/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

  • Committer: Teddy Hogeborn
  • Date: 2008-09-05 16:24:33 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080905162433-58fgx91ae9foxlh1
* Makefile (PIDDIR, USER, GROUP): Removed.
  (install-server): Do not create $(PIDDIR).
  (uninstall-server): Do not remove $(PIDDIR).

* init.d-mandos (PIDFILE): Changed to "/var/run/$NAME.pid".

* mandos (IPv6_TCPServer.enabled): New attribute.
  (IPv6_TCPServer.server_activate): Only call method of superclass if
                                    "self.enabled".
  (IPv6_TCPServer.enable): Set "self.enabled" to True.
  (main): Create client Set() early.  Create IPv6_TCPServer object
          early.  Switch to user and group "mandos", "nobody" or
          65534, if possible.  Enable IPv6_TCPServer *after* switching
          user.

* mandos-keygen (KEYDIR): Changed to "/etc/keys/mandos".

* mandos.xml (FILES): Changed PID file.
  (SECURITY): The server does need to be privileged, but switches to a
              non-privileged user.

* plugin-runner.xml (EXAMPLE): Changed long example to something more
                               realistic.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
 
4
<!ENTITY VERSION "1.0">
4
5
<!ENTITY COMMANDNAME "mandos-keygen">
5
 
<!ENTITY TIMESTAMP "2008-09-30">
6
 
<!ENTITY % common SYSTEM "common.ent">
7
 
%common;
 
6
<!ENTITY TIMESTAMP "2008-09-03">
8
7
]>
9
8
 
10
9
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
12
11
    <title>Mandos Manual</title>
13
12
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
14
13
    <productname>Mandos</productname>
15
 
    <productnumber>&version;</productnumber>
 
14
    <productnumber>&VERSION;</productnumber>
16
15
    <date>&TIMESTAMP;</date>
17
16
    <authorgroup>
18
17
      <author>
37
36
    </copyright>
38
37
    <xi:include href="legalnotice.xml"/>
39
38
  </refentryinfo>
40
 
  
 
39
 
41
40
  <refmeta>
42
41
    <refentrytitle>&COMMANDNAME;</refentrytitle>
43
42
    <manvolnum>8</manvolnum>
49
48
      Generate key and password for Mandos client and server.
50
49
    </refpurpose>
51
50
  </refnamediv>
52
 
  
 
51
 
53
52
  <refsynopsisdiv>
54
53
    <cmdsynopsis>
55
54
      <command>&COMMANDNAME;</command>
123
122
      <group choice="req">
124
123
        <arg choice="plain"><option>--password</option></arg>
125
124
        <arg choice="plain"><option>-p</option></arg>
126
 
        <arg choice="plain"><option>--passfile
127
 
        <replaceable>FILE</replaceable></option></arg>
128
 
        <arg choice="plain"><option>-F</option>
129
 
        <replaceable>FILE</replaceable></arg>
130
125
      </group>
131
126
      <sbr/>
132
127
      <group>
164
159
    <para>
165
160
      <command>&COMMANDNAME;</command> is a program to generate the
166
161
      OpenPGP key used by
167
 
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
 
162
      <citerefentry><refentrytitle>password-request</refentrytitle>
168
163
      <manvolnum>8mandos</manvolnum></citerefentry>.  The key is
169
164
      normally written to /etc/mandos for later installation into the
170
165
      initrd image, but this, and most other things, can be changed
172
167
    </para>
173
168
    <para>
174
169
      This program can also be used with the
175
 
      <option>--password</option> or <option>--passfile</option>
176
 
      options to generate a ready-made section for
177
 
      <filename>clients.conf</filename> (see
 
170
      <option>--password</option> option to generate a ready-made
 
171
      section for <filename>clients.conf</filename> (see
178
172
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
179
173
      <manvolnum>5</manvolnum></citerefentry>).
180
174
    </para>
203
197
          </para>
204
198
        </listitem>
205
199
      </varlistentry>
206
 
      
 
200
 
207
201
      <varlistentry>
208
202
        <term><option>--dir
209
203
        <replaceable>DIRECTORY</replaceable></option></term>
216
210
          </para>
217
211
        </listitem>
218
212
      </varlistentry>
219
 
      
 
