PIKT.conf
Here is a sample PIKT.conf configuration file. In actual practice, you would omit most of the fine-tuning options.
///////////////////////////////////////////////////////////////////////////////
// PIKT.conf sample file
// this file should go in the PIKT etcdir
///////////////////////////////////////////////////////////////////////////////
// general piktc-to-piktc_svc access parameters
// these are all required
uid 0 // defaults to root
master vienna.uppity.edu
domain uppity.edu
access local // access may be "local" or "global"
// optional:
// gid 0 // defaults to root
///////////////////////////////////////////////////////////////////////////////
// for the optional parameters, authenticate_by_master and
// authenticate_by_master_address, values may be any of:
// yes, YES, true, TRUE, on, ON, NO, false, FALSE, off, OFF;
// both authenticate_by_master and authenticate_by_master_address may
// be 'yes', but both may not be 'no'; if you set
// authenticate_by_master_address to 'yes', you must supply a master_address
// authenticate_by_master yes
// authenticate_by_master_address no
// master_address 111.222.123.123
///////////////////////////////////////////////////////////////////////////////
// encryption parameters
// auth_encryption_type 1 // 0 is none, 1 is blowfish
// data_encryption_type 1 // 0 is none, 1 is blowfish
// also: pvtkey
// private_key "what's up doc?" // private symmetric
// encryption key
///////////////////////////////////////////////////////////////////////////////
// directory overrides
// by default, every PIKT binary assumes it is located in a bin directory,
// just off the \=piktdir home directory; essential PIKT directories are
// assumed to be located in the \=piktdir tree; you can override these default
// locations using the optional parameters below
// homdir <home directory>
// bindir <bin directory>
// etcdir <etc directory>
// lokdir <lock file directory>
// libdir <lib directory>
// vardir <var directory>
// altdir <alerts directory>
// prgdir <programs directory>
// objdir <objects directory>
// cfgdir <configs directory>
// hstdir <histories directory>
// logdir <log directory>
///////////////////////////////////////////////////////////////////////////////
// command path overrides
// arpcmd /usr/sbin/arp
// catcmd /usr/bin/cat
// cksumcmd /usr/bin/cksum
// cpcmd /usr/bin/cp
// diffcmd /usr/bin/diff
// echocmd /usr/bin/echo
// egrepcmd /usr/bin/egrep
// filecmd /usr/bin/file
// nicecmd /usr/bin/nice
// pscmd /usr/bin/ps
// rmcmd /usr/bin/rm
// rpcinfocmd /usr/bin/rpcinfo
// scpcmd /usr/bin/scp
// sumcmd /usr/bin/sum
// tailcmd /usr/bin/tail
// trcmd /usr/bin/tr
///////////////////////////////////////////////////////////////////////////////
// piktc_svc-to-piktc_svc callback
// this setting controls whether the slave piktc_svc does a callback to the
// master piktc_svc to verify the validity of a received service request;
// call_back is optional; if it is omitted here, call_back is turned on by
// default
// values may be any of: yes, YES, true, TRUE, on, ON, for enablement; or
// no, NO, false, FALSE, off, OFF, for disablement
// call_back yes
///////////////////////////////////////////////////////////////////////////////
// piktc-to-piktc_svc access privileges
// these control what services the client-side piktc_svc will
// entertain; if you want to customize these across the different
// client systems, consider managing PIKT.conf from files.cfg
// all of these are optional; if any are omitted, all service(s) are
// enabled by default
// values may be any of: yes, YES, true, TRUE, on, ON, for enablement; or
// no, NO, false, FALSE, off, OFF, for disablement
// 'all_services yes/no' enables/disables all services; in the absence of
// any service specifications, 'all_services yes'--all services enabled--
// is the default; setting 'all_services no', you can then turn back on
// individual services selectively with '???_service yes', but be sure
// to put the all_services setting before any other; setting
// 'all_services no' is one way to disable all services, another is to
// kill the service daemon, of course
// all_services yes
// 'kill_service yes/no' enables/disables both of the following
// kill_piktd_service yes
// kill_piktc_svc_service yes
// 'restart_service yes/no' enables/disables both of the following
// restart_piktd_service yes
// restart_piktc_svc_service yes
// execute_service yes
// execute_commands_service yes // needed for fetch services
// execute_alerts_service yes // or: execute_scripts_service
// disable_alerts_service yes
// enable_alerts_service yes
// show_alerts_status_service yes
// 'install_service yes/no' enables/disables all of the following
// install_alerts_service yes // or: install_scripts_service
// install_programs_service yes
// install_files_service yes
// install_objects_service yes
// 'fetch_service yes/no' enables/disables all of the following
// fetch_alerts_service yes // or: fetch_scripts_service
// fetch_programs_service yes
// fetch_files_service yes
// fetch_objects_service yes
// 'cksum_service yes/no' enables/disables all of the following
// cksum_alerts_service yes // or: cksum_scripts_service
// cksum_programs_service yes
// cksum_files_service yes
// cksum_objects_service yes
// 'delete_service yes/no' enables/disables all of the following
// delete_alerts_service yes // or: delete_scripts_service
// delete_programs_service yes
// delete_files_service yes
// delete_objects_service yes
// 'list_service yes/no' enables/disables all of the following
// list_alerts_service yes // or: list_scripts_service
// list_programs_service yes
// list_files_service yes
// list_objects_service yes
///////////////////////////////////////////////////////////////////////////////
// other parameters
// for tcp_only, values may be any of: yes, YES, true, TRUE, on, ON, for tcp
// no, NO, false, FALSE, off, OFF, for both
// tcp_only no // use only TCP, not UDP, in any
// piktc-to-piktc_svc communications
// restart_piktc_svc_wait 5 // the number of seconds piktc will wait
// before verifying actual piktc_svc
// restart; the default is 5
// rpc_timeout 60 // the number of seconds piktc will wait for
// reply on a piktc -x (execute) request
// before timing out if no reply from the
// client; the default is 60
// rpc_retry_timeout 120 // the number of seconds piktc will wait for
// reply on a piktc -x (execute) request
// before retrying the request if no reply
// from the client; the default is 120,
// which turns off retry, in effect
// rpcinfo_retries 1 // the number of times piktc retries
// establishing contact with a remote
// piktc_svc; the default is 1 retry,
// i.e., two attempts maximum
// execcmdout_limit 1000000 // the number of characters returned by a
// 'piktc -x +C' command; the default is
// 1000000 characters
// verbose_log no // a 'yes' value turns on extra (less
// important) logging; the default is 'no'
// auto_syslog no // ordinarily, messages are sent to syslog
// by means of Pikt 'output syslog' statements;
// additionally, all program outputs, and all
// log messages of any type, can be sent to
// syslog if auto_syslog is set to 'yes';
// the default is 'no'
// syslog_facility 0 // can be a number from 0 to 7, corresponding
// to the syslog facilities local0 through
// local7; the default is 0 (for local0)
///////////////////////////////////////////////////////////////////////////////
(A note about page layout: In the interest of readability, we have added artificial line wraps in many examples. Even though displayed here broken up across several screen lines, in general quoted strings, preprocessor directives, macro definitions, .log & .conf entries, and so on should all be unbroken on a single line.)
For more examples, see Samples.
