diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2020-12-09 20:28:46 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2020-12-09 20:28:46 +0100 |
| commit | 61e4ad1347f51a84400cbf87633cc99f657f9ad7 (patch) | |
| tree | 793203c0dd6f829facb67afb10db87bc86de44a8 /lacme.8.md | |
| parent | e751a1e0215342be52da2c086ad2e7bc8901229e (diff) | |
Make unprivileged user/group for the internal client resp. webserver configurable.
Diffstat (limited to 'lacme.8.md')
| -rw-r--r-- | lacme.8.md | 22 |
1 files changed, 10 insertions, 12 deletions
@@ -168,17 +168,16 @@ of [ACME] commands and dialogues with the remote [ACME] server). *user* : The username to drop privileges to (setting both effective and real - uid). Preserve root privileges if the value is empty (not - recommended). - Default: `nobody`. + uid). Skip privilege drop if the value is empty (not recommended). + Default: `@@lacme_client_user@@`. *group* : The groupname to drop privileges to (setting both effective and real gid, and also setting the list of supplementary gids to that single - group). Preserve root privileges if the value is empty (not + group). Skip privilege drop if the value is empty (not recommended). - Default: `nogroup`. + Default: `@@lacme_client_group@@`. *command* @@ -245,17 +244,16 @@ served during certificate issuance. *user* : The username to drop privileges to (setting both effective and real - uid). Preserve root privileges if the value is empty (not - recommended). - Default: `www-data`. + uid). Skip privilege drop if the value is empty (not recommended). + Default: `@@lacme_www_user@@`. *group* : The groupname to drop privileges to (setting both effective and real gid, and also setting the list of supplementary gids to that single - group). Preserve root privileges if the value is empty (not + group). Skip privilege drop if the value is empty (not recommended). - Default: `www-data`. + Default: `@@lacme_www_group@@`. *command* @@ -283,13 +281,13 @@ UNIX-domain socket. *user* : The username to drop privileges to (setting both effective and real - uid). Preserve root privileges if the value is empty. + uid). Skip privilege drop if the value is empty. *group* : The groupname to drop privileges to (setting both effective and real gid, and also setting the list of supplementary gids to that single - group). Preserve root privileges if the value is empty. + group). Skip privilege drop if the value is empty. *command* |