/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2018-08-15 09:26:02 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 368.
  • Revision ID: teddy@recompile.se-20180815092602-xoyb5s6gf8376i7u
http://bugs.debian.org/894495
mandos-client: Set system clock if necessary

* plugins.d/mandos-client.c (init_gpgme/import_key): If the system
  clock is not set, or set to january 1970, set the system clock to
  the more plausible value that is the mtime of the key file.  This is
  required by GnuPG to be able to import the keys.  (We can't pass the
  --ignore-time-conflict or the --ignore-valid-from options though
  GPGME.)

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos.conf.xml
1
 
<?xml version='1.0' encoding='UTF-8'?>
 
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY VERSION "1.0">
5
4
<!ENTITY CONFNAME "mandos.conf">
6
5
<!ENTITY CONFPATH "<filename>/etc/mandos/mandos.conf</filename>">
7
 
<!ENTITY TIMESTAMP "2008-08-29">
 
6
<!ENTITY TIMESTAMP "2018-02-08">
 
7
<!ENTITY % common SYSTEM "common.ent">
 
8
%common;
8
9
]>
9
10
 
10
11
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
12
13
    <title>Mandos Manual</title>
13
14
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
14
15
    <productname>Mandos</productname>
15
 
    <productnumber>&VERSION;</productnumber>
 
16
    <productnumber>&version;</productnumber>
16
17
    <date>&TIMESTAMP;</date>
17
18
    <authorgroup>
18
19
      <author>
19
20
        <firstname>Björn</firstname>
20
21
        <surname>Påhlsson</surname>
21
22
        <address>
22
 
          <email>belorn@fukt.bsnet.se</email>
 
23
          <email>belorn@recompile.se</email>
23
24
        </address>
24
25
      </author>
25
26
      <author>
26
27
        <firstname>Teddy</firstname>
27
28
        <surname>Hogeborn</surname>
28
29
        <address>
29
 
          <email>teddy@fukt.bsnet.se</email>
 
30
          <email>teddy@recompile.se</email>
30
31
        </address>
31
32
      </author>
32
33
    </authorgroup>
33
34
    <copyright>
34
35
      <year>2008</year>
 
36
      <year>2009</year>
 
37
      <year>2010</year>
 
38
      <year>2011</year>
 
39
      <year>2012</year>
 
40
      <year>2013</year>
 
41
      <year>2014</year>
 
42
      <year>2015</year>
 
43
      <year>2016</year>
 
44
      <year>2017</year>
 
45
      <year>2018</year>
35
46
      <holder>Teddy Hogeborn</holder>
36
47
      <holder>Björn Påhlsson</holder>
37
48
    </copyright>
38
 
    <legalnotice>
39
 
      <para>
40
 
        This manual page is free software: you can redistribute it
41
 
        and/or modify it under the terms of the GNU General Public
42
 
        License as published by the Free Software Foundation,
43
 
        either version 3 of the License, or (at your option) any
44
 
        later version.
45
 
      </para>
46
 
 
47
 
      <para>
48
 
        This manual page is distributed in the hope that it will
49
 
        be useful, but WITHOUT ANY WARRANTY; without even the
50
 
        implied warranty of MERCHANTABILITY or FITNESS FOR A
51
 
        PARTICULAR PURPOSE.  See the GNU General Public License
52
 
        for more details.
53
 
      </para>
54
 
 
55
 
      <para>
56
 
        You should have received a copy of the GNU General Public
57
 
        License along with this program; If not, see
58
 
        <ulink url="http://www.gnu.org/licenses/"/>.
59
 
      </para>
60
 
    </legalnotice>
 
49
    <xi:include href="legalnotice.xml"/>
61
50
  </refentryinfo>
62
 
 
 
51
  
63
52
  <refmeta>
64
53
    <refentrytitle>&CONFNAME;</refentrytitle>
65
54
    <manvolnum>5</manvolnum>
71
60
      Configuration file for the Mandos server
72
61
    </refpurpose>
73
62
  </refnamediv>
74
 
 
 
63
  
75
64
  <refsynopsisdiv>
76
 
    <synopsis>
77
 
      &CONFPATH;
78
 
    </synopsis>
 
65
    <synopsis>&CONFPATH;</synopsis>
79
66
  </refsynopsisdiv>
80
 
 
 
