/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-ctl.xml

* mandos: Tolerate restarting Avahi servers.  Also Changed to new
          "except x as y" exception syntax.
  (AvahiService.entry_group_state_changed_match): New; contains the
                                                  SignalMatch object.
  (AvahiService.remove): Really remove the group and the signal
                         connection, if any.
  (AvahiService.add): Always create a new group and signal connection.
  (AvahiService.cleanup): Changed to simply call remove().
  (AvahiService.server_state_changed): Handle and log more bad states.
  (AvahiService.activate): Set "follow_name_owner_changes=True" on the
                           Avahi Server proxy object.
  (ClientDBus.checked_ok): Do not return anything.
  (ClientDBus.CheckedOK): Do not return anything, as documented.
* mandos-monitor: Call D-Bus methods asynchronously.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-ctl">
5
 
<!ENTITY TIMESTAMP "2019-07-29">
 
5
<!ENTITY TIMESTAMP "2011-02-27">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
19
19
        <firstname>Björn</firstname>
20
20
        <surname>Påhlsson</surname>
21
21
        <address>
22
 
          <email>belorn@recompile.se</email>
 
22
          <email>belorn@fukt.bsnet.se</email>
23
23
        </address>
24
24
      </author>
25
25
      <author>
26
26
        <firstname>Teddy</firstname>
27
27
        <surname>Hogeborn</surname>
28
28
        <address>
29
 
          <email>teddy@recompile.se</email>
 
29
          <email>teddy@fukt.bsnet.se</email>
30
30
        </address>
31
31
      </author>
32
32
    </authorgroup>
33
33
    <copyright>
34
34
      <year>2010</year>
35
35
      <year>2011</year>
36
 
      <year>2012</year>
37
 
      <year>2013</year>
38
 
      <year>2014</year>
39
 
      <year>2015</year>
40
 
      <year>2016</year>
41
 
      <year>2017</year>
42
 
      <year>2018</year>
43
 
      <year>2019</year>
44
36
      <holder>Teddy Hogeborn</holder>
45
37
      <holder>Björn Påhlsson</holder>
46
38
    </copyright>
55
47
  <refnamediv>
56
48
    <refname><command>&COMMANDNAME;</command></refname>
57
49
    <refpurpose>
58
 
      Control or query the operation of the Mandos server
 
50
      Control the operation of the Mandos server
59
51
    </refpurpose>
60
52
  </refnamediv>
61
53
  
63
55
    <cmdsynopsis>
64
56
      <command>&COMMANDNAME;</command>
65
57
      <group>
66
 
