This "logger" type only applies to access and request ("trace") logging; event logging is handled by the "logging" package in the Python standard library. The loghandler type used here is provided by the "ZConfig.components.logger" package. A section which allows you to define simple key-value pairs which will extend the CGI environment variables exposed by ZServer. Use any key/value pair, e.g. 'HTTPS_PORT 443' A section which allows you to define simple key-value pairs which will be used as environment variable settings during startup. Use any key/value pair, e.g. 'MY_PRODUCT_ENVVAR foo_bar' This section describes the options for zopectl. These options have no default value specified in the schema; in some cases, zopectl calculates a dynamic default, in others, the feature associated with the option is disabled. For those options that also have corresponding command-line options, the command line option (short and long form) are given here too. The program(s) that will be run by the runner Command-line option: -d or --daemon. If this option is true, zdrun.py runs in the background as a true daemon. It forks an child process which becomes the subprocess manager, while the parent exits (making the shell that started it believe it is done). The child process also does the following: - if the directory option is set, change into that directory - redirect stdin, stdout and stderr to /dev/null - call setsid() so it becomes a session leader - call umask(022) Command-line option: -b or --backoff-limit. When the subprocess crashes, zdrun.py inserts a one-second delay before it restarts it. When the subprocess crashes again right away, the delay is incremented by one second, and so on. What happens when the delay has reached the value of backoff-limit (in seconds), depends on the value of the forever option. If forever is false, zdrun.py gives up at this point, and exits. An always-crashing subprocess will have been restarted exactly backoff-limit times in this case. If forever is true, zdrun.py continues to attempt to restart the process, keeping the delay at backoff-limit seconds. If the subprocess stays up for more than backoff-limit seconds, the delay is reset to 1 second. Command-line option: -f or --forever. If this option is true, zdrun.py will keep restarting a crashing subprocess forever. If it is false, it will give up after backoff-limit crashes in a row. See the description of backoff-limit for details. Command-line option: -u or --user. When zdrun.py is started by root, this option specifies the user as who the the zdrun.py process (and hence the daemon subprocess) will run. This can be a user name or a numeric user id. Both the user and the group are set from the corresponding password entry, using setuid() and setgid(). This is done before zdrun.py does anything else besides parsing its command line arguments. NOTE: when zdrun.py is not started by root, specifying this option is an error. (XXX This may be a mistake.) XXX The zdrun.py event log file may be opened *before* setuid() is called. Is this good or bad? If this option is true, the zdrun.py process will remain even when the daemon subprocess is stopped. In this case, zopectl will restart zdrun.py as necessary. If this option is false, zdrun.py will exit when the daemon subprocess is stopped (unless zdrun.py intends to restart it). Command-line option: -m or --umask. When daemon mode is used, this option specifies the octal umask of the subprocess. If this option is true, zopectl enters interactive mode when it is invoked without a positional command argument. If it is false, you must use the -i or --interactive command line option to zopectl to enter interactive mode. The prompt shown by zopectl program. Command-line option: -s or --socket-name. The pathname of the Unix domain socket used for communication between zopectl.py and zdrun.py. The default is relative to the current directory in which zdctl.py and zdrun.py are started. You want to specify an absolute pathname here. We need to specialize the database configuration section for Zope only by including a (required) mount-point argument, which is a string. A Zope ZODB database can have multiple mount points, so this is a multikey. The mount point is the slash-separated path to which this database will be mounted within the Zope application server. If the path on the ZEO server is different from the path of the mount point then you can use a notation "path_on_client:path_on_zeo_server". Change the connection class a database uses on a per-database basis to support different connection policies. Use a Python dotted-path name to specify the connection class. Change the class factory function a database uses on a per-database basis to support different class factory policy. Use a Python dotted-path name to specify the class factory function. Change the contiainer class a (mounted) database uses on a per-database basis to support a different container than a plain Folder. Use a Python dotted-path name to specify the container class. A multisection which allows a user to set up a Python "warning" filter. The following keys are valid within a warnfilter section: action: one of the following strings: "error" turn matching warnings into exceptions "ignore" never print matching warnings "always" always print matching warnings "default" print the first occurrence of matching warnings for each location where the warning is issued "module" print the first occurrence of matching warnings for each module where the warning is issued "once" print only the first occurrence of matching warnings, regardless of location message: a string containing a regular expression that the warning message must match (the match is compiled to always be case-insensitive) category: a Python dotted-path classname (must be a subclass of Warning) of which the warning category must be a subclass in order to match module: a string containing a regular expression that the module name must match (the match is compiled to be case-sensitive) lineno: an integer that the line number where the warning occurred must match, or 0 to match all line numbers

