/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/password-request.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-07-20 06:33:48 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8
* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
<?xml version='1.0' encoding='UTF-8'?>
2
 
<?xml-stylesheet type="text/xsl"
3
 
        href="http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"?>
4
 
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
5
 
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
6
 
<!ENTITY VERSION "1.0">
7
 
<!ENTITY COMMANDNAME "password-request">
8
 
]>
9
 
 
10
 
<refentry>
11
 
  <refentryinfo>
12
 
    <title>&COMMANDNAME;</title>
13
 
    <!-- NWalsh's docbook scripts use this to generate the footer: -->
14
 
    <productname>&COMMANDNAME;</productname>
15
 
    <productnumber>&VERSION;</productnumber>
16
 
    <authorgroup>
17
 
      <author>
18
 
        <firstname>Björn</firstname>
19
 
        <surname>Påhlsson</surname>
20
 
        <address>
21
 
          <email>belorn@fukt.bsnet.se</email>
22
 
        </address>
23
 
      </author>
24
 
      <author>
25
 
        <firstname>Teddy</firstname>
26
 
        <surname>Hogeborn</surname>
27
 
        <address>
28
 
          <email>teddy@fukt.bsnet.se</email>
29
 
        </address>
30
 
      </author>
31
 
    </authorgroup>
32
 
    <copyright>
33
 
      <year>2008</year>
34
 
      <holder>Teddy Hogeborn &amp; Björn Påhlsson</holder>
35
 
    </copyright>
36
 
    <legalnotice>
37
 
      <para>
38
 
        This manual page is free software: you can redistribute it
39
 
        and/or modify it under the terms of the GNU General Public
40
 
        License as published by the Free Software Foundation,
41
 
        either version 3 of the License, or (at your option) any
42
 
        later version.
43
 
      </para>
44
 
 
45
 
      <para>
46
 
        This manual page is distributed in the hope that it will
47
 
        be useful, but WITHOUT ANY WARRANTY; without even the
48
 
        implied warranty of MERCHANTABILITY or FITNESS FOR A
49
 
        PARTICULAR PURPOSE.  See the GNU General Public License
50
 
        for more details.
51
 
      </para>
52
 
 
53
 
      <para>
54
 
        You should have received a copy of the GNU General Public
55
 
        License along with this program; If not, see
56
 
        <ulink url="http://www.gnu.org/licenses/"/>.
57
 
      </para>
58
 
    </legalnotice>
59
 
  </refentryinfo>
60
 
 
61
 
  <refmeta>
62
 
    <refentrytitle>&COMMANDNAME;</refentrytitle>
63
 
    <manvolnum>8mandos</manvolnum>
64
 
  </refmeta>
65
 
  
66
 
  <refnamediv>
67
 
    <refname><command>&COMMANDNAME;</command></refname>
68
 
    <refpurpose>
69
 
      Client for mandos
70
 
    </refpurpose>
71
 
  </refnamediv>
72
 
 
73
 
  <refsynopsisdiv>
74
 
    <cmdsynopsis>
75
 
      <command>&COMMANDNAME;</command>
76
 
      <arg choice='opt'>--connect<arg choice='plain'>IP</arg></arg>
77
 
      <arg choice='opt'>--keydir<arg choice='plain'>KEYDIR</arg></arg>
78
 
      <arg choice='opt'>--interface<arg choice='plain'>INTERFACE</arg></arg>
79
 
      <arg choice='opt'>--pubkey<arg choice='plain'>PUBKEY</arg></arg>
80
 
      <arg choice='opt'>--seckey<arg choice='plain'>SECKEY</arg></arg>
81
 
      <arg choice='opt'>--priority<arg choice='plain'>PRIORITY</arg></arg>
82
 
      <arg choice='opt'>--dh-bits<arg choice='plain'>BITS</arg></arg>      
83
 
      <arg choice='opt'>--debug</arg>
84
 
    </cmdsynopsis>
85
 
    <cmdsynopsis>
86
 
      <command>&COMMANDNAME;</command>
87
 
      <arg choice='plain'>--help</arg>
88
 
    </cmdsynopsis>
89
 
    <cmdsynopsis>
90
 
