[globus-gridftp-server] Add start-up script and man page for globus-gridftp-server

Mattias Ellert ellert at fedoraproject.org
Fri Apr 29 23:07:44 UTC 2011 

commit 3a9247a6dac0e82faaa1bcd8f975740e66c5192c
Author: Mattias Ellert <mattias.ellert at fysast.uu.se>
Date:   Tue Apr 19 19:47:03 2011 +0200

    Add start-up script and man page for globus-gridftp-server

 globus-gridftp-server      |   86 +++++++
 globus-gridftp-server.8    |  609 ++++++++++++++++++++++++++++++++++++++++++++
 globus-gridftp-server.spec |   35 +++-
 gridftp.conf.default       |    5 +
 4 files changed, 734 insertions(+), 1 deletions(-)
---
diff --git a/globus-gridftp-server b/globus-gridftp-server
new file mode 100644
index 0000000..912263e
--- /dev/null
+++ b/globus-gridftp-server
@@ -0,0 +1,86 @@
+#!/bin/bash
+#
+# globus-gridftp-server
+#
+# chkconfig: - 20 80
+# description: Controls the globus-gridftp-server
+#
+### BEGIN INIT INFO
+# Provides:          globus-gridftp-server
+# Required-Start:    $remote_fs $syslog
+# Required-Stop:     $remote_fs $syslog
+# Default-Stop:      0 1 2 3 4 5 6
+# Short-Description: Globus Gridftp Server
+# Description:       Globus Gridftp Server
+### END INIT INFO
+
+# source function library
+. /etc/init.d/functions
+
+sbindir="/usr/sbin"
+sysconfdir="/etc"
+localstatedir="/var"
+
+rc=0
+conf=${sysconfdir}/gridftp.conf
+pidfile=${localstatedir}/run/globus-gridftp-server.pid
+gridftpd=${sbindir}/globus-gridftp-server
+
+start() {
+	echo -n "Starting globus-gridftp-server: "
+	if [ ! -f $conf ]; then
+	  cp $conf.default $conf;
+	fi
+
+	$gridftpd -S -c $conf
+	rc=$?
+
+	[ $rc -eq 0 ] && success || failure
+	[ $rc -eq 0 ] && touch /var/lock/subsys/globus-gridftp-server
+
+	echo
+	return $rc
+}
+
+stop() {
+	echo -n "Stopping globus-gridftp-server: "
+	killall -s INT $gridftpd 2>/dev/null
+	rc=$?
+	sleep 2
+	killall -s KILL $gridftpd 2>/dev/null
+
+	[ $rc -eq 0 ] && success || failure
+	[ $rc -eq 0 ] && rm /var/lock/subsys/globus-gridftp-server
+
+	echo
+	return $rc
+}
+
+restart() {
+	stop
+	start
+}
+
+case "$1" in
+    start)
+	start
+	;;
+    stop)
+	stop
+	;;
+    status)
+	;;
+    restart | force-reload)
+	restart
+	;;
+    condrestart | try-restart)
+	[ -e /var/lock/subsys/globus-gridftp-server ] && restart
+	;;
+    reload)
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|restart|force-reload|condrestart|try-restart|reload}"
+	exit 1
+	;;
+esac
+exit $rc
diff --git a/globus-gridftp-server.8 b/globus-gridftp-server.8
new file mode 100644
index 0000000..cfaa8d3
--- /dev/null
+++ b/globus-gridftp-server.8
@@ -0,0 +1,609 @@
+'\" t
+.\"     Title: globus-gridftp-server
+.\"    Author: 
+.\" Generator: DocBook XSL Stylesheets v1.75.2 <http://docbook.sf.net/>
+.\"      Date: 04/18/2011
+.\"    Manual: Globus Tookit
+.\"    Source: The Globus Alliance
+.\"  Language: English
+.\"
+.TH "GLOBUS\-GRIDFTP\-SER" "8" "04/18/2011" "The Globus Alliance" "Globus Tookit"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el       .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+globus-gridftp-server \- The Globus GridFTP server daemon
+.SH "SYNOPSIS"
+.HP \w'\fB/usr/sbin/globus\-gridftp\-server\fR\ 'u
+\fB/usr/sbin/globus\-gridftp\-server\fR [\fBoptions\fR]
+.SH "DESCRIPTION"
+.PP
+The table below lists config file options, associated command line options (if available) and descriptions\&. Note that any boolean option can be negated on the command line by preceding the specified option with \*(Aq\-no\-\*(Aq or \*(Aq\-n\*(Aq\&. Example: \-no\-cas or \-nf\&.
