zorpctl.conf - zorpctl(8) global options

The zorpctl.conf file describes various global options affecting zorpctl(8) behaviour.

Empty lines and lines beginning with '#' are comments and are ignored by zorpctl. Each non-empty line specifies a variable name and value separated by the equal sign ('=').

The following variables are defined:

AUTO_RESTART

Enable the automatic restart feature of zorpctl. Instances in auto-restart mode are restarted automatically when they exit. (default: 1)

AUTO_RESTART_TIME_THRESHOLD

If a restarted instance exits within this interval (specified as number of seconds), the attempt is considered as failure. (default: 60)

AUTO_RESTART_MAX_COUNT

When the number of failed restarts reaches this number, zorp will not automatically be restarted again, and a log message is printed to the system log. (default: 3)

AUTO_RESTART_DELAY

The number of seconds to wait before the Zorp instance is restarted.

STOP_CHECK_DELAY

The rate (delay in seconds) to check a stopping Zorp instance at.

STOP_CHECK_TIMEOUT

The number of seconds to wait for a stopping Zorp instance.

START_CHECK_TIMEOUT

In auto-restart mode there is no really no way to detect whether Zorp failed to load or not. Zorpctl in this case waits up to START_CHECK_TIMEOUT seconds and assumes that Zorp loaded successfully if it does not exit within this interval. Default value: 5 seconds.

START_WAIT_TIMEOUT

In no-auto-restart mode it is possible to know whether Zorp was loaded correctly or not by telling Zorp to daemonize itself and wait for the parent to exit. This parameter specifies the maximum number of seconds to wait for Zorp to daemonize itself. Default value: 60 seconds.

PROCESS_LIMIT_MIN

The minimum process limit (ulimit -u) specified for Zorp when the calculated process limit (based on the --threads parameter) would result a lower value. (default: 256)

PROCESS_LIMIT_RESERVE

The number of extra processes to allocate limit for (e.g. for proxy modules that are known to spawn new processes). (default: 64)

FD_LIMIT_THRESHOLD

The expected maximal number of file descriptor openened by the threads. The global fd limit is this number multiplied by the thread limit. (default: 64)

FD_LIMIT_MIN

The minimum fd limit (ulimit -n) specified for Zorp when the calculated fd limit (based on the --threads and FD_LIMIT_THRESHOLD parameters) would result a lower value. (default: 1024)

ZORP_APPEND_ARGS

The zorp-specific arguments to append to the command line of each Zorp instance. Also recognised as APPEND_ARGS (deprecated). (default: "")

ZORPCTL_APPEND_ARGS

The zorpctl-specific arguments to append to the command line of each instance. (default: "")

CHECK_PERMS

Whether to check permissions of the Zorp configuration directory. (default: 1)

CONFIG_DIR

The path to the Zorp configuration directory to check if CHECK_PERMS is enabled. NOTE: it does not change the Zorp policy file argument, this parameter is only used by the permission validating code. (default: ${prefix}/etc/zorp)

CONFIG_DIR_OWNER, CONFIG_DIR_GROUP, CONFIG_DIR_MODE

The owner/group/permissions values considered as valid for the configuration directory. zorpctl fails if the actual values do not match them. (default: root.zorp, 0750)

PIDFILE_DIR

The path to the Zorp pid file directory. It is created if it does not exist, before Zorp is started. NOTE: it does not pass a --pidfile argument to Zorp, only checks if the directory exists. (default: /var/run/zorp)

PIDFILE_DIR_OWNER, PIDFILE_DIR_GROUP, PIDFILE_DIR_MODE

The owner/group/permission values the pidfile directory is created with if it did not exist. (default: root.root, 0700)

The default location for zorpctl.conf is /etc/zorp/zorpctl.conf.

This manual page was written by Balázs Scheidler <bazsi@balabit.hu>.