/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl.xml

  • Committer: Teddy Hogeborn
  • Date: 2024-09-09 04:24:39 UTC
  • Revision ID: teddy@recompile.se-20240909042439-j85mr20uli2hnyis
Eliminate compiler warnings

Many programs use nested functions, which now result in a linker
warning about executable stack.  Hide this warning.  Also, rewrite a
loop in the plymouth plugin to avoid warning about signed overflow.
This change also makes the plugin pick the alphabetically first
process entry instead of the last, in case many plymouth processes are
found (which should be unlikely).

* Makefile (plugin-runner, dracut-module/password-agent,
  plugins.d/password-prompt, plugins.d/mandos-client,
  plugins.d/plymouth): New target; set LDFLAGS to add "-Xlinker
  --no-warn-execstack".
* plugins.d/plymouth.c (get_pid): When no pid files are found, and we
  are looking through the process list, go though it from the start
  instead of from the end, i.e. in normal alphabetical order and not
  in reverse order.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-ctl.xml
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-ctl">
5
 
<!ENTITY TIMESTAMP "2015-07-20">
 
5
<!ENTITY TIMESTAMP "2019-07-29">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
37
37
      <year>2013</year>
38
38
      <year>2014</year>
39
39
      <year>2015</year>
 
40
      <year>2016</year>
 
41
      <year>2017</year>
 
42
      <year>2018</year>
 
43
      <year>2019</year>
40
44
      <holder>Teddy Hogeborn</holder>
41
45
      <holder>Björn Påhlsson</holder>
42
46
    </copyright>
51
55
  <refnamediv>
52
56
    <refname><command>&COMMANDNAME;</command></refname>
53
57
    <refpurpose>
54
 
      Control the operation of the Mandos server
 
58
      Control or query the operation of the Mandos server
55
59
    </refpurpose>
56
60
  </refnamediv>
57
61
  
59
63
    <cmdsynopsis>
60
64
      <command>&COMMANDNAME;</command>
61
65
      <group>
62
 