+.PP
+\fB\-h, \-help, \-help <0|1>\fR
+.RS 4
+Show usage information and exit\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBlonghelp <0|1> \-hh \-longhelp\fR
+.RS 4
+Show more usage information and exit\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBversion <0|1> \-v \-version\fR
+.RS 4
+Show version information for the server and exit\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBversions <0|1> \-V \-versions\fR
+.RS 4
+Show version information for all loaded globus libraries and exit\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBversions <0|1> \-V \-versions\fR
+.RS 4
+Show version information for all loaded globus libraries and exit\&.
+.sp
+Default value: FALSE
+.RE
+.SH "MODES OF OPERATION"
+.PP
+\fB\-inetd <0|1> \-i \-inetd\fR
+.RS 4
+Run under an inetd service\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBdaemon <0|1> \-s \-daemon\fR
+.RS 4
+Run as a daemon\&. All connections will fork off a new process and setuid if allowed\&.
+.sp
+Default value: TRUE
+.RE
+.PP
+\fBdetach <0|1> \-S \-detach\fR
+.RS 4
+Run as a background daemon detached from any controlling terminals\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBssh <0|1> \-ssh\fR
+.RS 4
+Run over a connected ssh session\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBexec <string> \-exec <string>\fR
+.RS 4
+For staticly compiled or non\-GLOBUS_LOCATION standard binary locations, specify the full path of the server binary here\&. Only needed when run in daemon mode\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBchdir <0|1> \-chdir\fR
+.RS 4
+Change directory when the server starts\&. This will change directory to the dir specified by the chdir_to opt ion\&.
+.sp
+Default value: TRUE
+.RE
+.PP
+\fBchdir_to <string> \-chdir\-to <string>\fR
+.RS 4
+Directory to chdir to after starting\&. Will use / if not set\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBfork <0|1> \-f \-fork\fR
+.RS 4
+Server will fork for each new connection\&. Disabling this option is only recommended when debugging\&. Note th at non\-forked servers running as \*(Aqroot\*(Aq will only accept a single connection, and then exit\&.
+.sp
+Default value: TRUE
+.RE
+.PP
+\fBsingle <0|1> \-1 \-single\fR
+.RS 4
+Exit after a single connection\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBchroot_path <string> \-chroot\-path <string>\fR
+.RS 4
+Path to become the new root after authentication\&. This path must contain a valid certificate structure, /etc/passwd, and /etc/groups\&. The command globus\-gridftp\-server\-setup\-chroot can help create a suitable directory structure\&.
+.sp
+Default value: not set
+.RE
+.SH "AUTHENTICATION, AUTHORIZATION, AND SECURITY OPTIONS"
+.PP
+\fBauth_level <number> \-auth\-level <number>\fR
+.RS 4
+Add levels together to use more than one\&. 0 = Disables all authorization checks\&. 1 = Authorize identity\&. 2 = Authorize all file/resource accesses\&. 4 = Disable changing process uid to authenticated user (no setuid) \- DO NOT use this when process is started as root\&. If not set uses level 2 for front ends and level 1 for data nodes\&. Note that levels 2 and 4 imply level 1 as well\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBipc_allow_from <string> \-ipc\-allow\-from <string>\fR
+.RS 4
+Only allow connections from these source ip addresses\&. Specify a comma seperated list of ip address fragmen ts\&. A match is any ip address that starts with the specified fragment\&. Example: \*(Aq192\&.168\&.1\&.\*(Aq will match and allow a connect ion from 192\&.168\&.1\&.45\&. Note that if this option is used any address not specifically allowed will be denied\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBipc_deny_from <string> \-ipc\-deny\-from <string>\fR
+.RS 4
+Deny connections from these source ip addresses\&. Specify a comma seperated list of ip address fragments\&. A match is any ip address that starts with the specified fragment\&. Example: \*(Aq192\&.168\&.2\&.\*(Aq will match and deny a connection from 192\&.168\&.2\&.45\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBallow_from <string> \-allow\-from <string>\fR
+.RS 4
+Only allow connections from these source ip addresses\&. Specify a comma seperated list of ip address fragmen ts\&. A match is any ip address that starts with the specified fragment\&. Example: \*(Aq192\&.168\&.1\&.\*(Aq will match and allow a connection from 192\&.168\&.1\&.45\&. Note that if this option is used any address not specifically allowed will be denied\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdeny_from <string> \-deny\-from <string>\fR
+.RS 4
+Deny connections from these source ip addresses\&. Specify a comma seperated list of ip address fragments\&. A match is any ip address that starts with the specified fragment\&. Example: \*(Aq192\&.168\&.2\&.\*(Aq will match and deny a connection from 192\&.168\&.2\&.45\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBsecure_ipc <0|1> \-si \-secure\-ipc\fR
+.RS 4
+Use GSI security on ipc channel\&.