      <command>&COMMANDNAME;</command>
91
 
      <arg choice='plain'>--usage</arg>
92
 
    </cmdsynopsis>
93
 
    <cmdsynopsis>
94
 
      <command>&COMMANDNAME;</command>
95
 
      <arg choice='plain'>--version</arg>
96
 
    </cmdsynopsis>    
97
 
  </refsynopsisdiv>
98
 
 
99
 
  <refsect1 id="description">
100
 
    <title>DESCRIPTION</title>
101
 
    <para>
102
 
      <command>&COMMANDNAME;</command> is a mandos plugin that works
103
 
      like a client program that through avahi detects mandos servers,
104
 
      sets up a gnutls connect and request a encrypted password. Any
105
 
      passwords given is automaticly decrypted and passed to
106
 
      cryptsetup.
107
 
    </para>
108
 
  </refsect1>  
109
 
  
110
 
  <refsect1 id="options">
111
 
    <title>OPTIONS</title>
112
 
    <para>
113
 
      Commonly not invoked as command lines but from configuration
114
 
      file of plugin runner.
115
 
    </para>
116
 
 
117
 
    <variablelist>
118
 
      <varlistentry>
119
 
        <term><literal>-c</literal>, <literal>--connect=<replaceable>
120
 
        IP</replaceable></literal></term>
121
 
        <listitem>
122
 
          <para>
123
 
            Connect directly to a specified mandos server
124
 
          </para>
125
 
        </listitem>
126
 
      </varlistentry>
127
 
 
128
 
      <varlistentry>
129
 
        <term><literal>-d</literal>, <literal>--keydir=<replaceable>
130
 
        KEYDIR</replaceable></literal></term>
131
 
        <listitem>
132
 
          <para>
133
 
            Directory where the openpgp keyring is
134
 
          </para>
135
 
        </listitem>
136
 
      </varlistentry>      
137
 
 
138
 
      <varlistentry>
139
 
        <term><literal>-i</literal>, <literal>--interface=
140
 
        <replaceable>INTERFACE</replaceable></literal></term>
141
 
        <listitem>
142
 
          <para>
143
 
            Interface that Avahi will conntect through
144
 
          </para>
145
 
        </listitem>
146
 
      </varlistentry>      
147
 
 
148
 
      <varlistentry>
149
 
        <term><literal>-p</literal>, <literal>--pubkey=<replaceable>
150
 
        PUBKEY</replaceable></literal></term>
151
 
        <listitem>
152
 
          <para>
153
 
            Public openpgp key for gnutls authentication
154
 
          </para>
155
 
        </listitem>
156
 
      </varlistentry>      
157
 
 
158
 
      <varlistentry>
159
 
        <term><literal>-s</literal>, <literal>--seckey=<replaceable>
160
 
        SECKEY</replaceable></literal></term>
161
 
        <listitem>
162
 
          <para>
163
 
            Secret openpgp key for gnutls authentication
164
 
          </para>
165
 
        </listitem>
166
 
      </varlistentry>            
167
 
      
168
 
      <varlistentry>
169
 
        <term><literal>--priority=<replaceable>PRIORITY</replaceable>
170
 
        </literal></term>
171
 
        <listitem>
172
 
          <para>
173
 
            GNUTLS priority
174
 
          </para>
175
 
        </listitem>
176
 
      </varlistentry>            
177
 
 
178
 
      <varlistentry>
179
 
        <term><literal>--dh-bits=<replaceable>BITS</replaceable>
180
 
        </literal></term>
181
 
        <listitem>
182
 
          <para>
183
 
            dh-bits to use in gnutls communication
184
 
          </para>
185
 
        </listitem>
186
 
      </varlistentry>      
187
 
      
188
 
      <varlistentry>
189
 
        <term><literal>--debug</literal></term>
190
 
        <listitem>
191
 
          <para>
192
 
            Debug mode
193
 
          </para>
194
 
        </listitem>
195
 
      </varlistentry>
196
 
      
197
 
      <varlistentry>
