| File | Purpose |
|---|
| /etc/centrallix.conf | Main configuration file |
| /etc/centrallix/rootnode | ObjectSystem root object, usually specifies the directory where the ObjectSystem is located |
| /etc/centrallix/cxpasswd | Typical name for the "alternate password" file, when not using /etc/shadow for user authentication |
| /etc/centrallix/types.cfg | Master list of MIME types used by Centrallix |
| /etc/centrallix/useragent.cfg | User agent (browser) signatures and capabilities database |
| /etc/centrallix/inode.map | Persistent inode mapping file used by the Centrallix NFS server (experimental) |
| /usr/lib/centrallix | Typical location for add-on modules |
| /var/centrallix/os | Typical location for the filesystem-based ObjectSystem |
| Option | Description |
|---|
| types_config | Location (in the local filesystem) of the 'types.cfg' file. Usually /etc/centrallix/types.cfg |
| useragent_config | Location (in the local filesystem) of the 'useragent.cfg' file. Usually /etc/centrallix/useragent.cfg |
| rootnode_type | The MIME type of the rootnode file. Usually this is the Centrallix special type "system/uxfile", indicating that the ObjectSystem lies in a local filesystem directory, much like a webserver "document root" |
| rootnode_file | The location of the rootnode file, typically /etc/centrallix/rootnode |
| iface_dir | The location (in the ObjectSystem) where component interface specifications are stored |
| enable_send_credentials | Either 1 or 0. When set to 1, this permits Centrallix to use the user's logon credentials to connect to other resources (such as a database server), behavior which is typically configured on a per-resource basis (such as in a _DB file for Sybase, for example). Note: at present, without the policy-based security subsystem, turning this option on has risks, since a malicious logged-in user could create a _DB file or whatnot which could conceivably connect to a malicious server, resulting in exposure of a user's credentials. |
| net_http/listen_port | The TCP port that the HTTP server in Centrallix should listen on. Default 800. |
| net_http/server_string | The value (in the HTTP Server: header) that Centrallix identifies itself as. Change this to just "Centrallix" if you want to hide the version number, and change it to something like "Apache" to attempt to hide the fact that you're running Centrallix |
| net_http/session_cookie | The name of the HTTP cookie that Centrallix uses to identify a user's session. The default is "CXID". |
| net_http/auth_realm | The "realm" users are presented with for HTTP Basic authentication |
| net_http/session_watchdog_timer | How long (in seconds) before a user's session will be terminated if the user closes the browser window or browses to a different website (default 180) |
| net_http/session_inactivity_timer | How long (in seconds) before a user's session will be terminated if the user leaves the Centrallix application open but does not use it (default 1800) |
| net_http/accept_localhost_only | Either 1 or 0. If set to 1, Centrallix will reject connections from all IP addresses except 127.0.0.1. |
| net_http/x_frame_options | "none", "deny", or "sameorigin" (the default). Controls the anti-clickjacking countermeasure HTTP header X-Frame-Options, which applies when the Centrallix server renders a widget/page, widget/frameset, or widget/component-decl, and can be overriden by those widgets (see widget reference for details). When set to "none", no restrictions are in effect. "deny" means that the frameset, page, or component cannot render inside a frame or iframe. "sameorigin" means that the frame or iframe have to originate from the same server. NOTE: using "deny" will prevent a widget/component-decl from being loaded dynamically, though components can still be used statically. If "deny" is needed, you will need to override it on a per-component basis in order to use dynamic-load components. Available in Centrallix 0.9.2 and newer. |
| net_http/dir_index | Filenames that should be used by the HTTP server if the user opens a directory |
| mtsession/auth_method | The authentication method. Either "system" to use /etc/passwd and /etc/shadow, or "altpasswd" to use an alternate password file such as /etc/centrallix/cxpasswd. |
| mtsession/altpasswd_file | When using "altpasswd" authentication, this is the location of the password file to use. Use a utility such as "htpasswd" to build the altpasswd_file |
| mtsession/log_method | Where to log errors. Either "stdout" to log errors on standard output, or "syslog" to log errors using the system log daemon |
| mtsession/log_all_errors | Whether to log all errors (yes) or just those occurring outside of a user's session (no) |
| mtsession/log_progname | The program name to use when logging via syslog |
| modules/*/enable_module | Valid in a module configuration entry. Set to "yes" to enable the module, "no" to disable it. |
| modules/*/path | The location of the module, usually in /usr/lib/centrallix |
| modules/*/type | The type of the module. Modules can be ObjectSystem drivers "osdriver", or network drivers "netdriver". |
