Deployment File Permissions

NOTE: This page is out of date and has been replaced by http://docs.google.com/View?id=dgp8twm9_2fqs959hk



This page describes the files installed as part of the GridShib-CA deployment and the minimum permissions needed on those files.

 File(s) Entity that needs access
 Access Needed
 Description
 certs/* GridShib-CA web application
 write Copy of issued certificates
 check-config.pl
 create-openid-consumer-secret.pl
 create-openssl-ca.pl
 issue-cert.pl
 myproxy-mapapp.pl
 Administrator read, execute
 Administrative utilities
 gridshib-ca.conf
 GridShib-CA web application
 read Main configuration file
 policy.conf GridShib-CA web application
 read Authorization policy
 openid-consumer-secret GridShib-CA web application read Secret used to protect OpenId authentication.
 openssl-ca
 GridShib-CA web application
 read, execute
 Binary to issue certificates locally.
 perl/* GridShib-CA web application
 read Perl modules for web application.
 templates/* GridShib-CA web application
 read Templates for web application.
 gridshib-ca-cert.pem
 gridshib-ca-key.pem
 OpenSSL-CA read CA credentials for local CA.
 serial OpenSSL-CA read, write
 Serial file for local CA.
 myproxy-client-cert.pem
 myproxy-client-key.pem
 GridShib-CA web application
  Client credentials for MyProxy CA.
 /var/run/gridshib-ca/gsca-session-* (Path be changed in gridshib-ca.conf)
 GridShib-CA web application
 create, read, write
 Sessions


Comments