/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos-ctl.xml

Merge new wireless network hook.  Fix bridge network hook to use
hardware addresses instead of interface names.  Implement and document
new "CONNECT" environment variable for network hooks.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-ctl">
5
 
<!ENTITY TIMESTAMP "2019-07-29">
 
5
<!ENTITY TIMESTAMP "2011-10-03">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
33
33
    <copyright>
34
34
      <year>2010</year>
35
35
      <year>2011</year>
36
 
      <year>2012</year>
37
 
      <year>2013</year>
38
 
      <year>2014</year>
39
 
      <year>2015</year>
40
 
      <year>2016</year>
41
 
      <year>2017</year>
42
 
      <year>2018</year>
43
 
      <year>2019</year>
44
36
      <holder>Teddy Hogeborn</holder>
45
37
      <holder>Björn Påhlsson</holder>
46
38
    </copyright>
55
47
  <refnamediv>
56
48
    <refname><command>&COMMANDNAME;</command></refname>
57
49
    <refpurpose>
58
 
      Control or query the operation of the Mandos server
 
50
      Control the operation of the Mandos server
59
51
    </refpurpose>
60
52
  </refnamediv>
61
53
  
63
55
    <cmdsynopsis>
64
56
      <command>&COMMANDNAME;</command>
65
57
      <group>
66
 
