/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

First version of a somewhat complete D-Bus server interface.  Also
change user/group name to "_mandos".

* debian/mandos.postinst: Rename old "mandos" user and group to
                          "_mandos"; create "_mandos" user and group
                          if none exist.
* debian/mandos-client.postinst: - '' -

* initramfs-tools-hook: Try "_mandos" before "mandos" as user and
                        group name.

* mandos (_datetime_to_dbus_struct): New; was previously local.
  (Client.started): Renamed to "last_started".  All users changed.
  (Client.started): New; boolean.
  (Client.dbus_object_path): New.
  (Client.check_command): Renamed to "checker_command".  All users
                          changed.
  (Client.__init__): Set and use "self.dbus_object_path".  Set
                     "self.started".
  (Client.start): Update "self.started".  Emit "self.PropertyChanged"
                  signals for both "started" and "last_started".
  (Client.stop): Update "self.started".  Emit "self.PropertyChanged"
                 signal for "started".
  (Client.checker_callback): Take additional "command" argument.  All
                             callers changed. Emit
                             "self.PropertyChanged" signal.
  (Client.bump_timeout): Emit "self.PropertyChanged" signal for
                         "last_checked_ok".
  (Client.start_checker): Emit "self.PropertyChanged" signal for
                          "checker_running".
  (Client.stop_checker): Emit "self.PropertyChanged" signal for
                         "checker_running".
  (Client.still_valid): Bug fix: use "getattr(self, started, False)"
                        instead of "self.started" in case this client
                        object is so new that the "started" attribute
                        has not been created yet.
  (Client.IntervalChanged, Client.CheckerIsRunning, Client.GetChecker,
  Client.GetCreated, Client.GetFingerprint, Client.GetHost,
  Client.GetInterval, Client.GetName, Client.GetStarted,
  Client.GetTimeout, Client.StateChanged, Client.TimeoutChanged):
  Removed; all callers changed.
  (Client.CheckerCompleted): Add "condition" and "command" arguments.
                             All callers changed.
  (Client.GetAllProperties, Client.PropertyChanged): New.
  (Client.StillValid): Renamed to "IsStillValid".
  (Client.StartChecker): Changed to its own function to avoid the
                         return value from "Client.start_checker()".
  (Client.Stop): Changed to its own function to avoid the return value
                 from "Client.stop()".
  (main): Try "_mandos" before "mandos" as user and group name.
          Removed inner function "remove_from_clients".  New inner
          class "MandosServer".

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-keygen">
5
 
<!ENTITY TIMESTAMP "2018-02-08">
 
5
<!ENTITY TIMESTAMP "2008-10-03">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
19
19
        <firstname>Björn</firstname>
20
20
        <surname>Påhlsson</surname>
21
21
        <address>
22
 
          <email>belorn@recompile.se</email>
 
22
          <email>belorn@fukt.bsnet.se</email>
23
23
        </address>
24
24
      </author>
25
25
      <author>
26
26
        <firstname>Teddy</firstname>
27
27
        <surname>Hogeborn</surname>
28
28
        <address>
29
 
          <email>teddy@recompile.se</email>
 
29
          <email>teddy@fukt.bsnet.se</email>
30
30
        </address>
31
31
      </author>
32
32
    </authorgroup>
33
33
    <copyright>
34
34
      <year>2008</year>
35
 
      <year>2009</year>
36
 
      <year>2010</year>
37
 
      <year>2011</year>
38
 
      <year>2012</year>
39
 
      <year>2013</year>
40
 
      <year>2014</year>
41
 
      <year>2015</year>
42
 
      <year>2016</year>
43
 
      <year>2017</year>
44
 
      <year>2018</year>
45
35
      <holder>Teddy Hogeborn</holder>
46
36
      <holder>Björn Påhlsson</holder>
47
37
    </copyright>
126
116
        <replaceable>TIME</replaceable></option></arg>
127
117
      </group>
128
118
      <sbr/>
129
 
      <group>
130
 
        <arg choice="plain"><option>--force</option></arg>
131
 
        <arg choice="plain"><option>-f</option></arg>
132
 
      </group>
 
119
      <arg><option>--force</option></arg>
133
120
    </cmdsynopsis>
134
121
    <cmdsynopsis>
135
122
      <command>&COMMANDNAME;</command>
155
142
        <arg choice="plain"><option>-n
156
143
        <replaceable>NAME</replaceable></option></arg>
157
144
      </group>
158
 
      <group>
159
 
        <arg choice="plain"><option>--no-ssh</option></arg>
160
 
        <arg choice="plain"><option>-S</option></arg>
161
 
      </group>
162
145
    </cmdsynopsis>
163
146
    <cmdsynopsis>
164
147
      <command>&COMMANDNAME;</command>
229
212
        <listitem>
230
213
          <para>
231
214
            Target directory for key files.  Default is
232
 
            <filename class="directory">/etc/mandos</filename>.
 
