/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2015-08-02 09:36:40 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 325.
  • Revision ID: teddy@recompile.se-20150802093640-nc0n17rbmqlbaxuf
Add D-Bus annotations on a few properties on the Client object.

The D-Bus property "Secret" on the interface
"se.recompile.Mandos.Client" should have the annotation
"org.freedesktop.DBus.Property.EmitsChangedSignal" set to
"invalidates".  Also, the properties "Created", "Fingerprint", "Name",
and "ObjectPath" should have the same annotation set to "const".

* mandos (ClientDBus.Name_dbus_property): Set annotation
                    "org.freedesktop.DBus.Property.EmitsChangedSignal"
                    to "const".
  (ClientDBus.Fingerprint_dbus_property): - '' -
  (ClientDBus.Created_dbus_property): - '' -
  (ClientDBus.ObjectPath_dbus_property): - '' -
  (ClientDBus.Secret_dbus_property): Set annotation
                    "org.freedesktop.DBus.Property.EmitsChangedSignal"
                    to "invalidates".

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
<?xml version='1.0' encoding='UTF-8'?>
2
 
<?xml-stylesheet type="text/xsl"
3
 
        href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>
 
1
<?xml version="1.0" encoding="UTF-8"?>
4
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
5
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
6
 
<!ENTITY VERSION "1.0">
7
4
<!ENTITY CONFNAME "mandos.conf">
8
5
<!ENTITY CONFPATH "<filename>/etc/mandos/mandos.conf</filename>">
 
6
<!ENTITY TIMESTAMP "2015-07-20">
 
7
<!ENTITY % common SYSTEM "common.ent">
 
8
%common;
9
9
]>
10
10
 
11
 
<refentry>
 
11
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
12
12
  <refentryinfo>
13
 
    <title>&CONFNAME;</title>
14
 
    <!-- NWalsh's docbook scripts use this to generate the footer: -->
15
 
    <productname>&CONFNAME;</productname>
16
 
    <productnumber>&VERSION;</productnumber>
 
13
    <title>Mandos Manual</title>
 
14
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
 
15
    <productname>Mandos</productname>
 
16
    <productnumber>&version;</productnumber>
 
17
    <date>&TIMESTAMP;</date>
17
18
    <authorgroup>
18
19
      <author>
19
20
        <firstname>Björn</firstname>
20
21
        <surname>Påhlsson</surname>
21
22
        <address>
22
 
          <email>belorn@fukt.bsnet.se</email>
 
23
          <email>belorn@recompile.se</email>
23
24
        </address>
24
25
      </author>
25
26
      <author>
26
27
        <firstname>Teddy</firstname>
27
28
        <surname>Hogeborn</surname>
28
29
        <address>
29
 
          <email>teddy@fukt.bsnet.se</email>
 
30
          <email>teddy@recompile.se</email>
30
31
        </address>
31
32
      </author>
32
33
    </authorgroup>
33
34
    <copyright>
34
35
      <year>2008</year>
35
 
      <holder>Teddy Hogeborn &amp; Björn Påhlsson</holder>
 
36
      <year>2009</year>
 
37
      <year>2010</year>
 
38
      <year>2011</year>
 
39
      <year>2012</year>
 
40
      <year>2013</year>
 
41
      <year>2014</year>
 
42
      <year>2015</year>
 
43
      <holder>Teddy Hogeborn</holder>
 
44
      <holder>Björn Påhlsson</holder>
36
45
    </copyright>
37
 
    <legalnotice>
38
 
      <para>
39
 
        This manual page is free software: you can redistribute it
40
 
        and/or modify it under the terms of the GNU General Public
41
 
        License as published by the Free Software Foundation,
42
 
        either version 3 of the License, or (at your option) any
43
 
        later version.
44
 
      </para>
45
 
 
46
 
      <para>
47
 
        This manual page is distributed in the hope that it will
48
 
        be useful, but WITHOUT ANY WARRANTY; without even the
49
 
        implied warranty of MERCHANTABILITY or FITNESS FOR A
50
 
        PARTICULAR PURPOSE.  See the GNU General Public License
51
 
        for more details.
52
 
      </para>
53
 
 
54
 
      <para>
55
 
        You should have received a copy of the GNU General Public
56
 
        License along with this program; If not, see
57
 
        <ulink url="http://www.gnu.org/licenses/"/>.
58
 
      </para>
59
 
    </legalnotice>
 
46
    <xi:include href="legalnotice.xml"/>
60
47
  </refentryinfo>
61
 
 
 
