mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2024-09-21 10:27:19 +00:00
README.md/sample.config: underline the need for a dedicated user
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
This commit is contained in:
parent
bf8b22f3b9
commit
e75e8d2471
@ -114,7 +114,10 @@ $ certtool --generate-self-signed --load-privkey test-key.pem --outfile test-cer
|
||||
```
|
||||
(make sure you enable encryption or signing)
|
||||
|
||||
To run the server on the foreground edit the [sample.config](doc/sample.config) and then run:
|
||||
|
||||
Create a dedicated user and group for the server unprivileged processes
|
||||
(e.g., 'ocserv'), and then edit the [sample.config](doc/sample.config)
|
||||
and set these users on run-as-user and run-as-group options. The run:
|
||||
```
|
||||
# cd doc && ../src/ocserv -f -c sample.config
|
||||
```
|
||||
|
@ -107,8 +107,9 @@ udp-port = 443
|
||||
#
|
||||
#listen-clear-file = /var/run/ocserv-conn.socket
|
||||
|
||||
# The user the worker processes will be run as. It should be
|
||||
# unique (no other services run as this user).
|
||||
# The user the worker processes will be run as. This should be a dedicated
|
||||
# unprivileged user (e.g., 'ocserv') and no other services should run as this
|
||||
# user.
|
||||
run-as-user = nobody
|
||||
run-as-group = daemon
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user