1CONMAN.CONF(5)            ConMan: The Console Manager           CONMAN.CONF(5)
2
3
4

NAME

6       conman.conf - ConMan daemon configuration file
7
8

DESCRIPTION

10       The  conman.conf  configuration  file  is  used to specify the consoles
11       being managed by conmand.
12
13       Comments are introduced by a hash sign (#), and continue until the  end
14       of  the line.  Blank lines and white-space are ignored.  Directives are
15       terminated by a newline, but may span multiple  lines  by  escaping  it
16       (i.e.,  immediately  preceding  the newline with a backslash).  Strings
17       may be either single-quoted or double-quoted, but they may not  contain
18       newlines.  Keywords are case-insensitive.
19
20

SERVER DIRECTIVES

22       These  directives  begin with the SERVER keyword followed by one of the
23       following key/value pairs:
24
25       coredump = (on|off)
26              Specifies whether the daemon should generate a core  dump  file.
27              This  file  will be created in the current working directory (or
28              '/' when running in the background) unless you  also  set  core‐
29              dumpdir.  The default is off.
30
31       coredumpdir = "directory"
32              Specifies  the  directory  where  the daemon tries to write core
33              dump files.  The default is empty, meaning the  current  working
34              directory (or '/' when running in the background) will be used.
35
36       execpath = "dir1:dir2:dir3..."
37              Specifies  a  colon-separated  list  of  directories in which to
38              search for external process-based console executables  that  are
39              not defined by an absolute or relative pathname.  The default is
40              empty.
41
42       keepalive = (on|off)
43              Specifies whether  the  daemon  will  use  TCP  keep-alives  for
44              detecting dead connections.  The default is on.
45
46       logdir = "directory"
47              Specifies  a directory prefix for log files that are not defined
48              via an absolute pathname.   This  affects  the  server  logfile,
49              global log, and console log directives.
50
51       logfile = "file[,priority]"
52              Specifies  the  file  to  which log messages are appended if the
53              daemon is not running in the foreground.  This string  undergoes
54              conversion  specifier expansion (cf., CONVERSION SPECIFICATIONS)
55              each time the file is opened.  If an absolute  pathname  is  not
56              given,  the  file's  location  is  relative to either logdir (if
57              defined) or the current working directory.  Intermediate  direc‐
58              tories  will  be created as needed.  The filename may optionally
59              be followed by a comma and a minimum priority at which  messages
60              will  be  logged.  Refer to syslog.conf(5) for a list of priori‐
61              ties.  The default priority is info.  If this keyword is used in
62              conjunction  with  the  syslog keyword, messages will be sent to
63              both locations.
64
65       loopback = (on|off)
66              Specifies whether the daemon will bind its socket to  the  loop‐
67              back  address,  thereby  only accepting local client connections
68              directed to that address (127.0.0.1).  The default is on.
69
70       nofile = integer
71              Specifies the maximum number of open files for the  daemon.   If
72              set  to  0, use the current (soft) limit.  If set to -1, use the
73              the maximum (hard) limit.  The default is 0.
74
75       pidfile = "file"
76              Specifies the file to which the daemon's PID is written.  Inter‐
77              mediate  directories  will  be  created as needed.  The use of a
78              pidfile is recommended if you want to  use  the  daemon's  '-k',
79              '-q', or '-r' options.
80
81       port = integer
82              Specifies  the  port  on which the daemon will listen for client
83              connections.
84
85       resetcmd = "string"
86              Specifies a command string to be  invoked  by  a  subshell  upon
87              receipt  of  the  client's  "reset"  escape.   Multiple commands
88              within a string may be separated with semicolons.   This  string
89              undergoes conversion specifier expansion (cf., CONVERSION SPECI‐
90              FICATIONS) and will be invoked multiple times if the  client  is
91              connected to multiple consoles.
92
93       syslog = "facility"
94              Specifies  that log messages are to be sent to the system logger
95              (syslogd) at the given facility.  Refer to syslog.conf(5) for  a
96              list of facilities.  If this keyword is used in conjunction with
97              the logfile keyword, messages will be sent to both locations.
98
99       tcpwrappers = (on|off)
100              Specifies whether the daemon will use TCP-Wrappers when  accept‐
101              ing  client  connections.   Support  for  this  feature  must be
102              enabled at compile-time (via  configure's  "--with-tcp-wrappers"
103              option).  Refer to hosts_access(5) and hosts_options(5) for more
104              details.  The default is off.
105
106       timestamp = integer (m|h|d)
107              Specifies the interval between timestamps written to  the  indi‐
108              vidual  console  log files.  The interval is an integer that may
109              be followed by a single-character modifier; 'm' for minutes (the
110              default),  'h'  for  hours,  or  'd' for days.  The default is 0
111              (i.e., no timestamps).
112
113

