File: avahi-daemon.conf.5.xml.in

package info (click to toggle)
avahi 0.7-4
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 8,956 kB
  • sloc: ansic: 40,180; sh: 6,285; xml: 4,433; cs: 2,185; makefile: 1,706; python: 321; cpp: 222
file content (393 lines) | stat: -rw-r--r-- 16,685 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
<?xml version="1.0"?><!--*-nxml-*-->
<!DOCTYPE manpage SYSTEM "xmltoman.dtd">
<?xml-stylesheet type="text/xsl" href="xmltoman.xsl" ?>

<!--
  This file is part of avahi.

  avahi is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as
  published by the Free Software Foundation; either version 2.1 of the
  License, or (at your option) any later version.

  avahi is distributed in the hope that it will be useful, but WITHOUT
  ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
  Public License for more details.

  You should have received a copy of the GNU Lesser General Public
  License along with avahi; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
  USA.
-->

<manpage name="avahi-daemon.conf" section="5" desc="avahi-daemon configuration file">

  <synopsis>
    <cmd>@pkgsysconfdir@/avahi-daemon.conf</cmd>
  </synopsis>

  <description>
    <p><file>avahi-daemon.conf</file> is the configuration file for avahi-daemon.</p>
  </description>

  <section name="Section [Server]">

    <option>
      <p><opt>host-name=</opt> Set the host name avahi-daemon tries
      to register on the LAN. If omited defaults to the system host
      name as set with the sethostname() system call.</p>
    </option>

    <option>
      <p><opt>host-name-from-machine-id=</opt> Takes a boolean
      value ("yes" or "no"). If set to "yes" avahi-daemon
      will use the machine-id as name on the LAN.</p>
    </option>

    <option>
      <p><opt>domain-name=</opt> Set the default domain name avahi-daemon
      tries to register its host name and services on the LAN in. If
      omitted defaults to ".local".</p>
    </option>

    <option>
      <p><opt>browse-domains=</opt> Set a comma separated list of
      browsing domains (in addition to the default one and those
      announced inside the default browsing domain). Please note
      that the user may specify additional browsing domains on the
      client side, either by setting $AVAHI_BROWSE_DOMAINS to a list
      of colon separated domains or by adding them to the XDG config
      file <file>~/.config/avahi/browse-domains</file> (separated by
      newlines).</p>

    </option>

    <option>
      <p><opt>use-ipv4=</opt> Takes a boolean value ("yes" or
      "no"). If set to "no" avahi-daemon will not use IPv4
      sockets. Default is "yes".</p>
    </option>

    <option>
      <p><opt>use-ipv6=</opt> Takes a boolean value ("yes" or
      "no"). If set to "no" avahi-daemon will not use IPv6
      sockets. Default is "yes".</p>
    </option>

    <option>
      <p><opt>allow-interfaces=</opt> Set a comma separated list of
      allowed network interfaces that should be used by the
      avahi-daemon. Traffic on other interfaces will be ignored. If
      set to an empty list all local interfaces except loopback and
      point-to-point will be used.</p>
    </option>

    <option>
      <p><opt>deny-interfaces=</opt> Set a comma separated list of
      network interfaces that should be ignored by avahi-daemon.
      Other not specified interfaces will be used, unless
      <opt>allow-interfaces=</opt> is set. This option takes
      precedence over <opt>allow-interfaces=</opt>.</p>
    </option>

    <option>
      <p><opt>check-response-ttl=</opt> Takes a boolean value ("yes"
      or "no"). If set to "yes", an additional security check is
      activated: incoming IP packets will be ignored unless the IP
      TTL is 255. Earlier mDNS specifications required this
      check. Since this feature may be incompatible with newer
      implementations of mDNS it defaults to "no". On the other hand
      it provides extra security.</p>
    </option>