213
 
220
214
      <varlistentry>
221
215
        <term><option>--type
222
216
        <replaceable>TYPE</replaceable></option></term>
228
222
          </para>
229
223
        </listitem>
230
224
      </varlistentry>
231
 
      
 
225
 
232
226
      <varlistentry>
233
227
        <term><option>--length
234
228
        <replaceable>BITS</replaceable></option></term>
240
234
          </para>
241
235
        </listitem>
242
236
      </varlistentry>
243
 
      
 
237
 
244
238
      <varlistentry>
245
239
        <term><option>--subtype
246
240
        <replaceable>KEYTYPE</replaceable></option></term>
253
247
          </para>
254
248
        </listitem>
255
249
      </varlistentry>
256
 
      
 
250
 
257
251
      <varlistentry>
258
252
        <term><option>--sublength
259
253
        <replaceable>BITS</replaceable></option></term>
265
259
          </para>
266
260
        </listitem>
267
261
      </varlistentry>
268
 
      
 
262
 
269
263
      <varlistentry>
270
264
        <term><option>--email
271
265
        <replaceable>ADDRESS</replaceable></option></term>
277
271
          </para>
278
272
        </listitem>
279
273
      </varlistentry>
280
 
      
 
274
 
281
275
      <varlistentry>
282
276
        <term><option>--comment
283
277
        <replaceable>TEXT</replaceable></option></term>
290
284
          </para>
291
285
        </listitem>
292
286
      </varlistentry>
293
 
      
 
287
 
294
288
      <varlistentry>
295
289
        <term><option>--expire
296
290
        <replaceable>TIME</replaceable></option></term>
304
298
          </para>
305
299
        </listitem>
306
300
      </varlistentry>
307
 
      
 
301
 
308
302
      <varlistentry>
309
303
        <term><option>--force</option></term>
310
304
        <term><option>-f</option></term>
332
326
          </para>
333
327
        </listitem>
334
328
      </varlistentry>
335
 
      <varlistentry>
336
 
        <term><option>--passfile
337
 
        <replaceable>FILE</replaceable></option></term>
338
 
        <term><option>-F
339
 
        <replaceable>FILE</replaceable></option></term>
340
 
        <listitem>
341
 
          <para>
342
 
            The same as <option>--password</option>, but read from
343
 
            <replaceable>FILE</replaceable>, not the terminal.
344
 
          </para>
345
 
        </listitem>
346
 
      </varlistentry>
347
329
    </variablelist>
348
330
  </refsect1>
349
 
  
 
331
 
350
332
  <refsect1 id="overview">
351
333
    <title>OVERVIEW</title>
352
334
    <xi:include href="overview.xml"/>
356
338
      <filename>clients.conf</filename> on the server.
357
339
    </para>
358
340
  </refsect1>
359
 
  
 
341
 
360
342
  <refsect1 id="exit_status">
361
343
    <title>EXIT STATUS</title>
362
344
    <para>
419
401
      </varlistentry>
420
402
    </variablelist>
421
403
  </refsect1>
422
 
  
 
404
 
423
405
<!--   <refsect1 id="bugs"> -->
424
406
<!--     <title>BUGS</title> -->
425
407
<!--     <para> -->
426
408
<!--     </para> -->
427
409
<!--   </refsect1> -->
428
 
  
 
410
 
429
411
  <refsect1 id="example">
430
412
    <title>EXAMPLE</title>
431
413
    <informalexample>
472
454
      </para>
473
455
    </informalexample>
474
456
  </refsect1>
475
 
  
 
457
 
476
458
  <refsect1 id="security">
477
459
    <title>SECURITY</title>
478
460
    <para>
487
469
      <manvolnum>8</manvolnum></citerefentry>.
488
470
    </para>
489
471
  </refsect1>
490
 
  
 
472
 
491
473
  <refsect1 id="see_also">
492
474
    <title>SEE ALSO</title>
493
475
    <para>
497
479
      <manvolnum>5</manvolnum></citerefentry>,
498
480
      <citerefentry><refentrytitle>mandos</refentrytitle>
499
481
      <manvolnum>8</manvolnum></citerefentry>,
500
 
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
 
482
      <citerefentry><refentrytitle>password-request</refentrytitle>
501
483
      <manvolnum>8mandos</manvolnum></citerefentry>
502
484
    </para>
503
485
  </refsect1>