          <arg choice="plain"><option>--verbose</option></arg>
67
 
          <arg choice="plain"><option>-v</option></arg>
68
 
          <sbr/>
69
 
          <arg choice="plain"><option>--dump-json</option></arg>
70
 
          <arg choice="plain"><option>-j</option></arg>
71
 
      </group>
72
 
      <arg><option>--debug</option></arg>
73
 
      <group>
74
 
        <arg rep='repeat' choice='plain'>
75
 
          <replaceable>CLIENT</replaceable>
76
 
        </arg>
77
 
      </group>
78
 
    </cmdsynopsis>
79
 
    <cmdsynopsis>
80
 
      <command>&COMMANDNAME;</command>
81
 
      <group choice="req">
82
 
        <group>
83
 
          <arg choice="plain"><option>--enable</option></arg>
84
 
          <arg choice="plain"><option>-e</option></arg>
85
 
          <sbr/>
86
 
          <arg choice="plain"><option>--disable</option></arg>
87
 
          <arg choice="plain"><option>-d</option></arg>
88
 
        </group>
89
 
        <sbr/>
90
 
        <group>
91
 
          <arg choice="plain"><option>--bump-timeout</option></arg>
92
 
          <arg choice="plain"><option>-b</option></arg>
93
 
        </group>
94
 
        <sbr/>
95
 
        <group>
96
 
          <arg choice="plain"><option>--start-checker</option></arg>
97
 
          <arg choice="plain"><option>--stop-checker</option></arg>
98
 
        </group>
99
 
        <sbr/>
100
 
        <group>
101
 
          <arg choice="plain"><option>--checker
102
 
          <replaceable>COMMAND</replaceable></option></arg>
103
 
          <arg choice="plain"><option>-c
104
 
          <replaceable>COMMAND</replaceable></option></arg>
105
 
        </group>
106
 
        <sbr/>
107
 
        <group>
108
 
          <arg choice="plain"><option>--timeout
109
 
          <replaceable>TIME</replaceable></option></arg>
110
 
          <arg choice="plain"><option>-t
111
 
          <replaceable>TIME</replaceable></option></arg>
112
 
        </group>
113
 
        <sbr/>
114
 
        <group>
115
 
          <arg choice="plain"><option>--extended-timeout
116
 
          <replaceable>TIME</replaceable></option></arg>
117
 
        </group>
118
 
        <sbr/>
119
 
        <group>
120
 
          <arg choice="plain"><option>--interval
121
 
          <replaceable>TIME</replaceable></option></arg>
122
 
          <arg choice="plain"><option>-i
123
 
          <replaceable>TIME</replaceable></option></arg>
124
 
        </group>
125
 
        <sbr/>
126
 
        <group>
127
 
          <arg choice="plain"><option>--approve-by-default</option
128
 
          ></arg>
129
 
          <sbr/>
130
 
          <arg choice="plain"><option>--deny-by-default</option></arg>
131
 
        </group>
132
 
        <sbr/>
133
 
        <group>
134
 
          <arg choice="plain"><option>--approval-delay
135
 
          <replaceable>TIME</replaceable></option></arg>
136
 
        </group>
137
 
        <sbr/>
138
 
        <group>
139
 
          <arg choice="plain"><option>--approval-duration
140
 
          <replaceable>TIME</replaceable></option></arg>
141
 
        </group>
142
 
        <sbr/>
143
 
        <group>
144
 
          <arg choice="plain"><option>--host
145
 
          <replaceable>STRING</replaceable></option></arg>
146
 
          <arg choice="plain"><option>-H
147
 
          <replaceable>STRING</replaceable></option></arg>
148
 
        </group>
149
 
        <sbr/>
150
 
        <group>
151
 
          <arg choice="plain"><option>--secret
152
 
          <replaceable>FILENAME</replaceable></option></arg>
153
 
          <arg choice="plain"><option>-s
154
 
          <replaceable>FILENAME</replaceable></option></arg>
155
 
        </group>
156
 
        <sbr/>
157
 
        <group>
158
 
          <arg choice="plain"><option>--approve</option></arg>
159
 
          <arg choice="plain"><option>-A</option></arg>
160
 
          <sbr/>
161
 
          <arg choice="plain"><option>--deny</option></arg>
162
 
          <arg choice="plain"><option>-D</option></arg>
163
 
        </group>
164
 
      </group>
165
 
      <sbr/>
166
 
      <arg><option>--debug</option></arg>
167
 
      <group choice="req">
168
 
        <arg choice="plain"><option>--all</option></arg>
169
 
        <arg choice="plain"><option>-a</option></arg>
170
 
        <arg rep='repeat' choice='plain'>
171
 
          <replaceable>CLIENT</replaceable>
172
 
        </arg>
173
 
      </group>
174
 
    </cmdsynopsis>
175
 
    <cmdsynopsis>
176
 
      <command>&COMMANDNAME;</command>
177
 
      <group>
 
58
        <arg choice="plain"><option>--enable</option></arg>
 
59
        <arg choice="plain"><option>-e</option></arg>
 
60
        <sbr/>
 
61
        <arg choice="plain"><option>--disable</option></arg>
 
62
        <arg choice="plain"><option>-d</option></arg>
 
63
      </group>
 
64
      <sbr/>
 
65
      <group>
 
66
        <arg choice="plain"><option>--bump-timeout</option></arg>
 
67
        <arg choice="plain"><option>-b</option></arg>
 
68
      </group>
 
69
