/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-09-07 09:36:35 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080907093635-yg1y272yv53dijhp
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
                      /usr/local install and a package install.
  (KEYDIR): Changed /usr/local install value to be "/etc/mandos/keys".
  (INITRAMFSTOOLS): Use $(DESTDIR) in /usr/local value too.

* initramfs-tools-hook: Look in "/etc/mandos/keys" too.

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY VERSION "1.0">
5
5
<!ENTITY COMMANDNAME "mandos">
6
 
<!ENTITY TIMESTAMP "2008-09-01">
 
6
<!ENTITY TIMESTAMP "2008-09-06">
7
7
]>
8
8
 
9
9
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
115
115
      Any authenticated client is then given the stored pre-encrypted
116
116
      password for that specific client.
117
117
    </para>
118
 
 
119
118
  </refsect1>
120
119
  
121
120
  <refsect1 id="purpose">
122
121
    <title>PURPOSE</title>
123
 
 
124
122
    <para>
125
123
      The purpose of this is to enable <emphasis>remote and unattended
126
124
      rebooting</emphasis> of client host computer with an
127
125
      <emphasis>encrypted root file system</emphasis>.  See <xref
128
126
      linkend="overview"/> for details.
129
127
    </para>
130
 
    
131
128
  </refsect1>
132
129
  
133
130
  <refsect1 id="options">
134
131
    <title>OPTIONS</title>
135
 
    
136
132
    <variablelist>
137
133
      <varlistentry>
138
134
        <term><option>--help</option></term>
383
379
        </listitem>
384
380
      </varlistentry>
385
381
      <varlistentry>
386
 
        <term><filename>/var/run/mandos/mandos.pid</filename></term>
 
382
        <term><filename>/var/run/mandos.pid</filename></term>
387
383
        <listitem>
388
384
          <para>
389
385
            The file containing the process id of
438
434
      Debug mode is conflated with running in the foreground.
439
435
    </para>
440
436
    <para>
441
 
      The console log messages does not show a timestamp.
 
437
      The console log messages does not show a time stamp.
 
438
    </para>
 
439
    <para>
 
440
      This server does not check the expire time of clients’ OpenPGP
 
441
      keys.
442
442
    </para>
443
443
  </refsect1>
444
444
  
487
487
      <para>
488
488
        Running this <command>&COMMANDNAME;</command> server program
489
489
        should not in itself present any security risk to the host
490
 
        computer running it.  The program does not need any special
491
 
        privileges to run, and is designed to run as a non-root user.
 
490
        computer running it.  The program switches to a non-root user
 
491
        soon after startup.
492
492
      </para>
493
493
    </refsect2>
494
494
    <refsect2 id="CLIENTS">
529
529
      </para>
530
530
      <para>
531
531
        For more details on client-side security, see
532
 
        <citerefentry><refentrytitle>password-request</refentrytitle>
 
532
        <citerefentry><refentrytitle>mandos-client</refentrytitle>
533
533
        <manvolnum>8mandos</manvolnum></citerefentry>.
534
534
      </para>
535
535
    </refsect2>
543
543
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
544
544
        <refentrytitle>mandos.conf</refentrytitle>
545
545
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
546
 
        <refentrytitle>password-request</refentrytitle>
 
546
        <refentrytitle>mandos-client</refentrytitle>
547
547
        <manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>
548
548
        <refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
549
549
      </citerefentry>