+.sp
+Default value: TRUE
+.RE
+.PP
+\fBipc_auth_mode <string> \-ia <string> \-ipc\-auth\-mode <string>\fR
+.RS 4
+Set GSI authorization mode for the ipc connection\&. Options are: none, host, self or subject:[subject]\&.
+.sp
+Default value: host
+.RE
+.PP
+\fBallow_anonymous <0|1> \-aa \-allow\-anonymous\fR
+.RS 4
+Allow cleartext anonymous access\&. If server is running as root anonymous_user must also be set\&. Disables ipc security\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBanonymous_names_allowed <string> \-anonymous\-names\-allowed <string>\fR
+.RS 4
+Comma seperated list of names to treat as anonymous users when allowing anonymous access\&. If not set, the d efault names of \*(Aqanonymous\*(Aq and \*(Aqftp\*(Aq will be allowed\&. Use \*(Aq*\*(Aq to allow any username\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBanonymous_user <string> \-anonymous\-user <string>\fR
+.RS 4
+User to setuid to for an anonymous connection\&. Only applies when running as root\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBanonymous_group <string> \-anonymous\-group <string>\fR
+.RS 4
+Group to setgid to for an anonymous connection\&. If unset, the default group of anonymous_user will be used\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBpw_file <string> \-password\-file <string>\fR
+.RS 4
+Enable cleartext access and authenticate users against this /etc/passwd formatted file\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBconnections_max <number> \-connections\-max <number>\fR
+.RS 4
+Maximum concurrent connections allowed\&. Only applies when running in daemon mode\&. Unlimited if not set\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBconnections_disabled <0|1> \-connections\-disabled\fR
+.RS 4
+Disable all new connections\&. Does not affect ongoing connections\&. This would have be set in the configurat ion file and then the server issued a SIGHUP in order to reload that config\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBoffline_msg <string> \-offline\-msg <string>\fR
+.RS 4
+Custom message to be displayed to clients when the server is offline via the connections_disabled or connect ions_max = 0 options\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdisable_command_list <string> \-disable\-command\-list <string>\fR
+.RS 4
+A comma seperated list of client commands that will be disabled\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBcas <0|1> \-authz\-callouts \-cas\fR
+.RS 4
+Enable the GSI authorization callout framework, for callouts such as CAS\&.
+.sp
+Default value: TRUE
+.RE
+.PP
+\fBacl <string> \-em <string> \-acl <string>\fR
+.RS 4
+A comma seperated list of ACL or event modules to load\&.
+.sp
+Default value: not set
+.RE
+.SH "LOGGING OPTIONS"
+.PP
+\fBlog_level <string> \-d <string> \-log\-level <string>\fR
+.RS 4
+Log level\&. A comma seperated list of levels from: \*(AqERROR, WARN, INFO, TRANSFER, DUMP, ALL\*(Aq\&. TRANSFER include s the same statistics that are sent to the seperate transfer log when \-log\-transfer is used\&. Example: error,warn,info\&. You m ay also specify a numeric level of 1\-255\&. The default level is ERROR\&.