      <sbr/>
 
70
      <group>
 
71
        <arg choice="plain"><option>--start-checker</option></arg>
 
72
      </group>
 
73
      <sbr/>
 
74
      <group>
 
75
        <arg choice="plain"><option>--stop-checker</option></arg>
 
76
      </group>
 
77
      <sbr/>
 
78
      <group>
 
79
        <arg choice="plain"><option>--remove</option></arg>
 
80
        <arg choice="plain"><option>-r</option></arg>
 
81
      </group>
 
82
      <sbr/>
 
83
      <group>
 
84
        <arg choice="plain"><option>--checker
 
85
        <replaceable>COMMAND</replaceable></option></arg>
 
86
        <arg choice="plain"><option>-c
 
87
        <replaceable>COMMAND</replaceable></option></arg>
 
88
      </group>
 
89
      <sbr/>
 
90
      <group>
 
91
        <arg choice="plain"><option>--timeout
 
92
        <replaceable>TIME</replaceable></option></arg>
 
93
        <arg choice="plain"><option>-t
 
94
        <replaceable>TIME</replaceable></option></arg>
 
95
      </group>
 
96
      <sbr/>
 
97
      <group>
 
98
        <arg choice="plain"><option>--interval
 
99
        <replaceable>TIME</replaceable></option></arg>
 
100
        <arg choice="plain"><option>-i
 
101
        <replaceable>TIME</replaceable></option></arg>
 
102
      </group>
 
103
      <sbr/>
 
104
      <group>
 
105
        <arg choice="plain"><option>--approve-by-default</option
 
106
        ></arg>
 
107
        <sbr/>
 
108
        <arg choice="plain"><option>--deny-by-default</option></arg>
 
109
      </group>
 
110
      <sbr/>
 
111
      <group>
 
112
        <arg choice="plain"><option>--approval-delay
 
113
        <replaceable>TIME</replaceable></option></arg>
 
114
      </group>
 
115
      <sbr/>
 
116
      <group>
 
117
        <arg choice="plain"><option>--approval-duration
 
118
        <replaceable>TIME</replaceable></option></arg>
 
119
      </group>
 
120
      <sbr/>
 
121
      <group>
 
122
        <arg choice="plain"><option>--interval
 
123
        <replaceable>TIME</replaceable></option></arg>
 
124
        <arg choice="plain"><option>-i
 
125
        <replaceable>TIME</replaceable></option></arg>
 
126
      </group>
 
127
      <sbr/>
 
128
      <group>
 
129
        <arg choice="plain"><option>--host
 
130
        <replaceable>STRING</replaceable></option></arg>
 
131
        <arg choice="plain"><option>-H
 
132
        <replaceable>STRING</replaceable></option></arg>
 
133
      </group>
 
134
      <sbr/>
 
135
      <group>
 
136
        <arg choice="plain"><option>--secret
 
137
        <replaceable>FILENAME</replaceable></option></arg>
 
138
        <arg choice="plain"><option>-s
 
139
        <replaceable>FILENAME</replaceable></option></arg>
 
140
      </group>
 
141
      <sbr/>
 
142
      <group>
 
143
        <arg choice="plain"><option>--approve</option></arg>
 
144
        <arg choice="plain"><option>-A</option></arg>
 
145
        <sbr/>
178
146
        <arg choice="plain"><option>--deny</option></arg>
179
147
        <arg choice="plain"><option>-D</option></arg>
180
148
      </group>
181
 
      <group choice="req">
182
 
          <arg choice="plain"><option>--remove</option></arg>
183
 
          <arg choice="plain"><option>-r</option></arg>
184
 
      </group>
185
149
      <sbr/>
186
 
      <arg><option>--debug</option></arg>
187
150
      <group choice="req">
188
151
        <arg choice="plain"><option>--all</option></arg>
189
152
        <arg choice="plain"><option>-a</option></arg>
194
157
    </cmdsynopsis>
195
158
    <cmdsynopsis>
196
159
      <command>&COMMANDNAME;</command>
 
160
      <group>
 
161
        <arg choice="plain"><option>--verbose</option></arg>
 
162
        <arg choice="plain"><option>-v</option></arg>
 
163
      </group>
 
164
      <group>
 
165
        <arg rep='repeat' choice='plain'>
 
166
          <replaceable>CLIENT</replaceable>
 
167
        </arg>
 
168
      </group>
 
169
    </cmdsynopsis>
 
170
    <cmdsynopsis>
 
171
      <command>&COMMANDNAME;</command>
197
172
      <group choice="req">
198
173
        <arg choice="plain"><option>--is-enabled</option></arg>
199
174
        <arg choice="plain"><option>-V</option></arg>
200
175
      </group>
201
 
      <arg><option>--debug</option></arg>
202
176
      <arg choice='plain'><replaceable>CLIENT</replaceable></arg>
203
177
    </cmdsynopsis>
204
178
    <cmdsynopsis>
215
189
        <arg choice="plain"><option>-v</option></arg>
216
190
      </group>
217
191
    </cmdsynopsis>
218
 
    <cmdsynopsis>
219
 
      <command>&COMMANDNAME;</command>
220
 
      <arg choice="plain"><option>--check</option></arg>
221
 
    </cmdsynopsis>
222
192
  </refsynopsisdiv>
223
193
  
224
194
  <refsect1 id="description">
225
195
    <title>DESCRIPTION</title>
226
196
    <para>
227
 
      <command>&COMMANDNAME;</command> is a program to control or
228
 
      query the operation of the Mandos server
229
 
      <citerefentry><refentrytitle>mandos</refentrytitle><manvolnum
230
 
      >8</manvolnum></citerefentry>.
 