GLOBAL DIRECTIVES

115       These directives begin with the GLOBAL keyword followed by one  of  the
116       following key/value pairs:
117
118       log = "file"
119              Specifies  the  default  log file to use for each console direc‐
120              tive.  This  string  undergoes  conversion  specifier  expansion
121              (cf.,  CONVERSION  SPECIFICATIONS) each time the file is opened;
122              it must contain either '%N' or '%D'.  If an absolute pathname is
123              not  given, the file's location is relative to either logdir (if
124              defined) or the current working directory.  Intermediate  direc‐
125              tories will be created as needed.
126
127       logopts = "(lock|nolock),(sanitize|nosanitize),(timestamp|notimestamp)"
128              Specifies  global  options  for  the  console  log files.  These
129              options can be overridden on a per-console basis  by  specifying
130              the  CONSOLE  logopts  keyword.  Note that options affecting the
131              output of the console's logfile also affect the  output  of  the
132              console's log-replay escape.  The valid logopts include the fol‐
133              lowing:
134
135              lock or nolock - locked logs are protected with a write lock.
136
137              sanitize or nosanitize - sanitized  logs  convert  non-printable
138              characters into 7-bit printable characters.
139
140              timestamp or notimestamp - timestamped logs prepend each line of
141              console output with a timestamp in "YYYY-MM-DD HH:MM:SS" format.
142              This  timestamp  is generated when the first character following
143              the line break is output.
144
145              The default is "lock,nosanitize,notimestamp".
146
147       seropts = "bps[,databits[parity[stopbits]]]"
148              Specifies  global  options  for  local  serial  devices.   These
149              options  can  be overridden on a per-console basis by specifying
150              the CONSOLE seropts keyword.
151
152              bps is an integer specifying the baud rate  in  bits-per-second.
153              If  this  exact value is not supported by the system, it will be
154              rounded down to the next supported value.
155
156              databits is an integer from 5-8.
157
158              parity is a single case-insensitive character: 'n' for none, 'o'
159              for odd, and 'e' for even.
160
161              stopbits is an integer from 1-2.
162
163              The  default is "9600,8n1" for 9600 bps, 8 data bits, no parity,
164              and 1 stop bit.
165
166       ipmiopts = "U:str,P:str,K:str,C:int,L:str,W:flag"
167              Specifies  global  options  for  IPMI  Serial-Over-LAN  devices.
168              These options can be overridden on a per-console basis by speci‐
169              fying the CONSOLE IPMIOPTS  keyword.   This  directive  is  only
170              available if configured using the "--with-freeipmi" option.
171
172              The  IPMIOPTS  string  is parsed into comma-delimited substrings
173              where each substring is of the form "X:VALUE".  "X" is a single-
174              character  case-insensitive  key specifying the option type, and
175              "VALUE" is its corresponding value.  The IPMI  default  will  be
176              used  if  either "VALUE" is omitted from the substring ("X:") or
177              the substring  is  omitted  altogether.   Note  that  since  the
178              IPMIOPTS  string is delimited by commas, substring values cannot
179              contain commas.
180
181              The valid IPMIOPTS substrings  include  the  following  (in  any
182              order):
183
184              U:username - a string of at most 16 bytes for the username.
185
186              P:password - a string of at most 20 bytes for the password.
187
188              K:K_g - a string of at most 20 bytes for the K_g key.
189
190              C:cipher_suite - an integer for the IPMI cipher suite ID.  Refer
191              to ipmiconsole(8) for a list of supported IDs.
192
193              L:privilege_level - the string "user", "op", or "admin".
194
195              W:workaround_flag - a string or integer for an IPMI  workaround.
196              The  following  strings  are  recognized: "authcap", "integrity‐
197              checkvalue",   "intel20",   "nochecksumcheck",   "opensesspriv",
198              "serialalertsdeferred",   "solchannelsupport",   "solpacketseq",
199              "solpayloadsize",  "solport",  "solstatus",  "sun20",  "supermi‐
200              cro20", "default", and "none".  Refer to ipmiconsole(8) for more
201              information  on  these  workarounds.   This  substring  may   be
202              repeated in order to specify multiple workarounds.
203
204              Both  the  password  and  K_g  values can be specified in either
205              ASCII or hexadecimal; in the  latter  case,  the  string  should
206              begin  with  "0x"  and contain at most 40 hexadecimal digits.  A
207              K_g key entered in hexadecimal may contain embedded null charac‐
208              ters,  but  any characters following the first null character in
209              the password key will be ignored.
210
211

