/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-ctl.xml

  • Committer: Teddy Hogeborn
  • Date: 2024-09-09 04:24:39 UTC
  • mto: This revision was merged to the branch mainline in revision 410.
  • Revision ID: teddy@recompile.se-20240909042439-j85mr20uli2hnyis
Eliminate compiler warnings

Many programs use nested functions, which now result in a linker
warning about executable stack.  Hide this warning.  Also, rewrite a
loop in the plymouth plugin to avoid warning about signed overflow.
This change also makes the plugin pick the alphabetically first
process entry instead of the last, in case many plymouth processes are
found (which should be unlikely).

* Makefile (plugin-runner, dracut-module/password-agent,
  plugins.d/password-prompt, plugins.d/mandos-client,
  plugins.d/plymouth): New target; set LDFLAGS to add "-Xlinker
  --no-warn-execstack".
* plugins.d/plymouth.c (get_pid): When no pid files are found, and we
  are looking through the process list, go though it from the start
  instead of from the end, i.e. in normal alphabetical order and not
  in reverse order.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-ctl">
5
 
<!ENTITY TIMESTAMP "2016-02-28">
 
5
<!ENTITY TIMESTAMP "2019-07-29">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
38
38
      <year>2014</year>
39
39
      <year>2015</year>
40
40
      <year>2016</year>
 
41
      <year>2017</year>
 
42
      <year>2018</year>
 
43
      <year>2019</year>
41
44
      <holder>Teddy Hogeborn</holder>
42
45
      <holder>Björn Påhlsson</holder>
43
46
    </copyright>
52
55
  <refnamediv>
53
56
    <refname><command>&COMMANDNAME;</command></refname>
54
57
    <refpurpose>
55
 
      Control the operation of the Mandos server
 
58
      Control or query the operation of the Mandos server
56
59
    </refpurpose>
57
60
  </refnamediv>
58
61
  
60
63
    <cmdsynopsis>
61
64
      <command>&COMMANDNAME;</command>
62
65
      <group>
63
 