A section which allows a user to define arbitrary key-value pairs for use as environment variables during Zope's run cycle. It is not recommended to set system-related environment variables such as PYTHONPATH within this section.

The top-level directory which contains the "instance" data for the application server. Typically this is a directory which may contain a "Products" subdirectory (which holds instance-local Zope Products), an "Extensions" subdirectory (which holds instance-local external methods), and an "import" directory (which holds instance-local importable ZODB exports). It may also contain "etc", "bin", "log", and "var" directories depending on how you'ce configured your Zope instance. The directory used to store the default filestorage file used to back the ZODB database, as well as other files used by the Zope applications server during runtime. $instancehome/var This specifies additional lists of MIME types that should be loaded into Python's "mimetypes" module. The files should have the same form as the mime.types file distributed with the Apache HTTP server. Each line describing a MIME type should contain the major/minor type, followed by a space-separated list of file extensions used for files of that type. The extensions must not include the '.' used to separate an extension from the base file name. Blank lines and lines beginning with a '#' are ignored. This specifies additional product directories which are added to Products.__path__. Directories are added in the order in which they are specified. $instancehome/Products This specifies additional paths directories which are inserted into the beginning of Python's module search path. The set of directories specified is inserted into the beginning of the module search path in the order which they are specified here. Note that the processing of this directive may happen too late under some circumstances; it is recommended that you use the PYTHONPATH environment variable if using this directive doesn't work for you. $instancehome/lib/python The full path to which the Zope process will write its OS process id at startup. $clienthome/Z2.pid The full path to a file which the Zope process will attempt to lock at startup (used to signal to other processes that this Zope instance is currently running). $clienthome/Z2.lock A switch which controls several aspects of Zope operation useful for developing under Zope. When debug mode is on: - Errors in product initialization will cause startup to fail (instead of writing error messages to the event log file). - Filesystem-based scripts such as skins, PageTemplateFiles, and DTMLFiles can be edited while the server is running and the server will detect these changes in real time. When this switch is off, you must restart the server to see the changes. Setting this to 'off' when Zope is in a production environment is encouraged, as it speeds execution (sometimes dramatically). off If you intend to run Zope as the "root" user, you must supply this directive with an effective username or userid number to which Zope will 'suid' after the server ports are bound. This directive only has effect under UNIX and if Zope is started as the root user. unset If this directive is turned on, Zope performs 'product installation' (the registration of Python modules in various Products directories) at startup. Turning this off can speed Zope startup time, but it can also cause your Control_Panel Product list to become desynchronized with the contents of your Products directories. on Enable locale (internationalization) support by supplying a locale name to be used. See your operating system documentation for locale information specific to your system. If your Python module does not support the locale module, or if the requested locale is not supported by your system, an error will be raised and Zope will not start. unset Set this variable either to "us" or "international" to force the DateTime module to parse date strings either with month-before-days-before-year ("us") or days-before-month-before-year ("international"). The default behaviour of DateTime (when this setting is left unset) is to parse dates as US dates. us Specify the number of threads that Zope's ZServer web server will use to service requests. The default is 4. 4 threads Value passed to Python's sys.setcheckinterval() function. The higher this is, the less frequently the Python interpreter checks for keyboard interrupts. Setting this to higher values also reduces the frequency of potential thread switches, which can improve the performance of a busy server. If this variable is set, then the database is opened in read only mode. If this variable is set to a string parsable by DateTime.DateTime, then the database is opened read-only as of the time given. Note that changes made by another process after the database has been opened are not visible. Set the default starting HTML header level for structured text documents. The default is 3, which implies that top-level headers will be created with an H3 HTML tag. 3 Specifies the input encoding of re-StructuredText documents (e.g. 'utf-8', 'iso-8859' or any other valid encoding recognized by Python). The default is your Python's default encoding. unset Specifies the output encoding of re-StructuredText documents (e.g. 'utf-8', 'iso-8859' or any other valid encoding recognized by Python). The default is your Python's default encoding. unset Set the default starting HTML header level for restructured text documents. The default is 3, which implies that top-level headers will be created with an H3 HTML tag. 3 Language code used for some internal translations inside of the docutils package and for DTD bibliographic elements mapping. See lib/python/docutils/languages/ for a list of supported language codes. en Causing this directive to point to a file on the filesystem will cause Zope's profiling capabilities to be enabled. For more information, see the Debug/Profiling tab of Zope's Control_Panel. unset

