/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-clients.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-08-30 18:45:41 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080830184541-j8zru4q0rlz5a0hw
* mandos-clients.conf.xml (SYNOPSIS): Remove line breaks.
  (OPTIONS): Add <option> tags.  Moved option name to outside
             <literal>.  Moved synopsis to inside <term> tags.
             Removed <synopsis> tags.  Improve wording of "secfile"
             option.
  (EXPANSION): Improved wording slightly.

* mandos-options.xml (interface): Improve wording.

* mandos.conf.xml (SYNOPSIS): Remove line breaks.
  (OPTIONS): Add <option> tags.  Moved option name to outside
             <literal>.  Moved synopsis to inside <term> tags.
             Removed <synopsis> tags.

Show diffs side-by-side

added added

removed removed

Lines of Context:
73
73
  </refnamediv>
74
74
 
75
75
  <refsynopsisdiv>
76
 
    <synopsis>
77
 
      &CONFPATH;
78
 
    </synopsis>
 
76
    <synopsis>&CONFPATH;</synopsis>
79
77
  </refsynopsisdiv>
80
78
 
81
79
  <refsect1 id="description">
123
121
    <variablelist>
124
122
 
125
123
      <varlistentry>
126
 
        <term><literal><varname>timeout</varname></literal></term>
 
124
        <term><option>timeout<literal> = </literal><replaceable
 
125
        >TIME</replaceable></option></term>
127
126
        <listitem>
128
 
          <synopsis><literal>timeout = </literal><replaceable
129
 
          >TIME</replaceable>
130
 
          </synopsis>
131
127
          <para>
132
128
            The timeout is how long the server will wait for a
133
129
            successful checker run until a client is considered
151
147
      </varlistentry>
152
148
 
153
149
      <varlistentry>
154
 
        <term><literal><varname>interval</varname></literal></term>
 
150
        <term><option>interval<literal> = </literal><replaceable
 
151
        >TIME</replaceable></option></term>
155
152
        <listitem>
156
 
          <synopsis><literal>interval = </literal><replaceable
157
 
          >TIME</replaceable>
158
 
          </synopsis>
159
153
          <para>
160
154
            How often to run the checker to confirm that a client is
161
155
            still up.  <emphasis>Note:</emphasis> a new checker will
173
167
      </varlistentry>
174
168
 
175
169
      <varlistentry>
176
 
        <term><literal>checker</literal></term>
 
170
        <term><option>checker<literal> = </literal><replaceable
 
171
        >COMMAND</replaceable></option></term>
177
172
        <listitem>
178
 
          <synopsis><literal>checker = </literal><replaceable
179
 
          >COMMAND</replaceable>
180
 
          </synopsis>
181
173
          <para>
182
174
            This option allows you to override the default shell
183
175
            command that the server will use to check if the client is
200
192
      </varlistentry>
201
193
      
202
194
      <varlistentry>
203
 
        <term><literal>fingerprint</literal></term>
 
195
        <term><option>fingerprint<literal> = </literal
 
196
        ><replaceable>HEXSTRING</replaceable></option></term>
204
197
        <listitem>
205
 
          <synopsis><literal>fingerprint = </literal><replaceable
206
 
          >HEXSTRING</replaceable>
207
 
          </synopsis>
208
198
          <para>
209
199
            This option sets the OpenPGP fingerprint that identifies
210
200
            the public key that clients authenticate themselves with
215
205
      </varlistentry>
216
206
      
217
207
      <varlistentry>
218
 
        <term><literal>secret</literal></term>
 
208
        <term><option>secret<literal> = </literal><replaceable
 
209
        >BASE64_ENCODED_DATA</replaceable></option></term>
219
210
        <listitem>
220
 
          <synopsis><literal>secret = </literal><replaceable
221
 
          >BASE64_ENCODED_DATA</replaceable>
222
 
          </synopsis>
223
211
          <para>
224
212
            If present, this option must be set to a string of
225
213
            base64-encoded binary data.  It will be decoded and sent
247
235
      </varlistentry>
248
236
 
249
237
      <varlistentry>
250
 
        <term><literal>secfile</literal></term>
 
238
        <term><option>secfile<literal> = </literal><replaceable
 
239
        >FILENAME</replaceable></option></term>
251
240
        <listitem>
252
 
          <synopsis><literal>secfile = </literal><replaceable
253
 
          >FILENAME</replaceable>
254
 
          </synopsis>
255
241
          <para>
256
 
            The same as <option>secret</option>, but the secret data
257
 
            is in an external file.  The contents of the file should
258
 
            <emphasis>not</emphasis> be base64-encoded, but will be
259
 
            sent to clients verbatim.
 
242
            Similar to the <option>secret</option>, except the secret
 
243
            data is in an external file.  The contents of the file
 
244
            should <emphasis>not</emphasis> be base64-encoded, but
 
245
            will be sent to clients verbatim.
260
246
          </para>
261
247
          <para>
262
248
            This option is only used, and <emphasis>must</emphasis> be
266
252
      </varlistentry>
267
253
 
268
254
      <varlistentry>
269
 
        <term><literal>host</literal></term>
 
255
        <term><option><literal>host = </literal><replaceable
 
256
        >STRING</replaceable></option></term>
270
257
        <listitem>
271
 
          <synopsis><literal>host = </literal><replaceable
272
 
          >STRING</replaceable>
273
 
          </synopsis>
274
258
          <para>
275
259
            Host name for this client.  This is not used by the server
276
260
            directly, but can be, and is by default, used by the
329
313
        percent characters in a row (<quote>%%%%</quote>) must be
330
314
        entered.  Also, a bad format here will lead to an immediate
331
315
        but <emphasis>silent</emphasis> run-time fatal exit; debug
332
 
        mode is needed to track down an error of this kind.
 
316
        mode is needed to expose an error of this kind.
333
317
      </para>
334
318
    </refsect2>
335
319