+.sp
+Default value: ERROR
+.RE
+.PP
+\fBlog_module <string> \-log\-module <string>\fR
+.RS 4
+globus_logging module that will be loaded\&. If not set, the default \*(Aqstdio\*(Aq module will be used, and the logf ile options apply\&. Builtin modules are \*(Aqstdio\*(Aq and \*(Aqsyslog\*(Aq\&. Log module options may be set by specifying module:opt1=val1:o pt2=val2\&. Available options for the builtin modules are \*(Aqinterval\*(Aq and \*(Aqbuffer\*(Aq, for buffer flush interval and buffer size, respectively\&. The default options are a 64k buffer size and a 5 second flush interval\&. A 0 second flush interval will disabl e periodic flushing, and the buffer will only flush when it is full\&. A value of 0 for buffer will disable buffering and all messages will be written immediately\&. Example: \-log\-module stdio:buffer=4096:interval=10
+.sp
+Default value: not set
+.RE
+.PP
+\fBlog_single <string> \-l <string> \-logfile <string>\fR
+.RS 4
+Path of a single file to log all activity to\&. If neither this option or log_unique is set, logs will be wri tten to stderr unless the execution mode is detached or inetd, in which case logging will be disabled\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBlog_unique <string> \-L <string> \-logdir <string>\fR
+.RS 4
+Partial path to which \*(Aqgridftp\&.(pid)\&.log\*(Aq will be appended to construct the log filename\&. Example: \-L /var/l og/gridftp/ will create a seperate log ( /var/log/gridftp/gridftp\&.xxxx\&.log ) for each process (which is normally each new cli ent session)\&. If neither this option or log_single is set, logs will be written to stderr unless the execution mode is detac hed or inetd, in which case logging will be disabled\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBlog_transfer <string> \-Z <string> \-log\-transfer <string>\fR
+.RS 4
+Log netlogger style info for each transfer into this file\&. You may also use the log\-level of TRANSFER to in clude this info in the standard log\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBlog_filemode <string> \-log\-filemode <string>\fR
+.RS 4
+File access permissions of log files\&. Should be an octal number such as 0644\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdisable_usage_stats <0|1> \-disable\-usage\-stats\fR
+.RS 4
+Disable transmission of per\-transfer usage statistics\&. See the Usage Statistics section in the online docum entation for more information\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBusage_stats_target <string> \-usage\-stats\-target <string>\fR
+.RS 4
+Comma seperated list of contact strings (host:port) for usage statistics receivers\&. The usage stats sent to a particular receiver may be customized by configuring it with a taglist (host:port!taglist) The taglist is a list of chara cters that each correspond to a usage stats tag\&. When this option is unset, stats are reported to usage\-stats\&.globus\&.org:481 0\&. If you set your own receiver, and wish to continue reporting to the Globus receiver, you will need to add it manually\&. T he list of available tags follow\&. Tags marked * are reported by default\&. *(e) START \- start time of transfer *(E) END \- end time of transfer *(v) VER \- version string of gridftp server *(b) BUFFER \- tcp buffer size used for transfer *(B) BLOCK \- disk blocksize used for transfer *(N) NBYTES \- number of bytes transferred *(s) STREAMS \- number of parallel streams used *(S) STRIPES \- number of stripes used *(t) TYPE \- transfer command: RETR, STOR, LIST, etc *(c) CODE \- ftp result 
 code (226 = success, 5xx = fail) *(D) DSI \- DSI module in use *(A) EM \- event modules in use *(T) SCHEME \- ftp, gsiftp, sshftp, etc\&. (client supplied) *(a) APP \- guc, rft, generic library app, etc\&. (client supplied) *(V) APPVER \- version string of above\&. (client supplied) (f) FILE \- name of file/data transferred (i) CLIENTIP \- ip address of host running client (control channel) (I) DATAIP \- ip address of source/dest host of data (data channel) (u) USER \- local user name the transfer was performed as (d) USERDN \- DN that was mapped to user id (C) CONFID \- ID defined by \-usage\-stats\-id config option (U) SESSID \- unique id that can be used to match transfers in a session and transfers across source/dest of a third party transfer\&. (client supplied)
+.sp
+Default value: not set
+.RE
+.PP
+\fBusage_stats_id <string> \-usage\-stats\-id <string>\fR
+.RS 4
+Identifying tag to include in usage statistics data\&.
