1CONMAN.CONF(5) ConMan: The Console Manager CONMAN.CONF(5)
2
6 conman.conf - ConMan daemon configuration file
7
10 The conman.conf configuration file is used to specify the consoles
11 being managed by conmand.
12 Comments are introduced by a hash sign (#), and continue until the end
14 of the line. Blank lines and white-space are ignored. Directives are
15 terminated by a newline, but may span multiple lines by escaping it
16 (i.e., immediately preceding the newline with a backslash). Strings
17 may be either single-quoted or double-quoted, but they may not contain
18 newlines. Keywords are case-insensitive.
19
22 These directives begin with the SERVER keyword followed by one of the
23 following key/value pairs:
24 coredump = (on|off)
26 Specifies whether the daemon should generate a core dump file.
27 This file will be created in the current working directory (or
28 '/' when running in the background) unless you also set core‐
29 dumpdir. The default is off.
30 coredumpdir = "directory"
32 Specifies the directory where the daemon tries to write core
33 dump files. The default is empty, meaning the current working
34 directory (or '/' when running in the background) will be used.
35 execpath = "dir1:dir2:dir3..."
37 Specifies a colon-separated list of directories in which to
38 search for external process-based console executables that are
39 not defined by an absolute or relative pathname. The default is
40 empty.
41 keepalive = (on|off)
43 Specifies whether the daemon will use TCP keep-alives for
44 detecting dead connections. The default is on.
45 logdir = "directory"
47 Specifies a directory prefix for log files that are not defined
48 via an absolute pathname. This affects the server logfile,
49 global log, and console log directives.
50 logfile = "file[,priority]"
52 Specifies the file to which log messages are appended if the
53 daemon is not running in the foreground. This string undergoes
54 conversion specifier expansion (cf., CONVERSION SPECIFICATIONS)
55 each time the file is opened. If an absolute pathname is not
56 given, the file's location is relative to either logdir (if
57 defined) or the current working directory. Intermediate direc‐
58 tories will be created as needed. The filename may optionally
59 be followed by a comma and a minimum priority at which messages
60 will be logged. Refer to syslog.conf(5) for a list of priori‐
61 ties. The default priority is info. If this keyword is used in
62 conjunction with the syslog keyword, messages will be sent to
63 both locations.
64 loopback = (on|off)
66 Specifies whether the daemon will bind its socket to the loop‐
67 back address, thereby only accepting local client connections
68 directed to that address (127.0.0.1). The default is on.
69 nofile = integer
71 Specifies the maximum number of open files for the daemon. If
72 set to 0, use the current (soft) limit. If set to -1, use the
73 the maximum (hard) limit. The default is 0.
74 pidfile = "file"
76 Specifies the file to which the daemon's PID is written. Inter‐
77 mediate directories will be created as needed. The use of a
78 pidfile is recommended if you want to use the daemon's '-k',
79 '-q', or '-r' options.
80 port = integer
82 Specifies the port on which the daemon will listen for client
83 connections.
84 resetcmd = "string"
86 Specifies a command string to be invoked by a subshell upon
87 receipt of the client's "reset" escape. Multiple commands
88 within a string may be separated with semicolons. This string
89 undergoes conversion specifier expansion (cf., CONVERSION SPECI‐
90 FICATIONS) and will be invoked multiple times if the client is
91 connected to multiple consoles.
92 syslog = "facility"
94 Specifies that log messages are to be sent to the system logger
95 (syslogd) at the given facility. Refer to syslog.conf(5) for a
96 list of facilities. If this keyword is used in conjunction with
97 the logfile keyword, messages will be sent to both locations.
98 tcpwrappers = (on|off)
100 Specifies whether the daemon will use TCP-Wrappers when accept‐
101 ing client connections. Support for this feature must be
102 enabled at compile-time (via configure's "--with-tcp-wrappers"
103 option). Refer to hosts_access(5) and hosts_options(5) for more
104 details. The default is off.