67
  
81
68
  <refsect1 id="description">
82
69
    <title>DESCRIPTION</title>
83
70
    <para>
95
82
      <quote>#</quote> or <quote>;</quote> are ignored and may be used
96
83
      to provide comments.
97
84
    </para>
98
 
 
 
85
    
99
86
  </refsect1>
100
87
  <refsect1>
101
88
    <title>OPTIONS</title>
102
89
    
103
90
    <variablelist>
104
91
      <varlistentry>
105
 
        <term><varname>interface</varname></term>
 
92
        <term><option>interface<literal> = </literal><replaceable
 
93
        >NAME</replaceable></option></term>
106
94
        <listitem>
107
 
          <synopsis><literal>interface = </literal><replaceable
108
 
          >NAME</replaceable>
109
 
          </synopsis>
110
95
          <xi:include href="mandos-options.xml" xpointer="interface"/>
111
96
        </listitem>
112
97
      </varlistentry>
113
 
 
 
98
      
114
99
      <varlistentry>
115
 
        <term><varname>address</varname></term>
 
100
        <term><option>address<literal> = </literal><replaceable
 
101
          >ADDRESS</replaceable></option></term>
116
102
        <listitem>
117
 
          <synopsis><literal>address = </literal><replaceable
118
 
          >ADDRESS</replaceable>
119
 
          </synopsis>
120
103
          <xi:include href="mandos-options.xml" xpointer="address"/>
121
104
        </listitem>
122
105
      </varlistentry>
123
 
 
 
106
      
124
107
      <varlistentry>
125
 
        <term><varname>port</varname></term>
 
108
        <term><option>port<literal> = </literal><replaceable
 
109
        >NUMBER</replaceable></option></term>
126
110
        <listitem>
127
 
          <synopsis><literal>port = </literal><replaceable
128
 
          >NUMBER</replaceable>
129
 
          </synopsis>
130
111
          <xi:include href="mandos-options.xml" xpointer="port"/>
131
112
        </listitem>
132
113
      </varlistentry>
133
 
 
 
114
      
134
115
      <varlistentry>
135
 
        <term><varname>debug</varname></term>
136
 
        <listitem>
137
 
          <synopsis><literal>debug = </literal>{ <literal
 
116
        <term><option>debug<literal> = </literal>{ <literal
138
117
          >1</literal> | <literal>yes</literal> | <literal
139
118
          >true</literal> | <literal>on</literal> | <literal
140
119
          >0</literal> | <literal>no</literal> | <literal
141
 
          >false</literal> | <literal>off</literal> }
142
 
          </synopsis>
 
120
          >false</literal> | <literal>off</literal> }</option></term>
 
121
        <listitem>
143
122
          <xi:include href="mandos-options.xml" xpointer="debug"/>
144
123
        </listitem>
145
124
      </varlistentry>
146
 
 
 
125
      
147
126
      <varlistentry>
148
 
        <term><varname>priority</varname></term>
 
127
        <term><option>priority<literal> = </literal><replaceable
 
128
        >STRING</replaceable></option></term>
149
129
        <listitem>
150
 
          <synopsis><literal>priority = </literal><replaceable
151
 
          >STRING</replaceable>
152
 
          </synopsis>
153
130
          <xi:include href="mandos-options.xml" xpointer="priority"/>
154
131
        </listitem>
155
132
      </varlistentry>
156
 
 
 
133
      
157
134
      <varlistentry>
158
 
        <term><varname>servicename</varname></term>
 
135
        <term><option>servicename<literal> = </literal
 
136
        ><replaceable>NAME</replaceable></option></term>
159
137
        <listitem>
160
 
          <synopsis><literal>servicename = </literal><replaceable
161
 
          >NAME</replaceable>
162
 
          </synopsis>
163
138
          <xi:include href="mandos-options.xml"
164
139
                      xpointer="servicename"/>
165
140
        </listitem>
166
141
      </varlistentry>
167
142
      