+.sp
+Default value: not set
+.RE
+.SH "SINGLE AND STRIPED REMOTE DATA NODE OPTIONS"
+.PP
+\fBremote_nodes <string> \-r <string> \-remote\-nodes <string>\fR
+.RS 4
+Comma seperated list of remote node contact strings\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdata_node <0|1> \-dn \-data\-node\fR
+.RS 4
+This server is a backend data node\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBstripe_blocksize <number> \-sbs <number> \-stripe\-blocksize <number>\fR
+.RS 4
+Size in bytes of sequential data that each stripe will transfer\&.
+.sp
+Default value: 1048576
+.RE
+.PP
+\fBstripe_count <number> \-stripe\-count <number>\fR
+.RS 4
+Number of number stripes to use per transfer when this server controls that number\&. If remote nodes are sta tically configured (via \-r or remote_nodes), this will be set to that number of nodes, otherwise the default is 1\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBstripe_layout <number> \-sl <number> \-stripe\-layout <number>\fR
+.RS 4
+Stripe layout\&. 1 = Partitioned, 2 = Blocked\&.
+.sp
+Default value: 2
+.RE
+.PP
+\fBstripe_blocksize_locked <0|1> \-stripe\-blocksize\-locked\fR
+.RS 4
+Do not allow client to override stripe blocksize with the OPTS RETR command
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBstripe_blocksize_locked <0|1> \-stripe\-blocksize\-locked\fR
+.RS 4
+Do not allow client to override stripe layout with the OPTS RETR command
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBstripe_blocksize_locked <0|1> \-stripe\-blocksize\-locked\fR
+.RS 4
+Do not allow client to override stripe layout with the OPTS RETR command
+.sp
+Default value: FALSE
+.RE
+.SH "DISK OPTIONS"
+.PP
+\fBblocksize <number> \-bs <number> \-blocksize <number>\fR
+.RS 4
+Size in bytes of data blocks to read from disk before posting to the network\&.
+.sp
+Default value: 262144
+.RE
+.PP
+\fBsync_writes <0|1> \-sync\-writes\fR
+.RS 4
+Flush disk writes before sending a restart marker\&. This attempts to ensure that the range specified in the restart marker has actually been committed to disk\&. This option will probably impact performance, and may result in different behavior on different storage systems\&. See the manpage for sync() for more information\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBuse_home_dirs <0|1> \-use\-home\-dirs\fR
+.RS 4
+Set the startup directory to the authenticated users home dir\&.
+.sp
+Default value: TRUE
+.RE
+.PP
+\fBperms <string> \-perms <string>\fR
+.RS 4
+Set the default permissions for created files\&. Should be an octal number such as 0644\&. The default is 0644\&. Note: If umask is set it will affect this setting \- i\&.e\&. if the umask is 0002 and this setting is 0666, the resulting file s will be created with permissions of 0664\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBfile_timeout <number> \-file\-timeout <number>\fR
+.RS 4
+Timeout in seconds for all disk accesses\&. A value of 0 disables the timeout\&.
+.sp
+Default value: not set
+.RE
+.SH "NETWORK OPTIONS"
+.PP
+\fBport <number> \-p <number> \-port <number>\fR
+.RS 4
+Port on which a frontend will listend for client control channel connections, or on which a data node will l isten for connections from a frontend\&. If not set a random port will be chosen and printed via the logging mechanism\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBcontrol_interface <string> \-control\-interface <string>\fR
+.RS 4
+Hostname or IP address of the interface to listen for control connections on\&. If not set will listen on all interfaces\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdata_interface <string> \-data\-interface <string>\fR
+.RS 4
+Hostname or IP address of the interface to use for data connections\&. If not set will use the current control interface\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBipc_interface <string> \-ipc\-interface <string>\fR
+.RS 4
+Hostname or IP address of the interface to use for ipc connections\&. If not set will listen on all interfaces \&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBhostname <string> \-hostname <string>\fR
+.RS 4
+Effectively sets the above control_interface, data_interface and ipc_interface options\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBipc_port <number> \-ipc\-port <number>\fR
+.RS 4
+Port on which the frontend will listen for data node connections\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBcontrol_preauth_timeout <number> \-control\-preauth\-timeout <number>\fR
+.RS 4
+Time in seconds to allow a client to remain connected to the control channel without activity before authent icating\&.