        <arg choice="plain"><option>--enable</option></arg>
63
 
        <arg choice="plain"><option>-e</option></arg>
64
 
        <sbr/>
65
 
        <arg choice="plain"><option>--disable</option></arg>
66
 
        <arg choice="plain"><option>-d</option></arg>
67
 
      </group>
68
 
      <sbr/>
69
 
      <group>
70
 
        <arg choice="plain"><option>--bump-timeout</option></arg>
71
 
        <arg choice="plain"><option>-b</option></arg>
72
 
      </group>
73
 
      <sbr/>
74
 
      <group>
75
 
        <arg choice="plain"><option>--start-checker</option></arg>
76
 
      </group>
77
 
      <sbr/>
78
 
      <group>
79
 
        <arg choice="plain"><option>--stop-checker</option></arg>
80
 
      </group>
81
 
      <sbr/>
82
 
      <group>
83
 
        <arg choice="plain"><option>--remove</option></arg>
84
 
        <arg choice="plain"><option>-r</option></arg>
85
 
      </group>
86
 
      <sbr/>
87
 
      <group>
88
 
        <arg choice="plain"><option>--checker
89
 
        <replaceable>COMMAND</replaceable></option></arg>
90
 
        <arg choice="plain"><option>-c
91
 
        <replaceable>COMMAND</replaceable></option></arg>
92
 
      </group>
93
 
      <sbr/>
94
 
      <group>
95
 
        <arg choice="plain"><option>--timeout
96
 
        <replaceable>TIME</replaceable></option></arg>
97
 
        <arg choice="plain"><option>-t
98
 
        <replaceable>TIME</replaceable></option></arg>
99
 
      </group>
100
 
      <sbr/>
101
 
      <group>
102
 
        <arg choice="plain"><option>--extended-timeout
103
 
        <replaceable>TIME</replaceable></option></arg>
104
 
      </group>
105
 
      <sbr/>
106
 
      <group>
107
 
        <arg choice="plain"><option>--interval
108
 
        <replaceable>TIME</replaceable></option></arg>
109
 
        <arg choice="plain"><option>-i
110
 
        <replaceable>TIME</replaceable></option></arg>
111
 
      </group>
112
 
      <sbr/>
113
 
      <group>
114
 
        <arg choice="plain"><option>--approve-by-default</option
115
 
        ></arg>
116
 
        <sbr/>
117
 
        <arg choice="plain"><option>--deny-by-default</option></arg>
118
 
      </group>
119
 
      <sbr/>
120
 
      <group>
121
 
        <arg choice="plain"><option>--approval-delay
122
 
        <replaceable>TIME</replaceable></option></arg>
123
 
      </group>
124
 
      <sbr/>
125
 
      <group>
126
 
        <arg choice="plain"><option>--approval-duration
127
 
        <replaceable>TIME</replaceable></option></arg>
128
 
      </group>
129
 
      <sbr/>
130
 
      <group>
131
 
        <arg choice="plain"><option>--interval
132
 
        <replaceable>TIME</replaceable></option></arg>
133
 
        <arg choice="plain"><option>-i
134
 
        <replaceable>TIME</replaceable></option></arg>
135
 
      </group>
136
 
      <sbr/>
137
 
      <group>
138
 
        <arg choice="plain"><option>--host
139
 
        <replaceable>STRING</replaceable></option></arg>
140
 
        <arg choice="plain"><option>-H
141
 
        <replaceable>STRING</replaceable></option></arg>
142
 
      </group>
143
 
      <sbr/>
144
 
      <group>
145
 
        <arg choice="plain"><option>--secret
146
 
        <replaceable>FILENAME</replaceable></option></arg>
147
 
        <arg choice="plain"><option>-s
148
 
        <replaceable>FILENAME</replaceable></option></arg>
149
 
      </group>
150
 
      <sbr/>
151
 
      <group>
152
 
        <arg choice="plain"><option>--approve</option></arg>
153
 
        <arg choice="plain"><option>-A</option></arg>
154
 
        <sbr/>
 
66
          <arg choice="plain"><option>--verbose</option></arg>
 
67
          <arg choice="plain"><option>-v</option></arg>
 
68
          <sbr/>
 
69
          <arg choice="plain"><option>--dump-json</option></arg>
 
70
          <arg choice="plain"><option>-j</option></arg>
 
71
      </group>
 
72
      <arg><option>--debug</option></arg>
 
73
      <group>
 
74
        <arg rep='repeat' choice='plain'>
 
75
          <replaceable>CLIENT</replaceable>
 
76
        </arg>
 
77
      </group>
 
78
    </cmdsynopsis>
 
79
    <cmdsynopsis>
 
80
      <command>&COMMANDNAME;</command>
 
81
      <group choice="req">
 
82
        <group>
 
83
          <arg choice="plain"><option>--enable</option></arg>
 
84
          <arg choice="plain"><option>-e</option></arg>
 
85
          <sbr/>
 
86
          <arg choice="plain"><option>--disable</option></arg>
 
87
          <arg choice="plain"><option>-d</option></arg>
 
88
        </group>
 
89
        <sbr/>
 
90
        <group>
 
91
          <arg choice="plain"><option>--bump-timeout</option></arg>
 
92
          <arg choice="plain"><option>-b</option></arg>
 
93
        </group>
 
94
        <sbr/>
 
95
        <group>
 
96
          <arg choice="plain"><option>--start-checker</option></arg>
 