          <arg choice="plain"><option>--verbose</option></arg>
67
 
          <arg choice="plain"><option>-v</option></arg>
68
 
          <sbr/>
69
 
          <arg choice="plain"><option>--dump-json</option></arg>
70
 
          <arg choice="plain"><option>-j</option></arg>
71
 
      </group>
72
 
      <arg><option>--debug</option></arg>
73
 
      <group>
74
 
        <arg rep='repeat' choice='plain'>
75
 
          <replaceable>CLIENT</replaceable>
76
 
        </arg>
77
 
      </group>
78
 
    </cmdsynopsis>
79
 
    <cmdsynopsis>
80
 
      <command>&COMMANDNAME;</command>
81
 
      <group choice="req">
82
 
        <group>
83
 
          <arg choice="plain"><option>--enable</option></arg>
84
 
          <arg choice="plain"><option>-e</option></arg>
85
 
          <sbr/>
86
 
          <arg choice="plain"><option>--disable</option></arg>
87
 
          <arg choice="plain"><option>-d</option></arg>
88
 
        </group>
89
 
        <sbr/>
90
 
        <group>
91
 
          <arg choice="plain"><option>--bump-timeout</option></arg>
92
 
          <arg choice="plain"><option>-b</option></arg>
93
 
        </group>
94
 
        <sbr/>
95
 
        <group>
96
 
          <arg choice="plain"><option>--start-checker</option></arg>
97
 
          <arg choice="plain"><option>--stop-checker</option></arg>
98
 
        </group>
99
 
        <sbr/>
100
 
        <group>
101
 
          <arg choice="plain"><option>--checker
102
 
          <replaceable>COMMAND</replaceable></option></arg>
103
 
          <arg choice="plain"><option>-c
104
 
          <replaceable>COMMAND</replaceable></option></arg>
105
 
        </group>
106
 
        <sbr/>
107
 
        <group>
108
 
          <arg choice="plain"><option>--timeout
109
 
          <replaceable>TIME</replaceable></option></arg>
110
 
          <arg choice="plain"><option>-t
111
 
          <replaceable>TIME</replaceable></option></arg>
112
 
        </group>
113
 
        <sbr/>
114
 
        <group>
115
 
          <arg choice="plain"><option>--extended-timeout
116
 
          <replaceable>TIME</replaceable></option></arg>
117
 
        </group>
118
 
        <sbr/>
119
 
        <group>
120
 
          <arg choice="plain"><option>--interval
121
 
          <replaceable>TIME</replaceable></option></arg>
122
 
          <arg choice="plain"><option>-i
123
 
          <replaceable>TIME</replaceable></option></arg>
124
 
        </group>
125
 
        <sbr/>
126
 
        <group>
127
 
          <arg choice="plain"><option>--approve-by-default</option
128
 
          ></arg>
129
 
          <sbr/>
130
 
          <arg choice="plain"><option>--deny-by-default</option></arg>
131
 
        </group>
132
 
        <sbr/>
133
 
        <group>
134
 
          <arg choice="plain"><option>--approval-delay
135
 
          <replaceable>TIME</replaceable></option></arg>
136
 
        </group>
137
 
        <sbr/>
138
 
        <group>
139
 
          <arg choice="plain"><option>--approval-duration
140
 
          <replaceable>TIME</replaceable></option></arg>
141
 
        </group>
142
 
        <sbr/>
143
 
        <group>
144
 
          <arg choice="plain"><option>--host
145
 
          <replaceable>STRING</replaceable></option></arg>
146
 
          <arg choice="plain"><option>-H
147
 
          <replaceable>STRING</replaceable></option></arg>
148
 
        </group>
149
 
        <sbr/>
150
 
        <group>
151
 
          <arg choice="plain"><option>--secret
152
 
          <replaceable>FILENAME</replaceable></option></arg>
153
 
          <arg choice="plain"><option>-s
154
 
          <replaceable>FILENAME</replaceable></option></arg>
155
 
        </group>
156
 
        <sbr/>
157
 
        <group>
158
 
          <arg choice="plain"><option>--approve</option></arg>
159
 
          <arg choice="plain"><option>-A</option></arg>
160
 
          <sbr/>
161
 
          <arg choice="plain"><option>--deny</option></arg>
162
 
          <arg choice="plain"><option>-D</option></arg>
163
 
        </group>
164
 
      </group>
165
 
      <sbr/>
166
 
      <arg><option>--debug</option></arg>
167
 
      <group choice="req">
168
 
        <arg choice="plain"><option>--all</option></arg>
169
 
        <arg choice="plain"><option>-a</option></arg>
170
 
        <arg rep='repeat' choice='plain'>
171
 
          <replaceable>CLIENT</replaceable>
172
 
        </arg>
173
 
      </group>
174
 
    </cmdsynopsis>
175
 
    <cmdsynopsis>
176
 
      <command>&COMMANDNAME;</command>
177
 
      <group>
 
58
        <arg choice="plain"><option>--enable</option></arg>
 
59
        <arg choice="plain"><option>-e</option></arg>
 
60
        <sbr/>
 
61
        <arg choice="plain"><option>--disable</option></arg>
 
62
        <arg choice="plain"><option>-d</option></arg>
 
63
      </group>
 
64
      <sbr/>
 
65
      <group>
 
66
        <arg choice="plain"><option>--bump-timeout</option></arg>
 
67
        <arg choice="plain"><option>-b</option></arg>
 
68
      </group>
 
69
      <sbr/>
 
70
      <group>
 
71
        <arg choice="plain"><option>--start-checker</option></arg>
 