+.sp
+Default value: 120
+.RE
+.PP
+\fBcontrol_idle_timeout <number> \-control\-idle\-timeout <number>\fR
+.RS 4
+Time in seconds to allow a client to remain connected to the control channel without activity\&.
+.sp
+Default value: 600
+.RE
+.PP
+\fBipc_idle_timeout <number> \-ipc\-idle\-timeout <number>\fR
+.RS 4
+Idle time in seconds before an unused ipc connection will close\&.
+.sp
+Default value: 600
+.RE
+.PP
+\fBipc_connect_timeout <number> \-ipc\-connect\-timeout <number>\fR
+.RS 4
+Time in seconds before cancelling an attempted ipc connection\&.
+.sp
+Default value: 60
+.RE
+.SH "USER MESSAGES"
+.PP
+\fBbanner <string> \-banner <string>\fR
+.RS 4
+Message to display to the client before authentication\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBbanner_file <string> \-banner\-file <string>\fR
+.RS 4
+File to read banner message from\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBbanner_terse <0|1> \-banner\-terse\fR
+.RS 4
+When this is set, the minimum allowed banner message will be displayed to unauthenticated clients\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBbanner_append <0|1> \-banner\-append\fR
+.RS 4
+When this is set, the message set in the \*(Aqbanner\*(Aq or \*(Aqbanner_file\*(Aq option will be appended to the default ba nner message rather than replacing it\&.
+.sp
+Default value: FALSE
+.RE
+.PP
+\fBlogin_msg <string> \-login\-msg <string>\fR
+.RS 4
+Message to display to the client after authentication\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBlogin_msg_file <string> \-login\-msg\-file <string>\fR
+.RS 4
+File to read login message from\&.
+.sp
+Default value: not set
+.RE
+.SH "MODULE OPTIONS"
+.PP
+\fBload_dsi_module <string> \-dsi <string>\fR
+.RS 4
+Data Storage Interface module to load\&. file and remote modules are defined by the server\&. If not set, the fi le module is loaded, unless the \*(Aqremote\*(Aq option is specified, in which case the remote module is loaded\&. An additional confi guration string can be passed to the DSI using the format [module name]:[configuration string] to this option\&. The format of the configuration string is defined by the DSI being loaded\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBallowed_modules <string> \-allowed\-modules <string>\fR
+.RS 4
+Comma seperated list of ERET/ESTO modules to allow, and optionally specify an alias for\&. Example: module1,al ias2:module2,module3 (module2 will be loaded when a client asks for alias2)\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdc_whitelist <string> \-dc\-whitelist <string>\fR
+.RS 4
+A comma seperated list of drivers allowed on the network stack\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBfs_whitelist <string> \-fs\-whitelist <string>\fR
+.RS 4
+A comma seperated list of drivers allowed on the disk stack\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBpopen_whitelist <string> \-popen\-whitelist <string>\fR
+.RS 4
+A comma seperated list of programs that the popen driver is allowed to execute, when used on the network or disk stack\&. An alias may also be specified, so that a client does not need to specify the full path\&. Format is [alias:]prog, [alias:]prog\&. example: /bin/gzip,tar:/bin/tar
+.sp
+Default value: not set
+.RE
+.SH "OTHER"
+.PP
+\fBconfigfile <string> \-c <string>\fR
+.RS 4
+Path to configuration file that should be loaded\&. Otherwise will attempt to load $GLOBUS_LOCATION/etc/gridftp\&.conf and /etc/grid\-security/gridftp\&.conf\&.
+.sp
+Default value: not set
+.RE
+.PP
+\fBdebug <0|1> \-debug\fR
+.RS 4
+Sets options that make server easier to debug\&. Forces no\-fork, no\-chdir, and allows core dumps on bad signals instead of exiting cleanly\&. Not recommended for production servers\&. Note that non\-forked servers running as \*(Aqroot\*(Aq will only accept a single connection, and then exit\&.
+.sp
+Default value: FALSE
+.RE
+.SH "EXIT STATUS"
+.PP
+\fB0\fR
+.RS 4
+Successful program execution\&.
