/mandos/release : revision 237.2.7

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2009-01-04 21:20:50 UTC
mto: (24.1.120 mandos) (237.4.2 mandos-pipe-ipc) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 238.
Revision ID: teddy@fukt.bsnet.se-20090104212050-cl2px2i2oz7wlxw1

* debian/control (Build-Depends): Bug fix: Added "docbook-xml".

* mandos (main): Keep running even if no clients are defined.

* mandos.xml (OPTIONS): Bug fix: Close unclosed <para> tag.
(D-BUS INTERFACE): Changed id to "dbus_interface". All references
changed.

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.config

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.config

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/sv.po

debian/rules

default-mandos

init.d-mandos

legalnotice.xml

mandos-list

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-08-31">

<!ENTITY TIMESTAMP "2009-01-04">

<!ENTITY % common SYSTEM "common.ent">

%common;

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<productnumber>&version;</productnumber>

<date>&TIMESTAMP;</date>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

<xi:include href="legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

Gives encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

105

<replaceable>DIRECTORY</replaceable></option></arg>

106

<sbr/>

107

<arg><option>--debug</option></arg>

<sbr/>

108

</cmdsynopsis>

109

110

<command>&COMMANDNAME;</command>

122

103

<arg choice="plain"><option>--check</option></arg>

123

104

</cmdsynopsis>

124

105

</refsynopsisdiv>

125

106

126

107

127

108

<title>DESCRIPTION</title>

128

109

<para>

137

118

Any authenticated client is then given the stored pre-encrypted

138

119

password for that specific client.

139

120

</para>

140

141

121

</refsect1>

142

122

143

123

144

124

<title>PURPOSE</title>

145

146

125

<para>

147

126

The purpose of this is to enable <emphasis>remote and unattended

148

127

rebooting</emphasis> of client host computer with an

149

128

<emphasis>encrypted root file system</emphasis>. See <xref

150

129

linkend="overview"/> for details.

151

130

</para>

152

153

131

</refsect1>

154

132

155

133

156

134

<title>OPTIONS</title>

157

158

135

159

136

137

160

138

161

162

139

163

140

<para>

164

141

Show a help message and exit

165

142

</para>

166

143

</listitem>

167

144

</varlistentry>

168

145

169

146

147

<term><option>--interface</option>

148

170

149

171

150

172

<term><option>--interface</option>

173

174

151

175

152

<xi:include href="mandos-options.xml" xpointer="interface"/>

176

153

</listitem>

177

154

</varlistentry>

178

155

179

156

180

<term><literal>-a</literal>, <literal>--address <replaceable>

181

ADDRESS</replaceable></literal></term>

157

<term><option>--address

158

<replaceable>ADDRESS</replaceable></option></term>

159

<term><option>-a

160

<replaceable>ADDRESS</replaceable></option></term>

182

161

183

162

<xi:include href="mandos-options.xml" xpointer="address"/>

184

163

</listitem>

185

164

</varlistentry>

186

165

187

166

188

189

PORT</replaceable></literal></term>

167

<term><option>--port

168

169

<term><option>-p

170

190

171

191

172

<xi:include href="mandos-options.xml" xpointer="port"/>

192

173

</listitem>

193

174

</varlistentry>

194

175

195

176

196

<term><literal>--check</literal></term>

177

<term><option>--check</option></term>

197

178

198

179

<para>

199

180

Run the server’s self-tests. This includes any unit

201

182

</para>

202

183

</listitem>

203

184

</varlistentry>

204

185

205

186

206

<term><literal>--debug</literal></term>

187

<term><option>--debug</option></term>

207

188

208

189

<xi:include href="mandos-options.xml" xpointer="debug"/>

209

190

</listitem>

210

191

</varlistentry>

211

192

212

193

213

<term><literal>--priority <replaceable>

214

PRIORITY</replaceable></literal></term>

194

<term><option>--priority <replaceable>

195

PRIORITY</replaceable></option></term>

215

196

216

197

<xi:include href="mandos-options.xml" xpointer="priority"/>

217

198

</listitem>

218

199

</varlistentry>

219

200

220

201

221

<term><literal>--servicename <replaceable>NAME</replaceable>

222

</literal></term>

202

<term><option>--servicename

203

223

204

224

205

<xi:include href="mandos-options.xml"

225

206

xpointer="servicename"/>

226

207

</listitem>

227

208

</varlistentry>

228

209

229

210

230

<term><literal>--configdir <replaceable>DIR</replaceable>

231

</literal></term>

211

<term><option>--configdir

212

<replaceable>DIRECTORY</replaceable></option></term>

232

213

233

214

<para>

234

215

Directory to search for configuration files. Default is

240

221

</para>

241

222

</listitem>

242

223

</varlistentry>

243

224

244

225

245

<term><literal>--version</literal></term>

226

<term><option>--version</option></term>

246

227

247

228

<para>

248

229

Prints the program version and exit.

