diff options
| author | Stef Walter <stefw@gnome.org> | 2012-04-01 21:53:04 +0200 |
|---|---|---|
| committer | Stef Walter <stefw@gnome.org> | 2012-04-01 21:53:04 +0200 |
| commit | a899d9be0cab72dcfe00f100527c52ea598fed70 (patch) | |
| tree | 8b2e58d055a1cf8e5fced45195a3ffb598eef9c4 /doc/p11-kit-config.xml | |
| parent | af8d28014f97ab0d9e4d00961e72aefd7adb470b (diff) | |
Add enable-in and disable-in options to module config
* These can be used to load certain modules in certain
programs, or prevent loading in others.
* Useful for a key manager like seahorse, so we can load
extra modules (think NSS) that other modules shouldn't
load.
Diffstat (limited to 'doc/p11-kit-config.xml')
| -rw-r--r-- | doc/p11-kit-config.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/doc/p11-kit-config.xml b/doc/p11-kit-config.xml index 7c28f86..11fb41f 100644 --- a/doc/p11-kit-config.xml +++ b/doc/p11-kit-config.xml @@ -140,8 +140,35 @@ critical: yes <para>This argument is optional and defaults to <literal>no</literal>.</para> </listitem> </varlistentry> + <varlistentry> + <term>enable-in:</term> + <listitem> + <para>A comma and/or space separated list of names of programs that + this module should only be loaded in. The module will not be loaded + for other programs using p11-kit. The base name of the process executable + should be used here, for example + <literal>seahorse, ssh</literal>.</para> + <para>This is not a security feature. The argument is optional. If + not present, then any process will load the module.</para> + </listitem> + </varlistentry> + <varlistentry> + <term>disable-in:</term> + <listitem> + <para>A comma and/or space separated list of names of programs that + this module should not be loaded in. The module will be loaded for any + other programs using p11-kit. The base name of the process + executable should be used here, for example + <literal>firefox, thunderbird-bin</literal>.</para> + <para>This is not a security feature. The argument is optional. If + not present, then any process will load the module.</para> + </listitem> + </varlistentry> </variablelist> + <para>Do not specify both <literal>enable-in</literal> and <literal>disable-in</literal> + for the same module.</para> + <para>Other fields may be present, but it is recommended that field names that are not specified in this document start with a <literal>x-</literal> prefix.</para> |