/mandos/trunk : revision 115

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-prompt.xml

Committer: Teddy Hogeborn
Date: 2008-08-29 16:53:41 UTC
Revision ID: teddy@fukt.bsnet.se-20080829165341-xzrp0xxxfrua5kzq

* mandos.xml (SYNOPSIS): Split <term> tags for the "--help" and
"--interface" options.

files added:
initramfs-tools-hook-conf

plugins.d/usplash

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

DBUS-API

INSTALL

NEWS

README

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/sv.po

debian/po/templates.pot

debian/rules

debian/source

debian/source/format

debian/source/lintian-overrides

debian/source/local-options

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

debian/watch

default-mandos

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

init.d-mandos

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

initramfs-unpack

intro.xml

legalnotice.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos-to-cryptroot-unlock

mandos.lsm

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/password-prompt.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "password-prompt">

<!ENTITY TIMESTAMP "2019-07-27">

<!ENTITY % common SYSTEM "../common.ent">

%common;

<!ENTITY TIMESTAMP "2008-08-29">

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&version;</productnumber>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@recompile.se</email>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@recompile.se</email>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<xi:include href="../legalnotice.xml"/>

<para>

This manual page is free software: you can redistribute it

and/or modify it under the terms of the GNU General Public

License as published by the Free Software Foundation,

either version 3 of the License, or (at your option) any

later version.

</para>

<para>

This manual page is distributed in the hope that it will

be useful, but WITHOUT ANY WARRANTY; without even the

implied warranty of MERCHANTABILITY or FITNESS FOR A

PARTICULAR PURPOSE. See the GNU General Public License

for more details.

</para>

<para>

You should have received a copy of the GNU General Public

License along with this program; If not, see

<ulink url="http://www.gnu.org/licenses/"/>.

</para>

</legalnotice>

</refentryinfo>

<command>&COMMANDNAME;</command>

<arg choice="plain"><option>--prefix <replaceable

<arg choice="plain"><option>-p <replaceable

>PREFIX</replaceable></option></arg>

<arg choice="plain"><option>-p </option><replaceable

<arg choice="plain"><option>--prefix </option><replaceable

>PREFIX</replaceable></arg>

</group>

<sbr/>

<option>--prompt <replaceable>PROMPT</replaceable></option>

</arg>

<arg choice="opt"><option>--debug</option></arg>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

</group>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

<arg choice="plain"><option>--version</option></arg>

</group>

</cmdsynopsis>

100

</cmdsynopsis>

101

</refsynopsisdiv>

102

103

104

<title>DESCRIPTION</title>

105

<para>

100

106

All <command>&COMMANDNAME;</command> does is prompt for a

101

password and output any given password to standard output.

102

</para>

103

<para>

104

This program is not very useful on its own. This program is

105

really meant to run as a plugin in the <application

106

>Mandos</application> client-side system, where it is used as a

107

fallback and alternative to retrieving passwords from a

108

<application >Mandos</application> server.

107

password and output any given password to standard output. This

108

is not very useful on its own. This program is really meant to

109

run as a plugin in the <application>Mandos</application>

110

client-side system, where it is used as a fallback and

111

alternative to retriving passwords from a <application

112

>Mandos</application> server.

109

113

</para>

110

114

<para>

111

115

This program is little more than a <citerefentry><refentrytitle

113

117

wrapper, although actual use of that function is not guaranteed

114

118

or implied.

115

119

</para>

116

<para>

117

This program tries to detect if a Plymouth daemon

118

(<citerefentry><refentrytitle

119

>plymouthd</refentrytitle><manvolnum>8</manvolnum></citerefentry>)

120

is running, by looking for a

121

<filename>/run/plymouth/pid</filename> file or a process named

122

<quote><literal>plymouthd</literal></quote>. If it is detected,

123

this process will immediately exit without doing anything.

124

</para>

125

120

</refsect1>

126

121

127

122

138

133

139

134

140

135

141

<term><option>--prefix=<replaceable

142

>PREFIX</replaceable></option></term>

143

<term><option>-p

144

<replaceable>PREFIX</replaceable></option></term>

136

<term><option>-p</option> <replaceable>PREFIX</replaceable

137

></term>

138

<term><option>--prefix=</option><replaceable

139

>PREFIX</replaceable></term>

145

140

146

141

<para>

147

142

Prefix string shown before the password prompt.