48
  
62
49
  <refmeta>
63
50
    <refentrytitle>&CONFNAME;</refentrytitle>
64
51
    <manvolnum>5</manvolnum>
67
54
  <refnamediv>
68
55
    <refname><filename>&CONFNAME;</filename></refname>
69
56
    <refpurpose>
70
 
      Configuration file for Mandos
 
57
      Configuration file for the Mandos server
71
58
    </refpurpose>
72
59
  </refnamediv>
73
 
 
 
60
  
74
61
  <refsynopsisdiv>
75
 
    <synopsis>
76
 
      &CONFPATH;
77
 
    </synopsis>
 
62
    <synopsis>&CONFPATH;</synopsis>
78
63
  </refsynopsisdiv>
79
 
 
 
64
  
80
65
  <refsect1 id="description">
81
66
    <title>DESCRIPTION</title>
82
67
    <para>
83
 
      The file &CONFPATH; is a simple configuration file for mandos
84
 
      and is looked on at startup of the service. The configuration
85
 
      file must start with <literal>[server]</literal>. The format for
86
 
      the rest is a simple VAR = VALUE pair. Values may not be empty.
87
 
    </para>
88
 
 
89
 
    <para>
90
 
      The paramters are:
91
 
    </para>
92
 
 
 
68
      The file &CONFPATH; is a simple configuration file for
 
69
      <citerefentry><refentrytitle>mandos</refentrytitle>
 
70
      <manvolnum>8</manvolnum></citerefentry>, and is read by it at
 
71
      startup.  The configuration file starts with <quote><literal
 
72
      >[DEFAULT]</literal></quote> on a line by itself, followed by
 
73
      any number of <quote><varname><replaceable>option</replaceable
 
74
      ></varname>=<replaceable>value</replaceable></quote> entries,
 
75
      with continuations in the style of RFC 822.  <quote><varname
 
76
      ><replaceable>option</replaceable></varname>: <replaceable
 
77
      >value</replaceable></quote> is also accepted.  Note that
 
78
      leading whitespace is removed from values.  Lines beginning with
 
79
      <quote>#</quote> or <quote>;</quote> are ignored and may be used
 
80
      to provide comments.
 
