NAME

daemon-manager.conf - Master configuration file for Daemon Manager

SYNOPSIS

[settings]
daemon-path-daemon      = ~/.daemon-manager/daemons
daemon-path-log         = ~/.daemon-manager/logs
daemon-path-daemon-root = /etc/daemon-manager/daemons
daemon-path-log-root    = /var/log/daemon-manager
# Example configuration file
[can_run_as]
user1: www-data
# user2 is allowed to launch daemons but only as itself
user2
user3: nobody, www-data # Comments can go anywhere.
user4: @group1          # user4 can run as any user in group1
@group2: user1, @group3 # any user in group2 can run as user1
                        # or any user in group3
[manages]
user1 : user2, user3 # whitespace is generally ignored
user3: user1
user3: user2            # user3 manages user1 & user2 (the rules accumulate)
@group1: user1, @group2 # Groups work here too.

DESCRIPTION

This manual page describes the master config file for daemon-manager(1). This file controls which users can launch daemons and what users the daemons can be run as when they are launched. The file is loaded from /etc/daemon-manager/daemon-manager.conf. It is required to be owned by root and cannot be world or group writable.

FILE FORMAT

The config file is a plain text file. Comments are stripped from lines before they are parsed. A comment starts with a "#" and continues to the end of a line. Blank lines are ignored.

The file consists of one optional and two manditory sections designated by:

[settings]
[can_run_as]
[manages]

[settings]

The settings section is optional and supports the following settings (shown with their default values):

daemon-path-daemon      = ~/.daemon-manager/daemons
daemon-path-log         = ~/.daemon-manager/logs
daemon-path-daemon-root = /etc/daemon-manager/daemons
daemon-path-log-root    = /var/log/daemon-manager

These specify which paths Daemon Manager will search for daemon config files (daemon-path-daemon) and write logs to (daemon-path-logs). The 2 settings ending with -root are similar but only apply to the root user (this is because systems typically put root settings in /etc).

All path settings will perform the following substitutions:

~/

Paths that start with ~/ will have the ~ replaced user’s home directory.

NOTE: In this case, when daemon manager starts it will create the
directories for any active users (anyone listed on the left hand side in the
'can_run_as' section described below).
%username%

If the string %username% appears anywhere in the path it will be replaced by the user’s login name.

[can_run_as]

The can_run_as section identifies which users are allowed to launch daemons. It looks like this:

bob: mary, bruce, rhonda

That line means that bob is allowed to start the demons in his home directory and have them run as bob, mary, bruce, or rhonda. Users are always allowed to launch daemons as themselves so there is no need to list them on the right hand side. If you only want to allow bob to launch daemons as himself then just list him on his own line in the can_run_as section:

bob

A trailing ‘:’ is also acceptable:

bob:

[manages]

The manages section allows the system administrator to appoint users that can start and stop daemons on behalf of other users. It has the same syntax as the can_run_as section:

larry: bob, martha

That line means that larry can start, stop, restart, and inspect bob or martha's daemons. He will not be able to see or control bruce's daemons, though.

GROUPS

If a name is prefixed by ‘@’ then the name is interpreted as a unix group name and acts as if the members of that group had been listed explicitly:

bob: @dev

is equivalent to this, if the group named dev has mary and bruce as members:

bob: mary, bruce

On the other hand, this:

@dev: bob

is equivalent to this, given the same constraints:

mary: bob
bruce: bob

REPETITION

If a user is referenced on the left hand side of the ‘:’ in more than one rule (including the case where the user is part of a ‘@group’ expansion), then the result is an accumulation of the rules:

bob: mary
bob: bruce
@dev: www-data

If dev has bob and bruce as members, then this is equivalent:

bob: mary, bruce, www-data
bruce: www-data

SEE ALSO

daemon-manager(1), daemon-manager.conf(5), dmctl(1)

Last Modified on: Feb 10, 2023 05:48am