'\" t
.\"     Title: vomsdir
.\"    Author: [see the "AUTHORS" section]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
.\"      Date: 11/20/2012
.\"    Manual: \ \&
.\"    Source: \ \&
.\"  Language: English
.\"
.TH "VOMSDIR" "5" "11/20/2012" "\ \&" "\ \&"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
vomsdir \- The structure of the vomsdir VOMS server trust anchor directory
.SH "SYNOPSIS"
.sp
\fB/etc/grid\-security/vomsdir\fR
.SH "DESCRIPTION"
.sp
This manual page describes the structure of the \fIvomsdir\fR VOMS server trust anchor directory\&. The function of this directory is to keep local information about trusted VOMS servers which is used to verify the signatures on the attributes issued by VOMS servers\&.
.sp
The \fIvomsdir\fR directory is structured as follows:
.sp
.if n \{\
.RS 4
.\}
.nf
<vomsdir>
   |
   |\-\-vo1
   |
   |\-\-vo2
   |
   |\-\-vo3
   |
.fi
.if n \{\
.RE
.\}
.sp
A subdirectory is created for each of the trusted VOs\&. Inside each VO directory two types of files can be found:
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}

\fBLSC files\fR
An LSC file contains a description of the certificate chain of the certificate used by a VOMS server to sign VOMS attributes\&.
.RE
.sp
.RS 4
.ie n \{\
\h'-04'\(bu\h'+03'\c
.\}
.el \{\
.sp -1
.IP \(bu 2.3
.\}

\fBX509 certificates\fR
The certificate used by a VOMS server to sign attributes\&.
.RE
.sp
These files are commonly named using the following pattern:
.sp
.if n \{\
.RS 4
.\}
.nf
<hostname>\&.lsc
<hostname>\&.pem
.fi
.if n \{\
.RE
.\}
.sp
Where hostname is the host where the VOMS server is running\&.
.sp
When both lsc and pem files are present for a given VO and hostname, the lsc file takes precedence\&.
.SS "LSC file syntax"
.sp
The LSC file contains a list of X\&.509 subject strings, one on each line, encoded in OpenSSL slash\-separated syntax, describing the certificate chain (up and including the CA that issued the certificate)\&. For instance, the voms\&.cnaf\&.infn\&.it VOMS server has the following LSC file:
.sp
.if n \{\
.RS 4
.\}
.nf
/C=IT/O=INFN/OU=Host/L=CNAF/CN=voms\&.cnaf\&.infn\&.it
/C=IT/O=INFN/CN=INFN CA
.fi
.if n \{\
.RE
.\}
.SH "EXAMPLES"
.sp
Assuming locally two VOs are trusted, the \fBcms\fR VO and the \fBcdf\fR VO, the \fB/etc/grid\-security/vomsdir\fR directory will be structured as follows:
.sp
.if n \{\
.RS 4
.\}
.nf
/etc/grid\-security/vomsdir
/etc/grid\-security/vomsdir/cms
/etc/grid\-security/vomsdir/cdf
.fi
.if n \{\
.RE
.\}
.sp
The \fB/etc/grid\-security/vomsdir/cms\fR directory will contain the following files:
.sp
.if n \{\
.RS 4
.\}
.nf
lcg\-voms\&.cern\&.ch\&.lsc
voms\&.cern\&.ch\&.lsc
.fi
.if n \{\
.RE
.\}
.sp
The \fB/etc/grid\-security/vomsdir/cdf\fR directory will contain the following files:
.sp
.if n \{\
.RS 4
.\}
.nf
voms\-01\&.pd\&.infn\&.it\&.lsc
voms\&.cnaf\&.infn\&.it\&.lsc
voms\&.fnal\&.gov\&.lsc
.fi
.if n \{\
.RE
.\}
.sp
The LSC files will contain descriptions of the certificate chains used by VOMS servers to sign attribute certificates\&.
.SH "BUGS"
.sp
To report bugs or ask for support, use GGUS: https://ggus\&.eu/pages/home\&.php
.SH "AUTHORS"
.sp
Andrea Ceccanti <andrea\&.ceccanti@cnaf\&.infn\&.it>
.sp
Daniele Andreotti <daniele\&.andreotti@cnaf\&.infn\&.it>
.sp
Valerio Venturi <valerio\&.venturi@cnaf\&.infn\&.it>
.SH "SEE ALSO"
.sp
voms\-proxy\-destroy(1), voms\-proxy\-info(1), voms\-lsc(5)
.SH "COPYING"
.sp
Copyright 2012 Istituto Nazionale di Fisica Nucleare
.sp
Licensed under the Apache License, Version 2\&.0 (the "License"); you may not use this file except in compliance with the License\&. You may obtain a copy of the License at
.sp
.if n \{\
.RS 4
.\}
.nf
http://www\&.apache\&.org/licenses/LICENSE\-2\&.0
.fi
.if n \{\
.RE
.\}
.sp
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied\&. See the License for the specific language governing permissions and limitations under the License\&.