doc/connman-service.config.5.in - pub/scm/network/connman/connman - Git at Google

 .\" connman-service.config(5) manual page
 .\"
 .\" Copyright (C) 2015 Intel Corporation
 .\"
 .TH "service-name.config" "5" "2015-10-15" ""
 .SH NAME
 service-name.config \- ConnMan service provisioning file
 .SH SYNOPSIS
 .B @storagedir@/\fIservice-name\fB.config
 .SH DESCRIPTION
 .P
 \fIConnMan\fP's services are configured with so called
 "\fBprovisioning files\fP" which reside under \fI@storagedir@/\fP.
 The files can be named anything, as long as they end in \fB.config\fP.
 The provisioning files can be used to configure for example secured
 wireless access points which need complex authentication, for example
 eduroam, or for static IPs and so on. Each provisioning file can be
 used for multiple services at once.
 .SH "FILE FORMAT"
 .P
 The configuration file format is key file format.
 It consists of sections (groups) of key-value pairs.
 Lines beginning with a '#' and blank lines are considered comments.
 Sections are started by a header line containing the section enclosed
 in '[' and ']', and ended implicitly by the start of the next section
 or the end of the file. Each key-value pair must be contained in a section.
 .P
 Description of sections and available keys follows:
 .SS [global]
 This section is optional, and can be used to describe the actual file. The
 two allowed fields for this section are:
 .TP
 .BI Name= name
 Name of the network.
 .TP
 .BI Description= description
 Description of the network.
 .SS [service_*]
 Each provisioned service must start with a [service_*] tag, with * replaced
 by an unique name within the file.
 The allowed fields are:
 .TP
 .B Type=ethernet \fR|\fB wifi
 Mandatory. Other types than ethernet or wifi are not supported.
 .TP
 .BI IPv4=off \ \fR|\  dhcp\ \fR|\  network / netmask / gateway
 IPv4 settings for the service. If set to \fBoff\fP, IPv4 won't be used.
 If set to \fBdhcp\fP, dhcp will be used to obtain the network settings.
 \fInetmask\fP can be specified as length of the mask rather than the
 mask itself. The gateway can be omitted when using a static IP.
 .TP
 .BI IPv6=off \ \fR|\  auto\ \fR|\  network / prefixlength / gateway
 IPv6 settings for the service. If set to \fBoff\fP, IPv6 won't be used.
 If set to \fBauto\fP, settings will be obtained from the network.
 .TP
 .B IPv6.Privacy=disabled \fR|\fB enabled \fR|\fB preferred
 IPv6 privacy settings as per RFC3041.
 .TP
 .BI MAC= address
 MAC address of the interface to be used. If not specified, the first
 found interface is used. Must be in format ab:cd:ef:01:23:45.
 .TP
 .BI Nameservers= servers
 Comma separated list of nameservers.
 .TP
 .BI SearchDomains= domains
 Comma separated list of DNS search domains.
 .TP
 .BI Timeservers= servers
 Comma separated list of timeservers.
 .TP
 .BI Domain= domain
 Domain name to be used.
 .TP
 The following keys can only be used for wireless networks:
 .TP
 .BI Name= name
 A string representation of an network SSID. If the SSID field is
 present, the Name field is ignored. If the SSID field is not present,
 this field is mandatory.
 .TP
 .BI SSID= ssid
 SSID: A hexadecimal representation of an 802.11 SSID. Use this format to
 encode special characters including starting or ending spaces.
 .TP
 .BI Passphrase= passphrase
 RSN/WPA/WPA2 Passphrase.
 .TP
 .BI Security= type
 The security type of the network. Possible values are \fBpsk\fP
 (WPA/WPA2 PSK), \fBieee8021x\fP (WPA EAP), \fBnone\fP and \fBwep\fP.
 When not set, the default value is \fBieee8021x\fP if an EAP type is
 configured, \fBpsk\fP if a passphrase is present and \fBnone\fP otherwise.
 .TP
 .B Hidden=true \fR|\fB false
 If set to \fBtrue\fP, then this AP is hidden. If missing or set to
 \fBfalse\fP, then AP is not hidden.
 .TP
 .B EAP=tls \fR|\fB ttls \fR|\fB peap
 EAP type to use. Only \fBtls\fP, \fBttls\fP and \fBpeap\fP are supported.
 .TP
 .BI CACertFile= file
 Path to the CA certificate file. Only PEM and DER formats are supported.
 .TP
 .BI PrivateKeyFile= file
 Path to the private key file. Only PEM, DER and PFX formats are supported.
 .TP
 .BI PrivateKeyPassphrase= passphrase
 Passphrase of the private key.
 .TP
 .B PrivateKeyPassphraseType=fsid
 If specified, use the private key's fsid as the passphrase, and ignore the
 PrivateKeyPassphrase field.
 .TP
 .BI Identity= identity
 Identity string for EAP.
 .TP
 .BI AnonymousIdentity= identity
 Anonymous identity string for EAP.
 .TP
 .BI Phase2= type
 Inner authentication type with for \fBEAP=tls\fP or \fBEAP=ttls\fP. Prefix
 the value with \fBEAP-\fP to indicate usage of EAP-based authentication
 method (should only be used with \fBEAP=ttls\fP).
 .SH "EXAMPLE"
 .SS Eduroam
 This is a configuration file for eduroam networks. This file could for
 example be @storagedir@/eduroam.config. Your university's exact
 settings might be different.
 .PP
 .nf
 [service_eduroam]
 Type = wifi
 Name = eduroam
 EAP = peap
 Phase2 = MSCHAPV2
 CACertFile = /etc/ssl/certs/UNIV_CA.crt
 .fi
 .SS Complex networking
 This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
 EAP-PEAP services. The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid
 and the file name could be @storagedir@/complex.config.
 .PP
 Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
 746c735f73736964"). If your SSID does not contain any exotic character then
 you should use the Name entry instead (e.g. "Name = tls_ssid").
 .PP
 .nf
 [global]
 Name = Example
 Description = Example network configuration