97
          <arg choice="plain"><option>--stop-checker</option></arg>
 
98
        </group>
 
99
        <sbr/>
 
100
        <group>
 
101
          <arg choice="plain"><option>--checker
 
102
          <replaceable>COMMAND</replaceable></option></arg>
 
103
          <arg choice="plain"><option>-c
 
104
          <replaceable>COMMAND</replaceable></option></arg>
 
105
        </group>
 
106
        <sbr/>
 
107
        <group>
 
108
          <arg choice="plain"><option>--timeout
 
109
          <replaceable>TIME</replaceable></option></arg>
 
110
          <arg choice="plain"><option>-t
 
111
          <replaceable>TIME</replaceable></option></arg>
 
112
        </group>
 
113
        <sbr/>
 
114
        <group>
 
115
          <arg choice="plain"><option>--extended-timeout
 
116
          <replaceable>TIME</replaceable></option></arg>
 
117
        </group>
 
118
        <sbr/>
 
119
        <group>
 
120
          <arg choice="plain"><option>--interval
 
121
          <replaceable>TIME</replaceable></option></arg>
 
122
          <arg choice="plain"><option>-i
 
123
          <replaceable>TIME</replaceable></option></arg>
 
124
        </group>
 
125
        <sbr/>
 
126
        <group>
 
127
          <arg choice="plain"><option>--approve-by-default</option
 
128
          ></arg>
 
129
          <sbr/>
 
130
          <arg choice="plain"><option>--deny-by-default</option></arg>
 
131
        </group>
 
132
        <sbr/>
 
133
        <group>
 
134
          <arg choice="plain"><option>--approval-delay
 
135
          <replaceable>TIME</replaceable></option></arg>
 
136
        </group>
 
137
        <sbr/>
 
138
        <group>
 
139
          <arg choice="plain"><option>--approval-duration
 
140
          <replaceable>TIME</replaceable></option></arg>
 
141
        </group>
 
142
        <sbr/>
 
143
        <group>
 
144
          <arg choice="plain"><option>--host
 
145
          <replaceable>STRING</replaceable></option></arg>
 
146
          <arg choice="plain"><option>-H
 
147
          <replaceable>STRING</replaceable></option></arg>
 
148
        </group>
 
149
        <sbr/>
 
150
        <group>
 
151
          <arg choice="plain"><option>--secret
 
152
          <replaceable>FILENAME</replaceable></option></arg>
 
153
          <arg choice="plain"><option>-s
 
154
          <replaceable>FILENAME</replaceable></option></arg>
 
155
        </group>
 
156
        <sbr/>
 
157
        <group>
 
158
          <arg choice="plain"><option>--approve</option></arg>
 
159
          <arg choice="plain"><option>-A</option></arg>
 
160
          <sbr/>
 
161
          <arg choice="plain"><option>--deny</option></arg>
 
162
          <arg choice="plain"><option>-D</option></arg>
 
163
        </group>
 
164
      </group>
 
165
      <sbr/>
 
166
      <arg><option>--debug</option></arg>
 
167
      <group choice="req">
 
168
        <arg choice="plain"><option>--all</option></arg>
 
169
        <arg choice="plain"><option>-a</option></arg>
 
170
        <arg rep='repeat' choice='plain'>
 
171
          <replaceable>CLIENT</replaceable>
 
172
        </arg>
 
173
      </group>
 
174
    </cmdsynopsis>
 
175
    <cmdsynopsis>
 
176
      <command>&COMMANDNAME;</command>
 
177
      <group>
155
178
        <arg choice="plain"><option>--deny</option></arg>
156
179
        <arg choice="plain"><option>-D</option></arg>
157
180
      </group>
 
181
      <group choice="req">
 
182
          <arg choice="plain"><option>--remove</option></arg>
 
183
          <arg choice="plain"><option>-r</option></arg>
 
184
      </group>
158
185
      <sbr/>
 
186
      <arg><option>--debug</option></arg>
159
187
      <group choice="req">
160
188
        <arg choice="plain"><option>--all</option></arg>
161
189
        <arg choice="plain"><option>-a</option></arg>
166
194
    </cmdsynopsis>
167
195
    <cmdsynopsis>
168
196
      <command>&COMMANDNAME;</command>
169
 
      <group>
170
 
        <arg choice="plain"><option>--verbose</option></arg>
171
 
        <arg choice="plain"><option>-v</option></arg>
172
 
      </group>
173
 
      <group>
174
 
        <arg rep='repeat' choice='plain'>
175
 
          <replaceable>CLIENT</replaceable>
176
 
        </arg>
177
 
      </group>
178
 
    </cmdsynopsis>
179
 
    <cmdsynopsis>
180
 
      <command>&COMMANDNAME;</command>
181
197
      <group choice="req">
182
198
        <arg choice="plain"><option>--is-enabled</option></arg>
183
199
        <arg choice="plain"><option>-V</option></arg>
184
200
      </group>
 
201
      <arg><option>--debug</option></arg>
185
202
      <arg choice='plain'><replaceable>CLIENT</replaceable></arg>
186
203
    </cmdsynopsis>
187
204
    <cmdsynopsis>
207
224
  <refsect1 id="description">
208
225
    <title>DESCRIPTION</title>
209
226
    <para>
210
 
