لطفا منتظر باشید ...
6.3. Using Options Files
Before pppd parses its command-line
arguments, it scans several files for default options. These files
may contain any valid command-line arguments spread out across an
arbitrary number of lines. Hash signs introduce comments. The first
options file is /etc/ppp/options, which is
always scanned when pppd starts up. Using it to set some global
defaults is a good idea, because it allows you to keep your users
from doing several things that may compromise security. For instance,
to make pppd require some kind of authentication (either PAP or CHAP)
from the peer, you add the auth option to this
file. This option cannot be overridden by the user, so it becomes
impossible to establish a PPP connection with any system that is not
in your authentication databases. Note, however, that some options
can be overridden; the connect string is a good
example.The other options file, which is read after
/etc/ppp/options, is .ppprc
in the user's home directory. It allows each user to
specify her own set of default options.A sample /etc/ppp/options file might look like
this:
# Global options for pppd running on vlager.vbrew.com
lock # use UUCP-style device locking
auth # require authentication
usehostname # use local hostname for CHAP
domain vbrew.com # our domain name
The
lock keyword makes pppd comply to the standard
UUCP method of device locking. With this convention, each process
that accesses a serial device, say /dev/ttyS3,
creates a lock file with a name such as
LCK..ttyS3 in a special lock-file directory to
signal that the device is in use. This is necessary to prevent other
programs, such as minicom or
uucico, from opening the serial device while it
is used by PPP.The next three options relate to authentication and, therefore, to
system security. The authentication options are best placed in the
global configuration file because they are
"privileged" and cannot be
overridden by users' ~/.ppprc
options files.
