2 # Example PWMD configuration file. Edit and save to ~/.pwmd/config or
3 # specify with the -f command line option. See the pwmd(1) manual page for
4 # complete details of the options.
6 # The global section is for non-file related settings and defaults for data
7 # files without a file section.
10 # Location of the listening socket.
11 #socket_path=~/.pwmd/socket
13 # Socket permissions. This will override any umask setting.
16 # Where data files will be read and stored.
17 #data_directory=~/.pwmd/data
19 # If false, disable keeping backups for data files.
25 # Set to true to enable logging to log_path.
28 # Set to true to enable logging to syslog.
31 # The logging level: 0=connections and errors, 1=client commands, 2=client
32 # commands with any command arguments.
35 # When set, enable protocol debugging to the specified file. Note that this
36 # logs all protocol IO so it may also log sensitive data.
37 #debug_file=~/pwmd.log
39 # Set to false to call mlockall(2) after a client connects. Uses alot more
40 # memory but is also more secure. Most will probably find it overkill since
41 # the contents of all memory is cleared before being freed. Note that this
42 # doesn't affect the file cache which is always stored in RAM (if possible).
43 #disable_mlockall=true
45 # Disable the XPATH, LIST and DUMP commands. When "true" and a client sends
46 # these commands the error GPG_ERR_NOT_IMPLEMENTED will be returned.
47 #disable_list_and_dump=false
49 # The number of encryption iterations for new files. This is the number of
50 # times the data will be encrypted. Setting this to a high value (10000 or
51 # more, depending on the size of the data file) will slow down dictionary
52 # attacks. Setting to 0 will disable encryption.
55 # After the set number of encryption or decryption iterations have been
56 # processed, a status message with the keyword ENCRYPT or DECRYPT will be
57 # sent to the client. Set to 0 to disable.
60 # When sending data to the client an XFER status message will be sent after
61 # N bytes. N is rounded to ASSUAN_LINELENGTH (1002) bytes.
64 # A list of filenames separated by commas to add to the file cache upon
65 # startup. You will be prompted for the key for each file if required. The
66 # files are looked for in data_directory.
67 #cache_push=somefile, anotherfile
69 # The number of seconds to keep a file in the cache. If -1, the file will be
70 # kept forever. If 0, then every OPEN and SAVE command will require a key.
73 # Set to false to disable use of pinentry to retrieve keys.
76 # The full path to the pinentry binary. The default is specified at compile
78 #pinentry_path=/usr/bin/pinentry
80 # Seconds until the pinentry dialog times out. Set to 0 to wait for input
84 # The default compression level for data files from 1 to 9, 1 being the
85 # fastest but least compression and 9 being the slowest but best compression.
86 # To disable compression entirely, set to 0.
89 # The input and output buffer size when compressing and decompressing. This
90 # affects how often the COMPRESS and DECOMPRESS status messages are sent and
91 # also affects compression quality. Set to a higher value for larger files.
94 # The maximum recursion depth when resolving elements that contain a "target"
95 # attribute. When this value is exceeded an error will be returned.
98 # Sends a KEEPALIVE status message every N seconds. Set to 0 to disable (not
102 # The priority or nice value of the server process. The default is inherited
103 # from the parent process.
106 # The cipher to use for newly created files.
109 # END GLOBAL SETTINGS
111 # File specific settings are allowed by placing the filename in braces. Each
112 # file can have it's own configuration settings from those listed below.
115 #iteration_progress=0
117 #key_file=/path/to/file.key
119 #enable_pinentry=true