      <command>&COMMANDNAME;</command> is a program to control the
211
 
      operation of the Mandos server <citerefentry><refentrytitle
212
 
      >mandos</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
 
227
      <command>&COMMANDNAME;</command> is a program to control or
 
228
      query the operation of the Mandos server
 
229
      <citerefentry><refentrytitle>mandos</refentrytitle><manvolnum
 
230
      >8</manvolnum></citerefentry>.
213
231
    </para>
214
232
    <para>
215
233
      This program can be used to change client settings, approve or
473
491
      </varlistentry>
474
492
      
475
493
      <varlistentry>
 
494
        <term><option>--dump-json</option></term>
 
495
        <term><option>-j</option></term>
 
496
        <listitem>
 
497
          <para>
 
498
            Dump client settings as JSON to standard output.
 
499
          </para>
 
500
        </listitem>
 
501
      </varlistentry>
 
502
      
 
503
      <varlistentry>
476
504
        <term><option>--is-enabled</option></term>
477
505
        <term><option>-V</option></term>
478
506
        <listitem>
484
512
      </varlistentry>
485
513
      
486
514
      <varlistentry>
 
515
        <term><option>--debug</option></term>
 
516
        <listitem>
 
517
          <para>
 
518
            Show debug output; currently, this means show D-Bus calls.
 
519
          </para>
 
520
        </listitem>
 
521
      </varlistentry>
 
522
      
 
523
      <varlistentry>
487
524
        <term><option>--check</option></term>
488
525
        <listitem>
489
526
          <para>
513
550
    </para>
514
551
  </refsect1>
515
552
  
516
 
<!--   <refsect1 id="bugs"> -->
517
 
<!--     <title>BUGS</title> -->
518
 
<!--     <para> -->
519
 
<!--     </para> -->
520
 
<!--   </refsect1> -->
 
553
  <refsect1 id="bugs">
 
554
    <title>BUGS</title>
 
555
    <xi:include href="bugs.xml"/>
 
556
  </refsect1>
521
557
  
522
558
  <refsect1 id="example">
523
559
    <title>EXAMPLE</title>
 
560
    <!-- Name of test methods in class Test_commands_from_options are
 
561
         written in comments below.  When adding an example, add a
 
562
         test too which tests the documented behavior. -->
524
563
    <informalexample>
 
564
      <!-- Test method: test_manual_page_example_1() -->
525
565
      <para>
526
566
        To list all clients:
527
567
      </para>
531
571
    </informalexample>
532
572
    
533
573
    <informalexample>
 
574
      <!-- Test method: test_manual_page_example_2() -->
534
575
      <para>
535
576
        To list <emphasis>all</emphasis> settings for the clients
536
577
        named <quote>foo1.example.org</quote> and <quote
545
586
    </informalexample>
546
587
    
547
588
    <informalexample>
 
589
      <!-- Test method: test_manual_page_example_3() -->
548
590
      <para>
549
591
        To enable all clients:
550
592
      </para>
554
596
    </informalexample>
555
597
    
556
598
    <informalexample>
 
599
      <!-- Test method: test_manual_page_example_4() -->
557
600
      <para>
558
601
        To change timeout and interval value for the clients
559
602
        named <quote>foo1.example.org</quote> and <quote
562
605
      <para>
563
606
 
564
607
<!-- do not wrap this line -->
565
 
<userinput>&COMMANDNAME; --timeout="5m" --interval="1m" foo1.example.org foo2.example.org</userinput>
 
608
<userinput>&COMMANDNAME; --timeout=PT5M --interval=PT1M foo1.example.org foo2.example.org</userinput>
566
609
 
567
610
      </para>
568
611
    </informalexample>
569
612
    
570
613
    <informalexample>
 
614
      <!-- Test method: test_manual_page_example_5() -->
571
615
      <para>
572
 
        To approve all clients currently waiting for it:
 
616
        To approve all clients currently waiting for approval:
573
617
      </para>
574
618
      <para>
575
619
        <userinput>&COMMANDNAME; --approve --all</userinput>