1VOMS(8)                           VOMS Server                          VOMS(8)
2
3
4

NAME

6       voms - VOMS server
7

SYNOPSIS

9       voms [-foreground] [-port port] [-backlog pnum] [-logfile file]
10            [-globusid id] [-globuspwd file] [-passfile file]
11            [-x509_cert_dir path] [-x509_cert_file file]
12            [-x509_user_cert file] [-x509_user_key file]
13            [-x509_user_proxy file] [-dbname name] [-username name]
14            [-vo  name] [-timeout  limit] [-test] [-conf  file] [-uri  uri]
15            [-version] [-code c] [-loglevel lev] [-logtype type]
16            [-logformat str] [-logdateformat str] [-debug] [-sqlloc path]
17            [-compat] [-socktimeout num] [-logmax num] [-newformat]
18            [-skipcacheck] [-help] [-usage] [-globus version]
19            [-contactstring contact] [-mysql-port port] [-mysql-socket socket]
20            [-shortfqans] [-syslog] [-base64] [-nologfile]
21

DESCRIPTION

23       VOMS - Virtual Organization Membership Service.
24
25       For the initial setup of the server, run the voms_install_db script as
26       root.
27

OPTIONS

29       Options may be specified indifferently with either a "-" or "--"
30       prefix. Their meaning is the following.
31
32       -help
33
34       -usage
35
36       These options print a list of options that the server accepts. They are
37       synonyms.
38
39       -foreground
40
41       Runs part of the server in foreground. Easier debugging.
42
43       -port port
44
45       Listens on port port. The default is 754.
46
47       -backlog num
48
49       Sets the maximum backlof for the connections. The default is 50.
50
51       -logfile file
52
53       Selects the file for logging. The default is /ver/log/voms.
54
55       -globusid id
56
57       -globuspwd file
58
59       This options are supported for backwards compatibility only. They have
60       no effect, and indeed do not get listed by the -help option.
61
62       -passfile file
63
64       Reads the password to access the DB from file. The default is to read
65       it from the console during server´s startup.
66
67       -x509_cert_dir path
68
69       -x509_cert_file file
70
71       -x509_user_cert file
72
73       -x509_user_key file
74
75       -x509_user_proxy file
76
77       These options set the respective variables.
78
79       -dbname name
80
81       Sets the name of the DB. Default voms.
82
83       -username name
84
85       Sets the name of the user for the DB login. The default is voms.
86
87       -vo name
88
89       Sets the name of the VO that owns this server. The default is
90       unspecified.
91
92       -timeout limit
93
94       Sets the length of time that the information is valid, measured in
95       secods. The default is 86400 seconds (24 hours).
96
97       -test
98
99       Prints information about the server startup and then exits.
100
101       -conf file
102
103       Reads option from the file file. The options must be present one per
104       line in the format -option[=value] where the value part must obviously
105       be present only if it is required.
106
107       -uri uri
108
109       Defines the uri of the server that will be included in the generated
110       pseudo certificate. The default value is hostname:port
111
112       -version
113
114       Prints information about the server and then exits.
115
116       -code c
117
118       -globus version
119
120       These option are obsolete and only present for backwards compatibility
121       with old installation. Currently, their values are ignored. Do not
122       specify them in new installations.
123
124       -logtype type
125
126       Sets the type of messages that will be loggged. Acceptable values are:
127
128       ·   1 - STARTUP, print startup messages.
129
130       ·   2 - REQUEST, print messages during the request interpretation
131           phase.
132
133       ·   4 - RESULT, print messages during the result sending phase.
134
135       This values can be ORed together to indicate that all the corresponding
136       types of messages are required. The default values is 255.
137
138       -loglevel lev
139
140       Sets the level of verbosity of log messages. Acceptable values are:
141
142       ·   1 - LEV_NONE, do not log anything.
143
144       ·   2 - LEV_ERROR, the default, logs only error conditions.
145
146       ·   3 - LEV_WARNINGS, logs also warning messages.
147
148       ·   4 - LEV_INFO, logs also general informational messages.
149
150       ·   5 - LEV_DEBUG, logs also a lot of debug messages. Setting this
151           level of verbosity overwrites the value of the -logtype option to
152           255.
153
154       Higher values include all messages printed by lower ones, and values
155       not documented here are translated as the highest level possible,
156       LEV_DEBUG
157
158       -logformat str
159
160       Sets the format used by the loggin system according toa printf-like
161       format string with the following directives format: \%[size][char]
162       where size, if present, sets the maximum length of the field and char
163       selects the type of substitution done. Possible values are the
164       following:
165
166       ·   % - Substitutes a plain ´%´.
167
168       ·   d - Substitutes the date. The date format is specified by the
169           -logdateformat option.
170
171       ·   f - Substitutes the name of the source file that logs the message.
172
173       ·   F - Substitutes the name of the function that logs the message.
174
175       ·   h - Substitutes the hostname of the machine hosting the service.
176
177       ·   l - Substitutes the line number that logs the message.
178
179       ·   m - Substitutes the message proper.
180
181       ·   p - Substitutes the process´ pid.
182
183       ·   s - Substitutes the service name ("vomsd").
184
185       ·   t - Substitutes the number of the message type. (see the -logtype
186           option)
187
188       ·   T - Substitutes the name of the message type. (see the -logtype
189           option)
190
191       ·   v - Substitutes the number of the message level. (see the -loglevel
192           option)
193
194       ·   V - Substitutes the name of the message level. (see the -loglevel
195           option)
196
197       The default value for this options is: "%d:%h:%s(%p):%V:%T:%F
198       (%f:%l):%m"
199
200       -logdateformat str
201
202       This option sets the format used to print the date. The format is the
203       same used by the strftime(3) function, and its default value is: "%c".
204
205       -debug
206
207       This option puts the server into debug mode. This mode automatically
208       implies -loglevel 5. Also, this option hurts scalability and is not
209       suggested in a production environment
210
211       -sqlloc /path/file
212
213       This option specifies the full path for the DB access library. Please
214       note that there is no default for this option!
215
216       -socktimeout num
217
218       This option sets the amount of time, in seconds, after which the server
219       will drop an inactive connection. The default is 60 seconds.
220
221       -maxlog num
222
223       This options sets the maximum size of a log file. Please note that this
224       size is approximate, and may be exceeded by a few thousand bytes. In
225       any case, when the specified amount is surpassed, logfiles are rotated.
226       The default is 10Mb
227
228       -newformat
229
230       This forces the server to generate ACs in the new (correct) format.
231       This is meant as a compatibility feature to ease migration while the
232       servers upgrade to the new version.
233
234       -skipcacheck
235
236       This option, if specified, forces voms to drop some of the checks done
237       as the authorization step before AC creation. Specifically, voms will
238       no longer be capable of distinguishing to certificates with the same DN
239       but different issuers. For obvious reasons, use of this option is
240       discouraged. Note also that activating this option requires a previous
241       check by the voms server administrator that there are no certificates
242       registered in the DB which the same DN and different issuers. If there
243       are, the result of a voms-proxy-init command for one of those users
244       will be unpredictable.
245
246       -contactstring contact
247
248       This string specifies information on how to contact the DB server. Its
249       exact meaning depends on the DB backend used. For MySQL it is the
250       hostname of the MySQL server, and it defaults to ´localhost´. For
251       Oracle it is the contactstring of the DB. However, for oracle it is
252       better to put what whould be the argument of this string into the
253       ´tnsnames.ora´ file and ignore this option,
254
255       -mysql-port port
256
257       This option specified the port on which the MySQL server is listening
258       if it is different from its 3306 default. This value is ignored for
259       Oracle backends.
260
261       -mysql-socket socket
262
263       MySQL servers may be configured to allow access through a unix-level
264       socket. This option allows to specify this method of contact. However,
265       it is almost always better to contact the server through the port. This
266       option is ignored for Oracle backends.
267
268       -shortfqans
269
270       This option instructs the server to always generate FQANs in their
271       short form, i.e. without the /Role=NULL and /Capability=NULL parts.
272       Successive server version will make this behaviour the default, and
273       provide a -noshortfqans option to fallback to the longer format.
274       Specifying this option is recommended.
275
276       -syslog
277
278       This option allows log messages to be sent to syslog.
279
280       -base64
281
282       This option instructs the server to use the base64 encoding for its
283       messages, rather than the in-house encoding. This option will be made
284       the default in future versions and -nobase64 will be provided to
285       fallback to the inhouse encoding. Specifying this option is
286       recommended.
287
288       -nologfile
289
290       This option disables logging on the voms specific logfile. Please note
291       that specifying this option without at the same time specifying -syslog
292       implies that no logging will take place.
293

