PIKT

Samples: PIKT.conf

PIKT Logo
Home FAQ News Intro Samples Tutorial Reference Software Authors Licensing SiteSearch


Here is a sample PIKT.conf configuration file.  In actual practice, you would omit most of the fine-tuning options.

///////////////////////////////////////////////////////////////////////////////

// PIKT.conf sample file

// this file should go in the PIKT etcdir

///////////////////////////////////////////////////////////////////////////////

// general piktc-to-piktc_svc access parameters

// these are all required

uid             0       // defaults to root
master          vienna.uppity.edu
domain          uppity.edu
access          local   // access may be "local" or "global"

// optional:

// gid          0       // defaults to root

///////////////////////////////////////////////////////////////////////////////

// for the optional parameters, authenticate_by_master and
// authenticate_by_master_address, values may be any of:
// yes, YES, true, TRUE, on, ON, NO, false, FALSE, off, OFF;
// both authenticate_by_master and authenticate_by_master_address may
// be 'yes', but both may not be 'no'; if you set
// authenticate_by_master_address to 'yes', you must supply a master_address

// authenticate_by_master               yes
// authenticate_by_master_address       no
// master_address                       111.222.123.123

///////////////////////////////////////////////////////////////////////////////

// encryption parameters

// auth_encryption_type         1       // 0 is none, 1 is blowfish
// data_encryption_type         1       // 0 is none, 1 is blowfish
// also: pvtkey
// private_key          "what's up doc?"        // private symmetric
                                                // encryption key

///////////////////////////////////////////////////////////////////////////////

// directory overrides

// by default, every PIKT binary assumes it is located in a bin directory,
// just off the \=piktdir home directory; essential PIKT directories are
// assumed to be located in the \=piktdir tree; you can override these default
// locations using the optional parameters below

// homdir       <home directory>
// bindir       <bin directory>
// etcdir       <etc directory>
// lokdir       <lock file directory>
// libdir       <lib directory>
// vardir       <var directory>
// altdir       <alerts directory>
// prgdir       <programs directory>
// objdir       <objects directory>
// cfgdir       <configs directory>
// hstdir       <histories directory>
// logdir       <log directory>

///////////////////////////////////////////////////////////////////////////////

// command path overrides

// arpcmd       /usr/sbin/arp
// catcmd       /usr/bin/cat
// cksumcmd     /usr/bin/cksum
// cpcmd        /usr/bin/cp
// diffcmd      /usr/bin/diff
// echocmd      /usr/bin/echo
// egrepcmd     /usr/bin/egrep
// filecmd      /usr/bin/file
// nicecmd      /usr/bin/nice
// pscmd        /usr/bin/ps
// rmcmd        /usr/bin/rm
// rpcinfocmd   /usr/bin/rpcinfo
// scpcmd       /usr/bin/scp
// sumcmd       /usr/bin/sum
// tailcmd      /usr/bin/tail
// trcmd        /usr/bin/tr

///////////////////////////////////////////////////////////////////////////////

// piktc_svc-to-piktc_svc callback

// this setting controls whether the slave piktc_svc does a callback to the
// master piktc_svc to verify the validity of a received service request;

// call_back is optional; if it is omitted here, call_back is turned on by
// default

// values may be any of:  yes, YES, true, TRUE, on, ON, for enablement; or
//                        no, NO, false, FALSE, off, OFF, for disablement

// call_back                    yes

///////////////////////////////////////////////////////////////////////////////

// piktc-to-piktc_svc access privileges

// these control what services the client-side piktc_svc will
// entertain; if you want to customize these across the different
// client systems, consider managing PIKT.conf from files.cfg

// all of these are optional; if any are omitted, all service(s) are
// enabled by default

// values may be any of:  yes, YES, true, TRUE, on, ON, for enablement; or
//                        no, NO, false, FALSE, off, OFF, for disablement

// 'all_services yes/no' enables/disables all services; in the absence of
// any service specifications, 'all_services yes'--all services enabled--
// is the default; setting 'all_services no', you can then turn back on
// individual services selectively with '???_service yes', but be sure
// to put the all_services setting before any other; setting
// 'all_services no' is one way to disable all services, another is to
// kill the service daemon, of course
// all_services                 yes

