DOLDACOND.CONF(5) Dolda Connect manual DOLDACOND.CONF(5) NAME doldacond.conf - Dolda Connect daemon configuration file DESCRIPTION The doldacond(8) daemon will examine the doldacond.conf file upon startup and reception of SIGHUP. The file is written in a line-oriented ASCII format, using the following rules. A line is either empty, a comment, or a configuration directive. Empty lines are permitted to contain horizontal whitespace, but nothing else. A comment line begins with a hash sign (‘#’), optionally preceded by whitespace. A configuration directive is a line with at least one token, each token being a series of non-whitespace characters or quoted whitespace characters. Quoting can be done either by surrounding the characters to be quoted with double quotation marks, or by preceding a single character to be quoted with a backslash. The first token is con‐ sidered the directive to be evaluated, and the rest being arguments to the directive. Each of the possible configuration directives are described in their own sections. CONFIGURATION VARIABLES The vast majority of the daemon’s configuration is controlled via named configuration variables. The set directive is used to set the value of the configuration variables, which obeys the following syntax: set variable value The value of a variable is either a boolean, an integer, a string or an IPv4 address. Which one depends on the variable. A boolean may be spec‐ ified using either true/false, on/off, yes/no or 1/0. Integers may be given in either decimal, octal or hexadecimal format, using standard C syntax - that is, hexadecimal numbers prefixed with 0x, octal numbers prefixed with 0, or directly entered decimal numbers. Strings may con‐ tain arbitrary Unicode characters, and are decoded according to the system’s default character coding. IPv4 addresses are specified in dot‐ ted quad decimal notation. A list of all the known configuration vari‐ ables follows. adc.tcpport integer Specifies a specific TCP port to use for ADC peer connections. If left unspecified, a port is allocated dynamically. Useful for NAT routers (see also the net.visibleipv4 address for those cases). Default value: 0 adc.udpport integer Specifies a specific UDP port to use for ADC search results. If left unspecified, a port is allocated dynamically. Useful for NAT routers (see also the net.visibleipv4 address for those cases). Default value: 0 auth-krb5.keytab string The path to an alternative keytab file. If unspecified, the sys‐ tem default keytab will be used. Default value: "" auth-krb5.renewcreds boolean Whether to renew renewable credentials automatically before they expire. Default value: true auth-krb5.service string The name of the service principal to use for Kerberos V authen‐ tication. Default value: "doldacond" auth-krb5.usedefcc boolean If true, the default credentials cache will be used, which is useful for e.g. Linux kernel key handling. If false, a file cre‐ dentials cache will be created using mkstemp(3), using the pat‐ tern /tmp/krb5cc_dc_$UID_XXXXXX. Default value: false auth-pam.pamserv string The name of the PAM service file to use. Default value: "doldacond" auth.authless boolean Specifies whether insecure authentication is to be allowed. If you are not completely sure what you are doing, never turn this on without also turning on net.onlylocal. Default value: false cli.defnick string The default nick name to use. The nickname can also be specified for individual hubs, overriding this setting. Default value: "DoldaConnect user" cli.hashcache string The filename to use for the hash cache (see the FILES section for more information). Default value: "dc-hashcache" cli.hashwritedelay integer Writes of the hash cache and file lists are delayed for an amount of time, in order to minimize the time spent on I/O wait while hashing many small files. This variable sets the amount of time, in seconds. Default value: 300 cli.rescandelay integer The amount of time, in seconds, to wait before automatically rescanning the shared directories for changes. Set to zero (the default) to disable automatic rescanning. (Broken shares are always rescanned upon detection, regardless of this setting.) Default value: 0 cli.scandirmask integer When scanning shares, this bitmask is consulted for every direc‐ tory encountered. Unless the directory’s mode has the bits spec‐ ified by this mask set, it will be ignored and any files under it will not be shared. Default value: 0005 cli.scanfilemask integer When scanning shares, this bitmask is consulted for every regu‐ lar file. Unless the file’s mode has the bits specified by this mask set, it will not be shared. Default value: 0004 dc.dcppemu boolean If set to true, doldacond will do its best to emulate DC++ (cur‐ rently v0.674). This should be left off if at all possible, since turning it on will violate the rules of most hubs and thus give hub owners an actual reason to kick you if it is detected. It might be needed for some of the more bone-headed hub owners, though. Note that DC++ emulation can also be turned on or off for individual hubs, overriding this setting. Default value: false dc.desc string Specifies the share