NAME

pksd.conf - Public Key Server Daemon configuration file

DESCRIPTION

The pksd.conf file contains all the configuration information for the programs which comprise the public key server system (pks-intro(8)). It contains a list of configuration variables of the form

word value

If the first character of a line is #, the line is a comment, and ignored. The variables are as follows:

pks_bin_dir

This defines the location of the executables which form the public key server system. In particular, pksdctl(8) must be in this directory.

chroot_dir

This is the directory where pksd should chroot to. If pksd chroots somewhere then all paths are then relative to the chroot_dir. Example: pks is installed into /home/pksd. The full path to the databases may be /home/pksd/var/db, but if chroot_dir is set to /home/pksd, the value for db_dir should be /var/db.

pid_dir

This is the directory where pksd should to write a pid file.

pksd_uid

This is userid pksd will run as. Typically root will start pksd (at boot, for example), but nothing that pksd does needs to be done as root. It is suggested that you create a special user for pksd.

pksd_gid

This is group id pksd will run as. Typically root will start pksd (at boot, for example), but nothing that pksd does needs to be done as root. It is suggested that you create a special group for pksd.

db_dir

This is the directory where the database files keydbXXX, worddb, and timedb , and the key database file counter num_keydb are stored.

www_port

This is the port number on which pksd(8) accepts HTTP connections. If it is 0, then HTTP connections are not accepted on any port.

www_readonly

This controls key updates/submissions via HTTP. If it is 0, then keys may be submitted via HTTP. The DEFAULT is 1, which DOES NOT allow key updates/submissions via HTTP.

max_reply_keys

This controls how many keys are returned at the most for keyserver queries. You'll want to set this. The default is 0, so the keyserver will not return any keys.

socket_name

This is the name of the unix domain socket on which pksd(8) will listen for control messages from pksdctl(8), including notification of new mail messages.

mail_delivery_client

This is a command which will be executed whenever mail needs to be delivered. This value is used as the command argument to the shell (/bin/sh -c value), so appropriate care should be taken to avoid security problems. The mail message to be delivered is passed to the standard input of this command, so options to the program should be used to parse the input for delivery addresses.

maintainer_email

This address is used as the From: address for all mail sent out.

mail_intro_file

This is the filename of a file which, if present, is inserted at the head of each mail message sent out by pksd(8). This file is used as a part of a MIME message. If MIME headers, such as content-type:, are required, they precede the body, separated by a blank line. If no headers are required, then the first line of the file must be blank.

help_dir

This is the name of a directory in which the key server help files should be found. The files in this directory should be named pks_help.LANG, where LANG is the language of the help file, in lower-case. These files are also used as MIME parts, so they are subject to the same formatting requirements as the mail_intro_file .

default_language

This is a string containing the default language for help responses from the server. The help file for this language, as described above, should exist.

this_site

This is the email address for this public key server. See the description of incremental messages in pksd(8) for more details.

syncsite

This command gives the email address of a peer public key server to this one. This is the only command which can be specified more than once. It should be specified once for each peer server.

FILES

pksd.conf

SEE ALSO

pks-intro(8), pksd(8)

AUTHOR

Marc Horowitz, Massachusetts Institute of Technology