 [service_tls]
 Type = wifi
 SSID = 746c735f73736964
 EAP = tls
 CACertFile = /home/user/.certs/ca.pem
 ClientCertFile = /home/user/devlp/.certs/client.pem
 PrivateKeyFile = /home/user/.certs/client.fsid.pem
 PrivateKeyPassphraseType = fsid
 Identity = user

 [service_ttls]
 Type = wifi
 Name = ttls_ssid
 EAP = ttls
 CACertFile = /home/user/.cert/ca.pem
 Phase2 = MSCHAPV2
 Identity = user

 [service_peap]
 Type = wifi
 Name = peap_ssid
 EAP = peap
 CACertFile = /home/user/.cert/ca.pem
 Phase2 = MSCHAPV2
 Identity = user

 [service_home_ethernet]
 Type = ethernet
 IPv4 = 192.168.1.42/255.255.255.0/192.168.1.1
 IPv6 = 2001:db8::42/64/2001:db8::1
 MAC = 01:02:03:04:05:06
 Nameservers = 10.2.3.4,192.168.1.99
 SearchDomains = my.home,isp.net
 Timeservers = 10.172.2.1,ntp.my.isp.net
 Domain = my.home

 [service_home_wifi]
 Type = wifi
 Name = my_home_wifi
 Passphrase = password
 IPv4 = 192.168.2.2/255.255.255.0/192.168.2.1
 MAC = 06:05:04:03:02:01
 .fi
 .SH "SEE ALSO"
 .BR connman (8)
	.\" connman-service.config(5) manual page
	.\"
	.\" Copyright (C) 2015 Intel Corporation
	.\"
	.TH "service-name.config" "5" "2015-10-15" ""
	.SH NAME
	service-name.config \- ConnMan service provisioning file
	.SH SYNOPSIS
	.B @storagedir@/\fIservice-name\fB.config
	.SH DESCRIPTION
	.P
	\fIConnMan\fP's services are configured with so called
	"\fBprovisioning files\fP" which reside under \fI@storagedir@/\fP.
	The files can be named anything, as long as they end in \fB.config\fP.
	The provisioning files can be used to configure for example secured
	wireless access points which need complex authentication, for example
	eduroam, or for static IPs and so on. Each provisioning file can be
	used for multiple services at once.
	.SH "FILE FORMAT"
	.P
	The configuration file format is key file format.
	It consists of sections (groups) of key-value pairs.
	Lines beginning with a '#' and blank lines are considered comments.
	Sections are started by a header line containing the section enclosed
	in '[' and ']', and ended implicitly by the start of the next section
	or the end of the file. Each key-value pair must be contained in a section.
	.P
	Description of sections and available keys follows:
	.SS [global]
	This section is optional, and can be used to describe the actual file. The
	two allowed fields for this section are:
	.TP
	.BI Name= name
	Name of the network.
	.TP
	.BI Description= description
	Description of the network.
	.SS [service_*]
	Each provisioned service must start with a [service_] tag, with replaced
	by an unique name within the file.
	The allowed fields are:
	.TP
	.B Type=ethernet \fR\|\fB wifi
	Mandatory. Other types than ethernet or wifi are not supported.
	.TP
	.BI IPv4=off \ \fR\|\ dhcp\ \fR\|\ network / netmask / gateway
	IPv4 settings for the service. If set to \fBoff\fP, IPv4 won't be used.
	If set to \fBdhcp\fP, dhcp will be used to obtain the network settings.
	\fInetmask\fP can be specified as length of the mask rather than the
	mask itself. The gateway can be omitted when using a static IP.
	.TP
	.BI IPv6=off \ \fR\|\ auto\ \fR\|\ network / prefixlength / gateway
	IPv6 settings for the service. If set to \fBoff\fP, IPv6 won't be used.
	If set to \fBauto\fP, settings will be obtained from the network.
	.TP
	.B IPv6.Privacy=disabled \fR\|\fB enabled \fR\|\fB preferred
	IPv6 privacy settings as per RFC3041.
	.TP
	.BI MAC= address
	MAC address of the interface to be used. If not specified, the first
	found interface is used. Must be in format ab:cd:ef:01:23:45.
	.TP
	.BI Nameservers= servers
	Comma separated list of nameservers.
	.TP
	.BI SearchDomains= domains
	Comma separated list of DNS search domains.
	.TP
	.BI Timeservers= servers
	Comma separated list of timeservers.