72
      </group>
 
73
      <sbr/>
 
74
      <group>
 
75
        <arg choice="plain"><option>--stop-checker</option></arg>
 
76
      </group>
 
77
      <sbr/>
 
78
      <group>
 
79
        <arg choice="plain"><option>--remove</option></arg>
 
80
        <arg choice="plain"><option>-r</option></arg>
 
81
      </group>
 
82
      <sbr/>
 
83
      <group>
 
84
        <arg choice="plain"><option>--checker
 
85
        <replaceable>COMMAND</replaceable></option></arg>
 
86
        <arg choice="plain"><option>-c
 
87
        <replaceable>COMMAND</replaceable></option></arg>
 
88
      </group>
 
89
      <sbr/>
 
90
      <group>
 
91
        <arg choice="plain"><option>--timeout
 
92
        <replaceable>TIME</replaceable></option></arg>
 
93
        <arg choice="plain"><option>-t
 
94
        <replaceable>TIME</replaceable></option></arg>
 
95
      </group>
 
96
      <sbr/>
 
97
      <group>
 
98
        <arg choice="plain"><option>--extended-timeout
 
99
        <replaceable>TIME</replaceable></option></arg>
 
100
      </group>
 
101
      <sbr/>
 
102
      <group>
 
103
        <arg choice="plain"><option>--interval
 
104
        <replaceable>TIME</replaceable></option></arg>
 
105
        <arg choice="plain"><option>-i
 
106
        <replaceable>TIME</replaceable></option></arg>
 
107
      </group>
 
108
      <sbr/>
 
109
      <group>
 
110
        <arg choice="plain"><option>--approve-by-default</option
 
111
        ></arg>
 
112
        <sbr/>
 
113
        <arg choice="plain"><option>--deny-by-default</option></arg>
 
114
      </group>
 
115
      <sbr/>
 
116
      <group>
 
117
        <arg choice="plain"><option>--approval-delay
 
118
        <replaceable>TIME</replaceable></option></arg>
 
119
      </group>
 
120
      <sbr/>
 
121
      <group>
 
122
        <arg choice="plain"><option>--approval-duration
 
123
        <replaceable>TIME</replaceable></option></arg>
 
124
      </group>
 
125
      <sbr/>
 
126
      <group>
 
127
        <arg choice="plain"><option>--interval
 
128
        <replaceable>TIME</replaceable></option></arg>
 
129
        <arg choice="plain"><option>-i
 
130
        <replaceable>TIME</replaceable></option></arg>
 
131
      </group>
 
132
      <sbr/>
 
133
      <group>
 
134
        <arg choice="plain"><option>--host
 
135
        <replaceable>STRING</replaceable></option></arg>
 
136
        <arg choice="plain"><option>-H
 
137
        <replaceable>STRING</replaceable></option></arg>
 
138
      </group>
 
139
      <sbr/>
 
140
      <group>
 
141
        <arg choice="plain"><option>--secret
 
142
        <replaceable>FILENAME</replaceable></option></arg>
 
143
        <arg choice="plain"><option>-s
 
144
        <replaceable>FILENAME</replaceable></option></arg>
 
145
      </group>
 
146
      <sbr/>
 
147
      <group>
 
148
        <arg choice="plain"><option>--approve</option></arg>
 
149
        <arg choice="plain"><option>-A</option></arg>
 
150
        <sbr/>
178
151
        <arg choice="plain"><option>--deny</option></arg>
179
152
        <arg choice="plain"><option>-D</option></arg>
180
153
      </group>
181
 
      <group choice="req">
182
 
          <arg choice="plain"><option>--remove</option></arg>
183
 
          <arg choice="plain"><option>-r</option></arg>
184
 
      </group>
185
154
      <sbr/>
186
 
      <arg><option>--debug</option></arg>
187
155
      <group choice="req">
188
156
        <arg choice="plain"><option>--all</option></arg>
189
157
        <arg choice="plain"><option>-a</option></arg>
194
162
    </cmdsynopsis>
195
163
    <cmdsynopsis>
196
164
      <command>&COMMANDNAME;</command>
 
165
      <group>
 
166
        <arg choice="plain"><option>--verbose</option></arg>
 
167
        <arg choice="plain"><option>-v</option></arg>
 
168
      </group>
 
169
      <group>
 
170
        <arg rep='repeat' choice='plain'>
 
171
          <replaceable>CLIENT</replaceable>
 
172
        </arg>
 
173
      </group>
 
174
    </cmdsynopsis>
 
175
    <cmdsynopsis>
 
176
      <command>&COMMANDNAME;</command>
197
177
      <group choice="req">
198
178
        <arg choice="plain"><option>--is-enabled</option></arg>
199
179
        <arg choice="plain"><option>-V</option></arg>
200
180
      </group>
201
 
      <arg><option>--debug</option></arg>
202
181
      <arg choice='plain'><replaceable>CLIENT</replaceable></arg>
203
182
    </cmdsynopsis>
204
183
    <cmdsynopsis>
215
194
        <arg choice="plain"><option>-v</option></arg>
216
195
      </group>
217
196
    </cmdsynopsis>
218
 
    <cmdsynopsis>
219
 
      <command>&COMMANDNAME;</command>
220
 
      <arg choice="plain"><option>--check</option></arg>
221
 
    </cmdsynopsis>
222
197
  </refsynopsisdiv>
223
198
  
224
199
  <refsect1 id="description">
225
200
    <title>DESCRIPTION</title>
226
201
    <para>
227
 
      <command>&COMMANDNAME;</command> is a program to control or
228
 
      query the operation of the Mandos server
229
 
      <citerefentry><refentrytitle>mandos</refentrytitle><manvolnum
230
 
      >8</manvolnum></citerefentry>.
 
