1EDG-MKGRIDMAP(8) EDG-MKGRIDMAP(8)
2
6 edg-mkgridmap - a tool to build the grid-mapfile
7
9 edg-mkgridmap [--help] [--version]
10 [--conf=config_file]
11 [--output[=output_file]]
12 [--quiet] [--verbose]
13 [--safe] [--nosafe]
14 [--cache] [--nocache]
15 [--proxy] [--noproxy]
16 [--usermode]
17
19 edg-mkgridmap is a tool to build the grid-mapfile from VO servers, tak‐
20 ing into account both VO and local policies.
21
23 edg-mkgridmap.conf file contains configuration information for edg-
24 mkgridmap.
25 The syntax of the edg-mkgridmap.conf file is discussed seperately. The
27 edg-mkgridmap.conf(5) documentation should be consulted for detailed
28 reference information.
29 The default location is /etc/edg-mkgridmap.conf.
31 The file essentially consists of a list of directives composed by a
33 keyword and one or more arguments. Optional arguments are put in square
34 brackets.
35 * group URI [lcluser]
37 * default_lcluser default_lcluser
38 * auth URI
39 * allow⎪deny pattern_to_match
40 * gmf_local grid-mapfile-local
41
43 --help
44 Print a summary of the command line options end exit.
45 --version
47 Print the version of edg-mkgridmap end exit.
48 --conf=config_file
50 Specifies the configuration file that is used by edg-mkgridmap. If
51 omitted, edg-mkgridmap checks
52 /var/lib/edg-mkgridmap/etc/edg-mkgridmap.conf to see if a machine-
53 specific configuration has been setup. If such a file is not
54 present, edg-mkgridmap uses the default configuration file
55 /etc/edg-mkgridmap.conf.
56 --output[=output_file]
58 Specifies the output file. If omitted, stdout is used. If the
59 optional argument output_file is omitted, the value of the environ‐
60 ment variable GRIDMAP is used. If GRIDMAP is not set, then the
61 default value /etc/grid-security/grid-mapfile is used.
62 --quiet
64 Turn off error messages.
65 --verbose
67 Print lots of useful informations. Ignored if --quiet is specified.
68 --safe, --nosafe
70 Per group keep (--safe) or remove (--nosafe) the old grid-mapfile
71 entries that are not found back, when at least one of the sources
72 for that group directive had a problem. Default is remove
73 (--nosafe).
74 --cache, --nocache
76 Disable (--cache) or enable (--nocache) the grid-mapfile update
77 when its contents remain unchanged. Default is enable (--nocache).
78 --proxy, --noproxy
80 Enable (--proxy) or disable (--noproxy) proxy support for
81 HTTP/HTTPS and VOMS/VOMSS connections. Default is disable
82 (--noproxy).
83 The proxy support must be configured through appropriate environ‐
85 mental variables.
86 --usermode
88 Facilitate running the script as an ordinary user by having the
89 relevant environment variables point to the user's X509 proxy
90 instead of using the personal certificate and key. The user's
91 proxy is taken from the X509_USER_PROXY environment variable, if
92 defined, else from the default location /tmp/x509up_u$UID.
93
95 In case of one or more errors, edg-mkgridmap returns an exit code which
96 is computed adding these possible values:
97 * 1 per group directive for which a server could not be contacted.
99 * 16
101 error reading the configuration file.
102 * 32
104 error writing the grid-mapfile.
105 * 64
107 error with a group directive.
108 * 128
110 error with an auth directive.
111
113 The --verbose option produces some useful diagnostics.
114 Any error message generated by edg-mkgridmap is logged to the syslogd.
116
118 EDG_MKGRIDMAP_OPTIONS
119 Used to specify command line options.
120 GRIDMAP
122 Used to determine the location of the grid-mapfile. If not set,
123 then the default value /etc/grid-security/grid-mapfile is used.
124 CERTDIR
126 Used to determine the directory containing CA certificates. If not
127 set, then the default value /etc/grid-security/certificates is
128 used.
129 X509_USER_CERT
131 Used to determine the location of the host certificate. If not set,
132 then the default value /etc/grid-security/hostcert.pem is used.
133 X509_USER_KEY
135 Used to determine the location of the host private key. If not set,
136 then the default value /etc/grid-security/hostkey.pem is used.
137 X509_USER_PROXY
139 Used to determine the location of the user's proxy when the --user‐
140 mode option is given. If not set, the default value
141 /tmp/x509up_u$UID is used.
142 http_proxy
144 Used to determine the proxy for HTTP connections. The syntax is:
145 http_proxy="[http://]<host>:<port>"
147 https_proxy
149 Used to determine the proxy for HTTPS connections. The syntax is:
150 https_proxy="[http://]<host>:<port>"
152
154 edg-mkgridmap
155 Writes the grid-mapfile to the standard output.
157 edg-mkgridmap --output=-
159 Writes the grid-mapfile to the standard output.
161 edg-mkgridmap --output
163 Writes the grid-mapfile to the default location of the grid-mapfile.
165 edg-mkgridmap --output=<output_file>
167 Writes the grid-mapfile to <output_file>.
169
171 /var/lib/edg-mkgridmap/etc/edg-mkgridmap.conf
172 /etc/edg-mkgridmap.conf
174 /usr/libexec/edg-mkgridmap/local-subject2user
176
178 edg-mkgridmap.conf(5)
179
181 EU DataGrid Authorization Working Group, EGEE Middleware Security
182 Group, Maarten Litmaath (CERN/WLCG)
183 2011-04-03 EDG-MKGRIDMAP(8)