	.TP
	.BI Domain= domain
	Domain name to be used.
	.TP
	The following keys can only be used for wireless networks:
	.TP
	.BI Name= name
	A string representation of an network SSID. If the SSID field is
	present, the Name field is ignored. If the SSID field is not present,
	this field is mandatory.
	.TP
	.BI SSID= ssid
	SSID: A hexadecimal representation of an 802.11 SSID. Use this format to
	encode special characters including starting or ending spaces.
	.TP
	.BI Passphrase= passphrase
	RSN/WPA/WPA2 Passphrase.
	.TP
	.BI Security= type
	The security type of the network. Possible values are \fBpsk\fP
	(WPA/WPA2 PSK), \fBieee8021x\fP (WPA EAP), \fBnone\fP and \fBwep\fP.
	When not set, the default value is \fBieee8021x\fP if an EAP type is
	configured, \fBpsk\fP if a passphrase is present and \fBnone\fP otherwise.
	.TP
	.B Hidden=true \fR\|\fB false
	If set to \fBtrue\fP, then this AP is hidden. If missing or set to
	\fBfalse\fP, then AP is not hidden.
	.TP
	.B EAP=tls \fR\|\fB ttls \fR\|\fB peap
	EAP type to use. Only \fBtls\fP, \fBttls\fP and \fBpeap\fP are supported.
	.TP
	.BI CACertFile= file
	Path to the CA certificate file. Only PEM and DER formats are supported.
	.TP
	.BI PrivateKeyFile= file
	Path to the private key file. Only PEM, DER and PFX formats are supported.
	.TP
	.BI PrivateKeyPassphrase= passphrase
	Passphrase of the private key.
	.TP
	.B PrivateKeyPassphraseType=fsid
	If specified, use the private key's fsid as the passphrase, and ignore the
	PrivateKeyPassphrase field.
	.TP
	.BI Identity= identity
	Identity string for EAP.
	.TP
	.BI AnonymousIdentity= identity
	Anonymous identity string for EAP.
	.TP
	.BI Phase2= type
	Inner authentication type with for \fBEAP=tls\fP or \fBEAP=ttls\fP. Prefix
	the value with \fBEAP-\fP to indicate usage of EAP-based authentication
	method (should only be used with \fBEAP=ttls\fP).
	.SH "EXAMPLE"
	.SS Eduroam
	This is a configuration file for eduroam networks. This file could for
	example be @storagedir@/eduroam.config. Your university's exact
	settings might be different.
	.PP
	.nf
	[service_eduroam]
	Type = wifi
	Name = eduroam
	EAP = peap
	Phase2 = MSCHAPV2
	CACertFile = /etc/ssl/certs/UNIV_CA.crt
	.fi
	.SS Complex networking
	This is a configuration file for a network providing EAP-TLS, EAP-TTLS and
	EAP-PEAP services. The respective SSIDs are tls_ssid, ttls_ssid and peap_ssid
	and the file name could be @storagedir@/complex.config.
	.PP
	Please note that the SSID entry is for hexadecimal encoded SSID (e.g. "SSID =
	746c735f73736964"). If your SSID does not contain any exotic character then
	you should use the Name entry instead (e.g. "Name = tls_ssid").
	.PP
	.nf
	[global]
	Name = Example
	Description = Example network configuration

	[service_tls]
	Type = wifi
	SSID = 746c735f73736964
	EAP = tls
	CACertFile = /home/user/.certs/ca.pem
	ClientCertFile = /home/user/devlp/.certs/client.pem
	PrivateKeyFile = /home/user/.certs/client.fsid.pem
	PrivateKeyPassphraseType = fsid
	Identity = user

	[service_ttls]
	Type = wifi
	Name = ttls_ssid
	EAP = ttls
	CACertFile = /home/user/.cert/ca.pem
	Phase2 = MSCHAPV2
	Identity = user

	[service_peap]
	Type = wifi
	Name = peap_ssid
	EAP = peap
	CACertFile = /home/user/.cert/ca.pem
	Phase2 = MSCHAPV2
	Identity = user

	[service_home_ethernet]
	Type = ethernet
	IPv4 = 192.168.1.42/255.255.255.0/192.168.1.1
	IPv6 = 2001:db8::42/64/2001:db8::1
	MAC = 01:02:03:04:05:06
	Nameservers = 10.2.3.4,192.168.1.99
	SearchDomains = my.home,isp.net
	Timeservers = 10.172.2.1,ntp.my.isp.net
	Domain = my.home

	[service_home_wifi]
	Type = wifi
	Name = my_home_wifi
	Passphrase = password
	IPv4 = 192.168.2.2/255.255.255.0/192.168.2.1
	MAC = 06:05:04:03:02:01
	.fi
	.SH "SEE ALSO"
	.BR connman (8)