1ipmilan(8) IPMI LAN to System Interface Converter ipmilan(8)
2
6 ipmilan - IPMI LAN to System Interface Converter
7
10 ipmilan [-c configfile] [-i ipmidevice] [-d] [-n]
11
14 The ipmilan daemon allows an IPMI system interface using the OpenIPMI
15 device driver to be accessed using the IPMI 1.5 LAN protocol.
16 ipmilan supports the full authentication capabilities of the IPMI LAN
18 protocol.
19 ipmilan supports multiple IP addresses for fault-tolerance. Note that
21 messages coming in on an address are always sent back out on the same
22 address they came in.
23
26 -c config-file
27 Set the configuration file to one other than the default of
28 /etc/ipmi_lan.conf
29 -n Stops the daemon from forking and detaching from the con‐
31 trolling terminal. This is useful for running from init.
32 -d Turns on debugging to standard output. You generally have to
34 use -n with this.
35
39 Configuration is accomplished through the file /etc/ipmi_lan.conf. A
40 file with another name or path may be specified using the -c option.
41 The following fields are used in many commands:
43 boolean May be "true", "false", "on" or "off".
45 priv An IPMI privilege level. This may be "callback", "user", "opera‐
47 tor", or "admin".
48 auth An IPMI authorization type. This may be "none" for no authentica‐
50 tion, "straight" for straight, in-the-clear password authentication,
51 "md2" for use MD2 message digest authentication, or "md5" for using MD5
52 message digest authentication.
53 addr IP-address [UDP-port]
57 IP-address specifies the IP address to use for an IP port. Up to
58 4 addresses may be specified. If no address is specified, it
59 defaults to one port at 0.0.0.0 (for every address on the
60 machine) at port 623.
61 UDP-port specifies an optional port to listen on. It defaults to
63 623 (the standard port).
64 PEF_alerting boolean
67 Turn PEF alerting on or off (not currently supported).
68 per_msg_auth boolean
71 Turn per-message authentication on or off.
72 priv_limit priv
75 The maximum privilege allowed on this interface.
76 allowed_auths_callback [auth [auth [...]]]
79 auth specifies allowed authorization levels for the callback
80 privilege level. Only the levels specified on this line are
81 allowed for the authorization level. If this line is not
82 present, callback authorization cannot be used.
83 allowed_auths_user [auth [auth [...]]]
86 auth specifies allowed authorization levels for the user privi‐
87 lege level. Only the levels specified on this line are allowed
88 for the authorization level. If this line is not present, user
89 authorization cannot be used.
90 allowed_auths_operator [auth [auth [...]]]
93 auth specifies allowed authorization levels for the operator
94 privilege level. Only the levels specified on this line are
95 allowed for the authorization level. If this line is not
96 present, operator authorization cannot be used.
97 allowed_auths_admin [auth [auth [...]]]
100 auth specifies allowed authorization levels for the admin privi‐
101 lege level. Only the levels specified on this line are allowed
102 for the authorization level. If this line is not present, user
103 authorization cannot be used.
104 user usernum enabled username password max-priv max-session [auth [auth
107 [...]]]
108 usernum specifies the user number for the user. Note that user
109 number 0 is invalid, and user number 1 is the special "anony‐
110 mous" user, whose username is ignored. This value may be up to
111 63, the maximum possible IPMI user. If you want anonymous
112 access, you must have a user number 1.
113 enabled is a boolean that specified whether the user is enabled
115 or not.
116 username specifies the name of the user, specified as a name.
118 password specifies the password of the user, specified as a
120 name.
121 max-priv specifies the maximum privilege level allowed for the
123 user.
124 max.sessions specifies the maximum number of session the user
126 may open.
127 auth specifies the allowed authorization types for the user.
129 Only the specified ones are allowed, so if none are specified,
130 the user will be disabled.
131 guid name
134 Allows the 16-byte GUID for the IPMI LAN connection to be speci‐
135 fied. If this is not specified, then the GUID command is not
136 supported.
137 Blank lines and lines starting with `#' are ignored.
140
143 ipmilan implements normal IPMI security. The default is no access for
144 anyone, so the default is pretty safe, but be careful what you add,
145 because this is access to control your box. straight and none autho‐
146 rizations are not recommended, you should probably stick with md2 or
147 md5.
148
151 SIGHUP
152 ipmilan should handle SIGHUP and reread it's configuration files.
153 However, it doesn't right now. It might in the future, for now
154 you will have to kill it and restart it. Clients should handle
155 reconnecting in this case. If they don't, they are broken.
156
159 At startup, all error output goes to stderr. After that, all error
160 output goes to syslog.
161
164 /etc/ipmi_lan.conf
165
168 ipmi_ui(1)
169
172 Currently, ipmilan does not implement writing the config file. IPMI
173 commands to change configuration options are accepted, but the perma‐
174 nent writing of the changes does not currently work.
175
178 Corey Minyard <cminyard@mvista.org>
179OpenIPMI 05/13/03 ipmilan(8)