description reported to other DC users. Default value: "" dc.email string The e-mail address to report to other DC users. Default value: "spam@spam.org" dc.hidedeflate boolean If set to true, doldacond will hide its support for deflate com‐ pression of transfers from other clients, so that they will not request compressed uploads. Compressed transfers may consume a non-trivial amount of CPU time on slower machines. Default value: false dc.logunimpl boolean Use for debugging. If set to true, doldacond will log all unknown commands it receives, and their arguments, to /tmp/dc- unimpl. Default value: false dc.speedstring string Specifies the speed reported to other DC users. Normal values are 28.8Kbps, 33.6Kbps, 56Kbps, Satellite, ISDN, DSL, Cable, LAN(T1) or LAN(T3) Default value: "LAN(T1)" dc.tcpport integer Specifies a specific TCP port to use for DC peer connections. If left unspecified, a port is allocated dynamically. Useful for NAT routers (see also the net.visibleipv4 address for those cases). Default value: 0 dc.udpport integer Specifies a specific UDP port to use for DC search results. If left unspecified, a port is allocated dynamically. Useful for NAT routers (see also the net.visibleipv4 address for those cases). Default value: 0 fnet.fnptos integer The TOS value to use for peer connections (see the TOS VALUES section). Default value: 0 fnet.fntos integer The TOS value to use for hub connections (see the TOS VALUES section). Default value: 0 fnet.maxnodes integer Specifies a maximum number of simultaneously connected hubs. Attempts to connect to new hubs beyond this limit will return an error. Set to zero to remove the limit. Default value: 0 fnet.srchwait integer The number of seconds to wait between searches. Most hubs require at least ten seconds, and quite often network lag will often make searches arrive to the hub more often than sent. It may be semi-dangerous to specify too low a value, since hubs will often kick users that search too often (even when the rea‐ son is network lag -- there is no way for the hub to know this), but it is quite annoying to set too high a value. 15 to 40 sec‐ onds are the recommended range (although the default is 15 sec‐ onds, it is recommended to set to 30 seconds). Default value: 15 net.diffserv-maxrel integer The Diffserv value to use on IPv6 connections when the maximize reliability TOS value is used (see the TOS VALUES section). Default value: 0 net.diffserv-maxtp integer The Diffserv value to use on IPv6 connections when the maximize throughput TOS value is used (see the TOS VALUES section). Default value: 0 net.diffserv-mincost integer The Diffserv value to use on IPv6 connections when the minimize cost TOS value is used (see the TOS VALUES section). Default value: 0 net.diffserv-mindelay integer The Diffserv value to use on IPv6 connections when the minimize delay TOS value is used (see the TOS VALUES section). Default value: 0 net.mode integer The network mode to use. Currently supported values are 0 for active mode and 1 for passive mode. In the future, SOCKS5 proxy support may be added. Default value: 0 net.publicif string Specifies an interface name from which to fetch the IPv4 address reported to other clients in active mode. If both this and net.visibleipv4 are unspecified the address of the hub connec‐ tion is used. Default value: "" net.reuseaddr boolean Set the SO_REUSEADDR socket option on listening sockets, so that dead TCP connections waiting for timeout are ignored. Default value: false net.visibleipv4 IPv4 address Overrides the IPv4 address reported to other clients in active mode. Useful for servers behind NAT routers. If both this and net.publicif are unspecified the address of the hub connection is used. reqstat.file string The name of a file to log upload request information to. If unspecified, upload requests will not be logged. Default value: "" transfer.dltos integer The TOS value to use for download connections (see the TOS VAL‐ UES section). Default value: transfer.filter string The name of the filter script (see the FILES section for lookup information). Default value: "dc-filter" transfer.slots integer The maximum number of simultaneously permitted uploads. A common hub rule is that you will need at least as many slots as the number of hubs to which you are connected. Default value: 3 transfer.ulquota boolean If true, only one upload is allowed per remote peer. This option is still experimental, so it is recommended to leave it off. Default value: false transfer.ultos integer The TOS value to use for upload connections (see the TOS VALUES section). Default value: ui.filtercmd string The name of the filtercmd script (see the FILES section for lookup information). Default value: "dc-filtercmd" ui.onlylocal boolean If true, UI connections will only be accepted from localhost addresses (127.0.0.1, ::1 or ::ffff:127.0.0.1). Unless you are completely sure that you know what you are doing, never turn this off when auth.authless is on. Default value: true ui.port integer The TCP port number on which to accept UI client connections, or -1 to not listen on TCP. Default value: 1500 ui.uitos integer The TOS value to use for