|
|
|
Every user has to acquire
two credentials with the command voms-proxy-init: One from the guidelines and
one from his/her real VO's VOMS server. The existence of _both_ credentials
would be checked at the resource (i.e. LCAS/LCMAPS, edg-java-security etc.)
|
|
Local Centre Authorisation
Service
|
|
|
|
a site-local service to
ensure that local policies are respected.
|
|
/opt/edg/bin/edg-voms-proxy-init:
|
|
Options
|
|
-help, -usage Displays usage
|
|
-version Displays version
|
|
-debug Enables extra debug output
|
|
-q Quiet mode, minimal
output
|
|
-verify Verifies certificate to make
proxy for
|
|
-pwstdin Allows passphrase from stdin
|
|
-limited Creates a limited proxy
|
|
-hours H Proxy is valid for H hours
(default:12)
|
|
-bits
B Number of bits
in key {512|1024|2048|4096}
|
|
-cert
<certfile> Non-standard
location of user certificate
|
|
-key
<keyfile> Non-standard
location of user key
|
|
-certdir
<certdir> Non-standard
location of trusted cert dir
|
|
-out
<proxyfile> Non-standard
location of new proxy cert
|
|
-vo <voname> Specifies a particular VO.
|
|
-novo Doesn't specify a
particular VO (default).
|
|
-voms <voms<:command>> Specify voms server. :command is optional.
|
|
--order <group<:role>> Specify ordering of attributes.
|
|
-vomslife <H> Try to get a VOMS pseudocert valid
for H hours.
|
|
-include <file> Include the contents of the
specified file.
|
|
-conf <file> Read options from <file>.
|
|
-confile <file> Non-standard location of voms server
addresses.
|
|
-userconf <file> Non-standard location of user-defined
voms server ad
|
|
dresses.
|
|
-print Print data instead of
creating certificates.
|
|
-globus Globus version.
|
|
-noregen Doesn't regenerate a new
proxy for the connection.
|
|
-separate <file> Saves the informations returned by
the server on fil
|
|
e <file>.
|
|
|
