NAME

conman.conf - ConMan daemon configuration file

DESCRIPTION

The conman.conf configuration file is used to specify the consoles being managed by conmand.

Comments are introduced by a hash sign (#), and continue until the end of the line. Blank lines and white-space are ignored. Directives are terminated by a newline, but may span multiple lines by escaping it (i.e., immediately preceding the newline with a backslash). Strings may be either single-quoted or double-quoted, but they may not contain newlines. Keywords are case-insensitive.

SERVER DIRECTIVES

These directives begin with the SERVER keyword followed by one of the following key/value pairs:

coredump = (on|off): Specifies whether the daemon should generate a core dump file. This file will be created in the current working directory (or '/' when running in the background) unless you also set coredumpdir. The default is off.
coredumpdir = "directory": Specifies the directory where the daemon tries to write core dump files. The default is empty, meaning the current working directory (or '/' when running in the background) will be used.
execpath = "dir1:dir2:dir3...": Specifies a colon-separated list of directories in which to search for external process-based console executables that are not defined by an absolute or relative pathname. The default is empty.
keepalive = (on|off): Specifies whether the daemon will use TCP keep-alives for detecting dead connections. The default is on.
logdir = "directory": Specifies a directory prefix for log files that are not defined via an absolute pathname. This affects the server logfile, global log, and console log directives.
logfile = "file[,priority]": Specifies the file to which log messages are appended if the daemon is not running in the foreground. This string undergoes conversion specifier expansion (cf., CONVERSION SPECIFICATIONS) each time the file is opened. If an absolute pathname is not given, the file's location is relative to either logdir (if defined) or the current working directory. Intermediate directories will be created as needed. The filename may optionally be followed by a comma and a minimum priority at which messages will be logged. Refer to syslog.conf(5) for a list of priorities. The default priority is info. If this keyword is used in conjunction with the syslog keyword, messages will be sent to both locations.
loopback = (on|off): Specifies whether the daemon will bind its socket to the loopback address, thereby only accepting local client connections directed to that address (127.0.0.1). The default is on.
nofile = integer: Specifies the maximum number of open files for the daemon. If set to 0, use the current (soft) limit. If set to -1, use the the maximum (hard) limit. The default is 0.
pidfile = "file": Specifies the file to which the daemon's PID is written. Intermediate directories will be created as needed. The use of a pidfile is recommended if you want to use the daemon's '-k', '-q', or '-r' options.
port = integer: Specifies the port on which the daemon will listen for client connections.
resetcmd = "string": Specifies a command string to be invoked by a subshell upon receipt of the client's "reset" escape. Multiple commands within a string may be separated with semicolons. This string undergoes conversion specifier expansion (cf., CONVERSION SPECIFICATIONS) and will be invoked multiple times if the client is connected to multiple consoles.
syslog = "facility": Specifies that log messages are to be sent to the system logger (syslogd) at the given facility. Refer to syslog.conf(5) for a list of facilities. If this keyword is used in conjunction with the logfile keyword, messages will be sent to both locations.
tcpwrappers = (on|off): Specifies whether the daemon will use TCP-Wrappers when accepting client connections. Support for this feature must be enabled at compile-time (via configure's "--with-tcp-wrappers" option). Refer to hosts_access(5) and hosts_options(5) for more details. The default is off.
timestamp = integer (m|h|d): Specifies the interval between timestamps written to the individual console log files. The interval is an integer that may be followed by a single-character modifier; 'm' for minutes (the default), 'h' for hours, or 'd' for days. The default is 0 (i.e., no timestamps).

GLOBAL DIRECTIVES

These directives begin with the GLOBAL keyword followed by one of the following key/value pairs:

log = "file"

Specifies the default log file to use for each console directive. This string undergoes conversion specifier expansion (cf., CONVERSION SPECIFICATIONS) each time the file is opened; it must contain either '%N' or '%D'. If an absolute pathname is not given, the file's location is relative to either logdir (if defined) or the current working directory. Intermediate directories will be created as needed.

logopts = "(lock|nolock),(sanitize|nosanitize),(timestamp|notimestamp)"

Specifies global options for the console log files. These options can be overridden on a per-console basis by specifying the CONSOLE logopts keyword. Note that options affecting the output of the console's logfile also affect the output of the console's log-replay escape. The valid logopts include the following:

lock or nolock - locked logs are protected with a write lock.

sanitize or nosanitize - sanitized logs convert non-printable characters into 7-bit printable characters.

timestamp or notimestamp - timestamped logs prepend each line of console output with a timestamp in "YYYY-MM-DD HH:MM:SS" format. This timestamp is generated when the first character following the line break is output.

The default is "lock,nosanitize,notimestamp".

seropts = "bps[,databits[parity[stopbits]]]"

Specifies global options for local serial devices. These options can be overridden on a per-console basis by specifying the CONSOLE seropts keyword.

bps is an integer specifying the baud rate in bits-per-second. If this exact value is not supported by the system, it will be rounded down to the next supported value.

databits is an integer from 5-8.

parity is a single case-insensitive character: 'n' for none, 'o' for odd, and 'e' for even.

stopbits is an integer from 1-2.

