/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to dracut-module/password-agent.xml

  • Committer: Teddy Hogeborn
  • Date: 2019-08-05 21:14:05 UTC
  • mto: This revision was merged to the branch mainline in revision 388.
  • Revision ID: teddy@recompile.se-20190805211405-9m6hecekaihpttz9
Override lintian warnings about upgrading from old versions

There are some really things which are imperative that we fix in case
someone were to upgrade from a really old version.  We want to keep
these fixes in the postinst maintainer scripts, even though lintian
complains about such old upgrades not being supported by Debian in
general.  We prefer the code being there, for the sake of the users.

* debian/mandos-client.lintian-overrides
  (maintainer-script-supports-ancient-package-version): New.
  debian/mandos.lintian-overrides
  (maintainer-script-supports-ancient-package-version): - '' -

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "password-agent">
5
 
<!ENTITY TIMESTAMP "2021-02-03">
 
5
<!ENTITY TIMESTAMP "2019-07-24">
6
6
<!ENTITY % common SYSTEM "../common.ent">
7
7
%common;
8
8
]>
32
32
    </authorgroup>
33
33
    <copyright>
34
34
      <year>2019</year>
35
 
      <year>2020</year>
36
35
      <holder>Teddy Hogeborn</holder>
37
36
      <holder>Björn Påhlsson</holder>
38
37
    </copyright>
114
113
      be a <citerefentry><refentrytitle>systemd</refentrytitle>
115
114
      <manvolnum>1</manvolnum></citerefentry> <quote>Password
116
115
      Agent</quote> (See <ulink
117
 
      url="https://systemd.io/PASSWORD_AGENTS/">Password
118
 
      Agents</ulink>).  The aim of this program is therefore to
119
 
      acquire and then send a password to some other program which
 
116
      url="https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/"
 
117
      >Password Agents</ulink>).  The aim of this program is therefore
 
118
      to acquire and then send a password to some other program which
120
119
      will use the password to unlock the encrypted root disk.
121
120
    </para>
122
121
    <para>
147
146
            Specify a different agent directory.  The default is
148
147
            <quote><filename class="directory"
149
148
            >/run/systemd/ask-password</filename ></quote> as per the
150
 
            <ulink url="https://systemd.io/PASSWORD_AGENTS/">Password
151
 
            Agents</ulink> specification.
 
149
            <ulink
 
150
            url="https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/"
 
151
            >Password Agents</ulink> specification.
152
152
          </para>
153
153
        </listitem>
154
154
      </varlistentry>
270
270
      responsible for getting a password from the Mandos client
271
271
      program itself, and to send that password to whatever is
272
272
      currently asking for a password using the systemd <ulink
273
 
      url="https://systemd.io/PASSWORD_AGENTS/">Password
274
 
      Agents</ulink> mechanism.
 
273
      url="https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/"
 
274
      >Password Agents</ulink> mechanism.
275
275
    </para>
276
276
    <para>To accomplish this, &COMMANDNAME; runs the
277
277
    <command>mandos-client</command> program (which is the actual
281
281
    password is acquired from the
282
282
    <replaceable>MANDOS_CLIENT</replaceable> program, sends that
283
283
    password (as per the <ulink
284
 
    url="https://systemd.io/PASSWORD_AGENTS/">Password Agents</ulink>
285
 
    specification) to all currently unanswered password questions.
 
284
    url="https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/"
 
285
    >Password Agents</ulink> specification) to all currently
 
286
    unanswered password questions.
286
287
    </para>
287
288
    <para>
288
289
      This program should be started (normally as a systemd service,
329
330
            <para>
330
331
              The default directory to watch for password questions as
331
332
              per the <ulink
332
 
              url="https://systemd.io/PASSWORD_AGENTS/">Password
333
 
              Agents</ulink> specification; can be changed by the
334
 
              <option>--agent-directory</option> option.
 
333
              url="https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/"
 
334
              >Password Agents</ulink> specification; can be changed
 
335
              by the <option>--agent-directory</option> option.
335
336
            </para>
336
337
          </listitem>
337
338
        </varlistentry>
400
401
      <para>
401
402
 
402
403
<!-- do not wrap this line -->
403
 
<userinput>&COMMANDNAME; -- /lib/mandos/plugins.d/mandos-client --pubkey=/etc/mandos/keys/pubkey.txt --seckey=/etc/mandos/keys/seckey.txt --tls-pubkey=/etc/mandos/keys/tls-pubkey.pem --tls-privkey=/etc/mandos/keys/tls-privkey.pem</userinput>
 
404
<userinput>&COMMANDNAME; -- /lib/mandos/mandos-client --pubkey=/etc/mandos/keys/pubkey.txt --seckey=/etc/mandos/keys/seckey.txt --tls-pubkey=/etc/mandos/keys/tls-pubkey.pem --tls-privkey=/etc/mandos/keys/tls-privkey.pem</userinput>
404
405
 
405
406
      </para>
406
407
    </informalexample>
445
446
    <variablelist>
446
447
      <varlistentry>
447
448
        <term>
448
 
          <ulink url="https://systemd.io/PASSWORD_AGENTS/">Password
449
 
          Agents</ulink>
 
449
          <ulink
 
450
              url="https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/"
 
451
              >Password Agents</ulink>
450
452
        </term>
451
453
        <listitem>
452
454
          <para>