Mandos Manual

=== modified file 'Makefile' --- Makefile 2010-09-14 18:22:03 +0000 +++ Makefile 2010-09-21 19:16:41 +0000 @@ -88,7 +88,7 @@ CPROGS=plugin-runner $(PLUGINS) PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS) DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \ - mandos-monitor.8 \ + mandos-monitor.8 mandos-ctl.8 \ plugins.d/mandos-client.8mandos \ plugins.d/password-prompt.8mandos mandos.conf.5 \ plugins.d/usplash.8mandos plugins.d/splashy.8mandos \ @@ -140,6 +140,13 @@ legalnotice.xml $(DOCBOOKTOHTML) +mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \ + legalnotice.xml + $(DOCBOOKTOMAN) +mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \ + legalnotice.xml + $(DOCBOOKTOHTML) + mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \ legalnotice.xml $(DOCBOOKTOMAN) === modified file 'TODO' --- TODO 2010-09-15 17:17:46 +0000 +++ TODO 2010-09-21 19:16:41 +0000 @@ -3,7 +3,8 @@ * Use _attribute_((nonnull)) wherever possible. * Release critical -** plymouth.8mandos +** mandos-ctl.xml +*** More examples * mandos-client ** TODO [#B] use scandir(3) instead of readdir(3) === added file 'mandos-ctl.xml' --- mandos-ctl.xml 1970-01-01 00:00:00 +0000 +++ mandos-ctl.xml 2010-09-21 19:16:41 +0000 @@ -0,0 +1,471 @@ + + + + +%common; +]> + + + + Mandos Manual + + Mandos + &version; + &TIMESTAMP; + + + Björn + Påhlsson +

+ belorn@fukt.bsnet.se +

+ + + Teddy + Hogeborn +

+ teddy@fukt.bsnet.se +

+ + + + 2010 + Teddy Hogeborn + Björn Påhlsson + + + + + + &COMMANDNAME; + 8 + + + + &COMMANDNAME; + + Control the operation of the Mandos server + + + + + + &COMMANDNAME; + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + CLIENT + + + + + &COMMANDNAME; + + + + + + + CLIENT + + + + + &COMMANDNAME; + + + + + CLIENT + + + &COMMANDNAME; + + + + + + + &COMMANDNAME; + + + + + + + + + DESCRIPTION + + &COMMANDNAME; is a program to control the + operation of the Mandos server mandos8. + + + This program can be used to change client settings, approve or + deny client requests, and to remove clients from the server. + + + + + PURPOSE + + The purpose of this is to enable remote and unattended + rebooting of client host computer with an + encrypted root file system. See for details. + + + + + OPTIONS + + + + + + + + Show a help message and exit + + + + + + + + + + Enable client(s). An enabled client will be eligble to + receive its secret. + + + + + + + + + + Disable client(s). A disabled client will not be eligble + to receive its secret, and no checkers will be started for + it. + + + + + + + + + Bump the timeout of the specified client(s), just as if a + checker had completed successfully for it/them. + + + + + + + + + Start a new checker now for the specified client(s). + + + + + + + + + Stop any running checker for the specified client(s). + + + + + + + + + + Remove the specified client(s) from the server. + + + + + + + + + + Set the checker option of the specified + client(s); see mandos-client.conf5. + + + + + + + + + + Set the timeout option of the specified + client(s); see mandos-client.conf5. + + + + + + + + + + Set the interval option of the specified + client(s); see mandos-client.conf5. + + + + + + + + + + Set the host option of the specified + client(s); see mandos-client.conf5. + + + + + + + + + + Set the secfile option of the specified + client(s); see mandos-client.conf5. + + + + + + + + + + Approve client(s) if currently waiting for approval. + + + + + + + + + + Deny client(s) if currently waiting for approval. + + + + + + + + + + Make the client-modifying options modify all clients. + + + + + + + + + + Show all client settings, not just a subset. + + + + + + + + + + Check if a single client is enabled or not, and exit with + a successful exit status only if the client is enabled. + + + + + + + + + OVERVIEW + + + This program is a small utility to generate new OpenPGP keys for + new Mandos clients, and to generate sections for inclusion in + clients.conf on the server. + + + + + EXIT STATUS + + If the option is used, the exit + status will be 0 only if the specified client is enabled. + + + + + + + + + + + EXAMPLE + + + List all clients with some of their settings: + + + &COMMANDNAME; + + + + + Show all settings for the clients named foo and + bar: + + + + +&COMMANDNAME; --verbose foo bar + + + + + + + SECURITY + + This program must be permitted to access the Mandos server via + the D-Bus interface. This normally requires the root user, but + could be configured otherwise by reconfiguring the D-Bus server. + + + + + SEE ALSO + + mandos + 8, + mandos-clients.conf + 5, + mandos-monitor + 8 + + + + + + + + +