glite-proxy-renewd (8) - Linux Manuals

glite-proxy-renewd: proxy renewal daemon

NAME

glite-proxy-renewd - proxy renewal daemon

SYNOPSIS

glite-proxy-renewd [options]

DESCRIPTION

glite-proxy-renewd registers X.509 proxy certificates and periodicaly renews them using a MyProxy repository.

OPTIONS

-A DIR, --VOMSdir DIR
Renew also VOMS attributes if they are embeded in the renewed proxy. If the option is given, the renewal daemon will retrieve a fresh copy of the VOMS attributes and place it inside the new proxy.

-C DIR, --CAdir DIR
An alternative directory with trusted root anchors. This option overrides the $X509_USER_DIR environment variable.

-c NUM, --condor-limit NUM
Specifies how many NUM seconds before expiration of a proxy should the renewal process be started. It defaults to 1800 seconds.

-d, --debug
Don't daemonize and start logging to stdout. Increased level of debugging is enabled, too.

-G FILE, --voms-config FILE
An alternative location of the VOMS configuration.

-h, --help
Display a list of valid options.

-k FILE, --key FILE
Get certificate from FILE. This option overrides the $X509_USER_CERT environment variable.

-O, --order-attributes
Make sure that the order of renewed VOMS attributes is retained. Enabling this option may cause crashes of old VOMS servers (older than 1.8.12).

-r DIR, --repository DIR
All registered proxies and corresponding metadata will be stored in repository. The directory must exist and be writeable by the proxy renewal daemon.

-t FILE, --cert FILE
Get private key from FILE. This option overrides the $X509_USER_KEY environment variable.

-V DIR, --VOMSdir DIR
An alternative directory with trusted VOMS certificates

-v, --version
Display the version of the proxy renewal daemon.

FILES

/tmp/dgpr_renew_<uid>
A unix socket used to talk to the daemon. It is created the daemon upon its start

proxy repository
A directory containing all the registered proxy certificates and additional meta-data.

There is no configuration file used the proxy renewal daemon.

ENVIRONMENT

GLITE_PR_TIMEOUT
Sets the maximum number of seconds that the daemon can spend on serving the client over the unix socket. The default value is 120 seconds.

Also, standard globus variables are honoured:

X509_USER_KEY
If $X509_USER_KEY is set, it is used to locate the private key file.

X509_USER_CERT
If $X509_USER_CERT is set, it is used to locate the certificate file.

X509_CERT_DIR
If $X509_CERT_DIR is set, it is used to locate trusted CA's certificates and ca-signing-policy files.

BUGS

Please report all bugs to CESNET gLite Proxyrenewal issue tracker available at https://github.com/CESNET/proxyrenewal/issues

AUTHOR

EU EGEE, EU EMI

SEE ALSO

glite-proxy-renew(1)