Path Specification statements are global parameters used to configure any special file paths or directories that racoon may need to function correctly.
Configuration Example
In our configuration example, we use two path statements as shown below:
# # Path Specifications # path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon/cert"; |
Path statements from our example racoon.conf configuration file.
The preshared key file path statement specifies the location of the file that contains our preshared key values. This statement is required if you plan to use a preshared key mode for Client authentication.
Certificate Directory Path
The certificate directory path statement specifies the directory that will contain any RSA certificates. This statement is required if you plan to use an RSA mode for Client authentication.
Reference
This section specifies various paths used by racoon. When running in privilege separation mode, certificate and script paths are mandatory, and you need to restart racoon if you want to change them.
The following are valid statements:
path include path |
Specifies a path to include a file |
path pre_shared_key file |
Specifies a file containing pre-shared key(s) for various ID(s). See Pre-shared key File. |
path certificate path |
Racoon will search this directory if a certificate or certificate request is received. If you run with privilege separation, racoon will refuse to use a certificate stored outside of this directory. |
path backupsa file |
Specifies a file to which SA information negotiated by racoon should be stored. Racoon will install SA(s) from the file when started with the -B flag. The file is growing because racoon simply adds SAs to it. You should maintain the file manually |
path script path |
Racoon will search this directory for scripts hooks. If you run with privilege separation, racoon will refuse to execute a script stored outside of this directory. |
path pidfile file |
Specifies a file to store the PID ( process id ). If path starts with / it is treated as an absolute path; otherwise, relative to VARRUN directory specified at compilation time. Default is racoon.pid. |