Linux.pl
Opcje wyszukiwania podręcznika man:
Lista stron man zaczynających się od znaku:
A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z   ALPHA   NUM   OTHER   ALL
pure-certd(8)                      Pure-FTPd                     pure-certd(8)

NAME
       pure-certd - TLS certificate agent for Pure-FTPd.

SYNTAX
       pure-certd   [-p   </path/to/pidfile>]  [-u  uid]  [-g  gid]  [-B]  <-s
       /path/to/socket> -r /program/to/run

DESCRIPTION
       pure-certd is a daemon that forks an authentication program, waits  for
       a certificate path as a reply, and returns it to an application server.

       pure-certd  listens  to  a  local Unix socket. A new connection to that
       socket should send pure-authd the following structure:

              sni_name:xxx end

       These content is passed to the authentication program, as  an  environ-
       ment variable:

              CERTD_SNI_NAME

       The  authentication program should take appropriate actions to select a
       TLS certificate, and reply to the standard output  with  the  following
       format:

              action:strict                        cert_file:/path/to/cert.pem
              key_file:/path/to/cert.pem end

       cert_file:xxx
              Absolute path to the certificate in PEM format.

       key_file:xxx
              This is optional, as a certificate and its key can  be  concate-
              nated in the same file.

       action:xxx
              If  action  is "deny", a certificate for that name was not found
              and access is denied.  If xxx is "default", the default certifi-
              cate  will  be  used.  If xxx is "strict", the certificate whose
              path is indicated in "cert_path" will be used. If absent or  in-
              valid,  access  will  be denied.  If xxx is "fallback", the cer-
              tificate whose path is indicated in "cert_path" will be used. If
              absent or invalid, the default certificate will be used instead.

       uid:xxx
              The system uid to be assigned to that user. Must be > 0.

       gid:xxx
              The primary system gid. Must be > 0.

       dir:xxx
              The  absolute  path to the home directory. Can contain /./ for a
              chroot jail.

       Only one authentication program is forked at a  time.  It  must  return
       quickly.

OPTIONS
       -u <uid>
              Have the daemon run with that uid.

       -g <gid>
              Have the daemon run with that gid.

       -B     Fork in background (daemonization).

       -s </path/to/socket>
              Set the full path to the local Unix socket.

       -r </path/to/program>
              Set the full path to the authentication program.

       -h     Output help information and exit.

EXAMPLES
       To run this program the standard way type:

       pure-certd -s /var/run/certd.sock -r /usr/bin/my-cert-program &

       pure-ftpd -lextcert:/var/run/certd.sock &

       /usr/bin/my-cert-program can be as simple as:
              #! /bin/sh

              echo 'action:strict'

              echo 'cert_file:/etc/ssl/private/pure-ftpd/cert.pem'

              echo 'end'

AUTHORS
       Frank DENIS <j at pureftpd dot org>

SEE ALSO
       ftp(1),   pure-ftpd(8)   pure-ftpwho(8)  pure-mrtginfo(8)  pure-upload-
       script(8) pure-statsdecode(8)  pure-pw(8)  pure-quotacheck(8)  pure-au-
       thd(8)

Frank Denis                         1.0.52                       pure-certd(8)

Czas wygenerowania: 0.00028 sek.

Created with the man page lookup class by Andrew Collington.
Based on a C man page viewer by Vadim Pavlov
Unicode soft-hyphen fix (as used by RedHat) by Dan Edwards
Some optimisations by Eli Argon
Caching idea and code contribution by James Richardson

Copyright © 2003-2025 Linux.pl
Hosted by Hosting Linux.pl