105 timestamp = integer (m|h|d)
107 Specifies the interval between timestamps written to the indi‐
108 vidual console log files. The interval is an integer that may
109 be followed by a single-character modifier; 'm' for minutes (the
110 default), 'h' for hours, or 'd' for days. The default is 0
111 (i.e., no timestamps).
112
115 These directives begin with the GLOBAL keyword followed by one of the
116 following key/value pairs:
117 log = "file"
119 Specifies the default log file to use for each console direc‐
120 tive. This string undergoes conversion specifier expansion
121 (cf., CONVERSION SPECIFICATIONS) each time the file is opened;
122 it must contain either '%N' or '%D'. If an absolute pathname is
123 not given, the file's location is relative to either logdir (if
124 defined) or the current working directory. Intermediate direc‐
125 tories will be created as needed.
126 logopts = "(lock|nolock),(sanitize|nosanitize),(timestamp|notimestamp)"
128 Specifies global options for the console log files. These
129 options can be overridden on a per-console basis by specifying
130 the CONSOLE logopts keyword. Note that options affecting the
131 output of the console's logfile also affect the output of the
132 console's log-replay escape. The valid logopts include the fol‐
133 lowing:
134 lock or nolock - locked logs are protected with a write lock.
136 sanitize or nosanitize - sanitized logs convert non-printable
138 characters into 7-bit printable characters.
139 timestamp or notimestamp - timestamped logs prepend each line of
141 console output with a timestamp in "YYYY-MM-DD HH:MM:SS" format.
142 This timestamp is generated when the first character following
143 the line break is output.
144 The default is "lock,nosanitize,notimestamp".
146 seropts = "bps[,databits[parity[stopbits]]]"
148 Specifies global options for local serial devices. These
149 options can be overridden on a per-console basis by specifying
150 the CONSOLE seropts keyword.
151 bps is an integer specifying the baud rate in bits-per-second.
153 If this exact value is not supported by the system, it will be
154 rounded down to the next supported value.
155 databits is an integer from 5-8.
157 parity is a single case-insensitive character: 'n' for none, 'o'
159 for odd, and 'e' for even.
160 stopbits is an integer from 1-2.
162 The default is "9600,8n1" for 9600 bps, 8 data bits, no parity,
164 and 1 stop bit.
165 ipmiopts = "U:str,P:str,K:str,C:int,L:str,W:flag"
167 Specifies global options for IPMI Serial-Over-LAN devices.
168 These options can be overridden on a per-console basis by speci‐
169 fying the CONSOLE IPMIOPTS keyword. This directive is only
170 available if configured using the "--with-freeipmi" option.
171 The IPMIOPTS string is parsed into comma-delimited substrings
173 where each substring is of the form "X:VALUE". "X" is a single-
174 character case-insensitive key specifying the option type, and
175 "VALUE" is its corresponding value. The IPMI default will be
176 used if either "VALUE" is omitted from the substring ("X:") or
177 the substring is omitted altogether. Note that since the
178 IPMIOPTS string is delimited by commas, substring values cannot
179 contain commas.
180 The valid IPMIOPTS substrings include the following (in any
182 order):
183 U:username - a string of at most 16 bytes for the username.
185 P:password - a string of at most 20 bytes for the password.
187 K:K_g - a string of at most 20 bytes for the K_g key.
189 C:cipher_suite - an integer for the IPMI cipher suite ID. Refer
191 to ipmiconsole(8) for a list of supported IDs.
192 L:privilege_level - the string "user", "op", or "admin".
194 W:workaround_flag - a string or integer for an IPMI workaround.
196 The following strings are recognized: "authcap", "integrity‐
197 checkvalue", "intel20", "nochecksumcheck", "opensesspriv",
198 "serialalertsdeferred", "solchannelsupport", "solpacketseq",
199 "solpayloadsize", "solport", "solstatus", "sun20", "supermi‐
200 cro20", "default", and "none". Refer to ipmiconsole(8) for more
201 information on these workarounds. This substring may be
202 repeated in order to specify multiple workarounds.
