NAME
voms-proxy-init - create a proxy with VOMS extensions
SYNOPSIS
voms-proxy-init [options]
DESCRIPTION
The voms-proxy-init generates a proxy with the VOMS information
included in a non critical extension.
OPTIONS
Options may be specified indifferently with either a "-" or "--"
prefix. The options from -help to -out are present for compatibility
with grid-proxy-init, and have the exact same meaning. The meaning of
the other ones is the following.
-help Displays usage
-version Displays version
-debug Enables extra debug output
-q Quiet mode, minimal output
-verify Verifies proxy
-pwstdin Allows passphrase from stdin
-limited Creates a limited proxy
-hours H Proxy is valid for H hours (default:12) This option is
deprecated and is only present for compatibility with grid-proxy-init,
since this option does not set the validity of the credentials returned
by VOMS. Use -valid instead.
-vomslife H Tries to get a pseudo cert with information valid for H
hours. The default is "as long as the proxy certificate". The special
value 0 means as long as the server will allow. This option is
deprecated, since it does not set the validity of the generated proxy.
Use -valid instead.
-valid HH:MMThis option attempts to set the validity for both the proxy
and the credentials returned by the VOMS server. The latter validity
may however be shortened due to server policy. This option obsoletes
both -hours and -vomslife, and should be used in preference to both
-bits B Number of bits in key {512|1024|2048|4096}
-cert certfile Non-standard location of user certificate
-key keyfile Non-standard location of user key
-certdir certdir Non standard location where the trusted CAs
certificates are kept.
-out proxyfile Location of new proxy cert
-voms voms[:command] Specifies the VOMS server to contact using the
nickname voms. It also allows to send a specific command to the server.
The default command is :all, and it gets all group membership
information. Other commands are :/Role=rolename which grants the
rolename VO-wide role if the server allows it, and
:/group/Role=rolename which grants the role rolename only in the group
/group, again only if the server allows it.
Example : voms-proxy-init --voms myVO:/myVO/Role=VO-Admin
-order fqan Specified fqans, if present, are put on top of the list of
attributes returned by the server in the order in which they are passed
(using more -order call). The order of the others is not specified. If
some of the fqans are not returned no warning is given. Capability
selection is not supported.
-include file Includes file in the certificate (in a non critical
extension)
-conf file Read options from file.
-confile file
-userconf file
-vomses file Specifies the name of a configuration file from which a
list of nicknames is read. The format of the file is the following:
nick host port subject vo where nick is the nickname, host and port are
the hostname and port of the server to contact, subject is the subject
of the server's certificate, while vo is the name of the VO that owns
the server. The default filenames are $PREFIX/etc/vomses and
$HOME/.glite/vomses.
Moreover, permissions must be 644 if a file is specified, and 755 if a
directory is specified
The three options are synonyms. -confile and -userconf are deprecated.
-vomses should be used instead.
-policy The file containing the policy expression.
-policy-language pl The language in which the policy is expressed.
Default is IMPERSONATION_PROXY.
-path-length Maximum depth of proxy certfificate that can be signed
from this.
-globus version Underlying Globus version.
-proxyver Version of the proxy certificate to create. May be 2 or 3.
Default value is decided upon underlying globus version.
-noregen Use existing proxy to contact the server and to sing the new
proxy.
-separate file Saves the voms credential on file file.
-ignorewarn Ignore all warnings. They are not shown to the user.
-failonwarn Warnings become failures. The program will translates all
warnings into errors and will react accordingly, by returning a failure
itself.
-list Instead of producing an attribute certificate, this optin will
print on screen a list of all attributes available to the user.
BUGS
EGEE Bug Tracking Tool[1]
SEE ALSO
voms-proxy-info(1), voms-proxy-destroy(1)
EDT Auth Home page[2]
CVSweb[3]
RPM repository[4]
AUTHORS
Vincenzo Ciaschini Vincenzo.Ciaschini@cnaf.infn.it.
Valerio Venturi Valerio.Venturi@cnaf.infn.it.
COPYRIGHT
Copyright (c) Members of the EGEE Collaboration. 2004. See the
beneficiaries list for details on the copyright holders.
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
www.apache.org/licenses/LICENSE-2.0[5]
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied. See the License for the specific language governing
permissions and limitations under the License.
NOTES
1. EGEE Bug Tracking Tool
https://savannah.cern.ch/projects/jra1mdw/
2. EDT Auth Home page
http://grid-auth.infn.it
3. CVSweb
http://datagrid.in2p3.fr/cgi-bin/cvsweb.cgi/Auth/voms
4. RPM repository
http://datagrid.in2p3.fr/distribution/autobuild/i386-rh7.3
5. www.apache.org/licenses/LICENSE-2.0
http://www.apache.org/licenses/LICENSE-2.0