202
      <command>&COMMANDNAME;</command> is a program to control the
 
203
      operation of the Mandos server <citerefentry><refentrytitle
 
204
      >mandos</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
231
205
    </para>
232
206
    <para>
233
207
      This program can be used to change client settings, approve or
491
465
      </varlistentry>
492
466
      
493
467
      <varlistentry>
494
 
        <term><option>--dump-json</option></term>
495
 
        <term><option>-j</option></term>
496
 
        <listitem>
497
 
          <para>
498
 
            Dump client settings as JSON to standard output.
499
 
          </para>
500
 
        </listitem>
501
 
      </varlistentry>
502
 
      
503
 
      <varlistentry>
504
468
        <term><option>--is-enabled</option></term>
505
469
        <term><option>-V</option></term>
506
470
        <listitem>
511
475
        </listitem>
512
476
      </varlistentry>
513
477
      
514
 
      <varlistentry>
515
 
        <term><option>--debug</option></term>
516
 
        <listitem>
517
 
          <para>
518
 
            Show debug output; currently, this means show D-Bus calls.
519
 
          </para>
520
 
        </listitem>
521
 
      </varlistentry>
522
 
      
523
 
      <varlistentry>
524
 
        <term><option>--check</option></term>
525
 
        <listitem>
526
 
          <para>
527
 
            Run self-tests.  This includes any unit tests, etc.
528
 
          </para>
529
 
        </listitem>
530
 
      </varlistentry>
531
 
      
532
478
    </variablelist>
533
479
  </refsect1>
534
480
  
550
496
    </para>
551
497
  </refsect1>
552
498
  
553
 
  <refsect1 id="bugs">
554
 
    <title>BUGS</title>
555
 
    <xi:include href="bugs.xml"/>
556
 
  </refsect1>
 
499
<!--   <refsect1 id="bugs"> -->
 
500
<!--     <title>BUGS</title> -->
 
501
<!--     <para> -->
 
502
<!--     </para> -->
 
503
<!--   </refsect1> -->
557
504
  
558
505
  <refsect1 id="example">
559
506
    <title>EXAMPLE</title>
560
 
    <!-- Name of test methods in class Test_commands_from_options are
561
 
         written in comments below.  When adding an example, add a
562
 
         test too which tests the documented behavior. -->
563
507
    <informalexample>
564
 
      <!-- Test method: test_manual_page_example_1() -->
565
508
      <para>
566
509
        To list all clients:
567
510
      </para>
571
514
    </informalexample>
572
515
    
573
516
    <informalexample>
574
 
      <!-- Test method: test_manual_page_example_2() -->
575
517
      <para>
576
518
        To list <emphasis>all</emphasis> settings for the clients
577
519
        named <quote>foo1.example.org</quote> and <quote
586
528
    </informalexample>
587
529
    
588
530
    <informalexample>
589
 
      <!-- Test method: test_manual_page_example_3() -->
590
531
      <para>
591
532
        To enable all clients:
592
533
      </para>
596
537
    </informalexample>
597
538
    
598
539
    <informalexample>
599
 
      <!-- Test method: test_manual_page_example_4() -->
600
540
      <para>
601
541
        To change timeout and interval value for the clients
602
542
        named <quote>foo1.example.org</quote> and <quote
605
545
      <para>
606
546
 
607
547
<!-- do not wrap this line -->
608
 
<userinput>&COMMANDNAME; --timeout=PT5M --interval=PT1M foo1.example.org foo2.example.org</userinput>
 
548
<userinput>&COMMANDNAME; --timeout="5m" --interval="1m" foo1.example.org foo2.example.org</userinput>
609
549
 
610
550
      </para>
611
551
    </informalexample>
612
552
    
613
553
    <informalexample>
614
 
      <!-- Test method: test_manual_page_example_5() -->
615
554
      <para>
616
 
        To approve all clients currently waiting for approval:
 
555
        To approve all clients currently waiting for it:
617
556
      </para>
618
557
      <para>
619
558
        <userinput>&COMMANDNAME; --approve --all</userinput>