/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk
36 by Teddy Hogeborn
* TODO: Converted to org-mode style 
1
 
-*- org -*-

2
 







24.1.87
by Björn Påhlsson


added some comments about security



3



* README file










4



  Note that if someone takes all machines, then all systems will be encrypted and all they have is some 










5



  unusable key material.








44
by Teddy Hogeborn


* ca.pem: Removed.



6










87
by Teddy Hogeborn


* Makefile: Bug fix: fixed creation of man pages in "plugins.d".



7



* plugin-runner








47
by Teddy Hogeborn


* plugbasedclient.c: Renamed to "mandos-client.c".  All users changed.



8










87
by Teddy Hogeborn


* Makefile: Bug fix: fixed creation of man pages in "plugins.d".



9



* password-request










10



** [#B] Temporarily lower kernel log level










11



   for less printouts during sucessfull boot.








44
by Teddy Hogeborn


* ca.pem: Removed.



12



** IPv4 support








36
by Teddy Hogeborn


* TODO: Converted to org-mode style



13



** use strsep instead of strtok?








73
by Teddy Hogeborn


* Makefile (COVERAGE): Change back to "--coverage".



14



** Do not depend on GnuPG key rings on disk










15



   This would mean creating new GnuPG key rings with GPGME by










16



   importing the key files from scratch on every program start.








88
by Teddy Hogeborn


No code or documentation changes.



17



** Keydir move: /etc/mandos -> /etc/keys/mandos










18



   Must create in preinst if not pre-depending on cryptsetup








47
by Teddy Hogeborn


* plugbasedclient.c: Renamed to "mandos-client.c".  All users changed.



19










87
by Teddy Hogeborn


* Makefile: Bug fix: fixed creation of man pages in "plugins.d".



20



* password-prompt








36
by Teddy Hogeborn


* TODO: Converted to org-mode style



21










87
by Teddy Hogeborn


* Makefile: Bug fix: fixed creation of man pages in "plugins.d".



22



* mandos (server)








53
by Teddy Hogeborn


Merge.



23



** [#A] /etc/init.d/mandos-server		:teddy:








85
by Teddy Hogeborn


* mandos.xml (SYNOPSIS): Removed unnecessary 'choice="opt"' from <arg>



24



** [#B] Log level				:bugs:








44
by Teddy Hogeborn


* ca.pem: Removed.



25



** /etc/mandos/clients.d/*.conf










26



   Watch this directory and add/remove/update clients?










27



** config for TXT record








85
by Teddy Hogeborn


* mandos.xml (SYNOPSIS): Removed unnecessary 'choice="opt"' from <arg>



28



** [#B] Run-time communication with server	:bugs:








53
by Teddy Hogeborn


Merge.



29



   Probably using D-Bus










30



   See also [[*Mandos-tools]]








85
by Teddy Hogeborn


* mandos.xml (SYNOPSIS): Removed unnecessary 'choice="opt"' from <arg>



31



** Implement --foreground			:bugs:








47
by Teddy Hogeborn


* plugbasedclient.c: Renamed to "mandos-client.c".  All users changed.



32



   [[info:standards:Option%20Table][Table of Long Options]]










33



** Implement --socket










34



   [[info:standards:Option%20Table][Table of Long Options]]








85
by Teddy Hogeborn


* mandos.xml (SYNOPSIS): Removed unnecessary 'choice="opt"' from <arg>



35



** Date+time on console log messages		:bugs:








64
by Teddy Hogeborn


* mandos-client.c (print_out_password): Strip trailing '\n'.



36



   Is this the default?








24.1.87
by Björn Påhlsson


added some comments about security



37



** delete hook when clients fall out by timeout








36
by Teddy Hogeborn


* TODO: Converted to org-mode style



38












39



* Mandos-tools/utilities










40



  All of this probably using D-Bus










41



** List clients








53
by Teddy Hogeborn


Merge.



