1myproxy-server(8) MyProxy myproxy-server(8)
2
6 myproxy-server - store credentials in an online repository
7
9 myproxy-server [ options ]
10
12 The myproxy-server is a server that runs on a trusted, secure host and
13 manages a database of security credentials for use from remote sites.
14 The myproxy-init(1) program stores credentials with associated policies
15 that specify credential lifetimes and who is authorized to retrieve
16 credentials. The myproxy-server.config(5) file sets server-wide poli‐
17 cies that are used in conjunction with the policies set by myproxy-
18 init(1) to control who is authorized to store and retrieve credentials.
19
21 -h, --help
22 Displays command usage text and exits.
23 -u, --usage
25 Displays command usage text and exits.
26 -v, --verbose
28 Enables verbose debugging output to the terminal.
29 -V, --version
31 Displays version information and exits.
32 -d, --debug
34 Run the server in debug mode. In this mode, the server will run
35 in the foreground, will accept one connection, write log mes‐
36 sages to the terminal while processing the incoming request, and
37 exit after completing one request.
38 -l hostname/ipaddr, --listen hostname/ipaddr
40 Specifies the hostname or IP address that the myproxy-server
41 should listen (bind) to. Default: all interfaces on the local‐
42 host
43 -p port, --port port
45 Specifies the TCP port number that the myproxy-server should
46 listen on. Default: 7512
47 -c file, --config file
49 Specifies the location of the myproxy-server configuration file.
50 Default: /etc/myproxy-server.config or $GLOBUS_LOCA‐
51 TION/etc/myproxy-server.config
52 -s dir, --storage dir
54 Specifies the location of the credential storage directory. The
55 directory must be accessible only by the user running the
56 myproxy-server process for security reasons. Default:
57 /var/lib/myproxy or /var/myproxy or $GLOBUS_LOCATION/var/myproxy
58
60 /etc/myproxy-server.config
61 Default location of the server configuration file (see myproxy-
62 server.config(5)). If not found, $GLOBUS_LOCATION/etc/myproxy-
63 server.config will be used. An alternate location can be speci‐
64 fied by using the -c option.
65 /var/lib/myproxy
67 Default location of the credential storage directory. If not
68 found, /var/myproxy or $GLOBUS_LOCATION/var/myproxy will be
69 used. If none of these directories exist, the myproxy-server
70 will first attempt to create /var/lib/myproxy and if that fails
71 will attempt to create $GLOBUS_LOCATION/var/myproxy and use
72 that. The directory must be accessible only by the user running
73 the myproxy-server process for security reasons. An alternate
74 location can be specified by using the -s option.
75
77 GLOBUS_LOCATION
78 Specifies the root of the MyProxy installation, used to find the
79 default location of the myproxy-server.config file and the cre‐
80 dential storage directory.
81 LD_LIBRARY_PATH
83 The MyProxy server is typically linked dynamically with Globus
84 security libraries, which must be present in the dynamic
85 linker's search path. This typically requires $GLOBUS_LOCA‐
86 TION/lib to be included in the list in the LD_LIBRARY_PATH envi‐
87 ronment variable, which is set by the $GLOBUS_LOCA‐
88 TION/libexec/globus-script-initializer script, which should be
89 called from any myproxy-server startup script. Alternatively,
90 to set LD_LIBRARY_PATH appropriately for the Globus libraries in
91 an interactive shell, source $GLOBUS_LOCATION/etc/globus-user-
92 env.sh (for sh shells) or $GLOBUS_LOCATION/etc/globus-
93 user.env.csh (for csh shells).
94 MYPROXY_SERVER_PORT
96 Specifies the port where the myproxy-server(8) is running. This
97 environment variable can be used in place of the -p option.
98 X509_USER_CERT
100 Specifies an alternative location for the server's certificate.
101 By default, the server uses /etc/grid-security/hostcert.pem when
102 running as root or ~/.globus/usercert.pem when running as non-
103 root.
104 X509_USER_KEY
106 Specifies an alternative location for the server's private key.
107 By default, the server uses /etc/grid-security/hostkey.pem when
108 running as root or ~/.globus/userkey.pem when running as non-
109 root.
110 X509_USER_PROXY
112 Specifies an alternative location for the server's certificate
113 and private key (in the same file). Use when running the server
114 with a proxy credential. Note that the proxy will need to be
115 periodically renewed before expiration to allow the myproxy-
116 server to keep functioning. When the myproxy-server runs with a
117 non-host credential, clients must have the MYPROXY_SERVER_DN
118 environment variable set to the distinguished name of the cer‐
119 tificate being used by the server.
120 X509_CERT_DIR
122 Specifies a non-standard location for the CA certificates direc‐
123 tory.
124 MYPROXY_KEYBITS
126 Specifies the size for RSA keys generated by MyProxy. By
127 default, MyProxy generates 2048 bit RSA keys. Set this environ‐
128 ment variable to "1024" for 1024 bit RSA keys.
129
131 See http://grid.ncsa.illinois.edu/myproxy/about for the list of MyProxy
132 authors.
133
135 myproxy-change-pass-phrase(1), myproxy-destroy(1), myproxy-get-trust‐
136 roots(1), myproxy-info(1), myproxy-init(1), myproxy-logon(1), myproxy-
137 retrieve(1), myproxy-store(1), myproxy-server.config(5), myproxy-admin-
138 adduser(8), myproxy-admin-change-pass(8), myproxy-admin-load-creden‐
139 tial(8), myproxy-admin-query(8)
140MyProxy 2014-07-12 myproxy-server(8)