2 ######################################################################
4 # Control socket interface.
6 # HIGHLY experimental! It should NOT be used in production
9 # In the future, we will add username/password checking for
10 # connections to the control socket. We will also add
11 # command authorization, where the commands entered by the
12 # administrator are run through a virtual server before
15 # For now, anyone who has permission to connect to the socket
16 # has nearly complete control over the server. Be warned!
18 # This functionality is NOT enabled by default.
20 # See also the "radmin" program, which is used to communicate
21 # with the server over the control socket.
25 ######################################################################
28 # Listen on the control socket.
35 # This file is created with the server's uid and gid.
36 # It's permissions are r/w for that user and group, and
37 # no permissions for "other" users. These permissions form
38 # minimal security, and should not be relied on.
40 socket = ${run_dir}/${name}.sock
43 # The following two parameters perform authentication and
44 # authorization of connections to the control socket.
46 # If not set, then ANYONE can connect to the control socket,
47 # and have complete control over the server. This is likely
50 # One, or both, of "uid" and "gid" should be set. If set, the
51 # corresponding value is checked. Unauthorized users result
52 # in an error message in the log file, and the connection is
57 # Name of user that is allowed to connect to the control socket.
62 # Name of group that is allowed to connect to the control socket.
69 # This can be used to give *some* administrators access to
70 # monitor the system, but not to change it.
72 # ro = read only access (default)
73 # rw = read/write access.