    <option>
      <p><opt>use-iff-running=</opt> Takes a boolean value ("yes" or
      "no"). If set to "yes" avahi-daemon monitors the IFF_RUNNING
      flag bit which is used by some (modern) network drivers to
      tell user space if a network cable is plugged in (in case of
      copper ethernet), or the network card is associated with some
      kind of network (in case of WLAN). If IFF_RUNNING is set
      avahi-daemon will automatically announce its services on that
      network. Unfortunately far too many network drivers do not
      support this flag or support it in a broken way. Therefore
      this option defaults to "no".</p>
    </option>

    <option>
      <p><opt>enable-dbus=</opt> Takes either "yes", "no" or
      "warn". If set to "yes" avahi-daemon connects to D-Bus,
      offering an object oriented client API. It is only available
      if Avahi has been compiled with <opt>--enable-dbus</opt> in
      which case it defaults to "yes". "warn" behaves like "yes",
      but the daemon starts up even when it fails to connect to a
      D-Bus daemon. In addition, if the connection to the D-Bus
      daemon is terminated we try to reconnect. (Unless we are in a
      chroot() environment where this definitely will fail.) </p>
    </option>

    <option>
      <p><opt>disallow-other-stacks=</opt> Takes a boolean value
      ("yes" or "no"). If set to "yes" no other process is allowed
      to bind to UDP port 5353. This effectively impedes other mDNS
      stacks from running on the host. Use this as a security
      measure to make sure that only Avahi is responsible for mDNS
      traffic. Please note that we do not recommend running multiple
      mDNS stacks on the same host simultaneously. This hampers
      reliability and is a waste of resources. However, to not annoy
      people this option defaults to "no".</p>
    </option>

    <option>
      <p><opt>allow-point-to-point=</opt> Takes a boolean value
      ("yes" or "no"). If set to "yes" avahi-daemon will make use of
      interfaces with the POINTOPOINT flag set. This option defaults
      to "no" as it might make mDNS unreliable due to usually large
      latencies with such links and opens a potential security hole
      by allowing mDNS access from Internet connections. Use with
      care and YMMV!</p>
    </option>

    <option>
      <p><opt>cache-entries-max=</opt> Takes an unsigned integer
      specifying how many resource records are cached per
      interface. Bigger values allow mDNS work correctly in large LANs
      but also increase memory consumption.</p>
    </option>

    <option>
      <p><opt>clients-max=</opt> Takes an unsigned integer. The
      maximum number of concurrent D-Bus clients allowed. If the
      maximum number is reached further clients will be refused until
      at least one existing client disconnects.</p>
    </option>

    <option>
      <p><opt>objects-per-client-max=</opt> Takes an unsigned
      integer. The maximum number of objects (entry groups, browsers,
      resolvers) that may be registered per D-Bus client at a time. If the
      maximum number is reached further object creation will be
      refused until at least one object is freed.</p>
    </option>

    <option>
      <p><opt>entries-per-entry-group-max=</opt> Takes an unsigned
      integer. The maximum number of entries (resource records) per
      entry group registered by a D-Bus client at a time. If the
      maximum number is reached further resource records may not be
      added to an entry group.</p>
    </option>

    <option>
      <p><opt>ratelimit-interval-usec=</opt> Takes an unsigned
      integer. Sets the per-interface packet rate-limiting interval
      parameter. Together with <opt>ratelimit-burst=</opt> this may be
      used to control the maximum number of packets Avahi will
      generated in a specific period of time on an interface.</p>
    </option>

    <option>
      <p><opt>ratelimit-burst=</opt> Takes an unsigned
      integer. Sets the per-interface packet rate-limiting burst
      parameter. Together with <opt>ratelimit-interval-usec=</opt> this may be
      used to control the maximum number of packets Avahi will
      generated in a specific period of time on an interface.</p>
    </option>
  </section>

  <section name="Section [wide-area]">
    <option>
      <p><opt>enable-wide-area=</opt> Takes a boolean value
      ("yes" or "no"). Enable wide-area DNS-SD, aka
      DNS-SD over unicast DNS. If this is enabled only domains
      ending in .local will be resolved on mDNS, all other domains
      are resolved via unicast DNS. If you want to maintain multiple
      different multicast DNS domains even with this option enabled
      we encourage you to use subdomains of .local, such as
      "kitchen.local". This option defaults to "yes".</p>
    </option>