BUGS

295       EGEE Bug Tracking Tool[1]
296

SEE ALSO

298       voms-proxy-init(1), voms-proxy-info(1), voms-proxy-destroy(1)
299
300       EDT Auth Home page[2]
301
302       CVSweb[3]
303
304       RPM repository[4]
305

AUTHORS

307       Vincenzo Ciaschini Vincenzo.Ciaschini@cnaf.infn.it.
308
309       Valerio Venturi Valerio.Venturi@cnaf.infn.it.
310
312       Copyright (c) Members of the EGEE Collaboration. 2004. See the
313       beneficiaries list for details on the copyright holders.
314
315       Licensed under the Apache License, Version 2.0 (the "License"); you may
316       not use this file except in compliance with the License. You may obtain
317       a copy of the License at
318
319       www.apache.org/licenses/LICENSE-2.0[5]
320
321       Unless required by applicable law or agreed to in writing, software
322       distributed under the License is distributed on an "AS IS" BASIS,
323       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
324       implied. See the License for the specific language governing
325       permissions and limitations under the License.
326

NOTES

328        1. EGEE Bug Tracking Tool
329           https://savannah.cern.ch/projects/jra1mdw/
330
331        2. EDT Auth Home page
332           http://grid-auth.infn.it
333
334        3. CVSweb
335           http://datagrid.in2p3.fr/cgi-bin/cvsweb.cgi/Auth/voms
336
337        4. RPM repository
338           http://datagrid.in2p3.fr/distribution/autobuild/i386-rh7.3
339
340        5. www.apache.org/licenses/LICENSE-2.0
341           http://www.apache.org/licenses/LICENSE-2.0
342
343
344
345VOMS Server                       12/14/2011                           VOMS(8)
Impressum