aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README74
-rw-r--r--configure.ac45
2 files changed, 78 insertions, 41 deletions
diff --git a/README b/README
index 9066189d0..412867037 100644
--- a/README
+++ b/README
@@ -76,8 +76,6 @@ $ adduser gnunet gnunet
76$ ./configure --prefix=$GNUNET_PREFIX --with-extractor=$LE_PREFIX 76$ ./configure --prefix=$GNUNET_PREFIX --with-extractor=$LE_PREFIX
77$ make 77$ make
78# make install 78# make install
79# sudo -u gnunet mkdir ~gnunet/.gnunet/
80# sudo -u gnunet touch ~gnunet/.gnunet/gnunet.conf
81# sudo -u gnunet gnunet-arm -s 79# sudo -u gnunet gnunet-arm -s
82 80
83This will create the users and groups needed for running GNUnet 81This will create the users and groups needed for running GNUnet
@@ -89,9 +87,13 @@ end-user applications as another user.
89 87
90If you create a system user "gnunet", it is recommended that you edit 88If you create a system user "gnunet", it is recommended that you edit
91the configuration file slightly so that data can be stored in the 89the configuration file slightly so that data can be stored in the
92system user home directory at "/var/lib/gnunet"; you may also want to 90system user home directory at "/var/lib/gnunet". Depending on what
91the $HOME-directory of your "gnunet" user is, you might need to set
92the SERVICEHOME option in section "[PATHS]" to "/var/lib/gnunet" to
93do this. Depending on your personal preferences, you may also want to
93use "/etc/gnunet.conf" for the location of the configuration file in 94use "/etc/gnunet.conf" for the location of the configuration file in
94this case. 95this case (instead of ~gnunet/.gnunet/gnunet.conf"). In this case,
96you need to start GNUnet using "gnunet-arm -s -c /etc/gnunet.conf".
95 97
96You can avoid running 'make install' as root if you run configure 98You can avoid running 'make install' as root if you run configure
97with the "--with-sudo=yes" option and have extensive sudo rights 99with the "--with-sudo=yes" option and have extensive sudo rights
@@ -125,13 +127,23 @@ $ aclocal -I /usr/local/share/aclocal
125Configuration 127Configuration
126============= 128=============
127 129
128Note that additional, per-user configuration files 130Note that additional, per-user configuration files can be created by
129(~/.gnunet/gnunet.conf) need to be created by each user (for example, 131each user. However, this is usually not necessary as there are few
130by running gnunet-setup). Note that gnunet-setup is a separate 132per-user options that normal users would want to modify. The defaults
131download and requires recent versions of GTK+ and Glade; you can also 133that are shipped with the installation are usually just fine.
132edit the configuration file by hand, but this is not recommended. For 134
133more general information about the GNU build process read the INSTALL 135The gnunet-setup tool is particularly useful to generate the master
134file. 136configuration for the peer. gnunet-setup can be used to configure and
137test (!) the network settings, choose which applications should be run
138and configure databases. Other options you might want to control
139include system limitations (such as disk space consumption, bandwidth,
140etc.). The resulting configuration files are human-readable and can
141theoretically be created or edited by hand.
142
143gnunet-setup is a separate download and requires somewhat recent
144versions of GTK+ and Glade. You can also create the configuration file
145by hand, but this is not recommended. For more general information
146about the GNU build process read the INSTALL file.
135 147
136GNUnet uses two types of configuration files, one that specifies the 148GNUnet uses two types of configuration files, one that specifies the
137system-wide defaults (typically located in 149system-wide defaults (typically located in
@@ -141,20 +153,13 @@ configuration file should be located in "~/.gnunet/gnunet.conf" or its
141location can be specified by giving the "-c" option to the respective 153location can be specified by giving the "-c" option to the respective
142GNUnet application. 154GNUnet application.
143 155
144The defaults that are shipped with the installation are usually ok,
145you may want to adjust the limitations (space consumption, bandwidth,
146etc.) though. The configuration files are human-readable. Note that
147you MUST create "~/.gnunet/gnunet.conf" explicitly before starting
148GNUnet. You can either run gnunet-setup (available as part of the
149gnunet-gtk source package) or simply create an empty file.
150
151 156
152Usage 157Usage
153===== 158=====
154 159
155First, you must obtain an initial list of GNUnet hosts. Knowing a 160First, you must obtain an initial list of GNUnet hosts. Knowing a
156single peer is sufficient since after that GNUnet propagates 161single peer is sufficient since after that GNUnet propagates
157information about other peers. Note that the default "gnunet.conf" 162information about other peers. Note that the default configuration
158contains URLs from where GNUnet downloads an initial hostlist 163contains URLs from where GNUnet downloads an initial hostlist
159whenever it is started. If you want to create an alternative URL for 164whenever it is started. If you want to create an alternative URL for
160others to use, the file can be generated on any machine running 165others to use, the file can be generated on any machine running
@@ -170,16 +175,24 @@ HTTPPORT to the public.
