4
** TODO [#C] IPv4 support
7
** TODO [#B] use scandir(3) instead of readdir(3)
6
** [#B] Temporarily lower kernel log level
7
for less printouts during sucessfull boot.
9
** use strsep instead of strtok?
10
** Do not depend on GnuPG key rings on disk
11
This would mean creating new GnuPG key rings with GPGME by
12
importing the key files from scratch on every program start.
13
** Keydir move: /etc/mandos -> /etc/keys/mandos
14
Must create in preinst if not pre-depending on cryptsetup
10
** TODO [#B] Log level :bugs:
11
** TODO /etc/mandos/clients.d/*.conf
19
** [#A] /etc/init.d/mandos-server :teddy:
20
** [#B] Log level :bugs:
21
** /etc/mandos/clients.d/*.conf
12
22
Watch this directory and add/remove/update clients?
13
** TODO config for TXT record
14
** TODO [#B] Run-time communication with server :bugs:
23
** config for TXT record
24
** [#B] Run-time communication with server :bugs:
15
25
Probably using D-Bus
16
26
See also [[*Mandos-tools]]
20
syslogger.setLevel(logging.WARNING)
22
+ [[http://log.ometer.com/2007-05.html][Best D-Bus practices]]
23
** TODO Implement --foreground :bugs:
24
[[info:standards:Option%20Table][Table of Long Options]]
25
** TODO Implement --socket
26
[[info:standards:Option%20Table][Table of Long Options]]
27
** TODO Date+time on console log messages :bugs:
27
** Implement --foreground :bugs:
28
[[info:standards:Option%20Table][Table of Long Options]]
30
[[info:standards:Option%20Table][Table of Long Options]]
31
** Date+time on console log messages :bugs:
28
32
Is this the default?
29
** TODO delete hook when clients fall out by timeout
30
This will not be strictly necessary when the D-Bus interface is
34
** [[file:mandos.xml::XXX][Document D-Bus interface]]
36
* Provide and install /etc/dbus-1/system.d/mandos.conf
39
*** Handle "no D-Bus server" and/or "no Mandos server found" better
40
*** [#B] --dump option
45
** TODO Loop until passwords match when run interactively
46
** TODO "--secfile" option
47
Using the "secfile" option instead of "secret"
48
** TODO [#B] "--test" option
49
For testing decryption before rebooting.
33
** delete hook when clients fall out by timeout
35
* Mandos-tools/utilities
36
All of this probably using D-Bus
43
** Use xinclude for common sections
49
*** Update initrd.img after installation
50
This seems to use some kind of "trigger" system
51
[[file:/usr/share/doc/dpkg/triggers.txt.gz]]
52
dpkg-trigger(1), deb-triggers(5)
53
*** Keydir move: /etc/mandos -> /etc/keys/mandos
54
Must create in preinst if not pre-depending on cryptsetup
56
**** "--passfile" option
57
Using the "secfile" option instead of "secret"
58
**** [#A] "--test" option
59
For testing decryption before rebooting.
61
*** [#A] Create mandos user and group for server
62
*** [#A] Create /var/run/mandos directory with perm and ownership
52
65
** /usr/share/initramfs-tools/hooks/mandos
53
*** TODO [#C] Do not install in initrd.img if configured not to.
66
*** Do not install in initrd.img if configured not to.
54
67
Use "/etc/initramfs-tools/conf.d/mandos"? Definitely a debconf
56
** TODO [#C] /etc/bash_completion.d/mandos
69
** /etc/bash_completion.d/mandos
57
70
From XML sources directly?
58
** TODO initramfs-tools-script :test:
59
Do not insert plugin-runner as keyscript if a kernel parameter
60
"mandos=off" is passed.
80
* Announce project on news
81
[[news:comp.os.linux.announce]]