diff options
author | Stef Walter <stefw@redhat.com> | 2016-11-29 13:30:55 +0100 |
---|---|---|
committer | Stef Walter <stefw@redhat.com> | 2016-11-29 13:32:23 +0100 |
commit | 561ee23f218c7a68a2ef46525502f978e56fc1bb (patch) | |
tree | 8deb8569f109a0e9dea11736f56ad5e47f42dc11 /doc/manual/p11-kit-config.xml | |
parent | a96f354c3068edb6c8ac80ae6d9a6611651145d7 (diff) | |
download | p11-kit-561ee23f218c7a68a2ef46525502f978e56fc1bb.tar.gz |
This repository has moved to GitHub to allow further contributions
and more flexibility who can merge changes.
More details here:
https://lists.freedesktop.org/archives/p11-glue/2016-November/000626.html
Diffstat (limited to 'doc/manual/p11-kit-config.xml')
-rw-r--r-- | doc/manual/p11-kit-config.xml | 98 |
1 files changed, 0 insertions, 98 deletions
diff --git a/doc/manual/p11-kit-config.xml b/doc/manual/p11-kit-config.xml deleted file mode 100644 index c580445..0000000 --- a/doc/manual/p11-kit-config.xml +++ /dev/null @@ -1,98 +0,0 @@ -<?xml version="1.0"?> -<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" -[ - <!ENTITY sysdir SYSTEM "sysdir.xml"> - <!ENTITY userdir SYSTEM "userdir.xml"> -]> - -<chapter xml:id="config"> - <title>PKCS#11 Configuration</title> - - <section id="config-introduction"> - <title>Consistent configuration</title> - - <para>In order for multiple applications on the user's desktop to use - PKCS#11 modules in a consistent manner, there must be a configuration - or registry to specify which modules to load and how to use them. The - PKCS#11 specification does not specify such a configuration standard. - </para> - - <para>Because of the multi-library module initialization problem, use of - PKCS#11 modules must be coordinated within an application. p11-kit - provides that coordination. Since coordination is required, it follows - that p11-kit can also implement a consistent module configuration. - </para> - </section> - - <section id="config-example"> - <title>Example</title> - - <para>The following sections describe the config format in detail. But first - an example which shows the various features. The configuration below, loads - two modules called 'my-module' and 'nss'. The user settings override some - aspects of the system settings.</para> - -<para>Global configuration file: <literal>&sysdir;/pkcs11.conf</literal></para> -<programlisting> -# This setting controls whether to load user configuration from the -# &userdir; directory. Possible values: -# none: No user configuration -# merge: Merge the user config over the system configuration (default) -# only: Only user configuration, ignore system configuration -user-config: merge -</programlisting> - -<para>One module configuration file per module: <literal>&sysdir;/modules/my-module</literal></para> -<programlisting> -# This setting controls the actual module library to load. This config file -# might be installed by the package that installs this module library. This -# is not an absolute path name. Relative path names are loaded from the -# $(libdir)/pkcs11 directory by default. -module: my-pkcs11-module.so - -# This controls whether the module is required to successfully initialize. If 'yes', then -# a failure to load or initialize this module will result in a p11-kit system failure. -critical: no -</programlisting> - -<para>User configuration file: <literal>&userdir;/pkcs11.conf</literal></para> -<programlisting> -# This is an empty file. Files that do not exist are treated as empty. -</programlisting> - -<para>User configuration file: <literal>&userdir;/modules/my-module</literal></para> -<programlisting> -# Merge with the settings in the system my-module config file. In this case -# a developer has overridden to load a different module for my-module instead. -module: /home/user/src/custom-module/my-module.so -</programlisting> - -<para>User configuration file: <literal>&userdir;/modules/nss</literal></para> -<programlisting> -# Load the NSS libsoftokn.so.3 PKCS#11 library as a module. Note that we pass -# some custom non-standard initialization arguments, as NSS expects. -module: /usr/lib/libsoftokn3.so -x-init-reserved: configdir='sql:/home/test/.pki/nssdb' certPrefix='' keyPrefix='' secmod='socmod.db' -critical: yes -</programlisting> - - -</section> - -<section id="config-files"> - <title>Configuration Files</title> - - <para>A complete configuration consists of several files. These files are - text files. Since <literal>p11-kit</literal> is built to be used in all - sorts of environments and at very low levels of the software stack, we - cannot make use of high level configuration APIs that you may find on a - modern desktop.</para> - - <para><link linkend="pkcs11-conf">See the manual page</link> for more details - on the format and available options.</para> - - <para>Note that user configuration files are not loaded from the home - directory if running inside a setuid or setgid program.</para> -</section> -</chapter> |