59
59
Must create in preinst if not pre-depending on cryptsetup
62
** [#A] Man page: man8/password-prompt.8mandos
64
Document short options
66
Note that this is more or less a simple getpass(3) wrapper, even
67
though actual use of getpass(3) is not guaranteed.
70
Document use of "cryptsource" and "crypttarget".
74
Examples of normal usage, debug usage, with a prefix, etc.
76
Not much to do here but it is noteworthy to state the danger of
77
not having a fallback option.
79
Refer to mandos-client(8mandos) and password-request(8mandos)
80
and also, perhaps, to cryptsetup(8)?
62
** [#C] Use getpass(3)?
82
63
Man page says "obsolete", but [[info:libc:getpass][GNU LibC Manual: Reading Passwords]]
83
64
does not. See also [[http://sources.redhat.com/ml/libc-alpha/2003-05/msg00251.html][Marcus Brinkmann: Re: getpass obsolete?]] and
84
65
[[http://article.gmane.org/gmane.comp.lib.glibc.alpha/4906][Petter Reinholdtsen: Re: getpass obsolete?]], and especially also
85
66
[[http://www.steve.org.uk/Reference/Unix/faq_4.html#SEC48][Unix Programming FAQ 3.1 How can I make my program not echo input?]]
88
** run gnutls_openpgp_crt_verify_self() and verify clients certificates
89
** [#A] Config file man page: man5/mandos-clients.conf (clients.conf)
90
*** For option "secret", document which program can help generate it.
91
69
** [#A] /etc/init.d/mandos-server :teddy:
92
70
** [#B] Log level :bugs:
93
71
** /etc/mandos/clients.d/*.conf
92
Go through all man pages to conform to the style of tags chosen in
93
[[http://svn.debian.org/wsvn/debian-xml-sgml/packages/docbook-xsl/trunk/debian/examples/foo.1.example_manpage.xml?op=file&rev=0&sc=0][foo.1.example_manpage.xml]]. In particular:
94
*** Synopsis <arg> and <option> tags
95
*** EXAMPLES &COMMANDNAME;
96
** Use xinclude for common sections
97
Like copyright, authors, etc.
114
104
*** Update initrd.img after installation
115
105
This seems to use some kind of "trigger" system
106
[[file:/usr/share/doc/dpkg/triggers.txt.gz]]
107
dpkg-trigger(1), deb-triggers(5)
116
108
*** Keydir move: /etc/mandos -> /etc/keys/mandos
117
109
Must create in preinst if not pre-depending on cryptsetup
118
110
*** mandos-keygen
119
**** [#A] Output cut-and-paste ready snippet for clients.conf.
111
**** "--passfile" option
112
Using the "secfile" option instead of "secret"
113
**** [#A] "--test" option
114
For testing decryption before rebooting.
121
116
*** [#A] Create mandos user and group for server
122
117
*** [#A] Create /var/run/mandos directory with perm and ownership