/

glite-proxy-renewd (8) Linux Manual Page

ByLinux Manual Posted on Updated on

glite-proxy-renewd – proxy renewal daemon

Synopsis

glite-proxy-renewd [options]

Description

glite-proxy-renewd registers X.509 proxy certificates and periodicaly renews them using a MyProxy repository.

Options

-A DIR, –VOMSdir DIR

Renew also VOMS attributes if they are embeded in the renewed proxy. If the option is given, the renewal daemon will retrieve a fresh copy of the VOMS attributes and place it inside the new proxy.

-C DIR, –CAdir DIR

An alternative directory with trusted root anchors. This option overrides the $X509_USER_DIR environment variable.

-c NUM, –condor-limit NUM

Specifies how many NUM seconds before expiration of a proxy should the renewal process be started. It defaults to 1800 seconds.

-d, –debug

Don’t daemonize and start logging to stdout. Increased level of debugging is enabled, too.

-G FILE, –voms-config FILE

An alternative location of the VOMS configuration.

-h, –help

Display a list of valid options.

-k FILE, –key FILE

Get certificate from FILE. This option overrides the $X509_USER_CERT environment variable.

-O, –order-attributes

Make sure that the order of renewed VOMS attributes is retained. Enabling this option may cause crashes of old VOMS servers (older than 1.8.12).

-r DIR, –repository DIR

All registered proxies and corresponding metadata will be stored in repository. The directory must exist and be writeable by the proxy renewal daemon.

-t FILE, –cert FILE

Get private key from FILE. This option overrides the $X509_USER_KEY environment variable.

-V DIR, –VOMSdir DIR

An alternative directory with trusted VOMS certificates

-v, –version

Display the version of the proxy renewal daemon.

Files

/tmp/dgpr_renew_<uid>

A unix socket used to talk to the daemon. It is created the daemon upon its start

proxy repository

A directory containing all the registered proxy certificates and additional meta-data.

There is no configuration file used the proxy renewal daemon.

Environment

GLITE_PR_TIMEOUT

Sets the maximum number of seconds that the daemon can spend on serving the client over the unix socket. The default value is 120 seconds.

Also, standard globus variables are honoured:

X509_USER_KEY

If $X509_USER_KEY is set, it is used to locate the private key file.

X509_USER_CERT

If $X509_USER_CERT is set, it is used to locate the certificate file.

X509_CERT_DIR

If $X509_CERT_DIR is set, it is used to locate trusted CA’s certificates and ca-signing-policy files.

Bugs

Please report all bugs to CESNET gLite Proxyrenewal issue tracker available at https://github.com/CESNET/proxyrenewal/issues

See Also

glite-proxy-renew(1)

Author

EU EGEE, EU EMI

Leave a Reply

Your email address will not be published. Required fields are marked *