/mandos/trunk

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2008-09-05 07:11:24 UTC
Revision ID: teddy@fukt.bsnet.se-20080905071124-9dq11jq5rfd6zfxf

* Makefile: Changed to use symbolic instead of octal modes throughout.
  (KEYDIR): New variable for the key directory.
  (install-server): Bug fix: remove "--parents" from install args.
  (install-client): Bug fix: - '' -  Also create key directory.  Do
                    not chmod plugin dir.  Create custom plugin directory
                    if not the same as normal plugin directory.  Add
                    "--dir" option to "mandos-keygen".  Add note about
                    running "mandos-keygen --password".
  (uninstall-server): Do not depend on the installed server binary,
                      since this made it impossible to do a purge
                      after an uninstall.
  (purge-client): Shred seckey.txt.  Use $(KEYDIR).

* README: Improved wording.

* initramfs-tools-hook: Use a loop to find prefix.  Also find keydir.
                        Remove "${DESTDIR}" from "copy_exec".  Do not
                        try to copy literal "*" if no custom plugins
                        are found.  Copy key files from keydir, not
                        config dir.  Only repair mode on directories
                        that actually exist.  Do not run chmod if
                        nothing needs repairing.

* plugin-runner.conf: New file.

files removed:
INSTALL

default-mandos

etc-plugins.d-README

init.d-mandos

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
.bzrignore

Makefile

TODO

initramfs-tools-hook

initramfs-tools-script

legalnotice.xml

mandos

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

3

3

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

4

4

<!ENTITY VERSION "1.0">

5

5

<!ENTITY COMMANDNAME "mandos">

6

<!ENTITY TIMESTAMP "2008-09-06">

6

<!ENTITY TIMESTAMP "2008-09-04">

7

7

]>

8

8

9

9

<refentry xmlns:xi="http://www.w3.org/2001/XInclude">

379

379

</listitem>

380

380

</varlistentry>

381

381

<varlistentry>

382

<term><filename>/var/run/mandos.pid</filename></term>

382

<term><filename>/var/run/mandos/mandos.pid</filename></term>

383

383

<listitem>

384

384

<para>

385

385

The file containing the process id of

487

487

<para>

488

488

Running this <command>&COMMANDNAME;</command> server program

489

489

should not in itself present any security risk to the host

490

computer running it. The program switches to a non-root user

491

soon after startup.

490

computer running it. The program does not need any special

491

privileges to run, and is designed to run as a non-root user.

492

492

</para>

493

493

</refsect2>

494

494

<refsect2 id="CLIENTS">

529

529

</para>

530

530

<para>

531

531

For more details on client-side security, see

532

<citerefentry><refentrytitle>mandos-client</refentrytitle>

532

<citerefentry><refentrytitle>password-request</refentrytitle>

533

533

<manvolnum>8mandos</manvolnum></citerefentry>.

534

534

</para>

535

535

</refsect2>

543

543

<manvolnum>5</manvolnum></citerefentry>, <citerefentry>

544

544

<refentrytitle>mandos.conf</refentrytitle>

545

545

<manvolnum>5</manvolnum></citerefentry>, <citerefentry>

546

<refentrytitle>mandos-client</refentrytitle>

546

<refentrytitle>password-request</refentrytitle>

547

547

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

548

548

<refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>

549

549

</citerefentry>

Older »