/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-clients.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-09-05 16:24:33 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080905162433-58fgx91ae9foxlh1
* Makefile (PIDDIR, USER, GROUP): Removed.
  (install-server): Do not create $(PIDDIR).
  (uninstall-server): Do not remove $(PIDDIR).

* init.d-mandos (PIDFILE): Changed to "/var/run/$NAME.pid".

* mandos (IPv6_TCPServer.enabled): New attribute.
  (IPv6_TCPServer.server_activate): Only call method of superclass if
                                    "self.enabled".
  (IPv6_TCPServer.enable): Set "self.enabled" to True.
  (main): Create client Set() early.  Create IPv6_TCPServer object
          early.  Switch to user and group "mandos", "nobody" or
          65534, if possible.  Enable IPv6_TCPServer *after* switching
          user.

* mandos-keygen (KEYDIR): Changed to "/etc/keys/mandos".

* mandos.xml (FILES): Changed PID file.
  (SECURITY): The server does need to be privileged, but switches to a
              non-privileged user.

* plugin-runner.xml (EXAMPLE): Changed long example to something more
                               realistic.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
 
4
<!ENTITY VERSION "1.0">
4
5
<!ENTITY CONFNAME "mandos-clients.conf">
5
6
<!ENTITY CONFPATH "<filename>/etc/mandos/clients.conf</filename>">
6
 
<!ENTITY TIMESTAMP "2008-10-07">
7
 
<!ENTITY % common SYSTEM "common.ent">
8
 
%common;
 
7
<!ENTITY TIMESTAMP "2008-09-04">
9
8
]>
10
9
 
11
10
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
13
12
    <title>Mandos Manual</title>
14
13
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
15
14
    <productname>Mandos</productname>
16
 
    <productnumber>&version;</productnumber>
 
15
    <productnumber>&VERSION;</productnumber>
17
16
    <date>&TIMESTAMP;</date>
18
17
    <authorgroup>
19
18
      <author>
38
37
    </copyright>
39
38
    <xi:include href="legalnotice.xml"/>
40
39
  </refentryinfo>
41
 
  
 
40
 
42
41
  <refmeta>
43
42
    <refentrytitle>&CONFNAME;</refentrytitle>
44
43
    <manvolnum>5</manvolnum>
50
49
      Configuration file for the Mandos server
51
50
    </refpurpose>
52
51
  </refnamediv>
53
 
  
 
52
 
54
53
  <refsynopsisdiv>
55
54
    <synopsis>&CONFPATH;</synopsis>
56
55
  </refsynopsisdiv>
57
 
  
 
56
 
58
57
  <refsect1 id="description">
59
58
    <title>DESCRIPTION</title>
60
59
    <para>
96
95
    <para>
97
96
      Unknown options are ignored.  The used options are as follows:
98
97
    </para>
99
 
    
 
98
 
100
99
    <variablelist>
101
 
      
 
100
 
102
101
      <varlistentry>
103
102
        <term><option>timeout<literal> = </literal><replaceable
104
103
        >TIME</replaceable></option></term>
127
126
          </para>
128
127
        </listitem>
129
128
      </varlistentry>
130
 
      
 
129
 
131
130
      <varlistentry>
132
131
        <term><option>interval<literal> = </literal><replaceable
133
132
        >TIME</replaceable></option></term>
150
149
          </para>
151
150
        </listitem>
152
151
      </varlistentry>
153
 
      
 
152
 
154
153
      <varlistentry>
155
154
        <term><option>checker<literal> = </literal><replaceable
156
155
        >COMMAND</replaceable></option></term>
224
223
          </para>
225
224
        </listitem>
226
225
      </varlistentry>
227
 
      
 
226
 
228
227
      <varlistentry>
229
228
        <term><option>secfile<literal> = </literal><replaceable
230
229
        >FILENAME</replaceable></option></term>
240
239
            should <emphasis>not</emphasis> be base64-encoded, but
241
240
            will be sent to clients verbatim.
242
241
          </para>
243
 
          <para>
244
 
            File names of the form <filename>~user/foo/bar</filename>
245
 
            and <filename>$<envar>ENVVAR</envar>/foo/bar</filename>
246
 
            are supported.
247
 
          </para>
248
242
        </listitem>
249
243
      </varlistentry>
250
 
      
 
244
 
251
245
      <varlistentry>
252
246
        <term><option><literal>host = </literal><replaceable
253
247
        >STRING</replaceable></option></term>
319
313
        mode is needed to expose an error of this kind.
320
314
      </para>
321
315
    </refsect2>
322
 
    
 
316
 
323
317
  </refsect1>
324
318
  
325
319
  <refsect1 id="files">
379
373
fingerprint = 3e393aeaefb84c7e89e2f547b3a107558fca3a27
380
374
secfile = /etc/mandos/bar-secret
381
375
timeout = 15m
 
376
 
382
377
      </programlisting>
383
378
    </informalexample>
384
379
  </refsect1>