150

145

</varlistentry>

151

146

152

147

153

<term><option>--prompt=<replaceable

154

>PROMPT</replaceable></option></term>

155

156

<para>

157

The password prompt. Using this option will make this

158

program ignore the <envar>CRYPTTAB_SOURCE</envar> and

159

<envar>CRYPTTAB_NAME</envar> environment variables.

160

</para>

161

</listitem>

162

</varlistentry>

163

164

165

148

<term><option>--debug</option></term>

166

149

167

150

<para>

173

156

</varlistentry>

174

157

175

158

159

176

160

177

178

161

179

162

<para>

180

163

Gives a help message about options and their meanings.

192

175

</varlistentry>

193

176

194

177

178

195

179

<term><option>--version</option></term>

196

197

180

198

181

<para>

199

182

Prints the program version.

200

183

</para>

201

184

</listitem>

202

</varlistentry>

185

</varlistentry>

203

186

</variablelist>

204

187

</refsect1>

205

188

217

200

<title>ENVIRONMENT</title>

218

201

219

202

220

<term><envar>CRYPTTAB_SOURCE</envar></term>

221

<term><envar>CRYPTTAB_NAME</envar></term>

203

<term><envar>cryptsource</envar></term>

204

<term><envar>crypttarget</envar></term>

222

205

223

206

<para>

224

If set, and if the <option>--prompt</option> option is not

225

used, these environment variables will be assumed to

207

If set, these environment variables will be assumed to

226

208

contain the source device name and the target device

227

209

mapper name, respectively, and will be shown as part of

228

210

the prompt.

230

212

<para>

231

213

These variables will normally be inherited from

232

214

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

233

<manvolnum>8mandos</manvolnum></citerefentry>, which might

234

have in turn inherited them from its calling process.

215

<manvolnum>8mandos</manvolnum></citerefentry>, which will

216

normally have inherited them from

217

<filename>/scripts/local-top/cryptroot</filename> in the

218

initial RAM disk environment, which will have set them from

219

parsing kernel arguments and

220

<filename>/conf/conf.d/cryptroot</filename> (also in the

221

initial RAM disk environment), which in turn will have been

222

created when the initial RAM disk image was created by

223

<filename

224

>/usr/share/initramfs-tools/hooks/cryptroot</filename>, by

225

extracting the information of the root file system from

226

<filename >/etc/crypttab</filename>.

235

227

</para>

236

228

<para>

237

229

This behavior is meant to exactly mirror the behavior of

238

<command>askpass</command>, the default password prompter

239

from initramfs-tools.

230

<command>askpass</command>, the default password prompter.

240

231

</para>

241

232

</listitem>

242

233

</varlistentry>

245

236

246

237

247

238

248

<xi:include href="../bugs.xml"/>

249

</refsect1>

239

<para>

240

None are known at this time.

241

</para>

242

</refsect1>

250

243

251

244

252

245

<title>EXAMPLE</title>

268

261

<para>

269

262

Show a prefix before the prompt; in this case, a host name.

270

263

It might be useful to be reminded of which host needs a

271

password, in case of <acronym>KVM</acronym> switches, etc.

264

password, in case of KVM switches, etc.

272

265

</para>

273

266

<para>

274

267

298

291

>plugin-runner</refentrytitle><manvolnum>8mandos</manvolnum>

299

292

</citerefentry>, and will, when run standalone, outside, in a

300

293

normal environment, immediately output on its standard output

301

any presumably secret password it just received. Therefore,

294

any presumably secret password it just recieved. Therefore,

302

295

when running this program standalone (which should never

303

296

normally be done), take care not to type in any real secret

304

297

password by force of habit, since it would then immediately be

316

309

317

310

318

311

<para>

319

<citerefentry><refentrytitle>intro</refentrytitle>

320

<manvolnum>8mandos</manvolnum></citerefentry>,

321

<citerefentry><refentrytitle>mandos-client</refentrytitle>

322

<manvolnum>8mandos</manvolnum></citerefentry>,

312

<citerefentry><refentrytitle>crypttab</refentrytitle>

313

314

<citerefentry><refentrytitle>password-request</refentrytitle>

315

<manvolnum>8mandos</manvolnum></citerefentry>

323

316

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

324

317

<manvolnum>8mandos</manvolnum></citerefentry>,

325

<citerefentry><refentrytitle>plymouthd</refentrytitle>

326

327

318

</para>

328

319

</refsect1>

329

320

</refentry>

Older »