Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
CTL.CONF(5)               FreeBSD File Formats Manual              CTL.CONF(5)

NAME
     ctl.conf - CAM Target Layer / iSCSI target daemon configuration file

DESCRIPTION
     The ctl.conf configuration file is used by the ctld(8) daemon.  Lines
     starting with `#' and empty lines are interpreted as comments.  The
     general syntax of the ctl.conf file is:

           pidfile <path>

           auth-group <name> {
                   chap <user> <secret>
                   ...
           }

           portal-group <name> {
                   listen <address>
                   listen-iser <address>
                   discovery-auth-group <name>
                   ...
           }

           target <name> {
                   auth-group <name>
                   portal-group <name>
                   lun <number> {
                           path <path>
                   }
                   ...
           }

   global level
     The following statements are available at the global level:

     auth-group <name>
             Opens an auth-group section, defining an authentication group,
             which can then be assigned to any number of targets.

     debug <level>
             Specifies debug level.  The default is 0.

     maxproc <number>
             Specifies limit for concurrently running child processes handling
             incoming connections.  The default is 30.  Setting it to 0
             disables the limit.

     pidfile <path>
             Specifies path to pidfile.  The default is /var/run/ctld.pid.

     portal-group <name>
             Opens a portal-group section, defining a portal group, which can
             then be assigned to any number of targets.

     target <name>
             Opens a target configuration section.

     timeout <seconds>
             Specifies timeout for login session, after which the connection
             will be forcibly terminated.  The default is 60.  Setting it to 0
             disables the timeout.

   auth-group level
     The following statements are available at the auth-group level:

     chap <user> <secret>
             Specifies CHAP authentication credentials.

     chap-mutual <user> <secret> <mutualuser> <mutualsecret>
             Specifies mutual CHAP authentication credentials.  Note that for
             any auth-group, configuration may contain either chap, or chap-
             mutual entries; it's an error to mix them.

   portal-group level
     The following statements are available at the portal-group level:

     discovery-auth-group <name>
             Assigns previously defined authentication group to that portal
             group, to be used for target discovery.  By default, the
             discovery will be denied.  A special auth-group, "no-
             authentication", may be used to allow for discovery without
             authentication.

     listen <address>
             Specifies IPv4 or IPv6 address and port to listen on for incoming
             connections.

     listen-iser <address>
             Specifies IPv4 or IPv6 address and port to listen on for incoming
             connections using iSER (iSCSI over RDMA) protocol.

   target level:
     The following statements are available at the target level:

     alias <text>
             Assigns human-readable description to that target.  There is no
             default.

     auth-group <name>
             Assigns previously defined authentication group to that target.
             There is no default; every target must use either auth-group, or
             chap, or chap-mutual statements.  A special auth-group, "no-
             authentication", may be used to permit access without
             authentication.

     chap <user> <secret>
             Specifies CHAP authentication credentials.  Note that targets
             must use either auth-group, or chap, or chap-mutual clauses; it's
             a configuration error to mix them in one target.

     chap-mutual <user> <secret> <mutualuser> <mutualsecret>
             Specifies mutual CHAP authentication credentials.  Note that
             targets must use either auth-group, chap, or chap-mutual clauses;
             it's a configuration error to mix them in one target.

     portal-group <name>
             Assigns previously defined portal group to that target.  Default
             portal group is "default", which makes the target available on
             TCP port 3260 on all configured IPv4 and IPv6 addresses.

     lun <number>
             Opens a lun configuration section, defining LUN exported by a
             target.

   lun level
     The following statements are available at the lun level:

     backend <block | ramdisk>
             Specifies the CTL backend to use for a given LUN.  Valid choices
             are ``block'' and ``ramdisk''; block is used for LUNs backed by
             files in the filesystem; ramdisk is a bitsink device, used mostly
             for testing.  The default backend is block.

     blocksize <size>
             Specifies blocksize visible to the initiator.  The default
             blocksize is 512.

     device-id <string>
             Specifies SCSI Device Identification string presented to the
             initiator.

     option <name> <value>
             Specifies CTL-specific options passed to the kernel.

     path <path>
             Specifies path to file used to back the LUN.

     serial <string>
             Specifies SCSI serial number presented to the initiator.

     size <size>
             Specifies LUN size, in bytes.

FILES
     /etc/ctl.conf      The default location of the ctld(8) configuration
                        file.

EXAMPLES
     pidfile /var/run/ctld.pid

     auth-group example2 {
             chap-mutual "user" "secret" "mutualuser" "mutualsecret"
             chap-mutual "user2" "secret2" "mutualuser" "mutualsecret"
     }

     portal-group example2 {
             discovery-auth-group no-authentication
             listen 127.0.0.1
             listen 0.0.0.0:3261
             listen [::]:3261
             listen [fe80::be:ef]
     }

     target iqn.2012-06.com.example:target0 {
             alias "Testing target"
             auth-group no-authentication
             lun 0 {
                     path /dev/zvol/example_0
                     blocksize 4096
                     size 4G
             }
     }

     target iqn.2012-06.com.example:target3 {
             chap chapuser chapsecret
             lun 0 {
                     path /dev/zvol/example_3
             }
     }

     target iqn.2012-06.com.example:target2 {
             auth-group example2
             portal-group example2
             lun 0 {
                     path /dev/zvol/example2_0
             }
             lun 1 {
                     path /dev/zvol/example2_1
                     option foo bar
             }
     }

SEE ALSO
     ctl(4), ctladm(8), ctld(8)

AUTHORS
     The ctl.conf configuration file functionality for ctld(8) was developed
     by Edward Tomasz Napierala <trasz@FreeBSD.org> under sponsorship from the
     FreeBSD Foundation.

FreeBSD 11.0-PRERELEASE        December 2, 2013        FreeBSD 11.0-PRERELEASE

NAME | DESCRIPTION | FILES | EXAMPLES | SEE ALSO | AUTHORS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=ctl.conf&sektion=5&manpath=FreeBSD+10.0-RELEASE>

home | help