diff options
author | Christian Pointner <equinox@anytun.org> | 2009-01-28 23:46:40 +0000 |
---|---|---|
committer | Christian Pointner <equinox@anytun.org> | 2009-01-28 23:46:40 +0000 |
commit | 88f0cd597773fe896f9a144088c717f05b19b90f (patch) | |
tree | e88180fdebaa0de694e62755682001a83668e3c1 /doc | |
parent | readded phony targets to makefile (diff) |
droping privileges without chroot is now possible
Diffstat (limited to 'doc')
-rw-r--r-- | doc/uanytun.8.txt | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/doc/uanytun.8.txt b/doc/uanytun.8.txt index 3364294..319a206 100644 --- a/doc/uanytun.8.txt +++ b/doc/uanytun.8.txt @@ -11,9 +11,9 @@ SYNOPSIS *uanytun* [ *-h|--help* ] [ *-D|--nodaemonize* ] -[ *-C|--chroot* ] [ *-u|--username* <username> ] -[ *-H|--chroot-dir* <directory> ] +[ *-g|--groupname* <groupname> ] +[ *-C|--chroot* <path> ] [ *-P|--write-pid* <filename> ] [ *-i|--interface* <ip-address> ] [ *-p|--port* <port> ] @@ -56,30 +56,32 @@ passed to the daemon: -D|--nodaemonize ~~~~~~~~~~~~~~~~ -This option instructs *uAnytun* to run in the foreground +This option instructs *uAnytun* to run in foreground instead of becoming a daemon which is the default. --C|--chroot -~~~~~~~~~~~ - -Instruct *uAnytun* to run in a chroot chail and drop privileges. The -default is not to run in chroot. - -u|--username <username> ~~~~~~~~~~~~~~~~~~~~~~~~ -if chroot change to this user. default: nobody +run as this user. If no group is specified (*-g*) the default group of +the user is used. The default is to not drop privileges. --H|--chroot-dir <directory> -~~~~~~~~~~~~~~~~~~~~~~~~~~~ +-g|--groupname <groupname> +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +run as this group. If no username is specified (*-u*) this gets ignored. +The default is to not drop privileges. + +-C|--chroot <path> +~~~~~~~~~~~~~~~~~~ -chroot to this directory. default: /var/run/uanytun +Instruct *uAnytun* to run in a chroot jail. The default is +to not run in chroot. -P|--write-pid <filename> ~~~~~~~~~~~~~~~~~~~~~~~~~ Instruct *uAnytun* to write it's pid to this file. The default is -not to create a pid file. +to not create a pid file. -i|--interface <ip address> ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |