The eloqsd.user configuration file defines the user accounts
known to the eloqsd process. This allows to define eloqsd users
without the need to have a system account for each individual user.
This configuration file is only used if the
AuthPolicy
configuration is set to either "server" or "user".
The name and path of the eloqsd.user configuration file may be
defined in the eloqsd.cfg
configuration file. It defaults to eloqsd.user in the
Eloquence configuration directory.
Section names are are not case sensitive and enclosed in square brackets.
String values can be enclosed in double quotes to protect leading or
trailing spaces. An unquoted hash character (#) starts a comment.
Each user is defined in a different section.
The following configuration items are recognized for each user:
- Name
-
The user name. This value is currently not used by the software
and is intended for documentation purposes.
- Password
-
The user password in clear text. This password must be provided
by the eloqsd client along with the user name in order to be
authorized as a legitimate user.
To avoid a clear text password the PassKey config item
may be used instead.
On Windows the Password is only used with AuthPolicy=user.
For AuthPolicy=server the user password must match the password
defined for the Windows account associated with the user (uid).
- Passkey
-
Refers to a password key defined in the
eloqsd.pswd file.
This is an alternative to using the Password item.
The eloqsd.pswd file stores passwords
in encrypted form and is
maintained with the eqpasswd utility.
On Windows the Passkey is only used with AuthPolicy=user.
For AuthPolicy=server the user password must match the password
defined for the Windows account associated with the user (uid).
- uid
-
System account to execute client processes.
The user name or numeric user id (HP-UX and Linux).
On Windows if AuthPolicy=server is configured, uid
specifies the system account used to execute client processes.
If this account is located on a domain server, it must be prefixed with
the domain name followed by a backslash
character (DOMAIN\username).
- gid (HP-UX, Linux)
-
Comma- or space-separated list of system groups to execute client processes.
Group names or numeric group ids may be specified. This config item is
not used on Windows.
- GroupList
-
Comma-separated list of group names to specify the user
group membership. Group names may be referenced in the
GroupList item of the
eloqsd.app
and eloqsd.share files.
Multiple GroupList entries are recognized and combined.
- UsePAM (HP-UX, Linux)
-
If nonzero, PAM (Pluggable Authentication Modules) is
used to verify the password (Password/PassKey items
are not used). Also, PAM is used to set UID/GID/GroupList
unless UID/GID/GroupList are explicitly configured.
- Profile
-
Template user entry. User defaults will be taken from this section.
Defaults to the user "default" if not specified.
The predefined "default" user may be used to specify user defaults.
The example below defines the user "joe" that is a member of the
users and accounting groups. An encrypted password is used.
[joe]
Name = Test user
Passkey = joe
GroupList = users,accounting
eloqsd.user template file
A default configuration file eloqsd.user is installed and may be customized.
A template eloqsd.user config file is installed as
newconfig/config/eloqsd.user.
# @(#) eloqsd.user - B.08.40 ($Revision: 29.3 $)
#
# The purpose of this file is to define all users which are known to
# Eloquence. It is installed in the location:
# /etc/opt/eloquence/8.4/eloqsd.user
#
# This file is read at the startup time of the eloqsd process.
# Changes are automatically detected and honored.
#
# This makes it possible to define Eloquence users without the
# need to have a system account for each individual user.
# If clear text passwords are configured in this file we consider
# it good practice to make this file unreadable for regular users.
# You should chown it to the administrator (usually root) and
# chmod it to 400.
#
# Format:
#
# The section names are not case sensitive. String values can be
# enclosed in double quotes to protect leading or trailing spaces.
# Everything after a hash (#) character is considered a comment.
#
# Each user definition is a different section.
#
# The following configuration items are recognized for each section:
#
# [user_id]
#
# Name The full user name (currently unused)
#
# Password The user password (clear text)
#
# PassKey Refers to a password key defined in the eloqsd.pswd file.
# This is an alternative to using the Password item above.
# The eloqsd.pswd file stores passwords in encrypted form
# and is maintained by the eqpasswd utility.
#
# UID System account to execute client processes
#
# GID Comma- or space-separated list of system groups
# to execute client processes
#
# GroupList Comma-separated list of group names to specify the user
# group membership. Defined group names may be used in the
# GroupList item of the eloqsd.app and eloqsd.share files.
# Multiple GroupList entries are recognized and combined.
#
# UsePAM If nonzero, PAM (Pluggable Authentication Modules) is
# used to verify the password (Password/PassKey items
# are not used). Also, PAM is used to set UID/GID/GroupList
# unless UID/GID/GroupList are explicitly configured.
#
# Profile Template user entry. User defaults will be taken from
# this section.
#
# There are two predefined sections:
#
# [public] is used if a client does not provide a user id. This can
# only happen if an eloqcore process has been started locally and
# requests a remote operation. (currently unused)
#
# [default] is used as the default user profile.
[public]
Name = Anonymous
[default]
Name = Default user profile
#[demo]
#Name = Demo User
#Password = secret
eloqsd
eloqsd.cfg
eloqsd.app
eloqsd.share
eloqsd.pswd
eloqsd user configuration (B.08.20 release notes)
|