197
      <command>&COMMANDNAME;</command> is a program to control the
 
198
      operation of the Mandos server <citerefentry><refentrytitle
 
199
      >mandos</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
231
200
    </para>
232
201
    <para>
233
202
      This program can be used to change client settings, approve or
349
318
          </para>
350
319
        </listitem>
351
320
      </varlistentry>
352
 
 
353
 
      <varlistentry>
354
 
        <term><option>--extended-timeout
355
 
        <replaceable>TIME</replaceable></option></term>
356
 
        <listitem>
357
 
          <para>
358
 
            Set the <varname>extended_timeout</varname> option of the
359
 
            specified client(s); see <citerefentry><refentrytitle
360
 
            >mandos-clients.conf</refentrytitle><manvolnum
361
 
            >5</manvolnum></citerefentry>.
362
 
          </para>
363
 
        </listitem>
364
 
      </varlistentry>
365
321
      
366
322
      <varlistentry>
367
323
        <term><option>--interval
491
447
      </varlistentry>
492
448
      
493
449
      <varlistentry>
494
 
        <term><option>--dump-json</option></term>
495
 
        <term><option>-j</option></term>
496
 
        <listitem>
497
 
          <para>
498
 
            Dump client settings as JSON to standard output.
499
 
          </para>
500
 
        </listitem>
501
 
      </varlistentry>
502
 
      
503
 
      <varlistentry>
504
450
        <term><option>--is-enabled</option></term>
505
451
        <term><option>-V</option></term>
506
452
        <listitem>
511
457
        </listitem>
512
458
      </varlistentry>
513
459
      
514
 
      <varlistentry>
515
 
        <term><option>--debug</option></term>
516
 
        <listitem>
517
 
          <para>
518
 
            Show debug output; currently, this means show D-Bus calls.
519
 
          </para>
520
 
        </listitem>
521
 
      </varlistentry>
522
 
      
523
 
      <varlistentry>
524
 
        <term><option>--check</option></term>
525
 
        <listitem>
526
 
          <para>
527
 
            Run self-tests.  This includes any unit tests, etc.
528
 
          </para>
529
 
        </listitem>
530
 
      </varlistentry>
531
 
      
532
460
    </variablelist>
533
461
  </refsect1>
534
462
  
550
478
    </para>
551
479
  </refsect1>
552
480
  
553
 
  <refsect1 id="bugs">
554
 
    <title>BUGS</title>
555
 
    <xi:include href="bugs.xml"/>
556
 
  </refsect1>
 
481
<!--   <refsect1 id="bugs"> -->
 
482
<!--     <title>BUGS</title> -->
 
483
<!--     <para> -->
 
484
<!--     </para> -->
 
485
<!--   </refsect1> -->
557
486
  
558
487
  <refsect1 id="example">
559
488
    <title>EXAMPLE</title>
560
 
    <!-- Name of test methods in class Test_commands_from_options are
561
 
         written in comments below.  When adding an example, add a
562
 
         test too which tests the documented behavior. -->
563
489
    <informalexample>
564
 
      <!-- Test method: test_manual_page_example_1() -->
565
490
      <para>
566
491
        To list all clients:
567
492
      </para>
571
496
    </informalexample>
572
497
    
573
498
    <informalexample>
574
 
      <!-- Test method: test_manual_page_example_2() -->
575
499
      <para>
576
500
        To list <emphasis>all</emphasis> settings for the clients
577
501
        named <quote>foo1.example.org</quote> and <quote
586
510
    </informalexample>
587
511
    
588
512
    <informalexample>
589
 
      <!-- Test method: test_manual_page_example_3() -->
590
513
      <para>
591
514
        To enable all clients:
592
515
      </para>
596
519
    </informalexample>
597
520
    
598
521
    <informalexample>
599
 
      <!-- Test method: test_manual_page_example_4() -->
600
522
      <para>
601
523
        To change timeout and interval value for the clients
602
524
        named <quote>foo1.example.org</quote> and <quote
605
527
      <para>
606
528
 
607
529
<!-- do not wrap this line -->
608
 
<userinput>&COMMANDNAME; --timeout=PT5M --interval=PT1M foo1.example.org foo2.example.org</userinput>
 
530
<userinput>&COMMANDNAME; --timeout="5m" --interval="1m" foo1.example.org foo2.example.org</userinput>
609
531
 
610
532
      </para>
611
533
    </informalexample>
612
534
    
613
535
    <informalexample>
614
 
      <!-- Test method: test_manual_page_example_5() -->
615
536
      <para>
616
 
        To approve all clients currently waiting for approval:
 
537
        To approve all clients currently waiting for it:
617
538
      </para>
618
539
      <para>
619
540
        <userinput>&COMMANDNAME; --approve --all</userinput>
633
554
  <refsect1 id="see_also">
634
555
    <title>SEE ALSO</title>
635
556
    <para>
636
 
      <citerefentry><refentrytitle>intro</refentrytitle>
637
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
638
557
      <citerefentry><refentrytitle>mandos</refentrytitle>
639
558
      <manvolnum>8</manvolnum></citerefentry>,
640
559
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>