 
143
      <varlistentry>
 
144
        <term><option>use_dbus<literal> = </literal>{ <literal
 
145
          >1</literal> | <literal>yes</literal> | <literal
 
146
          >true</literal> | <literal>on</literal> | <literal
 
147
          >0</literal> | <literal>no</literal> | <literal
 
148
          >false</literal> | <literal>off</literal> }</option></term>
 
149
        <listitem>
 
150
          <xi:include href="mandos-options.xml" xpointer="dbus"/>
 
151
        </listitem>
 
152
      </varlistentry>
 
153
      
 
154
      <varlistentry>
 
155
        <term><option>use_ipv6<literal> = </literal>{ <literal
 
156
          >1</literal> | <literal>yes</literal> | <literal
 
157
          >true</literal> | <literal>on</literal> | <literal
 
158
          >0</literal> | <literal>no</literal> | <literal
 
159
          >false</literal> | <literal>off</literal> }</option></term>
 
160
        <listitem>
 
161
          <xi:include href="mandos-options.xml" xpointer="ipv6"/>
 
162
        </listitem>
 
163
      </varlistentry>
 
164
      
 
165
      <varlistentry>
 
166
        <term><option>restore<literal> = </literal>{ <literal
 
167
          >1</literal> | <literal>yes</literal> | <literal
 
168
          >true</literal> | <literal>on</literal> | <literal
 
169
          >0</literal> | <literal>no</literal> | <literal
 
170
          >false</literal> | <literal>off</literal> }</option></term>
 
171
        <listitem>
 
172
          <xi:include href="mandos-options.xml" xpointer="restore"/>
 
173
        </listitem>
 
174
      </varlistentry>
 
175
      
 
176
      <varlistentry>
 
177
        <term><option>statedir<literal> = </literal><replaceable
 
178
        >DIRECTORY</replaceable></option></term>
 
179
        <listitem>
 
180
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
 
181
        </listitem>
 
182
      </varlistentry>
 
183
      
 
184
      <varlistentry>
 
185
        <term><option>socket<literal> = </literal><replaceable
 
186
        >NUMBER</replaceable></option></term>
 
187
        <listitem>
 
188
          <xi:include href="mandos-options.xml" xpointer="socket"/>
 
189
        </listitem>
 
190
      </varlistentry>
 
191
      
168
192
    </variablelist>
169
193
  </refsect1>
170
194
  
180
204
    <para>
181
205
      The <literal>[DEFAULT]</literal> is necessary because the Python
182
206
      built-in module <systemitem class="library">ConfigParser</systemitem>
183
 
      requres it.
 
207
      requires it.
184
208
    </para>
 
209
    <xi:include href="bugs.xml"/>
185
210
  </refsect1>
186
211
  
187
212
  <refsect1 id="example">
202
227
[DEFAULT]
203
228
# A configuration example
204
229
interface = eth0
205
 
address = 2001:db8:f983:bd0b:30de:ae4a:71f2:f672
 
230
address = fe80::aede:48ff:fe71:f6f2
206
231
port = 1025
207
 
debug = true
208
 
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
 
232
debug = True
 
233
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA
209
234
servicename = Daena
 
235
use_dbus = False
 
236
use_ipv6 = True
 
237
restore = True
 
238
statedir = /var/lib/mandos
210
239
      </programlisting>
211
240
    </informalexample>
212
241
  </refsect1>
214
243
  <refsect1 id="see_also">
215
244
    <title>SEE ALSO</title>
216
245
    <para>
 
246
      <citerefentry><refentrytitle>intro</refentrytitle>
 
247
      <manvolnum>8mandos</manvolnum></citerefentry>,
217
248
      <citerefentry><refentrytitle>gnutls_priority_init</refentrytitle
218
249
      ><manvolnum>3</manvolnum></citerefentry>,
219
250
      <citerefentry><refentrytitle>mandos</refentrytitle>
221
252
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
222
253
      <manvolnum>5</manvolnum></citerefentry>
223
254
    </para>
224
 
 
 
255
    
225
256
    <variablelist>
226
257
      <varlistentry>
227
258
        <term>
247
278
              <para>
248
279
                The clients use IPv6 link-local addresses, which are
249
280
                immediately usable since a link-local addresses is
250
 
                automatically assigned to a network interfaces when it
 
281
                automatically assigned to a network interface when it
251
282
                is brought up.
252
283
              </para>
253
284
            </listitem>