203 Both the password and K_g values can be specified in either
205 ASCII or hexadecimal; in the latter case, the string should
206 begin with "0x" and contain at most 40 hexadecimal digits. A
207 K_g key entered in hexadecimal may contain embedded null charac‐
208 ters, but any characters following the first null character in
209 the password key will be ignored.
210
213 This directive defines an individual console being managed by the dae‐
214 mon. The CONSOLE keyword is followed by one or more of the following
215 key/value pairs:
216 name = "string"
218 Specifies the name used by clients to refer to the console.
219 This keyword is required.
220 dev = "string"
222 Specifies the type and location of the device. This keyword is
223 required.
224 A local serial port connection is defined by the pathname of the
226 character device file.
227 A remote terminal server connection using the telnet protocol is
229 defined by the "host:port" format (where host is the remote
230 hostname or IPv4 address, and port is the remote port number).
231 An external process-based connection is defined by the "path
233 args" format (where path is the pathname to an executable
234 file/script, and any additional args are space-delimited); the
235 /usr/lib/conman/exec directory contains scripts for various con‐
236 sole types.
237 A local Unix domain socket connection is defined by the
239 "unix:path" format (where "unix:" is the literal character
240 string prefix and path is the pathname of the local socket).
241 An IPMI Serial-Over-LAN connection is defined by the "ipmi:host"
243 format (where "ipmi:" is the literal string and host is a host‐
244 name or IPv4 address).
245 The '%N' character sequence will be replaced by the console
247 name.
248 log = "file"
250 Specifies the file where console output is logged. This string
251 undergoes conversion specifier expansion (cf., CONVERSION SPECI‐
252 FICATIONS) each time the file is opened. If an absolute path‐
253 name is not given, the file's location is relative to either
254 logdir (if defined) or the current working directory. Interme‐
255 diate directories will be created as needed. An empty log
256 string (i.e., log="") disables logging, overriding the global
257 log name.
258 logopts = "string"
260 This keyword is optional (cf., GLOBAL DIRECTIVES).
261 seropts = "string"
263 This keyword is optional (cf., GLOBAL DIRECTIVES).
264 ipmiopts = "string"
266 This keyword is optional (cf., GLOBAL DIRECTIVES).
267
270 A conversion specifier is a two-character sequence beginning with a '%'
271 character. The second character in the sequence specifies the type of
272 conversion to be applied. The following specifiers are supported:
273 %N The console name (from the name string).
275 %D The console device basename (from the dev string), with leading
277 directory components removed.
278 %P The daemon's process identifier.
280 %Y The year as a 4-digit number with the century.
282 %y The year as a 2-digit number without the century.
284 %m The month as a 2-digit number (01-12).
286 %d The day of the month as a 2-digit number (01-31).
288 %H The hour as a 2-digit number using a 24-hour clock (00-23).
290 %M The minute as a 2-digit number (00-59).
292 %S The seconds as a 2-digit number (00-61).
294 %s The number of seconds since the Epoch.
296 %% A literal '%' character.
298 The console name (%N) and device (%D) specifiers are "sanitized" in
300 that non-printable characters and the forward-slash (/) character are
301 replaced with underscores.
302 Conversion specifiers within console log filenames are evaluated when
304 the file is opened; this occurs when conmand first starts and whenever
305 it receives a SIGHUP.
306
309 /etc/conman.conf
310
313 Chris Dunlap <cdunlap@llnl.gov>
314
317 Copyright (C) 2007-2018 Lawrence Livermore National Security, LLC.
318 Copyright (C) 2001-2007 The Regents of the University of California.
319
322 ConMan is free software: you can redistribute it and/or modify it under
323 the terms of the GNU General Public License as published by the Free
324 Software Foundation, either version 3 of the License, or (at your
325 option) any later version.
326
329 conman(1), conmand(8).
330 https://dun.github.io/conman/
332conman-0.3.0 2018-09-15 CONMAN.CONF(5)