[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4.2.6 Security Settings

The following options control various security settings.

Option: drop-unknown-user yes-or-no

If this option is set to `yes', anubis drops sessions which failed verification by the IDENT service.

This option is in effect only in `transparent' mode.

Default is `no'.

Option: user-notprivileged username

Defines the unprivileged user, i.e. the user with whose privileges anubis runs most of the time. This option is available only in the system configuration file. For example:

 
user-notprivileged "anubis"

Caution: This user must exist in the system user database (`/etc/passwd').

Option: rule-priority value

This statement defines the order of execution of the system and user RULE sections (See section The Rule System, for a detailed description). It is available only in system configuration file.

Allowed values are:

system

First execute the system section, then the user one.

user

First execute the user section, then the system one.

system-only

Execute only the system RULE section.

user-only

Execute only the user RULE section.

Option: control-priority value

Sets the order of processing CONTROL sections. This option is available only in system configuration file.

Allowed values are:

system

The system CONTROL section is processed first. Notice, that this means that the user may override the system settings in his configuration file. This is the default setting.

user

The user CONTROL section is processed first. Thus, the system-wide settings always override users' private settings.


This document was generated on May, 24 2014 using texi2html 1.76.