/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.xml

* mandos (main): Bug fix: Do setgid before setuid.  Add verbose GnuTLS
                 debugging messages.
* plugins.d/mandos-client.c (main): Bug fix: Do setgid before setuid.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-client">
5
 
<!ENTITY TIMESTAMP "2010-09-26">
 
5
<!ENTITY TIMESTAMP "2009-01-24">
6
6
<!ENTITY % common SYSTEM "../common.ent">
7
7
%common;
8
8
]>
93
93
      </arg>
94
94
      <sbr/>
95
95
      <arg>
96
 
        <option>--delay <replaceable>SECONDS</replaceable></option>
97
 
      </arg>
98
 
      <sbr/>
99
 
      <arg>
100
96
        <option>--debug</option>
101
97
      </arg>
102
98
    </cmdsynopsis>
195
191
      </varlistentry>
196
192
      
197
193
      <varlistentry>
198
 
        <term><option>--interface=<replaceable
199
 
        >NAME</replaceable></option></term>
 
194
        <term><option>--interface=
 
195
        <replaceable>NAME</replaceable></option></term>
200
196
        <term><option>-i
201
197
        <replaceable>NAME</replaceable></option></term>
202
198
        <listitem>
203
199
          <para>
204
200
            Network interface that will be brought up and scanned for
205
 
            Mandos servers to connect to.  The default is the empty
206
 
            string, which will automatically choose an appropriate
207
 
            interface.
 
201
            Mandos servers to connect to.  The default it
 
202
            <quote><literal>eth0</literal></quote>.
208
203
          </para>
209
204
          <para>
210
205
            If the <option>--connect</option> option is used, this
220
215
            until much later in the boot process, and can not be used
221
216
            by this program.
222
217
          </para>
223
 
          <para>
224
 
            <replaceable>NAME</replaceable> can be the string
225
 
            <quote><literal>none</literal></quote>; this will not use
226
 
            any specific interface, and will not bring up an interface
227
 
            on startup.  This is not recommended, and only meant for
228
 
            advanced users.
229
 
          </para>
230
218
        </listitem>
231
219
      </varlistentry>
232
220
      
277
265
          </para>
278
266
        </listitem>
279
267
      </varlistentry>
280
 
 
281
 
      <varlistentry>
282
 
        <term><option>--delay=<replaceable
283
 
        >SECONDS</replaceable></option></term>
284
 
        <listitem>
285
 
          <para>
286
 
            After bringing the network interface up, the program waits
287
 
            for the interface to arrive in a <quote>running</quote>
288
 
            state before proceeding.  During this time, the kernel log
289
 
            level will be lowered to reduce clutter on the system
290
 
            console, alleviating any other plugins which might be
291
 
            using the system console.  This option sets the upper
292
 
            limit of seconds to wait.  The default is 2.5 seconds.
293
 
          </para>
294
 
        </listitem>
295
 
      </varlistentry>
296
268
      
297
269
      <varlistentry>
298
270
        <term><option>--debug</option></term>
454
426
    <informalexample>
455
427
      <para>
456
428
        Run in debug mode, with a custom key, and do not use Zeroconf
457
 
        to locate a server; connect directly to the IPv6 link-local
458
 
        address <quote><systemitem class="ipaddress"
459
 
        >fe80::aede:48ff:fe71:f6f2</systemitem></quote>, port 4711,
460
 
        using interface eth2:
 
429
        to locate a server; connect directly to the IPv6 address
 
430
        <quote><systemitem class="ipaddress"
 
431
        >2001:db8:f983:bd0b:30de:ae4a:71f2:f672</systemitem></quote>,
 
432
        port 4711, using interface eth2:
461
433
      </para>
462
434
      <para>
463
435
 
464
436
<!-- do not wrap this line -->
465
 
<userinput>&COMMANDNAME; --debug --pubkey keydir/pubkey.txt --seckey keydir/seckey.txt --connect fe80::aede:48ff:fe71:f6f2:4711 --interface eth2</userinput>
 
437
<userinput>&COMMANDNAME; --debug --pubkey keydir/pubkey.txt --seckey keydir/seckey.txt --connect 2001:db8:f983:bd0b:30de:ae4a:71f2:f672:4711 --interface eth2</userinput>
466
438
 
467
439
      </para>
468
440
    </informalexample>