test -e "$(DESTDIR)${strongswanconfdir}" || $(INSTALL) -d "$(DESTDIR)$(strongswanconfdir)"
test -e "$(DESTDIR)${strongswanddir}" || $(INSTALL) -d "$(DESTDIR)$(strongswanddir)"
test -e "$(DESTDIR)${charonconfdir}" || $(INSTALL) -d "$(DESTDIR)$(charonconfdir)"
- test -e "$(DESTDIR)$(strongswanconfdir)/strongswan.conf" || $(INSTALL) -m 640 $(srcdir)/strongswan.conf $(DESTDIR)$(strongswanconfdir)/strongswan.conf || true
+ test -e "$(DESTDIR)$(strongswanconfdir)/strongswan.conf" || $(INSTALL) -m 644 $(srcdir)/strongswan.conf $(DESTDIR)$(strongswanconfdir)/strongswan.conf || true
for f in $(options_install_src); do \
name=`basename $$f`; \
- test -f "$(DESTDIR)$(strongswanddir)/$$name" || $(INSTALL) -m 640 -t "$(DESTDIR)$(strongswanddir)" $(srcdir)/$$f || true; \
+ test -f "$(DESTDIR)$(strongswanddir)/$$name" || $(INSTALL) -m 644 -t "$(DESTDIR)$(strongswanddir)" $(srcdir)/$$f || true; \
done
for f in $(plugins_install_src); do \
name=`basename $$f`; \
if test -f "$$f"; then dir=; else dir="$(srcdir)/"; fi; \
- test -f "$(DESTDIR)$(charonconfdir)/$$name" || $(INSTALL) -m 640 -t "$(DESTDIR)$(charonconfdir)" "$$dir$$f" || true; \
+ test -f "$(DESTDIR)$(charonconfdir)/$$name" || $(INSTALL) -m 644 -t "$(DESTDIR)$(charonconfdir)" "$$dir$$f" || true; \
done
attest.database =
- Path to database with file measurement information.
+ File measurement information database URI. If it contains a password, make
+ sure to adjust the permissions of the config file accordingly.
attest.load =
Plugins to load in ipsec attest tool.
Whether IMVs send a standard IETF Assessment Result attribute.
charon.imcv.database =
- Global IMV policy database URI.
+ Global IMV policy database URI. If it contains a password, make sure to
+ adjust the permissions of the config file accordingly.
charon.imcv.os_info.name =
Manually set the name of the client OS (e.g. Ubuntu).
manager.database =
- Credential database URI for manager.
+ Credential database URI for manager. If it contains a password, make
+ sure to adjust the permissions of the config file accordingly.
manager.debug = no
Enable debugging in manager.
medsrv.database =
- Mediation server database URI.
+ Mediation server database URI. If it contains a password, make
+ sure to adjust the permissions of the config file accordingly.
medsrv.debug = no
Debugging in mediation server web application.
pacman.database =
- Database URI for the database that stores the package information.
+ Database URI for the database that stores the package information. If it
+ contains a password, make sure to adjust the permissions of the config file
+ accordingly.
pacman.load =
Plugins to load in package manager.
pool.database
Database URI for the database that stores IP pools and configuration
- attributes.
+ attributes. If it contains a password, make sure to adjust the permissions
+ of the config file accordingly.
pool.load =
Plugins to load in ipsec pool tool.
charon.plugins.attr-sql.database
- Database URI for attr-sql plugin used by charon.
+ Database URI for attr-sql plugin used by charon. If it contains a password,
+ make sure to adjust the permissions of the config file accordingly.
charon.plugins.attr-sql.lease_history = yes
Enable logging of SQL IP pool leases.
Port to listen for DAE requests.
charon.plugins.eap-radius.dae.secret
- Shared secret used to verify/sign DAE messages.
+ Shared secret used to verify/sign DAE messages. If set, make sure to adjust
+ the permissions of the config file accordingly.
charon.plugins.eap-radius.eap_start = no
Send EAP-Start instead of EAP-Identity to start RADIUS conversation.
Port of RADIUS server (authentication).
charon.plugins.eap-radius.secret =
- Shared secret between RADIUS and NAS.
+ Shared secret between RADIUS and NAS. If set, make sure to adjust the
+ permissions of the config file accordingly.
charon.plugins.eap-radius.server =
IP/Hostname of RADIUS server.
charon.plugins.sql.database =
- Database URI for charons SQL plugin.
+ Database URI for charon's SQL plugin. If it contains a password, make
+ sure to adjust the permissions of the config file accordingly.
charon.plugins.sql.loglevel = -1
Loglevel for logging to SQL database.
Path to X.509 certificate file of IF-MAP server.
charon.plugins.tnc-ifmap.username_password =
- Credentials of IF-MAP client of the form username:password.
+ Credentials of IF-MAP client of the form username:password. If set, make
+ sure to adjust the permissions of the config file accordingly.
RADIUS server port the strongSwan PDP is listening on.
charon.plugins.tnc-pdp.radius.secret =
- Shared RADIUS secret between strongSwan PDP and NAS.
+ Shared RADIUS secret between strongSwan PDP and NAS. If set, make sure to
+ adjust the permissions of the config file accordingly.
charon.plugins.tnc-pdp.server =
Name of the strongSwan PDP as contained in the AAA certificate.
projects / thirdparty / strongswan.git / commitdiff