CONSOLE DIRECTIVES

213       This directive defines an individual console being managed by the  dae‐
214       mon.   The  CONSOLE keyword is followed by one or more of the following
215       key/value pairs:
216
217       name = "string"
218              Specifies the name used by clients  to  refer  to  the  console.
219              This keyword is required.
220
221       dev = "string"
222              Specifies  the type and location of the device.  This keyword is
223              required.
224
225              A local serial port connection is defined by the pathname of the
226              character device file.
227
228              A remote terminal server connection using the telnet protocol is
229              defined by the "host:port" format  (where  host  is  the  remote
230              hostname or IPv4 address, and port is the remote port number).
231
232              An  external  process-based  connection  is defined by the "path
233              args" format (where  path  is  the  pathname  to  an  executable
234              file/script,  and  any additional args are space-delimited); the
235              /usr/lib/conman/exec directory contains scripts for various con‐
236              sole types.
237
238              A  local  Unix  domain  socket  connection  is  defined  by  the
239              "unix:path" format  (where  "unix:"  is  the  literal  character
240              string prefix and path is the pathname of the local socket).
241
242              An IPMI Serial-Over-LAN connection is defined by the "ipmi:host"
243              format (where "ipmi:" is the literal string and host is a  host‐
244              name or IPv4 address).
245
246              The  '%N'  character  sequence  will  be replaced by the console
247              name.
248
249       log = "file"
250              Specifies the file where console output is logged.  This  string
251              undergoes conversion specifier expansion (cf., CONVERSION SPECI‐
252              FICATIONS) each time the file is opened.  If an  absolute  path‐
253              name  is  not  given,  the file's location is relative to either
254              logdir (if defined) or the current working directory.   Interme‐
255              diate  directories  will  be  created  as  needed.  An empty log
256              string (i.e., log="") disables logging,  overriding  the  global
257              log name.
258
259       logopts = "string"
260              This keyword is optional (cf., GLOBAL DIRECTIVES).
261
262       seropts = "string"
263              This keyword is optional (cf., GLOBAL DIRECTIVES).
264
265       ipmiopts = "string"
266              This keyword is optional (cf., GLOBAL DIRECTIVES).
267
268

CONVERSION SPECIFICATIONS

270       A conversion specifier is a two-character sequence beginning with a '%'
271       character.  The second character in the sequence specifies the type  of
272       conversion to be applied.  The following specifiers are supported:
273
274       %N     The console name (from the name string).
275
276       %D     The  console device basename (from the dev string), with leading
277              directory components removed.
278
279       %P     The daemon's process identifier.
280
281       %Y     The year as a 4-digit number with the century.
282
283       %y     The year as a 2-digit number without the century.
284
285       %m     The month as a 2-digit number (01-12).
286
287       %d     The day of the month as a 2-digit number (01-31).
288
289       %H     The hour as a 2-digit number using a 24-hour clock (00-23).
290
291       %M     The minute as a 2-digit number (00-59).
292
293       %S     The seconds as a 2-digit number (00-61).
294
295       %s     The number of seconds since the Epoch.
296
297       %%     A literal '%' character.
298
299       The console name (%N) and device (%D)  specifiers  are  "sanitized"  in
300       that  non-printable  characters and the forward-slash (/) character are
301       replaced with underscores.
302
303       Conversion specifiers within console log filenames are  evaluated  when
304       the  file is opened; this occurs when conmand first starts and whenever
305       it receives a SIGHUP.
306
307

FILES

309       /etc/conman.conf
310
311

AUTHOR

313       Chris Dunlap <cdunlap@llnl.gov>
314
315
317       Copyright (C) 2007-2018 Lawrence Livermore National Security, LLC.
318       Copyright (C) 2001-2007 The Regents of the University of California.
319
320

LICENSE

322       ConMan is free software: you can redistribute it and/or modify it under
323       the  terms  of  the GNU General Public License as published by the Free
324       Software Foundation, either version 3  of  the  License,  or  (at  your
325       option) any later version.
326
327

SEE ALSO

329       conman(1), conmand(8).
330
331       https://dun.github.io/conman/
332
333
334
335conman-0.3.0                      2018-09-15                    CONMAN.CONF(5)
Impressum