42



** Disable client








36
by Teddy Hogeborn


* TODO: Converted to org-mode style



43



** Enable client








24.1.83
by Björn Påhlsson


removed old/unspecified todo's



44



** Reboot timer








36
by Teddy Hogeborn


* TODO: Converted to org-mode style



45










111
by Teddy Hogeborn


* mandos-clients.conf.xml (ENTITY TIMESTAMP): New.  Automatically



46



* Man pages










47



** Use xinclude for common sections








131
by Teddy Hogeborn


* Makefile: Make all DocBook rules include legalnotice.xml as a



48



   Like authors, etc.








111
by Teddy Hogeborn


* mandos-clients.conf.xml (ENTITY TIMESTAMP): New.  Automatically



49










109
by Teddy Hogeborn


* .bzrignore: New.



50










36
by Teddy Hogeborn


* TODO: Converted to org-mode style



51



* Installer








88
by Teddy Hogeborn


No code or documentation changes.



52



** Client-side








67
by Teddy Hogeborn


* mandos-keygen: New program to generate new client keys on



53



*** Update initrd.img after installation








86
by Teddy Hogeborn


* mandos-keygen.xml: Removed <?xml-stylesheet>.  New entity



54



    This seems to use some kind of "trigger" system








109
by Teddy Hogeborn


* .bzrignore: New.



55



    [[file:/usr/share/doc/dpkg/triggers.txt.gz]]










56



    dpkg-trigger(1), deb-triggers(5)








88
by Teddy Hogeborn


No code or documentation changes.



57



*** Keydir move: /etc/mandos -> /etc/keys/mandos










58



    Must create in preinst if not pre-depending on cryptsetup










59



*** mandos-keygen








106
by Teddy Hogeborn


* mandos-clients.conf.xml (DESCRIPTION): Do not imply that this is the



60



**** "--passfile" option










61



     Using the "secfile" option instead of "secret"








97
by Teddy Hogeborn


* mandos-keygen: Bug fix: Recognize new options --subtype and



62



**** [#A] "--test" option










63



     For testing decryption before rebooting.








88
by Teddy Hogeborn


No code or documentation changes.



64



** Server-side








67
by Teddy Hogeborn


* mandos-keygen: New program to generate new client keys on



65



*** [#A] Create mandos user and group for server










66



*** [#A] Create /var/run/mandos directory with perm and ownership










67










57
by Teddy Hogeborn


* mandos (version): New variable.



68



* [#A] Package








67
by Teddy Hogeborn


* mandos-keygen: New program to generate new client keys on



69



** /usr/share/initramfs-tools/hooks/mandos








82
by Teddy Hogeborn


* mandos-keygen.xml (NOTES): Removed section, since it is



70



*** Do not install in initrd.img if configured not to.








67
by Teddy Hogeborn


* mandos-keygen: New program to generate new client keys on



71



    Use "/etc/initramfs-tools/conf.d/mandos"?  Definitely a debconf










72



    question.








55
by Teddy Hogeborn


* TODO: More notes.



73



** /etc/bash_completion.d/mandos








88
by Teddy Hogeborn


No code or documentation changes.



74



   From XML sources directly?








61
by Teddy Hogeborn


* mandos (console): Define handler globally.



75



** unperish










76



** bzr-builddeb








55
by Teddy Hogeborn


* TODO: More notes.



77










24.1.30
by Björn Påhlsson


Added more stuff to do



78



* INSTALL file










79










56
by Teddy Hogeborn


Resolving merge commit.



80



* Web site








24.1.30
by Björn Påhlsson


Added more stuff to do



81












82



* Mailing list










83












84



* Announce project on news








56
by Teddy Hogeborn


Resolving merge commit.



85



  [[news:comp.os.linux.announce]]








24.1.30
by Björn Påhlsson


Added more stuff to do



86










36
by Teddy Hogeborn


* TODO: Converted to org-mode style



87














88



#+STARTUP: showall