aboutsummaryrefslogtreecommitdiffstats
path: root/lacme.8.md
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-08-03 22:57:32 +0200
committerGuilhem Moulin <guilhem@fripost.org>2020-08-04 01:39:39 +0200
commite419eb68718085fa2e2505eb4b4aa08145f7dc1c (patch)
treeb71aa88e60d4775bec2efece141acbb9f024a88d /lacme.8.md
parentda8b727f156d23553eecb90e8731d39c6027cb02 (diff)
Ignore [accountd] section from lacme.conf when the --socket option is defined.
This allows remotely-controlled lacme processes being controlled without modifying an config files. See https://bugs.debian.org/955767 .
Diffstat (limited to 'lacme.8.md')
-rw-r--r--lacme.8.md17
1 files changed, 8 insertions, 9 deletions
diff --git a/lacme.8.md b/lacme.8.md
index e250858..8f8eb41 100644
--- a/lacme.8.md
+++ b/lacme.8.md
@@ -108,11 +108,9 @@ Generic options
aborts if `path` is readable or writable by other users, or if its
parent directory is writable by other users.
This command-line option overrides the *socket* option of the
- [`[client]` section](#client-section) of the configuration file.
- Moreover this option is ignored when the configuration file has an
- [`[accountd]` section](#accountd-section); in that case `lacme`
- spawns [`lacme-accountd`(1)], and the two processes communicate
- through a socket pair.
+ [`[client]` section](#client-section) of the configuration file; it
+ also causes the [`[accountd]` section](#accountd-section) to be
+ ignored.
`-h`, `--help`
@@ -276,10 +274,11 @@ served during certificate issuance.
`[accountd]` section
---------------------
-This section is used for configuring the [`lacme-accountd`(1)] process.
-If the section (including its header) is absent or commented out,
-`lacme` connects to an existing UNIX-domain socket bound by a running
-[`lacme-accountd`(1)] process.
+This section is used for configuring the [`lacme-accountd`(1)] child
+process. If the section (including its header) is absent or commented
+out, or if the CLI option `--socket` is specified, then `lacme` connects
+to an existing [`lacme-accountd`(1)] process via the specified
+UNIX-domain socket.
*user*