  </section>

  <section name="Section [publish]">

    <option><p><opt>disable-publishing=</opt> Takes a boolean value
    ("yes" or "no"). If set to "yes", no record will be published by
    Avahi, not even address records for the local host. Avahi will
    be started in a querying-only mode. Use this is a security
    measure. This option defaults to "no"</p></option>

    <option><p><opt>disable-user-service-publishing=</opt> Takes a boolean value
    ("yes" or "no"). If set to "yes", Avahi will still publish
    address records and suchlike but will not allow user
    applications to publish services. Use this is a security
    measure. This option defaults to "no"</p></option>

    <option>
      <p><opt>add-service-cookie=</opt> Takes a boolean value ("yes"
      or "no"). If set to "yes" an implicit TXT entry will be added
      to all locally registered services, containing a cookie value
      which is chosen randomly on daemon startup. This can be used
      to detect if two services on two different
      interfaces/protocols are actually identical. Defaults to
      "no".</p>
    </option>

    <option>
      <p><opt>publish-addresses=</opt> Takes a boolean value ("yes"
      or "no"). If set to "yes" avahi-daemon will register mDNS
      address records for all local IP addresses. Unless you want to
      use avahi-daemon exclusively for browsing it's recommended to
      enable this. If you plan to register local services you need
      to enable this option. Defaults to "yes".</p>
    </option>

    <option>
      <p><opt>publish-hinfo=</opt> Takes a boolean value ("yes" or
      "no"). If set to "yes" avahi-daemon will register an mDNS
      HINFO record on all interfaces which contains information
      about the local operating system and CPU, which might be
      useful for administrative purposes. This is recommended by the
      mDNS specification but not required. For the sake of privacy
      you might choose to disable this feature. Defaults to
      "no".</p>
    </option>

    <option>
      <p><opt>publish-workstation=</opt> Takes a boolean value
      ("yes" or "no"). If set to "yes" avahi-daemon will register a
      service of type "_workstation._tcp" on the local LAN. This
      might be useful for administrative purposes (i.e. browse for
      all PCs on the LAN), but is not required or recommended by any
      specification. Newer MacOS X releases register a service of
      this type. Defaults to "no".</p>
    </option>

    <option>
      <p><opt>publish-domain=</opt> Takes a boolean value ("yes" or
      "no"). If set to "yes" avahi-daemon will announce the locally
      used domain name (see above) for browsing by other
      hosts. Defaults to "yes".</p>
    </option>

    <option>
      <p><opt>publish-dns-servers=</opt> Takes a comma separated
      list of IP addresses for unicast DNS servers. You can use this
      to announce unicast DNS servers via mDNS. When used in
      conjunction with avahi-dnsconfd on the client
      side this allows DHCP-like configuration of unicast DNS
      servers.</p>
    </option>

    <option>
      <p><opt>publish-resolv-conf-dns-servers=</opt> Takes a boolean
      value ("yes" or "no"). If set to "yes" avahi-daemon will
      publish the unicast DNS servers specified in
      <file>/etc/resolv.conf</file> in addition to those specified
      with <opt>publish-dns-servers</opt>. Send avahi-daemon a
      SIGHUP to have it reload this file. Defaults to "no".</p>
    </option>

    <option>
      <p><opt>publish-aaaa-on-ipv4=</opt> Takes a boolean value
      ("yes" or "no"). If set to "yes" avahi-daemon will publish an
      IPv6 AAAA record via IPv4, i.e. the local IPv6 addresses can be
      resolved using an IPv4 transport. Only useful when IPv4 is
      enabled with <opt>use-ipv4=true</opt>. Defaults to "yes".</p>
    </option>

