File: globus-k5.8

package info (click to toggle)
globus-gatekeeper 11.0-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster
  • size: 1,560 kB
  • sloc: sh: 11,518; ansic: 2,528; makefile: 131
file content (93 lines) | stat: -rw-r--r-- 3,522 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
'\" t
.\"     Title: globus-k5
.\"    Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot <http://docbook.sf.net/>
.\"      Date: 03/31/2018
.\"    Manual: Grid Community Toolkit Manual
.\"    Source: Grid Community Toolkit 6
.\"  Language: English
.\"
.TH "GLOBUS\-K5" "8" "03/31/2018" "Grid Community Toolkit 6" "Grid Community Toolkit Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
globus-k5 \- Acquire Kerberos Credentials for use with Grid Services
.SH "SYNOPSIS"
.sp
\fBglobus\-k5\fR \fISERVICE\-COMMAND\fR \fISERVICE\-ARGS\fR\&...
.SH "DESCRIPTION"
.sp
The \fBglobus\-k5\fR program is an authorization module used by the globus\-gatekeeper program to acquire Kerberos 5 Credentials prior to executing a Grid Service\&. This may be accomplished by running \fBkinit\fR with a password stored in the globuskmap file, using the NCSA \fBkrb525\fR command, or the \fBsslk5\fR command to use the X509 user proxy\&.
.sp
The arguments passed to \fBglobus\-k5\fR will not be used by it, but will be passed onto the job manager\&. The first parameter must be the path to the Grid Service\&.
.sp
It is expected that the environment will contain the variables GLOBUSID and USER for the Grid and local POSIX user identities\&. This program is normally run as root, and will call seteuid() prior to executing the Grid Service\&.
.sp
The parameters to use and the mapping for the globus to K5 user are located in the globuskmap file\&.
.SS "Format of the globuskmap file"
.sp
The globuskmap file is a line\-oriented file which each line containing a command to run to acquire Kerberos 5 credentials for a Grid identity\&. Each line consists of an optionally\-quoted \fIGLOBUSID\fR value followed by a command\-line for running a process to acquire a Kerberos credential\&. For example:
.sp
.if n \{\
.RS 4
.\}
.nf
"/O=Example/OU=Grid/CN=Joe User" /usr/afsws/bin/klog \-principal juser \-password mypasswd \-cell infn\&.it
.fi
.if n \{\
.RE
.\}
.SH "ENVIRONMENT"
.sp
The following variables affect the execution of \fBglobus\-k5\fR:
.PP
\fBGLOBUSKMAP\fR
.RS 4
Path to the globuskmap file\&.
.RE
.PP
\fBUSER\fR
.RS 4
POSIX username that the service will run as\&.
.RE
.PP
\fBKRB5CCNAME\fR
.RS 4
Path to a Kerberos credential cache\&.
.RE
.PP
\fBGLOBUS_ID\fR
.RS 4
Grid identity to generate Kerberos credentials for\&.
.RE
.SH "FILES"
.sp
The following files affect the execution of \fBglobus\-k5\fR:
.PP
\fB/etc/globuskmap\fR
.RS 4
Default file mapping Grid identities to Kerberos 5 principals\&.
.RE
.SH "SEE ALSO"
.sp
\fBglobus\-k5\fR(8), \fBglobus\-job\-manager\fR(8)
.SH "AUTHOR"
.sp
Copyright \(co 1999\-2016 University of Chicago