/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.conf.xml

First version of a somewhat complete D-Bus server interface.  Also
change user/group name to "_mandos".

* debian/mandos.postinst: Rename old "mandos" user and group to
                          "_mandos"; create "_mandos" user and group
                          if none exist.
* debian/mandos-client.postinst: - '' -

* initramfs-tools-hook: Try "_mandos" before "mandos" as user and
                        group name.

* mandos (_datetime_to_dbus_struct): New; was previously local.
  (Client.started): Renamed to "last_started".  All users changed.
  (Client.started): New; boolean.
  (Client.dbus_object_path): New.
  (Client.check_command): Renamed to "checker_command".  All users
                          changed.
  (Client.__init__): Set and use "self.dbus_object_path".  Set
                     "self.started".
  (Client.start): Update "self.started".  Emit "self.PropertyChanged"
                  signals for both "started" and "last_started".
  (Client.stop): Update "self.started".  Emit "self.PropertyChanged"
                 signal for "started".
  (Client.checker_callback): Take additional "command" argument.  All
                             callers changed. Emit
                             "self.PropertyChanged" signal.
  (Client.bump_timeout): Emit "self.PropertyChanged" signal for
                         "last_checked_ok".
  (Client.start_checker): Emit "self.PropertyChanged" signal for
                          "checker_running".
  (Client.stop_checker): Emit "self.PropertyChanged" signal for
                         "checker_running".
  (Client.still_valid): Bug fix: use "getattr(self, started, False)"
                        instead of "self.started" in case this client
                        object is so new that the "started" attribute
                        has not been created yet.
  (Client.IntervalChanged, Client.CheckerIsRunning, Client.GetChecker,
  Client.GetCreated, Client.GetFingerprint, Client.GetHost,
  Client.GetInterval, Client.GetName, Client.GetStarted,
  Client.GetTimeout, Client.StateChanged, Client.TimeoutChanged):
  Removed; all callers changed.
  (Client.CheckerCompleted): Add "condition" and "command" arguments.
                             All callers changed.
  (Client.GetAllProperties, Client.PropertyChanged): New.
  (Client.StillValid): Renamed to "IsStillValid".
  (Client.StartChecker): Changed to its own function to avoid the
                         return value from "Client.start_checker()".
  (Client.Stop): Changed to its own function to avoid the return value
                 from "Client.stop()".
  (main): Try "_mandos" before "mandos" as user and group name.
          Removed inner function "remove_from_clients".  New inner
          class "MandosServer".

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos.conf.xml
1
 
<?xml version='1.0' encoding='UTF-8'?>
 
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY VERSION "1.0">
5
4
<!ENTITY CONFNAME "mandos.conf">
6
5
<!ENTITY CONFPATH "<filename>/etc/mandos/mandos.conf</filename>">
7
 
<!ENTITY OVERVIEW SYSTEM "overview.xml">
 
6
<!ENTITY TIMESTAMP "2008-09-30">
 
7
<!ENTITY % common SYSTEM "common.ent">
 
8
%common;
8
9
]>
9
10
 
10
11
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
11
12
  <refentryinfo>
12
 
    <title>&CONFNAME;</title>
 
13
    <title>Mandos Manual</title>
13
14
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
14
 
    <productname>&CONFNAME;</productname>
15
 
    <productnumber>&VERSION;</productnumber>
 
15
    <productname>Mandos</productname>
 
16
    <productnumber>&version;</productnumber>
 
17
    <date>&TIMESTAMP;</date>
16
18
    <authorgroup>
17
19
      <author>
18
20
        <firstname>Björn</firstname>
34
36
      <holder>Teddy Hogeborn</holder>
35
37
      <holder>Björn Påhlsson</holder>
36
38
    </copyright>
37
 
    <legalnotice>
38
 
      <para>
39
 
        This manual page is free software: you can redistribute it
40
 
        and/or modify it under the terms of the GNU General Public
41
 
        License as published by the Free Software Foundation,
42
 
        either version 3 of the License, or (at your option) any
43
 
        later version.
44
 
      </para>
45
 
 
46
 
      <para>
47
 
        This manual page is distributed in the hope that it will
48
 
        be useful, but WITHOUT ANY WARRANTY; without even the
49
 
        implied warranty of MERCHANTABILITY or FITNESS FOR A
50
 
        PARTICULAR PURPOSE.  See the GNU General Public License
51
 
        for more details.
52
 
      </para>
53
 
 
54
 
      <para>
55
 
        You should have received a copy of the GNU General Public
56
 
        License along with this program; If not, see
57
 
        <ulink url="http://www.gnu.org/licenses/"/>.
58
 
      </para>
59
 
    </legalnotice>
 
39
    <xi:include href="legalnotice.xml"/>
60
40
  </refentryinfo>
61
 
 
 
41
  
62
42
  <refmeta>
63
43
    <refentrytitle>&CONFNAME;</refentrytitle>
64
44
    <manvolnum>5</manvolnum>
70
50
      Configuration file for the Mandos server
71
51
    </refpurpose>
72
52
  </refnamediv>
73
 