198
 
        <term><literal>-?</literal>, <literal>--help</literal></term>
199
 
        <listitem>
200
 
          <para>
201
 
            Gives a help message
202
 
          </para>
203
 
        </listitem>
204
 
      </varlistentry>
205
 
      
206
 
      <varlistentry>
207
 
        <term><literal>--usage</literal></term>
208
 
        <listitem>
209
 
          <para>
210
 
            Gives a short usage message
211
 
          </para>
212
 
        </listitem>
213
 
      </varlistentry>
214
 
 
215
 
      <varlistentry>
216
 
        <term><literal>-V</literal>, <literal>--version</literal></term>
217
 
        <listitem>
218
 
          <para>
219
 
            Prints the program version
220
 
          </para>
221
 
        </listitem>
222
 
      </varlistentry>            
223
 
    </variablelist>
224
 
  </refsect1>
225
 
 
226
 
  <refsect1 id="exit_status">
227
 
    <title>EXIT STATUS</title>
228
 
    <para>
229
 
    </para>
230
 
  </refsect1>
231
 
 
232
 
  <refsect1 id="environment">
233
 
    <title>ENVIRONMENT</title>
234
 
    <para>
235
 
    </para>
236
 
  </refsect1>  
237
 
 
238
 
  <refsect1 id="file">
239
 
    <title>FILES</title>
240
 
    <para>
241
 
    </para>
242
 
  </refsect1>  
243
 
  
244
 
  <refsect1 id="bugs">
245
 
    <title>BUGS</title>
246
 
    <para>
247
 
    </para>
248
 
  </refsect1>  
249
 
 
250
 
  <refsect1 id="example">
251
 
    <title>EXAMPLE</title>
252
 
    <para>
253
 
    </para>
254
 
  </refsect1>
255
 
 
256
 
  <refsect1 id="security">
257
 
    <title>SECURITY</title>
258
 
    <para>
259
 
    </para>
260
 
  </refsect1>
261
 
 
262
 
  <refsect1 id="see_also">
263
 
    <title>SEE ALSO</title>
264
 
    <itemizedlist>
265
 
      <listitem><para>
266
 
        <citerefentry><refentrytitle>mandos</refentrytitle>
267
 
        <manvolnum>8</manvolnum></citerefentry>
268
 
      </para></listitem>
269
 
      
270
 
      <listitem><para>
271
 
        <citerefentry><refentrytitle>plugin-runner</refentrytitle>
272
 
        <manvolnum>8mandos</manvolnum></citerefentry>
273
 
      </para></listitem>
274
 
      
275
 
      <listitem><para>
276
 
        <citerefentry><refentrytitle>password-prompt</refentrytitle>
277
 
        <manvolnum>8mandos</manvolnum></citerefentry>
278
 
      </para></listitem>
279
 
      
280
 
      <listitem><para>
281
 
        <ulink url="http://www.zeroconf.org/">Zeroconf</ulink>
282
 
      </para></listitem>
283
 
      
284
 
      <listitem><para>
285
 
        <ulink url="http://www.avahi.org/">Avahi</ulink>
286
 
      </para></listitem>
287
 
      
288
 
      <listitem><para>
289
 
        <ulink
290
 
            url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>
291
 
      </para></listitem>
292
 
      
293
 
      <listitem><para>
294
 
        <ulink
295
 
        url="http://www.gnupg.org/related_software/gpgme/">
296
 
        GPGME</ulink>
297
 
      </para></listitem>
298
 
      
299
 
      <listitem><para>
300
 
        <citation>RFC 4880: <citetitle>OpenPGP Message
301
 
        Format</citetitle></citation>
302
 
      </para></listitem>
303
 
      
304
 
      <listitem><para>
305
 
        <citation>RFC 5081: <citetitle>Using OpenPGP Keys for
306
 
        Transport Layer Security</citetitle></citation>
307
 
      </para></listitem>
308
 
      
309
 
      <listitem><para>
310
 
        <citation>RFC 4291: <citetitle>IP Version 6 Addressing
311
 
        Architecture</citetitle>, section 2.5.6, Link-Local IPv6
312
 
        Unicast Addresses</citation>
313
 
      </para></listitem>
314
 
    </itemizedlist>
315
 
  </refsect1>
316
 
 
317
 
</refentry>