Provided by: lcmaps-plugins-voms_1.6.2-2build1_i386 bug

NAME

       lcmaps_voms_localaccount.mod  -  LCMAPS  plugin to switch user identity
       based on VOMS credentials by local accounts

SYNOPSIS

       lcmaps_voms_localaccount.mod [-gridmapfile gridmapfile] [--add-primary-
       gid-from-mapped-account] [--do-not-add-primary-gid-from-mapped-account]
       [--add-primary-gid-as-secondary-gid-from-mapped-account] [--add-
       secondary-gids-from-mapped-account] [-use_voms_gid|-use-voms-gid]

DESCRIPTION

       This   VOMS   localaccount   acquisition   plugin   is  a  'VOMS-aware'
       modification of the lcmaps_localaccount.mod.8 plugin.  The plugin tries
       to  find a local account (more specifically a UserID) based on the VOMS
       information that has available from the LCMAPS, in particular the Fully
       Qualified Attribute Names (FQAN).

       The VOMS credentials need to be available from the LCMAPS framework.

OPTIONS

       -gridmapfile gridmapfile
              This  file must contain FQANs to (local) user account names.  If
              this option is set, it will override the  default  path  of  the
              gridmapfile.   It  is  advised  to  use  an absolute path to the
              gridmapfile to avoid usage of the wrong file(path).

       --add-primary-gid-from-mapped-account
              After the account is mapped, add the primary Group ID  from  the
              passwd-file/LDAP  of the mapped account as a part of the mapping
              result. Default is to not add the primary Group ID.

       --do-not-add-primary-gid-from-mapped-account
              After the account is mapped, explicitly avoid adding the primary
              Group  ID  from  the passwd-file/LDAP of the mapped account as a
              part of the mapping result.. Default is to not add  the  primary
              Group ID.

       --add-primary-gid-as-secondary-gid-from-mapped-account
              After  the  account is mapped, add the primary Group ID from the
              passwd-file/LDAP of the mapped account as a secondary  Group  ID
              as a part of the mapping result.

       --add-secondary-gids-from-mapped-account
              After the account is mapped, add the secondary Group ID from the
              groups-file/LDAP of the mapped  account  as  a  secondary  Group
              ID(s) as a part of the mapping result.

       -use_voms_gid|-use-voms-gid
              Warning:  Default  enabled!   Switching this on will disable the
              automatic inclusion of the primary Group ID and secondary  Group
              ID(s) of the mapped account as a part of the mapping result.  We
              advise to switch this option on by default.

RETURN VALUES

       LCMAPS_MOD_SUCCESS
              Success.

       LCMAPS_MOD_FAIL
              Failure.

NOTES

       Since version 1.6.0 the voms_localaccount plugin supports  grid-mapfile
       entries   with   multiple  usernames,  separated  by  a  comma  without
       whitespace.  This  can  be  used  in  combination  with  specifying   a
       requested username  (such as by gsissh), to pick any of these accounts.
       When no  requested username is  specified,  the  first  is  used.  This
       requires LCMAPS version 1.6.0 or newer.

BUGS

       Please  report  any  errors to the Nikhef Grid Middleware Security Team
       <grid-mw-security-support@nikhef.nl>.

SEE ALSO

       lcmaps.db(5), lcmaps(3).

AUTHORS

       LCMAPS and the LCMAPS plug-ins were  written  by  the  Grid  Middleware
       Security Team <grid-mw-security@nikhef.nl>.

Stichting FOM/Nikhef           February 25, 201LCMAPS_VOMS_LOCALACCOUNT.MOD(8)