The default is "9600,8n1" for 9600 bps, 8 data bits, no parity, and 1 stop bit.

ipmiopts = "U:str,P:str,K:str,C:int,L:str,W:flag"

Specifies global options for IPMI Serial-Over-LAN devices. These options can be overridden on a per-console basis by specifying the CONSOLE IPMIOPTS keyword. This directive is only available if configured using the "--with-freeipmi" option.

The IPMIOPTS string is parsed into comma-delimited substrings where each substring is of the form "X:VALUE". "X" is a single-character case-insensitive key specifying the option type, and "VALUE" is its corresponding value. The IPMI default will be used if either "VALUE" is omitted from the substring ("X:") or the substring is omitted altogether. Note that since the IPMIOPTS string is delimited by commas, substring values cannot contain commas.

The valid IPMIOPTS substrings include the following (in any order):

U:username - a string of at most 16 bytes for the username.

P:password - a string of at most 20 bytes for the password.

K:K_g - a string of at most 20 bytes for the K_g key.

C:cipher_suite - an integer for the IPMI cipher suite ID. Refer to ipmiconsole(8) for a list of supported IDs.

L:privilege_level - the string "user", "op", or "admin".

W:workaround_flag - a string or integer for an IPMI workaround. The following strings are recognized: "authcap", "integritycheckvalue", "intel20", "nochecksumcheck", "opensesspriv", "serialalertsdeferred", "solchannelsupport", "solpacketseq", "solpayloadsize", "solport", "solstatus", "sun20", "supermicro20", "default", and "none". Refer to ipmiconsole(8) for more information on these workarounds. This substring may be repeated in order to specify multiple workarounds.

Both the password and K_g values can be specified in either ASCII or hexadecimal; in the latter case, the string should begin with "0x" and contain at most 40 hexadecimal digits. A K_g key entered in hexadecimal may contain embedded null characters, but any characters following the first null character in the password key will be ignored.

CONSOLE DIRECTIVES

This directive defines an individual console being managed by the daemon. The CONSOLE keyword is followed by one or more of the following key/value pairs:

name = "string"

Specifies the name used by clients to refer to the console. This keyword is required.

dev = "string"

Specifies the type and location of the device. This keyword is required.

A local serial port connection is defined by the pathname of the character device file.

A remote terminal server connection using the telnet protocol is defined by the "host:port" format (where host is the remote hostname or IPv4 address, and port is the remote port number).

An external process-based connection is defined by the "path args" format (where path is the pathname to an executable file/script, and any additional args are space-delimited); the /usr/local/lib/conman/exec directory contains scripts for various console types.

A local Unix domain socket connection is defined by the "unix:path" format (where "unix:" is the literal character string prefix and path is the pathname of the local socket).

An IPMI Serial-Over-LAN connection is defined by the "ipmi:host" format (where "ipmi:" is the literal string and host is a hostname or IPv4 address).

The '%N' character sequence will be replaced by the console name.

log = "file"

Specifies the file where console output is logged. This string undergoes conversion specifier expansion (cf., CONVERSION SPECIFICATIONS) each time the file is opened. If an absolute pathname is not given, the file's location is relative to either logdir (if defined) or the current working directory. Intermediate directories will be created as needed. An empty log string (i.e., log="") disables logging, overriding the global log name.

logopts = "string"

This keyword is optional (cf., GLOBAL DIRECTIVES).

seropts = "string"

This keyword is optional (cf., GLOBAL DIRECTIVES).

ipmiopts = "string"

This keyword is optional (cf., GLOBAL DIRECTIVES).

CONVERSION SPECIFICATIONS

A conversion specifier is a two-character sequence beginning with a '%' character. The second character in the sequence specifies the type of conversion to be applied. The following specifiers are supported:

%N: The console name (from the name string).
%D: The console device basename (from the dev string), with leading directory components removed.
%P: The daemon's process identifier.
%Y: The year as a 4-digit number with the century.
%y: The year as a 2-digit number without the century.
%m: The month as a 2-digit number (01-12).
%d: The day of the month as a 2-digit number (01-31).
%H: The hour as a 2-digit number using a 24-hour clock (00-23).
%M: The minute as a 2-digit number (00-59).
%S: The seconds as a 2-digit number (00-61).
%s: The number of seconds since the Epoch.
%%: A literal '%' character.

The console name (%N) and device (%D) specifiers are "sanitized" in that non-printable characters and the forward-slash (/) character are replaced with underscores.

Conversion specifiers within console log filenames are evaluated when the file is opened; this occurs when conmand first starts and whenever it receives a SIGHUP.

FILES

/usr/local/etc/conman.conf

AUTHOR

Chris Dunlap <cdunlap@llnl.gov>

COPYRIGHT

LICENSE

ConMan is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.