/mandos/release : revision 266

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2009-10-21 22:48:02 UTC
Revision ID: teddy@fukt.bsnet.se-20091021224802-v7nijr97tq3h7kep

* initramfs-tools-hook: Only copy needed file; avoid copying Mandos
server config files.

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

NEWS

README

common.ent

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

mandos-ctl

mandos.lsm

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files removed:
plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-09-01">

<!ENTITY TIMESTAMP "2009-09-17">

<!ENTITY % common SYSTEM "common.ent">

%common;

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<productnumber>&version;</productnumber>

<date>&TIMESTAMP;</date>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<xi:include href="legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

Gives encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<replaceable>DIRECTORY</replaceable></option></arg>

<sbr/>

<arg><option>--debug</option></arg>

<sbr/>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

100

104

<arg choice="plain"><option>--check</option></arg>

101

105

</cmdsynopsis>

102

106

</refsynopsisdiv>

103

107

104

108

105

109

<title>DESCRIPTION</title>

106

110

<para>

115

119

Any authenticated client is then given the stored pre-encrypted

116

120

password for that specific client.

117

121

</para>

118

119

122

</refsect1>

120

123

121

124

122

125

<title>PURPOSE</title>

123

124

126

<para>

125

127

The purpose of this is to enable <emphasis>remote and unattended

126

128

rebooting</emphasis> of client host computer with an

127

129

<emphasis>encrypted root file system</emphasis>. See <xref

128

130

linkend="overview"/> for details.

129

131

</para>

130

131

132

</refsect1>

132

133

134

134

135

<title>OPTIONS</title>

135

136

137

138

190

<xi:include href="mandos-options.xml" xpointer="debug"/>

191

</listitem>

192

</varlistentry>

193

194

195

<term><option>--priority <replaceable>

196

PRIORITY</replaceable></option></term>

198

<xi:include href="mandos-options.xml" xpointer="priority"/>

199

</listitem>

200

</varlistentry>

201

202

203

<term><option>--servicename

204

207

xpointer="servicename"/>

208

</listitem>

209

</varlistentry>

210

211

212

<term><option>--configdir

213

<replaceable>DIRECTORY</replaceable></option></term>

222

</para>

223

</listitem>

224

</varlistentry>

225

226

227

<term><option>--version</option></term>

228

231

</para>

232

</listitem>

233

</varlistentry>

234

235

236

237

238

<xi:include href="mandos-options.xml" xpointer="ipv6"/>

239

</listitem>

240

</varlistentry>

234

241

</variablelist>

235

242

</refsect1>

236

243

237

244

238

245

<title>OVERVIEW</title>

239

246

<xi:include href="overview.xml"/>

243

250

<acronym>RAM</acronym> disk environment.

244

251

</para>

245

252

</refsect1>

246

253

247

254

248

255

<title>NETWORK PROTOCOL</title>

249

256

<para>

301

308

</row>

302

309

</tbody></tgroup></table>

303

310

</refsect1>

304

311

305

312

306

313

<title>CHECKING</title>

307

314

<para>

308

315

The server will, by default, continually check that the clients

309

316

are still up. If a client has not been confirmed as being up

310

317

for some time, the client is assumed to be compromised and is no

311

longer eligible to receive the encrypted password. The timeout,

318

longer eligible to receive the encrypted password. (Manual

319

intervention is required to re-enable a client.) The timeout,

312

320

checker program, and interval between checks can be configured

313

321

both globally and per client; see <citerefentry>

314

322

<refentrytitle>mandos-clients.conf</refentrytitle>

315

<manvolnum>5</manvolnum></citerefentry>.

323

<manvolnum>5</manvolnum></citerefentry>. A client successfully

324

receiving its password will also be treated as a successful

325

checker run.

316

326

</para>

317

327

</refsect1>

318

328

319

329

320

330

<title>LOGGING</title>

321

331

<para>

325

335

and also show them on the console.

326

336

</para>

327

337

</refsect1>

328

338

329

339

330

340

<title>EXIT STATUS</title>

331

341

<para>

333

343

critical error is encountered.

334

344

</para>

335

345

</refsect1>

336

346

337

347

338

348

<title>ENVIRONMENT</title>

339

349

353

363

</varlistentry>

354

364

</variablelist>

355

365

</refsect1>

356

357

366

367

358

368

<title>FILES</title>

359

369

<para>

360

370

Use the <option>--configdir</option> option to change where

383

393

</listitem>

384

394

</varlistentry>

385

395

386

<term><filename>/var/run/mandos/mandos.pid</filename></term>

396

<term><filename>/var/run/mandos.pid</filename></term>

387

397

388

398

<para>

389

399

The file containing the process id of

424

434

Currently, if a client is declared <quote>invalid</quote> due to

425

435

having timed out, the server does not record this fact onto

426

436

permanent storage. This has some security implications, see

427

<xref linkend="CLIENTS"/>.

437

<xref linkend="clients"/>.

428

438

</para>

429

439

<para>

430

440

There is currently no way of querying the server of the current

438

448

Debug mode is conflated with running in the foreground.

439

449

</para>

440

450

<para>

441

The console log messages does not show a timestamp.

451

The console log messages do not show a time stamp.

452

</para>

453

<para>

454

This server does not check the expire time of clients’ OpenPGP

455

keys.

442

456

</para>

443

457

</refsect1>

444

458

479

493

</para>

480

494

</informalexample>

481

495

</refsect1>

482

496

483

497

484

498

<title>SECURITY</title>

485

499

486

500

<title>SERVER</title>

487

501

<para>

488

502

Running this <command>&COMMANDNAME;</command> server program

489

503

should not in itself present any security risk to the host

490

computer running it. The program does not need any special

491

privileges to run, and is designed to run as a non-root user.

504

computer running it. The program switches to a non-root user

505

soon after startup.

492

506

</para>

493

507

</refsect2>

494

508

495

509

<title>CLIENTS</title>

496

510

<para>

497

511

The server only gives out its stored data to clients which

504

518

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

505

519

<manvolnum>5</manvolnum></citerefentry>)

506

520

<emphasis>must</emphasis> be made non-readable by anyone

507

except the user running the server.

521

except the user starting the server (usually root).

508

522

</para>

509

523

<para>

510

524

As detailed in <xref linkend="checking"/>, the status of all

529

543

</para>

530

544

<para>

531

545

For more details on client-side security, see

532

<citerefentry><refentrytitle>password-request</refentrytitle>

546

<citerefentry><refentrytitle>mandos-client</refentrytitle>

533

547

<manvolnum>8mandos</manvolnum></citerefentry>.

534

548

</para>

535

549

</refsect2>

536

550

</refsect1>

537

551

538

552

539

553

540

554

<para>

543

557

544

558

<refentrytitle>mandos.conf</refentrytitle>

545

559

546

<refentrytitle>password-request</refentrytitle>

560

<refentrytitle>mandos-client</refentrytitle>

547

561

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

548

562

549

563

</citerefentry>

Older »