170If the solution with the hostlist URL is not feasible for your 175If the solution with the hostlist URL is not feasible for your
171situation, you can also add hosts manually. Simply copy the hostkeys 176situation, you can also add hosts manually. Simply copy the hostkeys
172to "$SERVICEHOME/data/hosts/" (where $SERVICEHOME is the directory 177to "$SERVICEHOME/data/hosts/" (where $SERVICEHOME is the directory
173specified in the gnunet.conf configuration file). 178specified in the gnunet.conf configuration file). You can also use
179"gnunet-peerinfo -g" to GET a URI for a peer and "gnunet-peerinfo -p
180URI" to add a URI from another peer. Finally, GNUnet peers that use
181UDP or WLAN will discover each other automatically (if they are in the
182vicinity of each other) using broadcasts (IPv4/WLAN) or multicasts
183(IPv6).
174 184
175Now start the local node using "gnunet-arm -s". GNUnet should run 24/7 if 185The local node is started using "gnunet-arm -s". GNUnet should run
176you want to maximize your anonymity. 18624/7 if you want to maximize your anonymity, as this makes partitioning
187attacks harder.
177 188
178You should then be able to access GNUnet using the shell: 189Once your peer is running, you should then be able to access GNUnet
190using the shell:
179 191
180$ gnunet-search KEYWORD 192$ gnunet-search KEYWORD
181 193
182This will display a list of results to the console. Then use 194This will display a list of results to the console. You can abort
195the command using "CTRL-C". Then use
183 196
184$ gnunet-download -o FILENAME GNUNET_URI 197$ gnunet-download -o FILENAME GNUNET_URI
185 198
@@ -228,7 +241,7 @@ information about the failing testcase to the Mantis bugtracking
228system at https://gnunet.org/bugs/. 241system at https://gnunet.org/bugs/.
229 242
230 243
231Running http on port 80 and https on port 443 244Running HTTP on port 80 and HTTPS on port 443
232============================================= 245=============================================
233 246
234In order to hide GNUnet's HTTP/HTTPS traffic perfectly, you might 247In order to hide GNUnet's HTTP/HTTPS traffic perfectly, you might
@@ -252,6 +265,17 @@ to map them to a priviledged port (from the point of view of the
252network). However, we are not aware of this providing any advantages 265network). However, we are not aware of this providing any advantages
253at this point. 266at this point.
254 267
268If you are already running an HTTP or HTTPS server on port 80 (or 443),
269you may be able to configure it as a "ReverseProxy". Here, you tell
270GNUnet that the externally visible URI is some sub-page on your website,
271and GNUnet can then tunnel its traffic via your existing HTTP server.
272This is particularly powerful if your existing server uses HTTPS, as
273it makes it harder for an adversary to distinguish normal traffic to
274your server from GNUnet traffic. Finally, even if you just use HTTP,
275you might benefit (!) from ISP's traffic shaping as opposed to being
276throttled by ISPs that dislike P2P. Details for configuring the
277reverse proxy are documented on our website.
278
255 279
256Stay tuned 280Stay tuned
257========== 281==========
diff --git a/configure.ac b/configure.ac
index 151d76d2d..c1d463a26 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1203,25 +1203,38 @@ fi
1203 1203
1204 1204
1205AC_MSG_NOTICE([******************************************** 1205AC_MSG_NOTICE([********************************************
1206Please make sure that you have created a user and group 'gnunet' 1206Please make sure NOW that you have created a user and group 'gnunet'
1207and additionally a group 'gnunetdns'. Make sure that '/var/lib/gnunet' 1207and additionally a group 'gnunetdns':
1208is owned (and writable) by user 'gnunet'. Then, you can compile GNUnet 1208 addgroup gnunetdns
1209with 1209 adduser gnunet
1210 make 1210
1211Make sure that '/var/lib/gnunet' is owned (and writable) by user
1212'gnunet'. Then, you can compile GNUnet with
1213 make
1214
1211After that, run (if necessary as 'root') 1215After that, run (if necessary as 'root')
1212 make install 1216 make install
1213to install everything. 1217to install everything.
1214Then, in order to start your peer, run as the 'gnunet' user
1215 mkdir ~gnunet/.gnunet/
1216 touch ~gnunet/.gnunet/gnunet.conf
1217 gnunet-arm -s
1218 1218
1219Each GNUnet user should also be added to the 'gnunet' group (may 1219Each GNUnet user should be added to the 'gnunet' group (may
1220require fresh login to come into effect) and create an (at least 1220require fresh login to come into effect):
1221initially) empty configuration file: 1221 adduser $USERNAME gnunet
1222 mkdir $HOME/.gnunet/ 1222(run the above command as root once for each of your users, replacing
1223 touch $HOME/.gnunet/gnunet.conf 1223"$USERNAME" with the respective login names). If you have a global IP
1224address, no further configuration is required.
1224 1225
1225Optionally, download and compile: 1226Optionally, download and compile gnunet-gtk to get a GUI for
1226- gnunet-gtk to get a GUI for file-sharing and configuration. 1227file-sharing and configuration. This is particularly recommended
1228if your network setup is non-trivial, as gnunet-setup can be
1229used to test in the GUI if your network configuration is working.
1230gnunet-setup should be run as the "gnunet" user under X. As it
1231does very little with the network, running it as "root" is likely
1232also harmless. You can also run it as a normal user, but then
1233you have to copy ~/.gnunet/gnunet.conf" over to the "gnunet" user's
1234home directory in the end.
1235
1236Once you have configured your peer, run (as the 'gnunet' user)
1237 gnunet-arm -s
1238to start the peer. You can then run the various GNUnet-tools as
1239your "normal" user (who should only be in the group 'gnunet').
1227********************************************]) 1240********************************************])