// 'kill_service yes/no' enables/disables both of the following
// kill_piktd_service           yes
// kill_piktc_svc_service       yes

// 'restart_service yes/no' enables/disables both of the following
// restart_piktd_service        yes
// restart_piktc_svc_service    yes

// execute_service              yes
// execute_commands_service     yes     // needed for fetch services
// execute_alerts_service       yes     // or: execute_scripts_service

// disable_alerts_service       yes
// enable_alerts_service        yes
// show_alerts_status_service   yes

// 'install_service yes/no' enables/disables all of the following
// install_alerts_service       yes     // or: install_scripts_service
// install_programs_service     yes
// install_files_service        yes
// install_objects_service      yes

// 'fetch_service yes/no' enables/disables all of the following
// fetch_alerts_service         yes     // or: fetch_scripts_service
// fetch_programs_service       yes
// fetch_files_service          yes
// fetch_objects_service        yes

// 'cksum_service yes/no' enables/disables all of the following
// cksum_alerts_service         yes     // or: cksum_scripts_service
// cksum_programs_service       yes
// cksum_files_service          yes
// cksum_objects_service        yes

// 'delete_service yes/no' enables/disables all of the following
// delete_alerts_service        yes     // or: delete_scripts_service
// delete_programs_service      yes
// delete_files_service         yes
// delete_objects_service       yes

// 'list_service yes/no' enables/disables all of the following
// list_alerts_service          yes     // or: list_scripts_service
// list_programs_service        yes
// list_files_service           yes
// list_objects_service         yes

///////////////////////////////////////////////////////////////////////////////

// other parameters

// for tcp_only, values may be any of:  yes, YES, true, TRUE, on, ON, for tcp
//                                      no, NO, false, FALSE, off, OFF, for both

// tcp_only             no      // use only TCP, not UDP, in any
                                // piktc-to-piktc_svc communications

// restart_piktc_svc_wait 5     // the number of seconds piktc will wait
                                // before verifying actual piktc_svc
                                // restart; the default is 5

// rpc_timeout          60      // the number of seconds piktc will wait for
                                // reply on a piktc -x (execute) request
                                // before timing out if no reply from the
                                // client; the default is 60

// rpc_retry_timeout    120     // the number of seconds piktc will wait for
                                // reply on a piktc -x (execute) request
                                // before retrying the request if no reply
                                // from the client; the default is 120,
                                // which turns off retry, in effect

// rpcinfo_retries      1       // the number of times piktc retries
                                // establishing contact with a remote
                                // piktc_svc; the default is 1 retry,
                                // i.e., two attempts maximum

// execcmdout_limit     1000000 // the number of characters returned by a
                                // 'piktc -x +C' command; the default is
                                // 1000000 characters

// verbose_log          no      // a 'yes' value turns on extra (less
                                // important) logging; the default is 'no'

// auto_syslog          no      // ordinarily, messages are sent to syslog
                                // by means of Pikt 'output syslog' statements;
                                // additionally, all program outputs, and all
                                // log messages of any type, can be sent to
                                // syslog if auto_syslog is set to 'yes';
                                // the default is 'no'

// syslog_facility      0       // can be a number from 0 to 7, corresponding
                                // to the syslog facilities local0 through
                                // local7; the default is 0 (for local0)

///////////////////////////////////////////////////////////////////////////////

[For more examples, see Samples.]


Home | FAQ | News | Intro | Samples | Tutorial | Reference | Software | Authors | Licensing | SiteSearch
Links | SiteIndex | Pikt-Users | Pikt-Workers | Contribute | ContactUs | Top of Page
Page best viewed at 1024x768.   Page last updated 2005-06-22.
This site is PIKT® powered.
PIKT® is a registered trademark of the University of Chicago.
Copyright © 1998-2005 Robert Osterlund.  All rights reserved.

Computer Books at Amazon.com

qmail
qmail

Beginning XML
Beginning XML

SSH, The Secure Shell: The Definitive Guide
SSH, The Secure Shell: The Definitive Guide

File System Forensic Analysis
File System Forensic Analysis

GNU Emacs Pocket Reference
GNU Emacs Pocket Reference