 
 
53
  
74
54
  <refsynopsisdiv>
75
 
    <synopsis>
76
 
      &CONFPATH;
77
 
    </synopsis>
 
55
    <synopsis>&CONFPATH;</synopsis>
78
56
  </refsynopsisdiv>
79
 
 
 
57
  
80
58
  <refsect1 id="description">
81
59
    <title>DESCRIPTION</title>
82
60
    <para>
83
61
      The file &CONFPATH; is a simple configuration file for
84
62
      <citerefentry><refentrytitle>mandos</refentrytitle>
85
63
      <manvolnum>8</manvolnum></citerefentry>, and is read by it at
86
 
      startup.  The configuration file starts with
87
 
      <quote><literal>[DEFAULT]</literal></quote> on a line by itself,
88
 
      followed by any number of
89
 
      <quote><varname><replaceable>option</replaceable></varname>=<replaceable>value</replaceable></quote>
90
 
      entries, with continuations in the style of RFC 822.
91
 
      <quote><varname><replaceable>option</replaceable></varname>:
92
 
      <replaceable>value</replaceable></quote> is also accepted.  Note
93
 
      that leading whitespace is removed from values.  Lines beginning
94
 
      with <quote>#</quote> or <quote>;</quote> are ignored and may be
95
 
      used to provide comments.
 
64
      startup.  The configuration file starts with <quote><literal
 
65
      >[DEFAULT]</literal></quote> on a line by itself, followed by
 
66
      any number of <quote><varname><replaceable>option</replaceable
 
67
      ></varname>=<replaceable>value</replaceable></quote> entries,
 
68
      with continuations in the style of RFC 822.  <quote><varname
 
69
      ><replaceable>option</replaceable></varname>: <replaceable
 
70
      >value</replaceable></quote> is also accepted.  Note that
 
71
      leading whitespace is removed from values.  Lines beginning with
 
72
      <quote>#</quote> or <quote>;</quote> are ignored and may be used
 
73
      to provide comments.
96
74
    </para>
97
 
 
 
75
    
98
76
  </refsect1>
99
77
  <refsect1>
100
78
    <title>OPTIONS</title>
101
79
    
102
80
    <variablelist>
103
81
      <varlistentry>
104
 
        <term><varname>interface</varname></term>
 
82
        <term><option>interface<literal> = </literal><replaceable
 
83
        >NAME</replaceable></option></term>
105
84
        <listitem>
106
 
          <synopsis><literal>interface = </literal><arg
107
 
          choice="plain"><replaceable>IF</replaceable></arg>
108
 
          </synopsis>
109
85
          <xi:include href="mandos-options.xml" xpointer="interface"/>
110
86
        </listitem>
111
87
      </varlistentry>
112
 
 
 
88
      
113
89
      <varlistentry>
114
 
        <term><varname>address</varname></term>
 
90
        <term><option>address<literal> = </literal><replaceable
 
91
          >ADDRESS</replaceable></option></term>
115
92
        <listitem>
116
 
          <synopsis><literal>address = </literal><arg
117
 
          choice="plain"><replaceable>ADDRESS</replaceable></arg>
118
 
          </synopsis>
119
93
          <xi:include href="mandos-options.xml" xpointer="address"/>
120
94
        </listitem>
121
95
      </varlistentry>
122
 
 
 
96
      
123
97
      <varlistentry>
124
 
        <term><varname>port</varname></term>
 
98
        <term><option>port<literal> = </literal><replaceable
 
99
        >NUMBER</replaceable></option></term>
125
100
        <listitem>
126
 
          <synopsis><literal>port = </literal><arg
127
 
          choice="plain"><replaceable>PORT</replaceable></arg>
128
 
          </synopsis>
129
101
          <xi:include href="mandos-options.xml" xpointer="port"/>
130
102
        </listitem>
131
103
      </varlistentry>
132
 
 
 
104
      
133
105
      <varlistentry>
134
 
        <term><varname>debug</varname></term>
 
106
        <term><option>debug<literal> = </literal>{ <literal
 
107
          >1</literal> | <literal>yes</literal> | <literal
 
108
          >true</literal> | <literal>on</literal> | <literal
 
109
          >0</literal> | <literal>no</literal> | <literal
 
110
          >false</literal> | <literal>off</literal> }</option></term>
135
111
        <listitem>
136
 
          <synopsis><literal>debug =</literal><group choice="req">
137
 
            <arg choice="plain">1</arg>
138
 
            <arg choice="plain">yes</arg>
139
 
            <arg choice="plain">true</arg>
140
 
            <arg choice="plain">on</arg>
141
 
            <arg choice="plain">0</arg>
142
 
            <arg choice="plain">no</arg>
143
 
            <arg choice="plain">false</arg>
144
 
            <arg choice="plain">off</arg>
145
 
          </group>
146
 
          </synopsis>
147
112
          <xi:include href="mandos-options.xml" xpointer="debug"/>
148
113
        </listitem>
149
114
      </varlistentry>
150
 
