bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
| 423
by Teddy Hogeborn Documentation changes: | 1 | -*- mode: org; coding: utf-8 -*- | 
| 2 | ||
| 3 | Mandos Server D-Bus Interface | |
| 4 | ||
| 5 | This file documents the D-Bus interface to the Mandos server. | |
| 6 | ||
| 7 | * Bus: System bus | |
| 24.1.186
by Björn Påhlsson transitional stuff actually working | 8 | Bus name: "se.recompile.Mandos" | 
| 423
by Teddy Hogeborn Documentation changes: | 9 | |
| 10 | ||
| 11 | * Object Paths: | |
| 12 |   
 | |
| 13 | | Path | Object | | |
| 14 | |-----------------------+-------------------| | |
| 15 | | "/" | The Mandos Server | | |
| 785
by Teddy Hogeborn Support the standard org.freedesktop.DBus.ObjectManager interface. | 16 | |
| 17 | (To get a list of paths to client objects, use the standard D-Bus | |
| 18 | org.freedesktop.DBus.ObjectManager interface, which the server | |
| 19 | object supports.) | |
| 20 | ||
| 21 | ||
| 423
by Teddy Hogeborn Documentation changes: | 22 | * Mandos Server Interface: | 
| 24.1.186
by Björn Påhlsson transitional stuff actually working | 23 | Interface name: "se.recompile.Mandos" | 
| 423
by Teddy Hogeborn Documentation changes: | 24 |   
 | 
| 25 | ** Methods: | |
| 26 | *** RemoveClient(o: ObjectPath) → nothing | |
| 27 | Removes a client | |
| 28 |    
 | |
| 29 | ** Signals: | |
| 30 | *** ClientNotFound(s: Fingerprint, s: Address) | |
| 31 | A client connected from Address using Fingerprint, but was | |
| 32 | rejected because it was not found in the server. The fingerprint | |
| 33 | is represented as a string of hexadecimal digits. The address is | |
| 34 | an IPv4 or IPv6 address in its normal string format. | |
| 35 | ||
| 36 | ||
| 37 | * Mandos Client Interface: | |
| 24.1.186
by Björn Påhlsson transitional stuff actually working | 38 | Interface name: "se.recompile.Mandos.Client" | 
| 423
by Teddy Hogeborn Documentation changes: | 39 |   
 | 
| 40 | ** Methods | |
| 41 | *** Approve(b: Approve) → nothing | |
| 42 | Approve or deny a connected client waiting for approval. If | |
| 43 | denied, a client will not be sent its secret. | |
| 44 |     
 | |
| 45 | *** CheckedOK() → nothing | |
| 46 | Assert that this client has been checked and found to be alive. | |
| 47 | This will restart the timeout before disabling this client. See | |
| 48 | also the "LastCheckedOK" property. | |
| 49 | ||
| 50 | ** Properties | |
| 51 |    
 | |
| 52 | Note: Many of these properties directly correspond to a setting in | |
| 53 | "clients.conf", in which case they are fully documented in | |
| 54 | mandos-clients.conf(5). | |
| 55 |    
 | |
| 442
by Teddy Hogeborn * DBUS-API: Document new "LastApprovalRequest" client property. | 56 | | Name | Type | Access | clients.conf | | 
| 57 | |-------------------------+------+------------+---------------------| | |
| 58 | | ApprovedByDefault | b | Read/Write | approved_by_default | | |
| 59 | | ApprovalDelay (a) | t | Read/Write | approval_delay | | |
| 60 | | ApprovalDuration (a) | t | Read/Write | approval_duration | | |
| 61 | | ApprovalPending (b) | b | Read | N/A | | |
| 62 | | Checker | s | Read/Write | checker | | |
| 63 | | CheckerRunning (c) | b | Read/Write | N/A | | |
| 64 | | Created (d) | s | Read | N/A | | |
| 65 | | Enabled (e) | b | Read/Write | N/A | | |
| 24.1.179
by Björn Påhlsson New feature: | 66 | | Expires (f) | s | Read | N/A | | 
| 497
by Teddy Hogeborn * DBUS-API: Document new "Expires" and "ExtendedTimeout" properties. | 67 | | ExtendedTimeout (a) | t | Read/Write | extended_timeout | | 
| 442
by Teddy Hogeborn * DBUS-API: Document new "LastApprovalRequest" client property. | 68 | | Fingerprint | s | Read | fingerprint | | 
| 69 | | Host | s | Read/Write | host | | |
| 70 | | Interval (a) | t | Read/Write | interval | | |
| 24.1.179
by Björn Påhlsson New feature: | 71 | | LastApprovalRequest (g) | s | Read | N/A | | 
| 72 | | LastCheckedOK (h) | s | Read/Write | N/A | | |
| 556
by Teddy Hogeborn * DBUS-API (se.recompile.Mandos.Client.LastCheckerStatus): New | 73 | | LastCheckerStatus (i) | n | Read | N/A | | 
| 74 | | LastEnabled (j) | s | Read | N/A | | |
| 442
by Teddy Hogeborn * DBUS-API: Document new "LastApprovalRequest" client property. | 75 | | Name | s | Read | (Section name) | | 
| 556
by Teddy Hogeborn * DBUS-API (se.recompile.Mandos.Client.LastCheckerStatus): New | 76 | | Secret (k) | ay | Write | secret (or secfile) | | 
| 442
by Teddy Hogeborn * DBUS-API: Document new "LastApprovalRequest" client property. | 77 | | Timeout (a) | t | Read/Write | timeout | | 
| 423
by Teddy Hogeborn Documentation changes: | 78 |    
 | 
| 79 | a) Represented as milliseconds. | |
| 80 |    
 | |
| 81 | b) An approval is currently pending. | |
| 82 |    
 | |
| 781
