X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/tripe/blobdiff_plain/fc5f482398c76a2d1e81f88f2ce3e750ad029c19..a334070153b52e58d29b02c0754f903979b899ec:/server/tripe.8.in

diff --git a/server/tripe.8.in b/server/tripe.8.in
index f43ab5f8..14ee0ab7 100644
--- a/server/tripe.8.in
+++ b/server/tripe.8.in
@@ -55,6 +55,8 @@ tripe \- a simple VPN daemon
 .IR group ]
 .RB [ \-a
 .IR socket ]
+.RB [ \-m
+.IR mode ]
 .RB [ \-T
 .IR trace-opts ]
 .br
@@ -221,9 +223,13 @@ option.  The selected user (and group) will also be the owner of the
 administration socket.
 .TP
 .BI "\-G, \-\-setgid=" group
-Set gid to that of
+If the current effective uid is zero (i.e., the daemon was invoked as
+.BR root )
+then set gid to that of
 .I group
-(either a group name or integer gid) after initialization.
+(either a group name or integer gid) after initialization.  In any
+event, arrange hat the administration socket be owned by the given
+.IR group .
 .TP
 .BI "\-k, \-\-priv\-keyring=" file
 Reads the private key from
@@ -256,6 +262,16 @@ if that's not set either, then a default default of
 .B "\*(/s/tripesock"
 is used instead.
 .TP
+.BI "\-m, \-\-admin\-perms=" mode
+Permissions (as an octal number) to set on the administration socket.  The
+default is 600, which allows only the socket owner.  Setting 660 allows
+members of the
+.I group
+configured through the
+.B \-G
+option to connect to the socket, which may be useful.  Allowing world access
+is a terrible idea.
+.TP
 .BI "\-T, \-\-trace=" trace-opts
 Allows the enabling or disabling of various internal diagnostics.  See
 below for the list of options.