    <option>
      <p><opt>publish-a-on-ipv6=</opt> Takes a boolean value
      ("yes" or "no"). If set to "yes" avahi-daemon will publish an
      IPv4 A record via IPv6, i.e. the local IPv4 addresses can be
      resolved using an IPv6 transport. Only useful when IPv6 is
      enabled with <opt>use-ipv6=true</opt>. Defaults to "no".</p>
    </option>

  </section>

  <section name="Section [reflector]">
    <option>
      <p><opt>enable-reflector=</opt> Takes a boolean value ("yes"
      or "no"). If set to "yes" avahi-daemon will reflect incoming
      mDNS requests to all local network interfaces, effectively
      allowing clients to browse mDNS/DNS-SD services on all
      networks connected to the gateway. The gateway is somewhat
      intelligent and should work with all kinds of mDNS traffic,
      though some functionality is lost (specifically the unicast
      reply bit, which is used rarely anyway). Make sure to not run
      multiple reflectors between the same networks, this might
      cause them to play Ping Pong with mDNS packets. Defaults to
      "no".</p>
    </option>

    <option>
      <p><opt>reflect-ipv=</opt> Takes a boolean value ("yes" or
      "no"). If set to "yes" and <opt>enable-reflector</opt> is
      enabled, avahi-daemon will forward mDNS traffic between IPv4
      and IPv6, which is usually not recommended. Defaults to "no".</p>
    </option>
  </section>

  <section name="Section [rlimits]">
    <p>This section is used to define system resource limits for the
    daemon. See <manref section="2" name="setrlimit"/> for more
    information. If any of the options is not specified in the configuration
    file, avahi-daemon does not change it from the system
    defaults.</p>

    <option>
      <p><opt>rlimit-as=</opt> Value in bytes for RLIMIT_AS (maximum size of the process's virtual memory). Sensible values are heavily system dependent.</p>
    </option>

    <option>
      <p><opt>rlimit-core=</opt> Value in bytes for RLIMIT_CORE (maximum core file size). Unless you want to debug avahi-daemon, it is safe to set this to 0.</p>
    </option>

    <option>
      <p><opt>rlimit-data=</opt> Value in bytes for RLIMIT_DATA (maximum size of the process's data segment). Sensible values are heavily system dependent.</p>
    </option>

    <option>
      <p><opt>rlimit-fsize=</opt> Value for RLIMIT_FSIZE (maximum size of files the process may create). Since avahi-daemon shouldn't write any files to disk, it is safe to set this to 0.</p>
    </option>

    <option>
      <p><opt>rlimit-nofile=</opt> Value for RLIMIT_NOFILE (open file descriptors). avahi-daemon shouldn't need more than 15 to 20 open file descriptors concurrently.</p>
    </option>

    <option>
      <p><opt>rlimit-stack=</opt> Value in bytes for RLIMIT_STACK (maximum size of the process stack). Sensible values are heavily system dependent.</p>
    </option>

		<option>
			<p><opt>rlimit-nproc=</opt> Value for RLIMIT_NPROC (max number of
				processes a user can launch). avahi-daemon forks of a helper process on
				systems where <manref name="chroot" section="2"/> is available
				therefore this value should not be set below 2. Note that while the
				process limit only applies to this process, the total count of
				processes to reach that limit includes all processes on the system with
				the same UID, including any containers without UID remapping (such as
				lxd containers with security.privileged=true).  The default
				configuration of 3 was removed to prevent problems in this
				scenario.</p>
		</option>
  </section>

  <section name="Authors">
    <p>The Avahi Developers &lt;@PACKAGE_BUGREPORT@&gt;; Avahi is
    available from <url href="@PACKAGE_URL@"/></p>
  </section>

  <section name="See also">
    <p>
      <manref name="avahi-daemon" section="8"/>, <manref name="avahi-dnsconfd" section="8"/>
    </p>
  </section>

  <section name="Comments">
    <p>This man page was written using <manref name="xml2man" section="1"
    href="http://masqmail.cx/xml2man/"/> by Oliver Kurth.</p>
  </section>

</manpage>