 
 
115
      
151
116
      <varlistentry>
152
 
        <term><varname>priority</varname></term>
 
117
        <term><option>priority<literal> = </literal><replaceable
 
118
        >STRING</replaceable></option></term>
153
119
        <listitem>
154
 
          <synopsis><literal>priority = </literal><arg
155
 
          choice="plain"><replaceable>PRIORITY</replaceable></arg>
156
 
          </synopsis>
157
120
          <xi:include href="mandos-options.xml" xpointer="priority"/>
158
121
        </listitem>
159
122
      </varlistentry>
160
 
 
 
123
      
161
124
      <varlistentry>
162
 
        <term><varname>servicename</varname></term>
163
 
          <synopsis><literal>servicename = </literal><arg
164
 
          choice="plain"><replaceable>NAME</replaceable></arg>
165
 
          </synopsis>
 
125
        <term><option>servicename<literal> = </literal
 
126
        ><replaceable>NAME</replaceable></option></term>
166
127
        <listitem>
167
128
          <xi:include href="mandos-options.xml"
168
129
                      xpointer="servicename"/>
183
144
    <title>BUGS</title>
184
145
    <para>
185
146
      The <literal>[DEFAULT]</literal> is necessary because the Python
186
 
      module <systemitem class="library">ConfigParser</systemitem>
187
 
      requres it.
 
147
      built-in module <systemitem class="library">ConfigParser</systemitem>
 
148
      requires it.
188
149
    </para>
189
150
  </refsect1>
190
151
  
191
152
  <refsect1 id="example">
192
153
    <title>EXAMPLE</title>
193
154
    <informalexample>
 
155
      <para>
 
156
        No options are actually required:
 
157
      </para>
 
158
      <programlisting>
 
159
[DEFAULT]
 
160
      </programlisting>
 
161
    </informalexample>
 
162
    <informalexample>
 
163
      <para>
 
164
        An example using all the options:
 
165
      </para>
194
166
      <programlisting>
195
167
[DEFAULT]
196
168
# A configuration example
199
171
port = 1025
200
172
debug = true
201
173
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
202
 
servicename = Mandos
 
174
servicename = Daena
203
175
      </programlisting>
204
176
    </informalexample>
205
177
  </refsect1>
 
178
  
 
179
  <refsect1 id="see_also">
 
180
    <title>SEE ALSO</title>
 
181
    <para>
 
182
      <citerefentry><refentrytitle>gnutls_priority_init</refentrytitle
 
183
      ><manvolnum>3</manvolnum></citerefentry>,
 
184
      <citerefentry><refentrytitle>mandos</refentrytitle>
 
185
      <manvolnum>8</manvolnum></citerefentry>,
 
186
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
 
187
      <manvolnum>5</manvolnum></citerefentry>
 
188
    </para>
 
189
    
 
190
    <variablelist>
 
191
      <varlistentry>
 
192
        <term>
 
193
          RFC 4291: <citetitle>IP Version 6 Addressing
 
194
          Architecture</citetitle>
 
195
        </term>
 
196
        <listitem>
 
197
          <variablelist>
 
198
            <varlistentry>
 
199
              <term>Section 2.2: <citetitle>Text Representation of
 
200
              Addresses</citetitle></term>
 
201
              <listitem><para/></listitem>
 
202
            </varlistentry>
 
203
            <varlistentry>
 
204
              <term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6
 
205
              Address</citetitle></term>
 
206
              <listitem><para/></listitem>
 
207
            </varlistentry>
 
208
            <varlistentry>
 
209
            <term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast
 
210
            Addresses</citetitle></term>
 
211
            <listitem>
 
212
              <para>
 
213
                The clients use IPv6 link-local addresses, which are
 
214
                immediately usable since a link-local addresses is
 
215
                automatically assigned to a network interfaces when it
 
216
                is brought up.
 
217
              </para>
 
218
            </listitem>
 
219
            </varlistentry>
 
220
          </variablelist>
 
221
        </listitem>
 
222
      </varlistentry>
 
223
      <varlistentry>
 
224
        <term>
 
225
          <ulink url="http://www.zeroconf.org/">Zeroconf</ulink>
 
226
        </term>
 
227
        <listitem>
 
228
          <para>
 
229
            Zeroconf is the network protocol standard used by clients
 
230
            for finding the Mandos server on the local network.
 
231
          </para>
 
232
        </listitem>
 
233
      </varlistentry>
 
234
    </variablelist>
 
235
  </refsect1>
206
236
</refentry>
 
237
<!-- Local Variables: -->
 
238
<!-- time-stamp-start: "<!ENTITY TIMESTAMP [\"']" -->
 
239
<!-- time-stamp-end: "[\"']>" -->
 
240
<!-- time-stamp-format: "%:y-%02m-%02d" -->
 
241
<!-- End: -->