240 lines
4.3 KiB
HTML
240 lines
4.3 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Using Options Files</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.57"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux Network Administrators Guide"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="The Point-to-Point Protocol"
|
|
HREF="x-087-2-ppp.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Running pppd"
|
|
HREF="x6560.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Using chat to Automate Dialing"
|
|
HREF="x6675.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux Network Administrators Guide</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x6560.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 8. The Point-to-Point Protocol</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="x6675.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="X-087-2-PPP.OPTIONS"
|
|
>8.3. Using Options Files</A
|
|
></H1
|
|
><P
|
|
> Before <B
|
|
CLASS="COMMAND"
|
|
>pppd</B
|
|
> parses its command-line arguments, it scans
|
|
several files for default options. These files may contain any valid
|
|
command-line arguments spread out across an arbitrary number of lines.
|
|
Hash signs introduce comments.</P
|
|
><P
|
|
>
|
|
The first options file is <TT
|
|
CLASS="FILENAME"
|
|
>/etc/ppp/options</TT
|
|
>, which is
|
|
always scanned when <B
|
|
CLASS="COMMAND"
|
|
>pppd</B
|
|
> starts up. Using it to set some
|
|
global defaults is a good idea, because it allows you to keep your users from
|
|
doing several things that may compromise security. For instance, to make
|
|
<B
|
|
CLASS="COMMAND"
|
|
>pppd</B
|
|
> require some kind of authentication (either PAP or
|
|
CHAP) from the peer, you add the <TT
|
|
CLASS="OPTION"
|
|
>auth</TT
|
|
> option to this
|
|
file. This option cannot be overridden by the user, so it becomes impossible
|
|
to establish a PPP connection with any system that is not in your
|
|
authentication databases. Note, however, that some options can be overridden;
|
|
the <SPAN
|
|
CLASS="SYSTEMITEM"
|
|
>connect</SPAN
|
|
> string is a good example.</P
|
|
><P
|
|
> The other options file, which is read after
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/etc/ppp/options</TT
|
|
>, is <TT
|
|
CLASS="FILENAME"
|
|
>.ppprc</TT
|
|
> in the
|
|
user's home directory. It allows each user to specify her own set of default
|
|
options.</P
|
|
><P
|
|
>A sample <TT
|
|
CLASS="FILENAME"
|
|
>/etc/ppp/options</TT
|
|
> file might look like this:
|
|
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
># Global options for pppd running on vlager.vbrew.com
|
|
lock # use UUCP-style device locking
|
|
auth # require authentication
|
|
usehostname # use local hostname for CHAP
|
|
domain vbrew.com # our domain name</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></P
|
|
><P
|
|
>
|
|
The <SPAN
|
|
CLASS="SYSTEMITEM"
|
|
>lock</SPAN
|
|
> keyword makes
|
|
<B
|
|
CLASS="COMMAND"
|
|
>pppd</B
|
|
> comply to the standard UUCP method of device locking.
|
|
With this convention, each process that accesses a serial device, say
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>/dev/ttyS3</TT
|
|
>, creates a lock file with a name like
|
|
<TT
|
|
CLASS="FILENAME"
|
|
>LCK..ttyS3</TT
|
|
> in a special lock-file directory to signal that
|
|
the device is in use. This is necessary to prevent signal other programs, such as
|
|
<B
|
|
CLASS="COMMAND"
|
|
>minicom</B
|
|
> or <B
|
|
CLASS="COMMAND"
|
|
>uucico</B
|
|
>, from opening the
|
|
serial device while it is used by PPP.</P
|
|
><P
|
|
>The next three options relate to authentication and, therefore,
|
|
to system security. The authentication options are best placed in the global
|
|
configuration file because they are “privileged” and cannot
|
|
be overridden by users' <TT
|
|
CLASS="FILENAME"
|
|
>~/.ppprc</TT
|
|
> options files.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x6560.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x6675.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Running pppd</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="x-087-2-ppp.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Using chat to Automate Dialing</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |