6.2.6 The RLM Options File
The RLM options file allows control over access to the status, reread, shutdown administration commands as well as control over the editing of options files. Options are provided to either allow (INCLUDE or INCLUDEALL) or disallow (EXCLUDE or EXCLUDEALL) administration command usage. Additionally, options are provided to create groups of users (GROUP) or hosts (HOST_GROUP) or IP addresses (INTERNET_GROUP).
In addition, the RLM options file allows you to turn off logging of status requests (to the debug log) via the NOLOG option.
The RLM options file is called rlm.opt
, and should be placed in the directory from which you run the rlm (or rlm.exe) binary.
If you would like to add comments to the options file, start the line with the '#' character.
There are eight privileges which can be controlled in the RLM options file. Each privilege is specified with the appropriate privilege name in the rlm options file. Note that these privilege names are the same names that are used in the RLM password file if you are controlling access to the RLM web interface via user login. If you use the RLM password file, you should not use these lines in the RLM options file - in other words, you should use one mechanism or the other, but not both.
Privilege | Name to use in RLM options file | Meaning |
---|---|---|
edit_meter | edit_meter | Allows modifying count for meter counters |
edit_options | edit_options | Allows editing options files for ISV servers |
edit_rlm_options | edit_rlm_options | Allows editing options files for the rlm server and license files |
edit_xfer | edit_xfer | Allows editing server-server license transfer settings for ISV servers |
logfiles | logfiles | Enables the functions which change log files - switch, switchr, newlog |
manage_service | manage_service | Allows editing windows service setup |
remove | remove | Allows the user to remove a license from a running process |
reread | reread | Allows access to the functions which do reread commands on license servers |
shutdown | shutdown | Allows access to the functions which shut down license servers |
status | status | Allows display of status and debug log information from the license servers |
The RLM options file syntax is a subset of The ISV Options File syntax. The privilege
names status
,
reread
, shutdown
,
logfiles
, edit_meter
, edit_options
, edit_rlm_options
, manage_service
and edit_xfer
are used where
a product name would be used in an ISV options file. By default, all privileges are granted
to all users unless otherwise restricted in the rlm options file.
A user with no privileges assigned will have access to the “Diagnostics”, “RLM Manual...”, “System Info”, and “About” commands.
Note that the RLM web interface does not have access to the username or hostname (the rlmutil utilities do pass the username and hostname), so, to be most effective, command restrictions should be done based on IP addresses. By default, all commands are enabled (unless disabled with the -x rlmdown or -x rlmremove rlm startup options, in which case rlm options have no effect.).