215
            <filename>/etc/mandos</filename>.
233
216
          </para>
234
217
        </listitem>
235
218
      </varlistentry>
241
224
        <replaceable>TYPE</replaceable></option></term>
242
225
        <listitem>
243
226
          <para>
244
 
            Key type.  Default is <quote>RSA</quote>.
 
227
            Key type.  Default is <quote>DSA</quote>.
245
228
          </para>
246
229
        </listitem>
247
230
      </varlistentry>
253
236
        <replaceable>BITS</replaceable></option></term>
254
237
        <listitem>
255
238
          <para>
256
 
            Key length in bits.  Default is 4096.
 
239
            Key length in bits.  Default is 2048.
257
240
          </para>
258
241
        </listitem>
259
242
      </varlistentry>
265
248
        <replaceable>KEYTYPE</replaceable></option></term>
266
249
        <listitem>
267
250
          <para>
268
 
            Subkey type.  Default is <quote>RSA</quote> (Elgamal
 
251
            Subkey type.  Default is <quote>ELG-E</quote> (Elgamal
269
252
            encryption-only).
270
253
          </para>
271
254
        </listitem>
278
261
        <replaceable>BITS</replaceable></option></term>
279
262
        <listitem>
280
263
          <para>
281
 
            Subkey length in bits.  Default is 4096.
 
264
            Subkey length in bits.  Default is 2048.
282
265
          </para>
283
266
        </listitem>
284
267
      </varlistentry>
302
285
        <replaceable>TEXT</replaceable></option></term>
303
286
        <listitem>
304
287
          <para>
305
 
            Comment field for key.  Default is empty.
 
288
            Comment field for key.  The default value is
 
289
            <quote><literal>Mandos client key</literal></quote>.
306
290
          </para>
307
291
        </listitem>
308
292
      </varlistentry>
360
344
          </para>
361
345
        </listitem>
362
346
      </varlistentry>
363
 
      <varlistentry>
364
 
        <term><option>--no-ssh</option></term>
365
 
        <term><option>-S</option></term>
366
 
        <listitem>
367
 
          <para>
368
 
            When <option>--password</option> or
369
 
            <option>--passfile</option> is given, this option will
370
 
            prevent <command>&COMMANDNAME;</command> from calling
371
 
            <command>ssh-keyscan</command> to get an SSH fingerprint
372
 
            for this host and, if successful, output suitable config
373
 
            options to use this fingerprint as a
374
 
            <option>checker</option> option in the output.  This is
375
 
            otherwise the default behavior.
376
 
          </para>
377
 
        </listitem>
378
 
      </varlistentry>
379
347
    </variablelist>
380
348
  </refsect1>
381
349
  
441
409
        </listitem>
442
410
      </varlistentry>
443
411
      <varlistentry>
444
 
        <term><filename class="directory">/tmp</filename></term>
 
412
        <term><filename>/tmp</filename></term>
445
413
        <listitem>
446
414
          <para>
447
415
            Temporary files will be written here if
452
420
    </variablelist>
453
421
  </refsect1>
454
422
  
455
 
  <refsect1 id="bugs">
456
 
    <title>BUGS</title>
457
 
    <xi:include href="bugs.xml"/>
458
 
  </refsect1>
 
423
<!--   <refsect1 id="bugs"> -->
 
424
<!--     <title>BUGS</title> -->
 
425
<!--     <para> -->
 
426
<!--     </para> -->
 
427
<!--   </refsect1> -->
459
428
  
460
429
  <refsect1 id="example">
461
430
    <title>EXAMPLE</title>
481
450
    </informalexample>
482
451
    <informalexample>
483
452
      <para>
484
 
        Prompt for a password, encrypt it with the key in <filename
485
 
        class="directory">/etc/mandos</filename> and output a section
486
 
        suitable for <filename>clients.conf</filename>.
 
453
        Prompt for a password, encrypt it with the key in
 
454
        <filename>/etc/mandos</filename> and output a section suitable
 
455
        for <filename>clients.conf</filename>.
487
456
      </para>
488
457
      <para>
489
458
        <userinput>&COMMANDNAME; --password</userinput>
522
491
  <refsect1 id="see_also">
523
492
    <title>SEE ALSO</title>
524
493
    <para>
525
 
      <citerefentry><refentrytitle>intro</refentrytitle>
526
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
527
494
      <citerefentry><refentrytitle>gpg</refentrytitle>
528
495
      <manvolnum>1</manvolnum></citerefentry>,
529
496
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
531
498
      <citerefentry><refentrytitle>mandos</refentrytitle>
532
499
      <manvolnum>8</manvolnum></citerefentry>,
533
500
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
534
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
535
 
      <citerefentry><refentrytitle>ssh-keyscan</refentrytitle>
536
 
      <manvolnum>1</manvolnum></citerefentry>
 
501
      <manvolnum>8mandos</manvolnum></citerefentry>
537
502
    </para>
538
503
  </refsect1>
539
504