/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-clients.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 341.
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-clients.conf.xml
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY CONFNAME "mandos-clients.conf">
5
5
<!ENTITY CONFPATH "<filename>/etc/mandos/clients.conf</filename>">
6
 
<!ENTITY TIMESTAMP "2012-06-23">
 
6
<!ENTITY TIMESTAMP "2016-03-05">
7
7
<!ENTITY % common SYSTEM "common.ent">
8
8
%common;
9
9
]>
37
37
      <year>2010</year>
38
38
      <year>2011</year>
39
39
      <year>2012</year>
 
40
      <year>2013</year>
 
41
      <year>2014</year>
 
42
      <year>2015</year>
 
43
      <year>2016</year>
40
44
      <holder>Teddy Hogeborn</holder>
41
45
      <holder>Björn Påhlsson</holder>
42
46
    </copyright>
117
121
          <para>
118
122
            How long to wait for external approval before resorting to
119
123
            use the <option>approved_by_default</option> value.  The
120
 
            default is <quote>0s</quote>, i.e. not to wait.
 
124
            default is <quote>PT0S</quote>, i.e. not to wait.
121
125
          </para>
122
126
          <para>
123
127
            The format of <replaceable>TIME</replaceable> is the same
177
181
            <varname>PATH</varname> will be searched.  The default
178
182
            value for the checker command is <quote><literal
179
183
            ><command>fping</command> <option>-q</option> <option
180
 
            >--</option> %%(host)s</literal></quote>.
 
184
            >--</option> %%(host)s</literal></quote>.  Note that
 
185
            <command>mandos-keygen</command>, when generating output
 
186
            to be inserted into this file, normally looks for an SSH
 
187
            server on the Mandos client, and, if it find one, outputs
 
188
            a <option>checker</option> option to check for the
 
189
            client’s key fingerprint – this is more secure against
 
190
            spoofing.
181
191
          </para>
182
192
          <para>
183
193
            In addition to normal start time expansion, this option
453
463
      <literal>%(<replaceable>foo</replaceable>)s</literal> is
454
464
      obscure.
455
465
    </para>
 
466
    <xi:include href="bugs.xml"/>
456
467
  </refsect1>
457
468
  
458
469
  <refsect1 id="example">