UI connections (see the TOS VALUES sec‐ tion). Default value: ui.unixsock string Controls the the name to use for the Unix socket on which to accept UI client connections. If the name contains a slash, it is treated as a file name to bind on. If the name is "default", the file name will be "/var/run/doldacond.sock" if doldacond runs with UID == 0, or "/tmp/doldacond-NAME" otherwise, where NAME is the user name of the UID which doldacond runs as. If the name is "none", no Unix socket will be used. Otherwise, an error is signaled. Default value: "default" SHARES A very central function of a file-sharing daemon is to share files. To determine what files are to be shared, the share directive is used, according to the following syntax: share sharename path The sharename is the name of the share as seen by other peers on the network. The path is the path in the real filesystem to a directory containing the files to be shared. All files under the specified direc‐ tory will be shared, except for files that begin with a dot, or files that do not match the criteria given by the client.scanfilemask and client.scandirmask variables, as described above. The share directive may be used multiple times to define several shares. USER AUTHORIZATION In multi-user mode (when running as root), the doldacond(8) daemon can serve multiple users, but commonly not every user on the system should be authorized to be served. To specify which users to serve, and to assign permissions to the users to be served, the user directive is used, according to the following syntax: user {username|default} [-]permission... As indicated by the syntax, the special username default can be used to specify permissions for users not matched by any other user directive (if you have a user called default, tough luck). The assignable permissions are as follows: admin Involves commands controlling the function of the daemon, such as shutting it down remotely. fnetctl Allows connecting and disconnecting fnetnodes (a.k.a. hubs). trans Allows queuing of transfers. transcu Allows cancelling of uploads. chat Allows sending and receiving of chat messages. srch Allows submitting of search requests. disallow A negative permission, used to prevent a user from being autho‐ rized. Mostly useful for the default user. all Sets all the above permssions. A permissions may be prefixed with a minus sign, which means that that permission should be removed (commonly used after all, since permis‐ sions are scanned from left to right). Note that the all pseudo-permission really turns on all other permis‐ sions, including disallow. Thus, to allow a user jdoe full control over the daemon, one would normally use "user jdoe all -disallow". TOS VALUES Some configuration variables specify IP Type of Service values. Valid values for those variables are as follows: 0 System default TOS. 1 Minimize cost 2 Maximize reliability 3 Maximize throughput 4 Minimize delay How routers interpret TOS values is defined by the administrator of those routers. For IPv6 connections, which use Diffserv instead of the older IPv4 TOS values, the Diffserv values to use are specified by the net.diffserv-mincost, net.diffserv-maxrel, net.diffserv-maxtp and net.diffserv-mindelay configuration variables, as described above. FILES All file names specified in the configuration file, and the configura‐ tion file itself, are looked up by the daemon in a rather flexible man‐ ner. The only difference between the main configuration file and all other files is that the configuration must always be named dolda‐ cond.conf, while the name of all other files may be specified in the configuration file. In all else, lookup is done according to the fol‐ lowing rules: 1 If the specified name contains any slashes (not applicable for doldacond.conf), it will be considered absolute, and no loca‐ tions other than the explicitly specified will be examined. 2 The home directory of the user running the daemon (as specified by either the HOME environment variable or as returned by the getpwuid(3) function) is checked for a dot-file with the speci‐ fied name. 3 If the PATH environment variable exists, the directories it specifies are iterated, the last path element of each is replaced by ‘etc’, and the resulting directories are checked for the existence of the specified file. For example, if PATH is /bin:/opt/doldaconnect/bin:/usr/bin, the directories /etc, /opt/doldaconnect/etc and /usr/etc will be checked for the file. 4 If the PATH environment variable does not exist (but not if PATH does exist and the file simply could not be found according to the previous rule), the directories /usr/local/etc, /etc and /usr/etc are checked for the file. For files that are created on the fly, such as the hash cache, the file will be overwritten in place if found. If not found, it will be created in the home directory of the user running the daemon. If the home directory cannot be determined, the file will be created in /etc. BUGS IPv4 should also be able to use Diffserv instead of TOS. I have simply not been able to find the API to set IPv4 Diffserv values. AUTHOR Fredrik Tolf SEE ALSO doldacond(8) 2008-02-14 DOLDACOND.CONF(5)