A section which allows a user to define arbitrary key-value pairs for use as the initial CGI environment variables. This setting is useful when you want to proxy requests from another web server to Zserver, and would like Zserver's CGI environment to reflect the CGI environment of the other web server.

Set the cgi.maxlen parameter to limit the number of data passwed to cgi.escape(). This is helpful to prevent DoS attacks. Set the parameter to 0 for no restrictions. Maximum size of received HTTP header being processed by Zope Set this directive to 'true' to enable the "MS-Author-Via" header in response to an OPTIONS WebDAV request. Early versions of Microsoft Web Folders and Microsoft Office require this header to be present to be able to connect to Zope via WebDAV. This is disabled by default since it makes a lot of standards-compliant things unhappy AND it tricks Microsoft Office into trying to edit Office files stored in Zope via WebDAV even when the user isn't allowed to edit them and is only trying to download them. Check this collector entry for more information: http://www.zope.org/Collectors/Zope/1441 Recent versions of Microsoft Web Folders, updated after January 2005, do not require this header anymore, and instead require a "Public" header to be present in reply to the OPTIONS WebDAV request. (http://www.redmountainsw.com/wordpress/archives/webfolders-zope) To get a recent Microsoft Web Folders implementation, refer to Microsoft KB Article 907306. (Software Update for Web Folders: May 18, 2007). off Set this directive to 'on' to enable sending the "Public" header in response to an WebDAV OPTIONS request. Though recent WebDAV drafts mention this header, the original WebDAV RFC did not mention it as part of the standard. Very few web servers out there include this header in their replies, most notably IIS and Netscape Enterprise 3.6. Since many best practices documents out in the web mention turning off this header with the subject of "Mask Your Web Server For Enhanced Security", this setting is off by default. Presumably malicious people might take the presence of this header as indication of an IIS Web Server and try to attack your site, so be careful when turning it on. Recent versions of Microsoft Web Folders, updated after January 2005, *do* require this header to be present in reply to the OPTIONS WebDAV request. (http://www.redmountainsw.com/wordpress/archives/webfolders-zope) To get a recent Microsoft Web Folders implementation, refer to Microsoft KB Article 907306. (Software Update for Web Folders: May 18, 2007). off Specify the IP address of your DNS server in order to cause resolved hostnames to be written to Zope's access log. By default, Zope will not resolve hostnames unless this is set. The default IP address on which Zope's various server protocol implementations will listen for requests. If this is unset, Zope will listen on all IP addresses supported by the machine. The HTTP "Realm" header value sent by this Zope instance. This value often shows up in basic authentication dialogs. Zope Set this directive to 'off' in order to disable the autoquoting of implicitly retrieved REQUEST data by DTML code which contains a '<' when used in <dtml-var> construction. When this directive is 'on', all data implicitly retrieved from the REQUEST in DTML (as opposed to addressing REQUEST.somevarname directly) that contains a '<' will be HTML-quoted when interpolated via a <dtml-var> or &dtml- construct. This mitigates the possibility that DTML programmers will leave their sites open to a "client-side trojan" attack. on Define one or more 'trusted-proxies' keys, each of which is a hostname or an IP address. The set of definitions comprises a list of front-end proxies that are trusted to supply an accurate X_FORWARDED_FOR header to Zope (security-related). unset The default Zope "security policy" implementation is written in C. Set this key to "PYTHON" to use the Python implementation (useful for debugging purposes); set it to "C" to use the C implementation. C Set this directive to 'on' to cause Zope to prevent Zope from attempting to authenticate users during normal operation. Potentially dangerous from a security perspective. Only works if security-policy-implementation is set to 'C'. off Set this directive to 'on' to cause Zope to ignore ownership checking when attempting to execute "through the web" code. By default, this directive is off in order to prevent 'trojan horse' security problems whereby a user with less privilege can cause a user with more privilege to execute code which the less privileged user has written. off Set this directive to 'on' to enable verbose security exceptions. This can help you track down the reason for Unauthorized exceptions, but it is not suitable for public sites because it may reveal unnecessary information about the structure of your site. Only works if security-policy-implementation is set to 'PYTHON'. off An integer value representing the number of items to use as a "maximum number of subobjects" value of the '/temp_folder/session_data' transient object container within Zope's object database. 1000 An optional full Zope path name of a callable object to be set as the "script to call on object addition" of the session_data transient object container created in the '/temp_folder' folder at startup. unset An optional full Zope path name of a callable object to be set as the "script to call on object deletion" of the sessioN_data transient object container created in the /temp_folder folder at startup. unset An integer value representing the number of minutes to be used as the "data object timeout" of the '/temp_folder/session_data' transient object container in Zope's object database. 20 An integer value representing the number of seconds to be used as the "timeout resolution" of the '/temp_folder/session_data' transient object container in Zope's object database. 20 If this directive is set to on, no access rules in your Zope site will be executed. This is useful if you "lock yourself out" of a particular part of your site by setting an improper access rule. off If this directive is set to on, no site roots in your Zope site will be effective. This is useful if you "lock yourself out" of a particular part of your site by setting an improper site root. off Set this directive to an integer in bytes in order to place a hard limit on the size which the default FileStorage-backed Zope database can grow. Additions to the database will not be permitted once this filesize is exceeded. unset If this directive is set to "on", the main Zope FileStorage-backed ZODB database will be opened in read-only mode. off Provide a string value to uniquely identify the local cache files created if this Zope is a ZEO client. Setting this directive implies setting 'enable-product-installation' to 'off' if 'enable-product-installation' is left unset. unset

