/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-prompt.xml

  • Committer: Teddy Hogeborn
  • Date: 2019-04-09 19:33:36 UTC
  • Revision ID: teddy@recompile.se-20190409193336-6sddo74ybosqog38
Installation: Fix UMASK even if set by some other initramfs hook

* Makefile (install-client-nokey): Install initramfs-tools-conf-hook
               as "/usr/share/initramfs-tools/conf-hooks.d/zz-mandos".
* debian/mandos-client.dirs: Add
  "usr/share/initramfs-tools/conf-hooks.d".
* initramfs-tools-conf-hook: New.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "password-prompt">
5
 
<!ENTITY TIMESTAMP "2019-07-27">
 
5
<!ENTITY TIMESTAMP "2019-02-10">
6
6
<!ENTITY % common SYSTEM "../common.ent">
7
7
%common;
8
8
]>
69
69
        >PREFIX</replaceable></arg>
70
70
      </group>
71
71
      <sbr/>
72
 
      <arg choice="opt">
73
 
        <option>--prompt <replaceable>PROMPT</replaceable></option>
74
 
      </arg>
75
72
      <arg choice="opt"><option>--debug</option></arg>
76
73
    </cmdsynopsis>
77
74
    <cmdsynopsis>
113
110
      wrapper, although actual use of that function is not guaranteed
114
111
      or implied.
115
112
    </para>
116
 
    <para>
117
 
      This program tries to detect if a Plymouth daemon
118
 
      (<citerefentry><refentrytitle
119
 
      >plymouthd</refentrytitle><manvolnum>8</manvolnum></citerefentry>)
120
 
      is running, by looking for a
121
 
      <filename>/run/plymouth/pid</filename> file or a process named
122
 
      <quote><literal>plymouthd</literal></quote>.  If it is detected,
123
 
      this process will immediately exit without doing anything.
124
 
    </para>
125
113
  </refsect1>
126
114
  
127
115
  <refsect1 id="options">
150
138
      </varlistentry>
151
139
      
152
140
      <varlistentry>
153
 
        <term><option>--prompt=<replaceable
154
 
        >PROMPT</replaceable></option></term>
155
 
        <listitem>
156
 
          <para>
157
 
            The password prompt.  Using this option will make this
158
 
            program ignore the <envar>CRYPTTAB_SOURCE</envar> and
159
 
            <envar>CRYPTTAB_NAME</envar> environment variables.
160
 
          </para>
161
 
        </listitem>
162
 
      </varlistentry>
163
 
      
164
 
      <varlistentry>
165
141
        <term><option>--debug</option></term>
166
142
        <listitem>
167
143
          <para>
221
197
        <term><envar>CRYPTTAB_NAME</envar></term>
222
198
        <listitem>
223
199
          <para>
224
 
            If set, and if the <option>--prompt</option> option is not
225
 
            used, these environment variables will be assumed to
 
200
            If set, these environment variables will be assumed to
226
201
            contain the source device name and the target device
227
202
            mapper name, respectively, and will be shown as part of
228
203
            the prompt.
230
205
        <para>
231
206
          These variables will normally be inherited from
232
207
          <citerefentry><refentrytitle>plugin-runner</refentrytitle>
233
 
          <manvolnum>8mandos</manvolnum></citerefentry>, which might
234
 
          have in turn inherited them from its calling process.
 
208
          <manvolnum>8mandos</manvolnum></citerefentry>, which will
 
209
          normally have inherited them from
 
210
          <filename>/scripts/local-top/cryptroot</filename> in the
 
211
          initial <acronym>RAM</acronym> disk environment, which will
 
212
          have set them from parsing kernel arguments and
 
213
          <filename>/conf/conf.d/cryptroot</filename> (also in the
 
214
          initial RAM disk environment), which in turn will have been
 
215
          created when the initial RAM disk image was created by
 
216
          <filename
 
217
          >/usr/share/initramfs-tools/hooks/cryptroot</filename>, by
 
218
          extracting the information of the root file system from
 
219
          <filename >/etc/crypttab</filename>.
235
220
        </para>
236
221
        <para>
237
222
          This behavior is meant to exactly mirror the behavior of
238
 
          <command>askpass</command>, the default password prompter
239
 
          from initramfs-tools.
 
223
          <command>askpass</command>, the default password prompter.
240
224
        </para>
241
225
        </listitem>
242
226
      </varlistentry>
317
301
    <title>SEE ALSO</title>
318
302
    <para>
319
303
      <citerefentry><refentrytitle>intro</refentrytitle>
320
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
304
      <manvolnum>8mandos</manvolnum></citerefentry>
 
305
      <citerefentry><refentrytitle>crypttab</refentrytitle>
 
306
      <manvolnum>5</manvolnum></citerefentry>
321
307
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
322
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
 
308
      <manvolnum>8mandos</manvolnum></citerefentry>
323
309
      <citerefentry><refentrytitle>plugin-runner</refentrytitle>
324
310
      <manvolnum>8mandos</manvolnum></citerefentry>,
325
 
      <citerefentry><refentrytitle>plymouthd</refentrytitle>
326
 
      <manvolnum>8</manvolnum></citerefentry>
327
311
    </para>
328
312
  </refsect1>
329
313
</refentry>