/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-clients.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2014-03-23 20:48:58 UTC
  • mto: (237.7.272 trunk)
  • mto: This revision was merged to the branch mainline in revision 311.
  • Revision ID: teddy@recompile.se-20140323204858-l1x3aiick21oog4y
Improve error message when working around Debian bug #633582.

* plugins-runner.c (main): Improve error message when failing to work
                           around Debian bug #633582.  Also simplify
                           code to always use execve().

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY CONFNAME "mandos-clients.conf">
5
5
<!ENTITY CONFPATH "<filename>/etc/mandos/clients.conf</filename>">
6
 
<!ENTITY TIMESTAMP "2016-06-23">
 
6
<!ENTITY TIMESTAMP "2013-10-15">
7
7
<!ENTITY % common SYSTEM "common.ent">
8
8
%common;
9
9
]>
37
37
      <year>2010</year>
38
38
      <year>2011</year>
39
39
      <year>2012</year>
40
 
      <year>2013</year>
41
 
      <year>2014</year>
42
 
      <year>2015</year>
43
 
      <year>2016</year>
44
40
      <holder>Teddy Hogeborn</holder>
45
41
      <holder>Björn Påhlsson</holder>
46
42
    </copyright>
181
177
            <varname>PATH</varname> will be searched.  The default
182
178
            value for the checker command is <quote><literal
183
179
            ><command>fping</command> <option>-q</option> <option
184
 
            >--</option> %%(host)s</literal></quote>.  Note that
185
 
            <command>mandos-keygen</command>, when generating output
186
 
            to be inserted into this file, normally looks for an SSH
187
 
            server on the Mandos client, and, if it find one, outputs
188
 
            a <option>checker</option> option to check for the
189
 
            client’s key fingerprint – this is more secure against
190
 
            spoofing.
 
180
            >--</option> %%(host)s</literal></quote>.
191
181
          </para>
192
182
          <para>
193
183
            In addition to normal start time expansion, this option
230
220
          <para>
231
221
            This option sets the OpenPGP fingerprint that identifies
232
222
            the public key that clients authenticate themselves with
233
 
            through TLS.  The string needs to be in hexadecimal form,
 
223
            through TLS.  The string needs to be in hexidecimal form,
234
224
            but spaces or upper/lower case are not significant.
235
225
          </para>
236
226
        </listitem>
463
453
      <literal>%(<replaceable>foo</replaceable>)s</literal> is
464
454
      obscure.
465
455
    </para>
466
 
    <xi:include href="bugs.xml"/>
467
456
  </refsect1>
468
457
  
469
458
  <refsect1 id="example">