Describes what level of log output is desired and where it should be written.

Describes the logging performed to capture the 'access' log, which typically captures per-request data in common or combined log format.

Describes the logging performed to capture the 'trace' log, which typically captures detailed per-request data useful for Zope debugging.

Specifies at which level conflict errors are logged. Conflict errors, when occuring in small numbers, are a normal part of the Zope optimistic transaction conflict resolution algorithms. They are retried automatically a few times, and are therefore usually not visible by the user. You can specify 'notset' if you don't want them logged, or use any other logger level. info The maximum number of sockets that ZServer will attempt to open in order to service incoming connections. Requests bigger than this size get saved into a temporary file instead of being read completely into memory. If this directive is set to "on" (the deafult), ZCatalog brains objects will raise NotFound exceptions from 'getObject' for unreachable objects, and Unauthorized for disallowed objects. If the option is "off", they will return None in such cases (which was the old behavior) on Base port number that gets added to the specific port numbers specified for the individual servers. Zope ZODB databases must have a name, and they are required to be referenced via the "zodb_db" database type because it is the only kind of database definition that implements the required mount-point argument. There is another database sectiontype named "zodb", but it cannot be used in the context of a proper Zope configuration (due to lack of a mount-point).

This key controls what character set is used to encode unicode data that reaches ZPublisher without any other specified encoding. iso-8859-15 Base type for product-specific configuration sections. Specific products should implement configuration sections by defining section types that implement this abstract type and using their own schema component to define meaningful settings. Product-specific configuration, expressed as arbitrary name-value pairs. Product-specific configuration stanzas. Products may use the <product-config> section type, or may supply a component.xml which defines section types with their own schemas. All sections for this multisection will be collected into the 'product_config' attribute of the configuration object.