diff --git a/doc/CONFIGURATION b/doc/CONFIGURATION
index ade966e..58413a8 100644
--- a/doc/CONFIGURATION
+++ b/doc/CONFIGURATION
@@ -1,264 +1,310 @@
-====== Configuration ======
+Configuration file reference
+============================
-Configuration is done through the pamusb-conf tool, as explained in the
-[[quickstart]] section. Most users don't have to manually change pamusb.conf,
-however if you want to change some default settings, this document explains the
-syntax of the pamusb.conf configuration file.
+The configuration file is formatted in XML and subdivided in 4 sections:
-===== Introduction =====
+* Default options, shared among every device, user and service
+* Devices declaration and settings
+* Users declaration and settings
+* Services declaration and settings
-* The configuration file is formatted in XML and subdivided in 4 sections:
- - Default options, shared among every device, user and service
- - Devices declaration and settings
- - Users declaration and settings
- - Services declaration and settings
+The syntax is the following:
-* The syntax is the following:
+```xml
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-
-
+
+
+
-
-* Location of the configuration file
-
-By default, pam_usb.so and its tools will look for the configuration file
-located in /etc/pamusb.conf, but you can tell it to use a different file by
-using the -c option:
-
-# /etc/pam.d/common-auth
-auth sufficient pam_usb.so -c /some/other/path.conf
-auth required pam_unix.so nullok_secure
-
-You will also have to use the -c option when calling pam_usb's tools. For
-instance, when calling pamusb-agent:
-pamusb-agent -c /some/other/path.conf
-
-
-
-
-
-===== Options =====
-
-^ Name ^ Type ^ Default value ^ Description ^
-| enable | Boolean | true | Enable pam_usb
-|
-| debug | Boolean | false | Enable debug messages
-|
-| quiet | Boolean | false | Quiet mode (no verbose
-output) |
-| color_log | Boolean | true | Enable colored output
-|
-| one_time_pad | Boolean | true | Enable the use of one
-time pads |
-| deny_remote | Boolean | true | Deny access from
-remote host (ssh) |
-| probe_timeout | Time | 10s | Time to wait for the
-volume to be detected|
-| pad_expiration| Time | 1h | Time between pads
-regeneration|
-| hostname | String | Computer's hostname | Computer name. Must be
-unique accross computers using the same device |
-
-| system_pad_directory | String | .pamusb | Relative path to the
-user's home used to store one time pads |
-| device_pad_directory | String | .pamusb | Relative path to the
-device used to store one time pads|
-
-* Example:
-
+```
+
+Options
+-------
+
+
+
+
Name
+
Type
+
Default
+
Description
+
+
+
+
enable
+
Boolean
+
true
+
Enable pam_usb
+
+
+
+
debug
+
Boolean
+
false
+
Enable debug messages
+
+
+
+
quiet
+
Boolean
+
false
+
Quiet mode
+
+
+
+
color_log
+
Boolean
+
true
+
Enable colored output
+
+
+
+
one_time_pad
+
Boolean
+
true
+
Enable the use of one time pads
+
+
+
+
deny_remote
+
Boolean
+
true
+
Deny access from remote host (ssh)
+
+
+
+
probe_timeout
+
Time
+
10s
+
Time to wait for the volume to be detected
+
+
+
+
pad_expiration
+
Time
+
1h
+
Time between pads regeneration
+
+
+
+
hostname
+
String
+
Computer's hostname
+
Must be unique accross computers using the same device
+
+
+
+
system_pad_directory
+
String
+
.pamusb
+
Relative path to the user's home used to store one time pads
+
+
+
device_pad_directory
+
String
+
.pamusb
+
Relative path to the device used to store one time pads
+
+
+
+Example:
+
+```xml
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-===== Devices =====
-
-^ Name ^ Type ^ Description ^
-Example ^
-| id | Attribute | Arbitrary device name |
-MyDevice |
-| vendor | Element | device's vendor name |
-SanDisk Corp. |
-| model | Element | device's model name |
-Cruzer Titanium |
-| serial | Element | serial number of the device |
-SNDKXXXXXXXXXXXXXXXX |
-| volume_uuid | Element | UUID of the device's volume used to store pads |
-6F6B-42FC |
-
-
-* Example:
-
+```
+
+Devices
+-------
+
+
+
+
Name
+
Type
+
Description
+
Example
+
+
+
+
id
+
Attribute
+
Arbitrary device name
+
MyDevice
+
+
+
+
vendor
+
Element
+
device's vendor name
+
SanDisk Corp.
+
+
+
+
model
+
Element
+
device's model name
+
Cruzer Titanium
+
+
+
+
serial
+
Element
+
serial number of the device
+
SNDKXXXXXXXXXXXXXXXX
+
+
+
+
volume_uuid
+
Element
+
UUID of the device's volume used to store pads
+
6F6B-42FC
+
+
+
+Example:
+
+```xml
-SanDisk Corp.
-Cruzer Titanium
-SNDKXXXXXXXXXXXXXXXX
-6F6B-42FC
-
-
-
-
-===== Users =====
-
-^ Name ^ Type ^ Description ^
-Example ^
-| id | Attribute | Login of the user | root
-|
-| device | Element | id of the device associated to the user |
-MyDevice |
-| agent | Element | Agent commands, for use with pamusb-agent | See
-below |
-
-* Example:
-
-
-MyDevice
-
-
-gnome-screensaver-command --lock
-beep-media-player --pause
-
-
-gnome-screensaver-command --deactivate
-beep-media-player --play
-
-
-===== Services =====
-
-^ Name ^ Type ^ Description ^ Example ^
-| id | Attribute | Name of the service | su |
-
-
-
-
-
-
-
-
-===== Full example =====
-
-This example demonstrates how to write a pam_usb configuration file and how to
-combine and override options.
-
-
-
-
-
- -->
-
- -->
-
-
-
-
-
-
SanDisk Corp.Cruzer TitaniumSNDKXXXXXXXXXXXXXXXX6F6B-42FC
-
+
+```
+
+Users
+-----
+
+
+
+Example:
+```xml
+
-
-
-
+
+```
-
-
+Location of the configuration file
+----------------------------------
-
-
- MyDevice
+By default, pam_usb.so and its tools will look for the configuration file at `/etc/pamusb.conf`.
-
-
-
+If you want to use a different location, you will have to use the `-c` flag.
-
-
- MyDevice
+ # /etc/pam.d/common-auth
+ auth sufficient pam_usb.so -c /some/other/path.conf
+ auth required pam_unix.so nullok_secure
-
-
+You will also have to use the -c option when calling pam_usb's tools.
-
- gnome-screensaver-command --lock
- gnome-screensaver-command --deactivate
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+ pamusb-agent -c /some/other/path.conf