home_proxy

Langue: en

Version: Feb 4 2005 (mandriva - 22/10/07)

Section: 8 (Commandes administrateur)

NAME

home_proxy - proxy server for libhome

SYNOPSIS

home_proxy [ -xdv ] [ -s path ] [ -C file ] [ -t tag ] [ -n num ] [ -k seconds ] [ -u uid ] [ -g gid ] [ -m mode ]

DESCRIPTION

home_proxy is a proxy to for the proxy libhome mode.

The following options are available:

-s path
Listen the unix socket path. Default is read from the proxy_socket directive in the configuration file.
-x
Unlink the socket before binding when it's already used.
-C file
Use an alternate config home.conf(5) file instead of default
-t tag
Set the libhome tag
-n num
Prefork num deamons. Default is 1.
-k sec
Kill one different deamon child each sec second and restart it.
-p file
Write the process ID in the specified file.
-d
Don't detach at startup.
-u uid
Set the user id of the socket to uid (in decimal)
-g gid
Set the group id of the socket to uid (in decimal)
-m mode
Set the mode of the socket to mode (in octal)
-v
Log verbosly. More than one -v may be set. On verbose level 2, results of request are logged.

SIGNALS

SIGTERM
SIGINT Unlink the socket path and terminate the deamon.

SIGHUP Read the configuration file again and restart the servers. If the socket path need to be changed, the new socket will be open and the old one will be closed.

LOGGING

Errors conditions are sent to syslog using the "auth" facility.

NAME SERVICE SWITCH

For the system who support it, it's possible to use home_proxy as source for the NSS dispatcher. Add domething like that in your /etc/nsswitch.conf file:


 passwd: files home_proxy

Warn to not set direct access to system password in your libhome.conf file.

The dispatcher as no confiruration file, it expect to connect to the proxy using the socket at /var/run/home_proxy.

Currently, it has been tested on FreeBSD and Linux only.

FILES

/usr/local/etc/home.conf
Default configuration file unless compiled otherwise.
/var/run/home_proxy
Fallback socket path
nss_home_proxy.so.1
NSS library

BUGS

Theyre is no loop detection. Warn to not proxy to the proxy itself.

Logins are limited to 1000 characters.

Access permission on caller effective user or group ID, granted by proxy.deny directive work only on some systems. Linux 2.2, FreeBSD 4.6, OpenBSD 3.0, Mac OS X, AIX 5L, NetBSD 1.4 and later should work. HPUX, Solaris probably not. Solaris implementation may be donne with some efforts. A warning at compile time will notify when this feature is unavaiable. Not all systems have been tested.

SEE ALSO

home.conf(5), nsswitch.conf(5)

http://pll.sourceforge.net/

AUTHOR

Laurent Wacrenier <lwa@teaser.fr>