249

230

</para>

250

231

</listitem>

251

232

</varlistentry>

233

234

235

236

237

<xi:include href="mandos-options.xml" xpointer="dbus"/>

238

<para>

239

See also <xref linkend="dbus_interface"/>.

240

</para>

241

</listitem>

242

</varlistentry>

252

243

</variablelist>

253

244

</refsect1>

254

245

255

246

256

247

<title>OVERVIEW</title>

257

248

<xi:include href="overview.xml"/>

258

249

<para>

259

250

This program is the server part. It is a normal server program

260

251

and will run in a normal system environment, not in an initial

261

RAM disk environment.

252

<acronym>RAM</acronym> disk environment.

262

253

</para>

263

254

</refsect1>

264

255

265

256

266

257

<title>NETWORK PROTOCOL</title>

267

258

<para>

319

310

</row>

320

311

</tbody></tgroup></table>

321

312

</refsect1>

322

313

323

314

324

315

<title>CHECKING</title>

325

316

<para>

333

324

<manvolnum>5</manvolnum></citerefentry>.

334

325

</para>

335

326

</refsect1>

336

327

337

328

338

329

<title>LOGGING</title>

339

330

<para>

343

334

and also show them on the console.

344

335

</para>

345

336

</refsect1>

337

338

339

<title>D-BUS INTERFACE</title>

340

<para>

341

The server will by default provide a D-Bus system bus interface.

342

This interface will only be accessible by the root user or a

343

Mandos-specific user, if such a user exists.

344

345

</para>

346

</refsect1>

346

347

348

348

349

<title>EXIT STATUS</title>

351

352

critical error is encountered.

352

353

</para>

353

354

</refsect1>

354

355

356

356

357

<title>ENVIRONMENT</title>

357

358

371

372

</varlistentry>

372

373

</variablelist>

373

374

</refsect1>

374

375

375

376

376

377

<title>FILES</title>

377

378

<para>

378

379

Use the <option>--configdir</option> option to change where

401

402

</listitem>

402

403

</varlistentry>

403

404

404

<term><filename>/var/run/mandos/mandos.pid</filename></term>

405

<term><filename>/var/run/mandos.pid</filename></term>

405

406

406

407

<para>

407

408

The file containing the process id of

442

443

Currently, if a client is declared <quote>invalid</quote> due to

443

444

having timed out, the server does not record this fact onto

444

445

permanent storage. This has some security implications, see

445

<xref linkend="CLIENTS"/>.

446

<xref linkend="clients"/>.

446

447

</para>

447

448

<para>

448

449

There is currently no way of querying the server of the current

456

457

Debug mode is conflated with running in the foreground.

457

458

</para>

458

459

<para>

459

The console log messages does not show a timestamp.

460

The console log messages does not show a time stamp.

461

</para>

462

<para>

463

This server does not check the expire time of clients’ OpenPGP

464

keys.

460

465

</para>

461

466

</refsect1>

462

467

497

502

</para>

498

503

</informalexample>

499

504

</refsect1>

500

505

501

506

502

507

<title>SECURITY</title>

503

508

504

509

<title>SERVER</title>

505

510

<para>

506

511

Running this <command>&COMMANDNAME;</command> server program

507

512

should not in itself present any security risk to the host

508

computer running it. The program does not need any special

509

privileges to run, and is designed to run as a non-root user.

513

computer running it. The program switches to a non-root user

514

soon after startup.

510

515

</para>

511

516

</refsect2>

512

517

513

518

<title>CLIENTS</title>

514

519

<para>

515

520

The server only gives out its stored data to clients which

522

527

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

523

528

<manvolnum>5</manvolnum></citerefentry>)

524

529

<emphasis>must</emphasis> be made non-readable by anyone

525

except the user running the server.

530

except the user starting the server (usually root).

526

531

</para>

527

532

<para>

528

533

As detailed in <xref linkend="checking"/>, the status of all

539

544

restarting servers if it is suspected that a client has, in

540

545

fact, been compromised by parties who may now be running a

541

546

fake Mandos client with the keys from the non-encrypted

542

initial RAM image of the client host. What should be done in

543

that case (if restarting the server program really is

544

necessary) is to stop the server program, edit the

547

initial <acronym>RAM</acronym> image of the client host. What

548

should be done in that case (if restarting the server program

549

really is necessary) is to stop the server program, edit the

545

550

configuration file to omit any suspect clients, and restart

546

551

the server program.

547

552

</para>

548

553

<para>

549

554

For more details on client-side security, see

550

<citerefentry><refentrytitle>password-request</refentrytitle>

555

<citerefentry><refentrytitle>mandos-client</refentrytitle>

551

556

<manvolnum>8mandos</manvolnum></citerefentry>.

552

557

</para>

553

558

</refsect2>

554

559

</refsect1>

555

560

556

561

557

562

558

563

<para>

561

566

562

567

<refentrytitle>mandos.conf</refentrytitle>

563

568

564

<refentrytitle>password-request</refentrytitle>

569

<refentrytitle>mandos-client</refentrytitle>

565

570

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

566

571

567

572

</citerefentry>

Older »