/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/password-prompt.xml

  • Committer: Teddy Hogeborn
  • Date: 2011-11-26 20:59:56 UTC
  • mto: (237.12.8 mandos-persistent)
  • mto: This revision was merged to the branch mainline in revision 290.
  • Revision ID: teddy@recompile.se-20111126205956-vft6g0z2i6my0165
Use GPG to encrypt instead of AES.

* Makefile (run-server): Use "--no-restore" option.
* debian/control (mandos/Depends): Added "python-gnupginterface".
* mandos: (CryptoError, Crypto): New; uses GPG.
  (Client.encrypt_secret, Client.decrypt_secret): Removed.
  (ClientHandler.fingerprint): Use binascii.hexlify().
  (main): Use Crypto class to decrypt.
  (main/cleanup): Use Crypto class to encrypt.  Handle EACCES.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "password-prompt">
5
 
<!ENTITY TIMESTAMP "2019-07-27">
 
5
<!ENTITY TIMESTAMP "2011-10-03">
6
6
<!ENTITY % common SYSTEM "../common.ent">
7
7
%common;
8
8
]>
33
33
    <copyright>
34
34
      <year>2008</year>
35
35
      <year>2009</year>
36
 
      <year>2010</year>
37
36
      <year>2011</year>
38
 
      <year>2012</year>
39
 
      <year>2013</year>
40
 
      <year>2014</year>
41
 
      <year>2015</year>
42
 
      <year>2016</year>
43
 
      <year>2017</year>
44
 
      <year>2018</year>
45
 
      <year>2019</year>
46
37
      <holder>Teddy Hogeborn</holder>
47
38
      <holder>Björn Påhlsson</holder>
48
39
    </copyright>
69
60
        >PREFIX</replaceable></arg>
70
61
      </group>
71
62
      <sbr/>
72
 
      <arg choice="opt">
73
 
        <option>--prompt <replaceable>PROMPT</replaceable></option>
74
 
      </arg>
75
63
      <arg choice="opt"><option>--debug</option></arg>
76
64
    </cmdsynopsis>
77
65
    <cmdsynopsis>
113
101
      wrapper, although actual use of that function is not guaranteed
114
102
      or implied.
115
103
    </para>
116
 
    <para>
117
 
      This program tries to detect if a Plymouth daemon
118
 
      (<citerefentry><refentrytitle
119
 
      >plymouthd</refentrytitle><manvolnum>8</manvolnum></citerefentry>)
120
 
      is running, by looking for a
121
 
      <filename>/run/plymouth/pid</filename> file or a process named
122
 
      <quote><literal>plymouthd</literal></quote>.  If it is detected,
123
 
      this process will immediately exit without doing anything.
124
 
    </para>
125
104
  </refsect1>
126
105
  
127
106
  <refsect1 id="options">
150
129
      </varlistentry>
151
130
      
152
131
      <varlistentry>
153
 
        <term><option>--prompt=<replaceable
154
 
        >PROMPT</replaceable></option></term>
155
 
        <listitem>
156
 
          <para>
157
 
            The password prompt.  Using this option will make this
158
 
            program ignore the <envar>CRYPTTAB_SOURCE</envar> and
159
 
            <envar>CRYPTTAB_NAME</envar> environment variables.
160
 
          </para>
161
 
        </listitem>
162
 
      </varlistentry>
163
 
      
164
 
      <varlistentry>
165
132
        <term><option>--debug</option></term>
166
133
        <listitem>
167
134
          <para>
221
188
        <term><envar>CRYPTTAB_NAME</envar></term>
222
189
        <listitem>
223
190
          <para>
224
 
            If set, and if the <option>--prompt</option> option is not
225
 
            used, these environment variables will be assumed to
 
191
            If set, these environment variables will be assumed to
226
192
            contain the source device name and the target device
227
193
            mapper name, respectively, and will be shown as part of
228
194
            the prompt.
230
196
        <para>
231
197
          These variables will normally be inherited from
232
198
          <citerefentry><refentrytitle>plugin-runner</refentrytitle>
233
 
          <manvolnum>8mandos</manvolnum></citerefentry>, which might
234
 
          have in turn inherited them from its calling process.
 
199
          <manvolnum>8mandos</manvolnum></citerefentry>, which will
 
200
          normally have inherited them from
 
201
          <filename>/scripts/local-top/cryptroot</filename> in the
 
202
          initial <acronym>RAM</acronym> disk environment, which will
 
203
          have set them from parsing kernel arguments and
 
204
          <filename>/conf/conf.d/cryptroot</filename> (also in the
 
205
          initial RAM disk environment), which in turn will have been
 
206
          created when the initial RAM disk image was created by
 
207
          <filename
 
208
          >/usr/share/initramfs-tools/hooks/cryptroot</filename>, by
 
209
          extracting the information of the root file system from
 
210
          <filename >/etc/crypttab</filename>.
235
211
        </para>
236
212
        <para>
237
213
          This behavior is meant to exactly mirror the behavior of
238
 
          <command>askpass</command>, the default password prompter
239
 
          from initramfs-tools.
 
214
          <command>askpass</command>, the default password prompter.
240
215
        </para>
241
216
        </listitem>
242
217
      </varlistentry>
245
220
  
246
221
  <refsect1 id="bugs">
247
222
    <title>BUGS</title>
248
 
    <xi:include href="../bugs.xml"/>
 
223
    <para>
 
224
      None are known at this time.
 
225
    </para>
249
226
  </refsect1>
250
227
  
251
228
  <refsect1 id="example">
317
294
    <title>SEE ALSO</title>
318
295
    <para>
319
296
      <citerefentry><refentrytitle>intro</refentrytitle>
320
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
297
      <manvolnum>8mandos</manvolnum></citerefentry>
 
298
      <citerefentry><refentrytitle>crypttab</refentrytitle>
 
299
      <manvolnum>5</manvolnum></citerefentry>
321
300
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
322
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
301
      <manvolnum>8mandos</manvolnum></citerefentry>
323
302
      <citerefentry><refentrytitle>plugin-runner</refentrytitle>
324
303
      <manvolnum>8mandos</manvolnum></citerefentry>,
325
 
      <citerefentry><refentrytitle>plymouthd</refentrytitle>
326
 
      <manvolnum>8</manvolnum></citerefentry>
327
304
    </para>
328
305
  </refsect1>
329
306
</refentry>