser Group) and granting the permission to execute critical tasks only to clients with the appropriate security level.
Configure Security

Welcome
What's New
View new features for FlowTracer 2025.1.2.
FlowTracer Overview
An advanced mission critical dependency management platform for developing and executing flows.
FlowTracer Tutorials
Discover FlowTracer functionality with interactive tutorials.
Altair FlowTracer User Guide
FlowTracer is a complete system to create, manage, and execute design flows.
Altair FlowTracer Administrator Guide
This manual is aimed at the person who will be the administrator for FlowTracer. This person will be responsible for configuring the network resources, setting up the licensing, and establishing security and access rules for the system.
- FlowTracer Roles
  When using FlowTracer in large deployments, three main roles emerge: Administrator, Developer and User. In smaller organizations, a given person may have multiple roles, but the duties of each role still exist.
- Enable CLI Access on UNIX
  This section explains how to set up a UNIX user's shell environment to have a proper context for the user to run installed Altair Accelerator programs from the command line. The programs that are run from the command line are called the CLI commands.
- Enable CLI Access on Windows
  This section explains how to set up a Window user's command prompt environment to have the proper context for the user to run installed Altair Accelerator programs from the command line. The programs that are run from the command line are called the CLI commands.
- User Interfaces
- Use FlowTracer Help
  FlowTracer documentation is available in HTML and PDF format.
- Projects
- Server Working Directory
  When a project is created, a server working directory (.swd directory) is created to hold configuration and state information about the project.
- Alerts
  VOV issues an "alert" when an event requires attention. An alert can range from information that does not require action to an urgent fault that requires immediate action.
- Manage the Server for a Project
- Security
  The VOV security model consists of assigning a Security Code to each client or client group (VovUser Group) and granting the permission to execute critical tasks only to clients with the appropriate security level.
  - Security Levels
    There are five different security levels.
  - Operations by Security Level
    The VOV security model consists in assigning a Security Code to each client (browser, GUI, CLI) and to grant the permission to execute tasks only to clients with appropriate security level.
  - Protection from DoS Attacks
    The vovserver implements several protections against denial-of-service (DoS) attacks. One of these is the detection of clients that use a relatively large share of the server time. These clients are considered service hogs, and their subsequent service requests can be ignored for up to 3 seconds.
  - Configure Security
  - VovUserGroups
    VovUserGroups are an access control mechanism. They are internally-defined groups of users that are utilized to make the job of allocating access easier within Altair Accelerator tools.
- Taskers
  A tasker is a VOV client that provides computing resources, specifically CPU cycles, to the vovserver.
- Interfaces to Accelerator, SGE, LSF, and Others
  FlowTracer can be used also as a front end to an existing batch processing system (BPS), for example, Accelerator, LSF, SGE, SGEEE, etc.
- Configuration for Elastic Computing
- Configuration for Altair Accelerator
- Configure a Failover Server Replacement
  If a server crashes suddenly, VOV has the capability to start a replacement server on a pre-selected host. This capability requires that the pre-selected host is configured as a failover server.
- Advanced Information
- Multi-User Altair FlowTracer
  FlowTracer now supports a "multi-user" mode of operation, as a Beta feature. In the multi-user mode, many different users can share the same project, in terms of modifying a flow as well as running different compoments of the flow.
- IT Administrator Topics
- Special Issues
- Miscellaneous
Altair FlowTracer Developer Guide

View All Altair Accelerator Help

Configure Security

Altair Accelerator has 4 privilege levels: READONLY, USER, LEADER, ADMIN.

Locate the Security Configuration File: security.tcl

This file is in the server configuration directory, default $VOVDIR/../../vnc/vnc.swd/security.tcl and in the test setup, that is ~/ncadmin/vncdexin.swd/security.tcl.

Example: Least Restrictive Security

The least restrictive security grants everybody full access from any host. This should not be used in production.

# All users (+) are administrators from all hosts (+).
vtk_security + ADMIN +

Alternatively, a VovUserGroup may be utilized, to assign individuals in a group the ADMIN privilege. See the VovUserGroups page for more information on how to set up and administer these groups.

# Members of mygroup are administrators from all hosts (+).
vtk_security -group mygroup ADMIN +

Example: Most Restrictive

# No rule defined gives only the owner of the project ADMIN privileges 
# on the server host.

Example: Typical Case

The following example shows a typical security file, in which different privileges are granted to different users. Also notice the use of variables and VovUserGroups in this example.

In the example, mary is an administrator for any host, and dan is an administrator only for reno and milano. The user pat is a LEADER for her machine elko, and fred has USER privileges for 4 machines listed in the variable $allhosts. Members of the VovUserGroup "operators" have ADMIN rights on $allHosts.

set servers      { reno milano } 
set allhosts     { reno milano elko tahoe } 

vtk_security mary      ADMIN   +
vtk_security john      ADMIN   tahoe
vtk_security dan       ADMIN   $servers
vtk_security pat       LEADER  elko 
vtk_security fred      USER    $allhosts
vtk_security -group operators ADMIN   $allHosts