        <arg choice="plain"><option>--enable</option></arg>
64
 
        <arg choice="plain"><option>-e</option></arg>
65
 
        <sbr/>
66
 
        <arg choice="plain"><option>--disable</option></arg>
67
 
        <arg choice="plain"><option>-d</option></arg>
68
 
      </group>
69
 
      <sbr/>
70
 
      <group>
71
 
        <arg choice="plain"><option>--bump-timeout</option></arg>
72
 
        <arg choice="plain"><option>-b</option></arg>
73
 
      </group>
74
 
      <sbr/>
75
 
      <group>
76
 
        <arg choice="plain"><option>--start-checker</option></arg>
77
 
      </group>
78
 
      <sbr/>
79
 
      <group>
80
 
        <arg choice="plain"><option>--stop-checker</option></arg>
81
 
      </group>
82
 
      <sbr/>
83
 
      <group>
84
 
        <arg choice="plain"><option>--remove</option></arg>
85
 
        <arg choice="plain"><option>-r</option></arg>
86
 
      </group>
87
 
      <sbr/>
88
 
      <group>
89
 
        <arg choice="plain"><option>--checker
90
 
        <replaceable>COMMAND</replaceable></option></arg>
91
 
        <arg choice="plain"><option>-c
92
 
        <replaceable>COMMAND</replaceable></option></arg>
93
 
      </group>
94
 
      <sbr/>
95
 
      <group>
96
 
        <arg choice="plain"><option>--timeout
97
 
        <replaceable>TIME</replaceable></option></arg>
98
 
        <arg choice="plain"><option>-t
99
 
        <replaceable>TIME</replaceable></option></arg>
100
 
      </group>
101
 
      <sbr/>
102
 
      <group>
103
 
        <arg choice="plain"><option>--extended-timeout
104
 
        <replaceable>TIME</replaceable></option></arg>
105
 
      </group>
106
 
      <sbr/>
107
 
      <group>
108
 
        <arg choice="plain"><option>--interval
109
 
        <replaceable>TIME</replaceable></option></arg>
110
 
        <arg choice="plain"><option>-i
111
 
        <replaceable>TIME</replaceable></option></arg>
112
 
      </group>
113
 
      <sbr/>
114
 
      <group>
115
 
        <arg choice="plain"><option>--approve-by-default</option
116
 
        ></arg>
117
 
        <sbr/>
118
 
        <arg choice="plain"><option>--deny-by-default</option></arg>
119
 
      </group>
120
 
      <sbr/>
121
 
      <group>
122
 
        <arg choice="plain"><option>--approval-delay
123
 
        <replaceable>TIME</replaceable></option></arg>
124
 
      </group>
125
 
      <sbr/>
126
 
      <group>
127
 
        <arg choice="plain"><option>--approval-duration
128
 
        <replaceable>TIME</replaceable></option></arg>
129
 
      </group>
130
 
      <sbr/>
131
 
      <group>
132
 
        <arg choice="plain"><option>--interval
133
 
        <replaceable>TIME</replaceable></option></arg>
134
 
        <arg choice="plain"><option>-i
135
 
        <replaceable>TIME</replaceable></option></arg>
136
 
      </group>
137
 
      <sbr/>
138
 
      <group>
139
 
        <arg choice="plain"><option>--host
140
 
        <replaceable>STRING</replaceable></option></arg>
141
 
        <arg choice="plain"><option>-H
142
 
        <replaceable>STRING</replaceable></option></arg>
143
 
      </group>
144
 
      <sbr/>
145
 
      <group>
146
 
        <arg choice="plain"><option>--secret
147
 
        <replaceable>FILENAME</replaceable></option></arg>
148
 
        <arg choice="plain"><option>-s
149
 
        <replaceable>FILENAME</replaceable></option></arg>
150
 
      </group>
151
 
      <sbr/>
152
 
      <group>
153
 
        <arg choice="plain"><option>--approve</option></arg>
154
 
        <arg choice="plain"><option>-A</option></arg>
155
 
        <sbr/>
 
66
          <arg choice="plain"><option>--verbose</option></arg>
 
67
          <arg choice="plain"><option>-v</option></arg>
 
68
          <sbr/>
 
69
          <arg choice="plain"><option>--dump-json</option></arg>
 
70
          <arg choice="plain"><option>-j</option></arg>
 
71
      </group>
 
72
      <arg><option>--debug</option></arg>
 
73
      <group>
 
74
        <arg rep='repeat' choice='plain'>
 
75
          <replaceable>CLIENT</replaceable>
 
76
        </arg>
 
77
      </group>
 
78
    </cmdsynopsis>
 
79
    <cmdsynopsis>
 
80
      <command>&COMMANDNAME;</command>
 
81
      <group choice="req">
 
82
        <group>
 
83
          <arg choice="plain"><option>--enable</option></arg>
 
84
          <arg choice="plain"><option>-e</option></arg>
 
85
          <sbr/>
 
86
          <arg choice="plain"><option>--disable</option></arg>
 
87
          <arg choice="plain"><option>-d</option></arg>
 
88
        </group>
 
89
        <sbr/>
 
90
        <group>
 
91
          <arg choice="plain"><option>--bump-timeout</option></arg>
 
92
          <arg choice="plain"><option>-b</option></arg>
 
93
        </group>
 
94
        <sbr/>
 
95
        <group>
 
96
          <arg choice="plain"><option>--start-checker</option></arg>
 
