Virtual Organisation Membership Service (VOMS) is a set of tools to assist authorisation of users based on their affiliation. A group of users united by some common goal, e.g., working on a same project, and requesting access to Grid resources, is often referred to as a Virtual Organisation (VO). In order to authorise them by group, VOMS keeps a database of users, providing information on the user's relationship with Virtual Organisations: membership, group attachments, roles and capabilities. It also provides a set of tools to retreive and store such information.
You will need VOMS client tools if your access to various Grid resources is granted on the basis of your Virtual Organisation affiliation, and/or if your VO has a complex membership structure.
VOMS was originally developed for the EU DataGrid project, and for the complete information refer to the VOMS Web page
Installation described below typicaly needs system administrator privileges. However, the tools are relocatable, and can be installed from tarballs by any advanced user.
NorduGrid distributes customized versions of VOMS, available for download at ftp.nordugrid.org, in the "External software" section (select "voms" in the list). For the client part, two packages are needed: voms and voms-clients.
Download either RPM or tarball distributions. Tarballs should be simply unpacked in the root directory. This will install VOMS binaries and libraries in the default directory /opt/voms. RPMs should be installed by executing
rpm -ivh voms-<x.y.z>.i386.rpm voms-clients<x.y.z>.i386.rpm
To set up environment properly, execute
source /etc/profile.d/voms.sh
or for a C shell
source /etc/profile.d/voms.csh
or for a shell without source command
. /etc/profile.d/voms.sh
This will install two command-line tools: voms-proxy-init and voms-proxy-info. Since there is no such thing as a default VOMS server, in order to make use of the tools, you must have a configuration file which contains contact information for VOMS servers. Typically, every Virtual Organisation on the Grid runs one such server. The file is a plain text, of the following format:
<vo alias> <server address> <port> <distinguished name> <vo name>
An example of such file can be downloaded here. It can be stored in an arbitrary location, the recommended default one is /etc/voms/vomses.
You should use the voms-proxy-init
voms-proxy-init -vo ng
You can run voms-proxy-init without options as well, it will work identically to grid-proxy-init
If your vomses configuration file is located in a non-standard place, do
voms-proxy-init -vo ng -conf <your path>/vomses
To check the VO-related information stored in your VOMS proxy, do
voms-proxy-info