Scroll to navigation
LCMAPS_BAN_FQAN.MOD(8) |
System Manager's Manual |
LCMAPS_BAN_FQAN.MOD(8) |
NAME¶
lcmaps_ban_fqan.mod - LCMAPS plugin to ban a user based on any of its FQANs
SYNOPSIS¶
lcmaps_ban_fqan.mod [-banmapfile banning file]
[-disablewildcard]
DESCRIPTION¶
This plugin is an Banning Plugin and will provide the LCMAPS system a credential
banning feature based on VOMS FQANs. A Gridmapfile will be read, if the FQAN
is listed, this means the FQAN is banned and the plug-in will register a
negative result, this means an LCMAPS_MOD_FAIL. The plugin will finish
its run with a LCMAPS_MOD_SUCCESS when the FQAN is not banned. When
there are no FQANs (including in the case when the VOMS credentials have
expired), the plugin also finishes with an LCMAPS_MOD_SUCCESS (versions before
1.6.2 would incorrectly fail in those cases). This result will be reported to
the Plugin Manager which started this plugin and it will forward this result
to the Evaluation Manager, which will take appropriate actions for the next
plugin to run.
OPTIONS¶
- -banmapfile "banmapfile"
- When this option is set the plug-in will use the path to the banning
gridmapfile as a ban file. It is advised to use an absolute path to the
gridmapfile to avoid usage of the wrong file(path).
- -disablewildcard
- When this option is set the plug-in will only match exact FQANs, i.e.
/dteam* will not match.
RETURN VALUES¶
- LCMAPS_MOD_SUCCESS
- Success.
- LCMAPS_MOD_FAIL
- Failure or banned.
BUGS¶
Please report any errors to the Nikhef Grid Middleware Security Team
<grid-mw-security-support@nikhef.nl>.
AUTHORS¶
LCMAPS and the LCMAPS plug-ins were written by the Grid Middleware Security Team
<grid-mw-security@nikhef.nl>.