81
    </para>
 
82
    
 
83
  </refsect1>
 
84
  <refsect1>
 
85
    <title>OPTIONS</title>
 
86
    
93
87
    <variablelist>
94
88
      <varlistentry>
95
 
        <term><literal>interface</literal></term>
96
 
        <listitem>
97
 
          <para>
98
 
            This option allows you to override the default network
99
 
            interfaces. By default mandos will not bind to any
100
 
            specific interface but instead use default avahi-server
101
 
            behaviour.
102
 
          </para>
103
 
        </listitem>
104
 
      </varlistentry>
105
 
 
106
 
      <varlistentry>
107
 
        <term><literal>address</literal></term>
108
 
        <listitem>
109
 
          <para>
110
 
            This option allows you to override the default network
111
 
            address. By default mandos will not bind to any
112
 
            specific address but instead use default avahi-server
113
 
            behaviour.
114
 
          </para>
115
 
        </listitem>
116
 
      </varlistentry>      
117
 
 
118
 
      <varlistentry>
119
 
        <term><literal>port</literal></term>
120
 
        <listitem>
121
 
          <para>
122
 
            This option allows you to override the default port to
123
 
            listen on. By default mandos will not specify any specific
124
 
            port and instead use a random port given by the OS from
125
 
            the use of INADDR_ANY.
126
 
          </para>
127
 
        </listitem>
128
 
      </varlistentry>
129
 
 
130
 
      <varlistentry>
131
 
        <term><literal>debug</literal></term>
132
 
        <listitem>
133
 
          <para>
134
 
            This option allows you to modify debug mode with a true/false
135
 
            boolean value. By default is debug set to <literal>false</literal>.
136
 
          </para>
137
 
        </listitem>
138
 
      </varlistentry>      
139
 
 
140
 
      <varlistentry>
141
 
        <term><literal>priority</literal></term>
142
 
        <listitem>
143
 
          <para>
144
 
            This option allows you to override the default gnutls
145
 
            priority that will be used in gnutls session. See
146
 
            <citerefentry><refentrytitle>gnutls_priority_init
147
 
            </refentrytitle><manvolnum>3</manvolnum></citerefentry>for
148
 
            more information on gnutls priority strings.
149
 
          </para>         
150
 
        </listitem>
151
 
      </varlistentry>
152
 
 
153
 
      <varlistentry>
154
 
        <term><literal>servicename</literal></term>
155
 
        <listitem>
156
 
          <para>
157
 
            This option allows you to override the default Zeroconf
158
 
            service name use to announce mandos as a avahi service. By
159
 
            default mandos will use "Mandos".
160
 
          </para>
 
89
        <term><option>interface<literal> = </literal><replaceable
 
90
        >NAME</replaceable></option></term>
 
91
        <listitem>
 
92
          <xi:include href="mandos-options.xml" xpointer="interface"/>
 
93
        </listitem>
 
94
      </varlistentry>
 
95
      
 
96
      <varlistentry>
 
97
        <term><option>address<literal> = </literal><replaceable
 
98
          >ADDRESS</replaceable></option></term>
 
99
        <listitem>
 
100
          <xi:include href="mandos-options.xml" xpointer="address"/>
 
101
        </listitem>
 
102
      </varlistentry>
 
103
      
 
104
      <varlistentry>
 
105
        <term><option>port<literal> = </literal><replaceable
 
106
        >NUMBER</replaceable></option></term>
 
107
        <listitem>
 
108
          <xi:include href="mandos-options.xml" xpointer="port"/>
 
109
        </listitem>
 
110
      </varlistentry>
 
111
      
 
112
      <varlistentry>
 
113
        <term><option>debug<literal> = </literal>{ <literal
 
114
          >1</literal> | <literal>yes</literal> | <literal
 
115
          >true</literal> | <literal>on</literal> | <literal
 
116
          >0</literal> | <literal>no</literal> | <literal
 
117
          >false</literal> | <literal>off</literal> }</option></term>
 
118
        <listitem>
 
119
          <xi:include href="mandos-options.xml" xpointer="debug"/>
 
120
        </listitem>
 
121
      </varlistentry>
 
122
      
 
123
      <varlistentry>
 
124
        <term><option>priority<literal> = </literal><replaceable
 
125
        >STRING</replaceable></option></term>
 
126
        <listitem>
 
127
          <xi:include href="mandos-options.xml" xpointer="priority"/>
 
128
        </listitem>
 
129
      </varlistentry>
 
130
      
 
131
      <varlistentry>
 
132
        <term><option>servicename<literal> = </literal
 
133
        ><replaceable>NAME</replaceable></option></term>
 
134
        <listitem>
 
135
          <xi:include href="mandos-options.xml"
 
136
                      xpointer="servicename"/>
 
137
        </listitem>
 
138
      </varlistentry>
 
139
      
 
140
      <varlistentry>
 
141
        <term><option>use_dbus<literal> = </literal>{ <literal
 
142
          >1</literal> | <literal>yes</literal> | <literal
 
143
          >true</literal> | <literal>on</literal> | <literal
 
144
          >0</literal> | <literal>no</literal> | <literal
 
145
          >false</literal> | <literal>off</literal> }</option></term>
 
146
        <listitem>
 
147
          <xi:include href="mandos-options.xml" xpointer="dbus"/>
 
148
        </listitem>
 
149
      </varlistentry>
 
150
      
 
151
      <varlistentry>
 
152
        <term><option>use_ipv6<literal> = </literal>{ <literal
 
153
          >1</literal> | <literal>yes</literal> | <literal
 
154
          >true</literal> | <literal>on</literal> | <literal
 
155
          >0</literal> | <literal>no</literal> | <literal
 
156
          >false</literal> | <literal>off</literal> }</option></term>
 
157
        <listitem>
 
158
          <xi:include href="mandos-options.xml" xpointer="ipv6"/>
 
159
        </listitem>
 
160
      </varlistentry>
 
161
      
 
162
      <varlistentry>
 
163
        <term><option>restore<literal> = </literal>{ <literal
 
164
          >1</literal> | <literal>yes</literal> | <literal
 
165
          >true</literal> | <literal>on</literal> | <literal
 
166
          >0</literal> | <literal>no</literal> | <literal
 
167
          >false</literal> | <literal>off</literal> }</option></term>
 
168
        <listitem>
 
169
          <xi:include href="mandos-options.xml" xpointer="restore"/>
 
170
        </listitem>
 
171
      </varlistentry>
 
172
      
 
173
      <varlistentry>
 
174
        <term><option>statedir<literal> = </literal><replaceable
 
175
        >DIRECTORY</replaceable></option></term>
 
176
        <listitem>
 
177
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
 
178
        </listitem>
 
179
      </varlistentry>
 
180
      
 
181
      <varlistentry>
 
182
        <term><option>socket<literal> = </literal><replaceable
 
183
        >NUMBER</replaceable></option></term>
 
184
        <listitem>
 
185
          <xi:include href="mandos-options.xml" xpointer="socket"/>
161
186
        </listitem>
162
187
      </varlistentry>
163
188
      
