/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.xml

  • Committer: Björn Påhlsson
  • Date: 2011-06-23 22:27:15 UTC
  • mto: (237.7.33 trunk)
  • mto: This revision was merged to the branch mainline in revision 284.
  • Revision ID: belorn@fukt.bsnet.se-20110623222715-q5wro9ma9iyjl367
* Makefile (CFLAGS): Added "-lrt" to include real time library.
* plugins.d/mandos-client.c: use scandir(3) instead of readdir(3)
                             Prefix all debug output with "Mandos plugin " + program_invocation_short_name
                             Retry servers that failed to provide password.
                             New option --retry SECONDS that sets the interval between rechecking.
                             --retry also controls how often it retries a server when using --connect.
* plugins.d/splashy.c:  Prefix all debug output with "Mandos plugin " + program_invocation_short_name
* plugins.d/usplash.c: --||--
* plugins.d/askpass-fifo.c: --||--
* plugins.d/password-prompt.c: --||--
* plugins.d/plymouth.c: --||--
* mandos: Lower logger level from warning to info on failed client requests because client was disabled or unknown fingerprint.
* plugins.d/plymouth.c (get_pid): bug fix. Was not calling free on direntries. 

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-client">
5
 
<!ENTITY TIMESTAMP "2009-01-24">
 
5
<!ENTITY TIMESTAMP "2010-09-26">
6
6
<!ENTITY % common SYSTEM "../common.ent">
7
7
%common;
8
8
]>
93
93
      </arg>
94
94
      <sbr/>
95
95
      <arg>
 
96
        <option>--delay <replaceable>SECONDS</replaceable></option>
 
97
      </arg>
 
98
      <sbr/>
 
99
      <arg>
 
100
        <option>--retry <replaceable>SECONDS</replaceable></option>
 
101
      </arg>
 
102
      <sbr/>
 
103
      <arg>
96
104
        <option>--debug</option>
97
105
      </arg>
98
106
    </cmdsynopsis>
191
199
      </varlistentry>
192
200
      
193
201
      <varlistentry>
194
 
        <term><option>--interface=
195
 
        <replaceable>NAME</replaceable></option></term>
 
202
        <term><option>--interface=<replaceable
 
203
        >NAME</replaceable></option></term>
196
204
        <term><option>-i
197
205
        <replaceable>NAME</replaceable></option></term>
198
206
        <listitem>
199
207
          <para>
200
208
            Network interface that will be brought up and scanned for
201
 
            Mandos servers to connect to.  The default it
202
 
            <quote><literal>eth0</literal></quote>.
 
209
            Mandos servers to connect to.  The default is the empty
 
210
            string, which will automatically choose an appropriate
 
211
            interface.
203
212
          </para>
204
213
          <para>
205
214
            If the <option>--connect</option> option is used, this
215
224
            until much later in the boot process, and can not be used
216
225
            by this program.
217
226
          </para>
 
227
          <para>
 
228
            <replaceable>NAME</replaceable> can be the string
 
229
            <quote><literal>none</literal></quote>; this will not use
 
230
            any specific interface, and will not bring up an interface
 
231
            on startup.  This is not recommended, and only meant for
 
232
            advanced users.
 
233
          </para>
218
234
        </listitem>
219
235
      </varlistentry>
220
236
      
265
281
          </para>
266
282
        </listitem>
267
283
      </varlistentry>
 
284
 
 
285
      <varlistentry>
 
286
        <term><option>--delay=<replaceable
 
287
        >SECONDS</replaceable></option></term>
 
288
        <listitem>
 
289
          <para>
 
290
            After bringing the network interface up, the program waits
 
291
            for the interface to arrive in a <quote>running</quote>
 
292
            state before proceeding.  During this time, the kernel log
 
293
            level will be lowered to reduce clutter on the system
 
294
            console, alleviating any other plugins which might be
 
295
            using the system console.  This option sets the upper
 
296
            limit of seconds to wait.  The default is 2.5 seconds.
 
297
          </para>
 
298
        </listitem>
 
299
      </varlistentry>
 
300
 
 
301
      <varlistentry>
 
302
        <term><option>--retry=<replaceable
 
303
        >SECONDS</replaceable></option></term>
 
304
        <listitem>
 
305
          <para>
 
306
            All Mandos servers servers are tried repeatedly until a
 
307
            password is received.  This value specifies, in seconds,
 
308
            how long between each successive try <emphasis>for the
 
309
            same server</emphasis>.  The default is 10 seconds.
 
310
          </para>
 
311
        </listitem>
 
312
      </varlistentry>
268
313
      
269
314
      <varlistentry>
270
315
        <term><option>--debug</option></term>
426
471
    <informalexample>
427
472
      <para>
428
473
        Run in debug mode, with a custom key, and do not use Zeroconf
429
 
        to locate a server; connect directly to the IPv6 address
430
 
        <quote><systemitem class="ipaddress"
431
 
        >2001:db8:f983:bd0b:30de:ae4a:71f2:f672</systemitem></quote>,
432
 
        port 4711, using interface eth2:
 
474
        to locate a server; connect directly to the IPv6 link-local
 
475
        address <quote><systemitem class="ipaddress"
 
476
        >fe80::aede:48ff:fe71:f6f2</systemitem></quote>, port 4711,
 
477
        using interface eth2:
433
478
      </para>
434
479
      <para>
435
480
 
436
481
<!-- do not wrap this line -->
437
 
<userinput>&COMMANDNAME; --debug --pubkey keydir/pubkey.txt --seckey keydir/seckey.txt --connect 2001:db8:f983:bd0b:30de:ae4a:71f2:f672:4711 --interface eth2</userinput>
 
482
<userinput>&COMMANDNAME; --debug --pubkey keydir/pubkey.txt --seckey keydir/seckey.txt --connect fe80::aede:48ff:fe71:f6f2:4711 --interface eth2</userinput>
438
483
 
439
484
      </para>
440
485
    </informalexample>