by Teddy Hogeborn Deprecate some D-Bus methods in favor of D-Bus properties. | 83 | c) Changing this property can either start a new checker or abort a | 
| 84 | running one. | |
| 423
by Teddy Hogeborn Documentation changes: | 85 |    
 | 
| 477
by Teddy Hogeborn * DBUS-API: Fix grammar. | 86 | d) The creation time of this client object, as an RFC 3339 string. | 
| 423
by Teddy Hogeborn Documentation changes: | 87 |    
 | 
| 781
by Teddy Hogeborn Deprecate some D-Bus methods in favor of D-Bus properties. | 88 | e) Changing this property enables or disables a client. | 
| 423
by Teddy Hogeborn Documentation changes: | 89 |    
 | 
| 24.1.179
by Björn Påhlsson New feature: | 90 | f) The date and time this client will be disabled, as an RFC 3339 | 
| 518.2.3
by Teddy Hogeborn Make "enabled" a client config option. | 91 | string, or an empty string if this is not scheduled. | 
| 24.1.179
by Björn Påhlsson New feature: | 92 |    
 | 
| 497
by Teddy Hogeborn * DBUS-API: Document new "Expires" and "ExtendedTimeout" properties. | 93 | g) The date and time of the last approval request, as an RFC 3339 | 
| 94 | string, or an empty string if this has not happened. | |
| 95 |    
 | |
| 96 | h) The date and time a checker was last successful, as an RFC 3339 | |
| 97 | string, or an empty string if this has not happened. Setting | |
| 98 | this property is equivalent to calling CheckedOK(), i.e. the | |
| 99 | current time is set, regardless of the string sent. Please | |
| 100 | always use an empty string when setting this property, to allow | |
| 101 | for possible future expansion. | |
| 102 |    
 | |
| 556
by Teddy Hogeborn * DBUS-API (se.recompile.Mandos.Client.LastCheckerStatus): New | 103 | i) The exit status of the last checker, -1 if it did not exit | 
| 104 | cleanly, -2 if a checker has not yet returned. | |
| 105 |    
 | |
| 106 | j) The date and time this client was last enabled, as an RFC 3339 | |
| 497
by Teddy Hogeborn * DBUS-API: Document new "Expires" and "ExtendedTimeout" properties. | 107 | string, or an empty string if this has not happened. | 
| 423
by Teddy Hogeborn Documentation changes: | 108 |    
 | 
| 556
by Teddy Hogeborn * DBUS-API (se.recompile.Mandos.Client.LastCheckerStatus): New | 109 | k) A raw byte array, not hexadecimal digits. | 
| 423
by Teddy Hogeborn Documentation changes: | 110 | |
| 111 | ** Signals | |
| 783
by Teddy Hogeborn Revert change to D-Bus API. | 112 | *** CheckerCompleted(n: Exitcode, x: Waitstatus, s: Command) | 
| 423
by Teddy Hogeborn Documentation changes: | 113 | A checker (Command) has completed. Exitcode is either the exit | 
| 783
by Teddy Hogeborn Revert change to D-Bus API. | 114 | code or -1 for abnormal exit. In any case, the full Waitstatus | 
| 115 | (as from wait(2)) is also available. | |
| 423
by Teddy Hogeborn Documentation changes: | 116 |     
 | 
| 117 | *** CheckerStarted(s: Command) | |
| 118 | A checker command (Command) has just been started. | |
| 119 |     
 | |
| 120 | *** GotSecret() | |
| 121 | This client has been sent its secret. | |
| 122 |     
 | |
| 123 | *** NeedApproval(t: Timeout, b: ApprovedByDefault) | |
| 124 | This client will be approved or denied in exactly Timeout | |
| 125 | milliseconds, depending on ApprovedByDefault. Approve() can now | |
| 126 | usefully be called on this client object. | |
| 477
by Teddy Hogeborn * DBUS-API: Fix grammar. | 127 |     
 | 
| 423
by Teddy Hogeborn Documentation changes: | 128 | *** Rejected(s: Reason) | 
| 129 | This client was not given its secret for a specified Reason. | |
| 130 | ||
| 444
by Teddy Hogeborn Update copyright year to "2010" wherever appropriate. | 131 | * Copyright | 
| 132 | ||
| 749.1.1
by Teddy Hogeborn mandos: Use multiprocessing module to run checkers. | 133 | Copyright © 2010-2015 Teddy Hogeborn | 
| 134 | Copyright © 2010-2015 Björn Påhlsson | |
| 444
by Teddy Hogeborn Update copyright year to "2010" wherever appropriate. | 135 |   
 | 
| 136 | ** License: | |
| 137 |    
 | |
| 138 | This program is free software: you can redistribute it and/or | |
| 139 | modify it under the terms of the GNU General Public License as | |
| 140 | published by the Free Software Foundation, either version 3 of the | |
| 141 | License, or (at your option) any later version. | |
| 142 | ||
| 143 | This program is distributed in the hope that it will be useful, but | |
| 144 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 145 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
| 146 | General Public License for more details. | |
| 147 | ||
| 148 | You should have received a copy of the GNU General Public License | |
| 149 | along with this program. If not, see | |
| 150 | <http://www.gnu.org/licenses/>. | |
| 151 | ||
| 423
by Teddy Hogeborn Documentation changes: | 152 | |
| 153 | #+STARTUP: showall |