+.RE
+.SH "AUTHOR"
+.br
+.br
+The Globus Alliance, http://www\&.globus\&.org/
+.RS 4
+Author.
+.RE
+.SH "COPYRIGHT"
+.br
+Copyright \(co 1999-2010 University of Chicago
+.br
diff --git a/globus-gridftp-server.spec b/globus-gridftp-server.spec
index e0d1c47..c2454e3 100644
--- a/globus-gridftp-server.spec
+++ b/globus-gridftp-server.spec
@@ -7,7 +7,7 @@
 Name:		globus-gridftp-server
 %global _name %(tr - _ <<< %{name})
 Version:	3.28
-Release:	1%{?dist}
+Release:	2%{?dist}
 Summary:	Globus Toolkit - Globus GridFTP Server
 
 Group:		System Environment/Libraries
@@ -20,6 +20,9 @@ URL:		http://www.globus.org/
 #		cp -p gt5.0.3-all-source-installer/source-trees/core/source/GLOBUS_LICENSE globus_gridftp_server-3.28
 #		tar -zcf globus_gridftp_server-3.28.tar.gz globus_gridftp_server-3.28
 Source:		%{_name}-%{version}.tar.gz
+Source1:	%{name}
+Source2:	gridftp.conf.default
+Source3:	%{name}.8
 #		Add missing dependency metadata:
 #		http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=6813
 Patch0:		%{name}-deps.patch
@@ -157,6 +160,15 @@ sed s/gridftp-password.pl/globus-gridftp-password/ \
 sed 's!/usr/bin/env perl!/usr/bin/perl!' \
   -i $RPM_BUILD_ROOT%{_sbindir}/globus-gridftp-password
 
+# Install start-up script and configuration template
+mkdir -p $RPM_BUILD_ROOT%{_initrddir}
+install %{SOURCE1} $RPM_BUILD_ROOT%{_initrddir}
+install -m 644 -p %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}
+
+# Install man page
+mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
+install -m 644 -p %{SOURCE3} $RPM_BUILD_ROOT%{_mandir}/man8
+
 # Install license file
 mkdir -p $RPM_BUILD_ROOT%{_docdir}/%{name}-%{version}
 install -m 644 -p GLOBUS_LICENSE $RPM_BUILD_ROOT%{_docdir}/%{name}-%{version}
@@ -179,6 +191,21 @@ rm -rf $RPM_BUILD_ROOT
 
 %postun -p /sbin/ldconfig
 
+%post progs
+if [ $1 = 1 ]; then
+    /sbin/chkconfig --add %{name}
+fi
+
+%preun progs
+if [ $1 = 0 ]; then
+    /sbin/chkconfig --del %{name}
+fi
+
+%postun progs
+if [ $1 -ge 1 ]; then
+    /sbin/service %{name} condrestart > /dev/null 2>&1 || :
+fi
+
 %files -f package.filelist
 %defattr(-,root,root,-)
 %dir %{_datadir}/globus/packages/%{_name}
@@ -188,12 +215,18 @@ rm -rf $RPM_BUILD_ROOT
 %files -f package-progs.filelist progs
 %defattr(-,root,root,-)
 %dir %{_sysconfdir}/%{name}
+%{_mandir}/man8/%{name}.8*
+%{_initrddir}/%{name}
+%config(noreplace) %{_sysconfdir}/gridftp.conf.default
 
 %files -f package-devel.filelist devel
 %defattr(-,root,root,-)
 %{_libdir}/pkgconfig/%{name}.pc
 
 %changelog
+* Tue Apr 19 2011 Mattias Ellert <mattias.ellert at fysast.uu.se> - 3.28-2
+- Add start-up script and man page for globus-gridftp-server
+
 * Fri Feb 25 2011 Mattias Ellert <mattias.ellert at fysast.uu.se> - 3.28-1
 - Update to Globus Toolkit 5.0.3
 
diff --git a/gridftp.conf.default b/gridftp.conf.default
new file mode 100644
index 0000000..a13d3fe
--- /dev/null
+++ b/gridftp.conf.default
@@ -0,0 +1,5 @@
+# globus-gridftp-server configuration file
+# todo: add common parameters
+
+port 2811
+

More information about the scm-commits mailing list