97
          <arg choice="plain"><option>--stop-checker</option></arg>
 
98
        </group>
 
99
        <sbr/>
 
100
        <group>
 
101
          <arg choice="plain"><option>--checker
 
102
          <replaceable>COMMAND</replaceable></option></arg>
 
103
          <arg choice="plain"><option>-c
 
104
          <replaceable>COMMAND</replaceable></option></arg>
 
105
        </group>
 
106
        <sbr/>
 
107
        <group>
 
108
          <arg choice="plain"><option>--timeout
 
109
          <replaceable>TIME</replaceable></option></arg>
 
110
          <arg choice="plain"><option>-t
 
111
          <replaceable>TIME</replaceable></option></arg>
 
112
        </group>
 
113
        <sbr/>
 
114
        <group>
 
115
          <arg choice="plain"><option>--extended-timeout
 
116
          <replaceable>TIME</replaceable></option></arg>
 
117
        </group>
 
118
        <sbr/>
 
119
        <group>
 
120
          <arg choice="plain"><option>--interval
 
121
          <replaceable>TIME</replaceable></option></arg>
 
122
          <arg choice="plain"><option>-i
 
123
          <replaceable>TIME</replaceable></option></arg>
 
124
        </group>
 
125
        <sbr/>
 
126
        <group>
 
127
          <arg choice="plain"><option>--approve-by-default</option
 
128
          ></arg>
 
129
          <sbr/>
 
130
          <arg choice="plain"><option>--deny-by-default</option></arg>
 
131
        </group>
 
132
        <sbr/>
 
133
        <group>
 
134
          <arg choice="plain"><option>--approval-delay
 
135
          <replaceable>TIME</replaceable></option></arg>
 
136
        </group>
 
137
        <sbr/>
 
138
        <group>
 
139
          <arg choice="plain"><option>--approval-duration
 
140
          <replaceable>TIME</replaceable></option></arg>
 
141
        </group>
 
142
        <sbr/>
 
143
        <group>
 
144
          <arg choice="plain"><option>--host
 
145
          <replaceable>STRING</replaceable></option></arg>
 
146
          <arg choice="plain"><option>-H
 
147
          <replaceable>STRING</replaceable></option></arg>
 
148
        </group>
 
149
        <sbr/>
 
150
        <group>
 
151
          <arg choice="plain"><option>--secret
 
152
          <replaceable>FILENAME</replaceable></option></arg>
 
153
          <arg choice="plain"><option>-s
 
154
          <replaceable>FILENAME</replaceable></option></arg>
 
155
        </group>
 
156
        <sbr/>
 
157
        <group>
 
158
          <arg choice="plain"><option>--approve</option></arg>
 
159
          <arg choice="plain"><option>-A</option></arg>
 
160
          <sbr/>
 
161
          <arg choice="plain"><option>--deny</option></arg>
 
162
          <arg choice="plain"><option>-D</option></arg>
 
163
        </group>
 
164
      </group>
 
165
      <sbr/>
 
166
      <arg><option>--debug</option></arg>
 
167
      <group choice="req">
 
168
        <arg choice="plain"><option>--all</option></arg>
 
169
        <arg choice="plain"><option>-a</option></arg>
 
170
        <arg rep='repeat' choice='plain'>
 
171
          <replaceable>CLIENT</replaceable>
 
172
        </arg>
 
173
      </group>
 
174
    </cmdsynopsis>
 
175
    <cmdsynopsis>
 
176
      <command>&COMMANDNAME;</command>
 
177
      <group>
156
178
        <arg choice="plain"><option>--deny</option></arg>
157
179
        <arg choice="plain"><option>-D</option></arg>
158
180
      </group>
 
181
      <group choice="req">
 
182
          <arg choice="plain"><option>--remove</option></arg>
 
183
          <arg choice="plain"><option>-r</option></arg>
 
184
      </group>
159
185
      <sbr/>
 
186
      <arg><option>--debug</option></arg>
160
187
      <group choice="req">
161
188
        <arg choice="plain"><option>--all</option></arg>
162
189
        <arg choice="plain"><option>-a</option></arg>
167
194
    </cmdsynopsis>
168
195
    <cmdsynopsis>
169
196
      <command>&COMMANDNAME;</command>
170
 
      <group>
171
 
        <arg choice="plain"><option>--verbose</option></arg>
172
 
        <arg choice="plain"><option>-v</option></arg>
173
 
      </group>
174
 
      <group>
175
 
        <arg rep='repeat' choice='plain'>
176
 
          <replaceable>CLIENT</replaceable>
177
 
        </arg>
178
 
      </group>
179
 
    </cmdsynopsis>
180
 
    <cmdsynopsis>
181
 
      <command>&COMMANDNAME;</command>
182
197
      <group choice="req">
183
198
        <arg choice="plain"><option>--is-enabled</option></arg>
184
199
        <arg choice="plain"><option>-V</option></arg>
185
200
      </group>
 
201
      <arg><option>--debug</option></arg>
186
202
      <arg choice='plain'><replaceable>CLIENT</replaceable></arg>
187
203
    </cmdsynopsis>
188
204
    <cmdsynopsis>
208
224
  <refsect1 id="description">
209
225
    <title>DESCRIPTION</title>
210
226
    <para>
211
 
