/mandos/trunk : revision 133

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2008-08-31 20:01:03 UTC
Revision ID: teddy@fukt.bsnet.se-20080831200103-wvjp5oagtxj7s25g

* plugin-runner.c: Break a couple of long lines.

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

INSTALL

README

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.config

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.config

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/sv.po

debian/rules

default-mandos

init.d-mandos

plugin-runner.conf

plugins.d/splashy.c

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
.bzrignore

Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/usplash

Show diffs side-by-side

added added

removed removed

mandos.xml

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-09-21">

<!ENTITY TIMESTAMP "2008-08-31">

</copyright>

<xi:include href="legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

Gives encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

100

<arg choice="plain"><option>--check</option></arg>

101

</cmdsynopsis>

102

</refsynopsisdiv>

103

104

105

<title>DESCRIPTION</title>

106

<para>

115

Any authenticated client is then given the stored pre-encrypted

116

password for that specific client.

117

</para>

118

119

</refsect1>

119

120

121

121

122

<title>PURPOSE</title>

123

122

124

<para>

123

125

The purpose of this is to enable <emphasis>remote and unattended

124

126

rebooting</emphasis> of client host computer with an

125

127

<emphasis>encrypted root file system</emphasis>. See <xref

126

128

linkend="overview"/> for details.

127

129

</para>

130

128

131

</refsect1>

129

132

130

133

131

134

<title>OPTIONS</title>

135

132

136

133

137

134

138

186

190

<xi:include href="mandos-options.xml" xpointer="debug"/>

187

191

</listitem>

188

192

</varlistentry>

189

193

190

194

191

195

<term><option>--priority <replaceable>

192

196

PRIORITY</replaceable></option></term>

194

198

<xi:include href="mandos-options.xml" xpointer="priority"/>

195

199

</listitem>

196

200

</varlistentry>

197

201

198

202

199

203

<term><option>--servicename

200

204

203

207

xpointer="servicename"/>

204

208

</listitem>

205

209

</varlistentry>

206

210

207

211

208

212

<term><option>--configdir

209

213

<replaceable>DIRECTORY</replaceable></option></term>

218

222

</para>

219

223

</listitem>

220

224

</varlistentry>

221

225

222

226

223

227

<term><option>--version</option></term>

224

228

229

233

</varlistentry>

230

234

</variablelist>

231

235

</refsect1>

232

236

233

237

234

238

<title>OVERVIEW</title>

235

239

<xi:include href="overview.xml"/>

236

240

<para>

237

241

This program is the server part. It is a normal server program

238

242

and will run in a normal system environment, not in an initial

239

<acronym>RAM</acronym> disk environment.

243

RAM disk environment.

240

244

</para>

241

245

</refsect1>

242

246

243

247

244

248

<title>NETWORK PROTOCOL</title>

245

249

<para>

297

301

</row>

298

302

</tbody></tgroup></table>

299

303

</refsect1>

300

304

301

305

302

306

<title>CHECKING</title>

303

307

<para>

311

315

<manvolnum>5</manvolnum></citerefentry>.

312

316

</para>

313

317

</refsect1>

314

318

315

319

316

320

<title>LOGGING</title>

317

321

<para>

321

325

and also show them on the console.

322

326

</para>

323

327

</refsect1>

324

328

325

329

326

330

<title>EXIT STATUS</title>

327

331

<para>

329

333

critical error is encountered.

330

334

</para>

331

335

</refsect1>

332

336

333

337

334

338

<title>ENVIRONMENT</title>

335

339

349

353

</varlistentry>

350

354

</variablelist>

351

355

</refsect1>

352

356

353

357

354

358

<title>FILES</title>

355

359

<para>

379

383

</listitem>

380

384

</varlistentry>

381

385

382

<term><filename>/var/run/mandos.pid</filename></term>

386

<term><filename>/var/run/mandos/mandos.pid</filename></term>

383

387

384

388

<para>

385

389

The file containing the process id of

434

438

Debug mode is conflated with running in the foreground.

435

439

</para>

436

440

<para>

437

The console log messages does not show a time stamp.

438

</para>

439

<para>

440

This server does not check the expire time of clients’ OpenPGP

441

keys.

441

The console log messages does not show a timestamp.

442

</para>

443

</refsect1>

444

479

</para>

480

</informalexample>

481

</refsect1>

482

483

484

<title>SECURITY</title>

485

487

<para>

488

Running this <command>&COMMANDNAME;</command> server program

489

should not in itself present any security risk to the host

490

computer running it. The program switches to a non-root user

491

soon after startup.

490

computer running it. The program does not need any special

491

privileges to run, and is designed to run as a non-root user.

492

</para>

493

</refsect2>

494

504

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

505

<manvolnum>5</manvolnum></citerefentry>)

506

<emphasis>must</emphasis> be made non-readable by anyone

507

except the user starting the server (usually root).

507

except the user running the server.

508

</para>

509

<para>

510

As detailed in <xref linkend="checking"/>, the status of all

521

restarting servers if it is suspected that a client has, in

522

fact, been compromised by parties who may now be running a

523

fake Mandos client with the keys from the non-encrypted

524

initial <acronym>RAM</acronym> image of the client host. What

525

should be done in that case (if restarting the server program

526

really is necessary) is to stop the server program, edit the

524

initial RAM image of the client host. What should be done in

525

that case (if restarting the server program really is

526

necessary) is to stop the server program, edit the

527

configuration file to omit any suspect clients, and restart

528

the server program.

529

</para>

530

<para>

531

For more details on client-side security, see

532

<citerefentry><refentrytitle>mandos-client</refentrytitle>

532

<citerefentry><refentrytitle>password-request</refentrytitle>

533

<manvolnum>8mandos</manvolnum></citerefentry>.

534

</para>

535

</refsect2>

536

</refsect1>

537

538

539

540

<para>

543

544

<refentrytitle>mandos.conf</refentrytitle>

545

546

<refentrytitle>mandos-client</refentrytitle>

546

<refentrytitle>password-request</refentrytitle>

547

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

548

549

</citerefentry>

Older »