164
189
    </variablelist>
165
190
  </refsect1>
166
 
 
167
 
  <refsect1 id="examples">
168
 
    <title>EXAMPLES</title>
169
 
    <informalexample>
170
 
      <programlisting>
171
 
        [server]
172
 
        # A configuration example
173
 
        interface = eth0 
174
 
        address = 2001:DB8:
175
 
        port = 1025 
176
 
        debug = true 
177
 
        priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
178
 
        servicename = Mandos
179
 
      </programlisting>
180
 
    </informalexample>
181
 
  </refsect1>  
182
191
  
183
192
  <refsect1 id="files">
184
193
    <title>FILES</title>
186
195
      The file described here is &CONFPATH;
187
196
    </para>
188
197
  </refsect1>
 
198
  
 
199
  <refsect1 id="bugs">
 
200
    <title>BUGS</title>
 
201
    <para>
 
202
      The <literal>[DEFAULT]</literal> is necessary because the Python
 
203
      built-in module <systemitem class="library">ConfigParser</systemitem>
 
204
      requires it.
 
205
    </para>
 
206
  </refsect1>
 
207
  
 
208
  <refsect1 id="example">
 
209
    <title>EXAMPLE</title>
 
210
    <informalexample>
 
211
      <para>
 
212
        No options are actually required:
 
213
      </para>
 
214
      <programlisting>
 
215
[DEFAULT]
 
216
      </programlisting>
 
217
    </informalexample>
 
218
    <informalexample>
 
219
      <para>
 
220
        An example using all the options:
 
221
      </para>
 
222
      <programlisting>
 
223
[DEFAULT]
 
224
# A configuration example
 
225
interface = eth0
 
226
address = fe80::aede:48ff:fe71:f6f2
 
227
port = 1025
 
228
debug = True
 
229
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA
 
230
servicename = Daena
 
231
use_dbus = False
 
232
use_ipv6 = True
 
233
restore = True
 
234
statedir = /var/lib/mandos
 
235
      </programlisting>
 
236
    </informalexample>
 
237
  </refsect1>
 
238
  
 
239
  <refsect1 id="see_also">
 
240
    <title>SEE ALSO</title>
 
241
    <para>
 
242
      <citerefentry><refentrytitle>intro</refentrytitle>
 
243
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
244
      <citerefentry><refentrytitle>gnutls_priority_init</refentrytitle
 
245
      ><manvolnum>3</manvolnum></citerefentry>,
 
246
      <citerefentry><refentrytitle>mandos</refentrytitle>
 
247
      <manvolnum>8</manvolnum></citerefentry>,
 
248
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
 
249
      <manvolnum>5</manvolnum></citerefentry>
 
250
    </para>
 
251
    
 
252
    <variablelist>
 
253
      <varlistentry>
 
254
        <term>
 
255
          RFC 4291: <citetitle>IP Version 6 Addressing
 
256
          Architecture</citetitle>
 
257
        </term>
 
258
        <listitem>
 
259
          <variablelist>
 
260
            <varlistentry>
 
261
              <term>Section 2.2: <citetitle>Text Representation of
 
262
              Addresses</citetitle></term>
 
263
              <listitem><para/></listitem>
 
264
            </varlistentry>
 
265
            <varlistentry>
 
266
              <term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6
 
267
              Address</citetitle></term>
 
268
              <listitem><para/></listitem>
 
269
            </varlistentry>
 
270
            <varlistentry>
 
271
            <term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast
 
272
            Addresses</citetitle></term>
 
273
            <listitem>
 
274
              <para>
 
275
                The clients use IPv6 link-local addresses, which are
 
276
                immediately usable since a link-local addresses is
 
277
                automatically assigned to a network interface when it
 
278
                is brought up.
 
279
              </para>
 
280
            </listitem>
 
281
            </varlistentry>
 
282
          </variablelist>
 
283
        </listitem>
 
284
      </varlistentry>
 
285
      <varlistentry>
 
286
        <term>
 
287
          <ulink url="http://www.zeroconf.org/">Zeroconf</ulink>
 
288
        </term>
 
289
        <listitem>
 
290
          <para>
 
291
            Zeroconf is the network protocol standard used by clients
 
292
            for finding the Mandos server on the local network.
 
293
          </para>
 
294
        </listitem>
 
295
      </varlistentry>
 
296
    </variablelist>
 
297
  </refsect1>
189
298
</refentry>
 
299
<!-- Local Variables: -->
 
300
<!-- time-stamp-start: "<!ENTITY TIMESTAMP [\"']" -->
 
301
<!-- time-stamp-end: "[\"']>" -->
 
302
<!-- time-stamp-format: "%:y-%02m-%02d" -->
 
303
<!-- End: -->