      <command>&COMMANDNAME;</command> is a program to control the
212
 
      operation of the Mandos server <citerefentry><refentrytitle
213
 
      >mandos</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
 
227
      <command>&COMMANDNAME;</command> is a program to control or
 
228
      query the operation of the Mandos server
 
229
      <citerefentry><refentrytitle>mandos</refentrytitle><manvolnum
 
230
      >8</manvolnum></citerefentry>.
214
231
    </para>
215
232
    <para>
216
233
      This program can be used to change client settings, approve or
474
491
      </varlistentry>
475
492
      
476
493
      <varlistentry>
 
494
        <term><option>--dump-json</option></term>
 
495
        <term><option>-j</option></term>
 
496
        <listitem>
 
497
          <para>
 
498
            Dump client settings as JSON to standard output.
 
499
          </para>
 
500
        </listitem>
 
501
      </varlistentry>
 
502
      
 
503
      <varlistentry>
477
504
        <term><option>--is-enabled</option></term>
478
505
        <term><option>-V</option></term>
479
506
        <listitem>
485
512
      </varlistentry>
486
513
      
487
514
      <varlistentry>
 
515
        <term><option>--debug</option></term>
 
516
        <listitem>
 
517
          <para>
 
518
            Show debug output; currently, this means show D-Bus calls.
 
519
          </para>
 
520
        </listitem>
 
521
      </varlistentry>
 
522
      
 
523
      <varlistentry>
488
524
        <term><option>--check</option></term>
489
525
        <listitem>
490
526
          <para>
514
550
    </para>
515
551
  </refsect1>
516
552
  
517
 
<!--   <refsect1 id="bugs"> -->
518
 
<!--     <title>BUGS</title> -->
519
 
<!--     <para> -->
520
 
<!--     </para> -->
521
 
<!--   </refsect1> -->
 
553
  <refsect1 id="bugs">
 
554
    <title>BUGS</title>
 
555
    <xi:include href="bugs.xml"/>
 
556
  </refsect1>
522
557
  
523
558
  <refsect1 id="example">
524
559
    <title>EXAMPLE</title>
 
560
    <!-- Name of test methods in class Test_commands_from_options are
 
561
         written in comments below.  When adding an example, add a
 
562
         test too which tests the documented behavior. -->
525
563
    <informalexample>
 
564
      <!-- Test method: test_manual_page_example_1() -->
526
565
      <para>
527
566
        To list all clients:
528
567
      </para>
532
571
    </informalexample>
533
572
    
534
573
    <informalexample>
 
574
      <!-- Test method: test_manual_page_example_2() -->
535
575
      <para>
536
576
        To list <emphasis>all</emphasis> settings for the clients
537
577
        named <quote>foo1.example.org</quote> and <quote
546
586
    </informalexample>
547
587
    
548
588
    <informalexample>
 
589
      <!-- Test method: test_manual_page_example_3() -->
549
590
      <para>
550
591
        To enable all clients:
551
592
      </para>
555
596
    </informalexample>
556
597
    
557
598
    <informalexample>
 
599
      <!-- Test method: test_manual_page_example_4() -->
558
600
      <para>
559
601
        To change timeout and interval value for the clients
560
602
        named <quote>foo1.example.org</quote> and <quote
563
605
      <para>
564
606
 
565
607
<!-- do not wrap this line -->
566
 
<userinput>&COMMANDNAME; --timeout="5m" --interval="1m" foo1.example.org foo2.example.org</userinput>
 
608
<userinput>&COMMANDNAME; --timeout=PT5M --interval=PT1M foo1.example.org foo2.example.org</userinput>
567
609
 
568
610
      </para>
569
611
    </informalexample>
570
612
    
571
613
    <informalexample>
 
614
      <!-- Test method: test_manual_page_example_5() -->
572
615
      <para>
573
 
        To approve all clients currently waiting for it:
 
616
        To approve all clients currently waiting for approval:
574
617
      </para>
575
618
      <para>
576
619
        <userinput>&COMMANDNAME; --approve --all</userinput>