diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-18 21:07:01 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-20 22:13:41 +0100 |
| commit | 0ef94d85e58497dcb2c4c954cadcac918032467a (patch) | |
| tree | 9ff32832dc06f0c8b17ae19c9e9fbcd46e48d2ba /config | |
| parent | 4a502836164821b9faa56d363c8fb116ce032321 (diff) | |
Add %-specifiers support.
lacme(8): for --config=, --socket=, --config-certs= (and ‘socket’/
‘config-certs’/‘challenge-directory’ configuration options *before*
privilege drop; and for the [accountd] section ‘command’/‘config’
configuration options *after* privilege drop).
lacme-accountd(1): for --config=, --socket= and --privkey= (and
‘socket’/‘privkey’ configuration options).
This also changes the default configuration file location. lacme(8) and
lacme-accountd(1) now respectively use /etc/lacme/lacme.conf resp.
/etc/lacme/lacme-accountd.conf when running as root, and
$XDG_CONFIG_HOME/lacme/lacme.conf resp. $XDG_CONFIG_HOME/lacme/lacme-accountd.conf
when running as a normal user. There is no fallback to /etc anymore.
Diffstat (limited to 'config')
| -rw-r--r-- | config/lacme-accountd.conf | 4 | ||||
| -rw-r--r-- | config/lacme.conf | 4 |
2 files changed, 2 insertions, 6 deletions
diff --git a/config/lacme-accountd.conf b/config/lacme-accountd.conf index 10f332e..f31cf67 100644 --- a/config/lacme-accountd.conf +++ b/config/lacme-accountd.conf @@ -17,10 +17,8 @@ # for signature requests from the ACME client. An error is raised if # the path exists or if its parent directory is writable by other # users. -# Default: "$XDG_RUNTIME_DIR/S.lacme" if the XDG_RUNTIME_DIR -# environment variable is set. # -#socket = /run/user/1000/S.lacme +#socket = %t/S.lacme # Be quiet. Possible values: "Yes"/"No". # diff --git a/config/lacme.conf b/config/lacme.conf index 98ecacb..198729d 100644 --- a/config/lacme.conf +++ b/config/lacme.conf @@ -10,13 +10,11 @@ # UNIX-domain socket to connect to for signature requests from the ACME # client. lacme(8) aborts if the socket is readable or writable by # other users, or if its parent directory is writable by other users. -# Default: "$XDG_RUNTIME_DIR/S.lacme" if the XDG_RUNTIME_DIR environment -# variable is set. # This setting is ignored when lacme-accountd(1) is spawned by lacme(8), # since the two processes communicate through a socket pair. See the # "accountd" section below for details. # -#socket = +#socket = %t/S.lacme # username to drop privileges to (setting both effective and real uid). # Skip privilege drop if the value is empty (not recommended). |