/mandos/trunk : revision 181

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/usplash.xml

Committer: Teddy Hogeborn
Date: 2008-09-08 18:54:47 UTC
Revision ID: teddy@fukt.bsnet.se-20080908185447-dm2ertwxa20qbckf

* INSTALL: Even better text.

files added:
etc-plugins.d-README

plugins.d/usplash

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

DBUS-API

NEWS

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

debian/watch

initramfs-unpack

intro.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos.lsm

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files modified:
.bzrignore

INSTALL

Makefile

README

TODO

clients.conf

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

plugins.d/usplash.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY COMMANDNAME "usplash">

<!ENTITY TIMESTAMP "2012-01-01">

<!ENTITY % common SYSTEM "../common.ent">

%common;

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&version;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@recompile.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@recompile.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

<xi:include href="../legalnotice.xml"/>

</refentryinfo>

<refentrytitle>&COMMANDNAME;</refentrytitle>

<manvolnum>8mandos</manvolnum>

</refmeta>

<refname><command>&COMMANDNAME;</command></refname>

<refpurpose>Mandos plugin to use usplash to get a

password.</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

</cmdsynopsis>

</refsynopsisdiv>

<title>DESCRIPTION</title>

<para>

This program prompts for a password using <citerefentry>

<refentrytitle>usplash</refentrytitle><manvolnum>8</manvolnum>

</citerefentry> and outputs any given password to standard

output. If no <citerefentry><refentrytitle

>usplash</refentrytitle><manvolnum>8</manvolnum></citerefentry>

process can be found, this program will immediately exit with an

exit code indicating failure.

</para>

<para>

This program is not very useful on its own. This program is

really meant to run as a plugin in the <application

>Mandos</application> client-side system, where it is used as a

fallback and alternative to retrieving passwords from a

<application >Mandos</application> server.

</para>

<para>

If this program is killed (presumably by

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

<manvolnum>8mandos</manvolnum></citerefentry> because some other

plugin provided the password), it cannot tell <citerefentry>

<refentrytitle>usplash</refentrytitle><manvolnum>8</manvolnum>

</citerefentry> to abort requesting a password, because

<citerefentry><refentrytitle>usplash</refentrytitle>

<manvolnum>8</manvolnum></citerefentry> does not support this.

Therefore, this program will then <emphasis>kill</emphasis> the

running <citerefentry><refentrytitle>usplash</refentrytitle>

<manvolnum>8</manvolnum></citerefentry> process and start a

<emphasis>new</emphasis> one using the same command line

arguments as the old one was using.

</para>

</refsect1>

<title>OPTIONS</title>

<para>

This program takes no options.

100

</para>

101

</refsect1>

102

103

104

<title>EXIT STATUS</title>

105

<para>

106

If exit status is 0, the output from the program is the password

107

as it was read. Otherwise, if exit status is other than 0, the

108

program was interrupted or encountered an error, and any output

109

so far could be corrupt and/or truncated, and should therefore

110

be ignored.

111

</para>

112

</refsect1>

113

114

115

<title>ENVIRONMENT</title>

116

117

118

<term><envar>cryptsource</envar></term>

119

<term><envar>crypttarget</envar></term>

120

121

<para>

122

If set, these environment variables will be assumed to

123

contain the source device name and the target device

124

mapper name, respectively, and will be shown as part of

125

the prompt.

126

</para>

127

<para>

128

These variables will normally be inherited from

129

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

130

<manvolnum>8mandos</manvolnum></citerefentry>, which will

131

normally have inherited them from

132

<filename>/scripts/local-top/cryptroot</filename> in the

133

initial <acronym>RAM</acronym> disk environment, which will

134

have set them from parsing kernel arguments and

135

<filename>/conf/conf.d/cryptroot</filename> (also in the

136

initial RAM disk environment), which in turn will have been

137

created when the initial RAM disk image was created by

138

<filename

139

>/usr/share/initramfs-tools/hooks/cryptroot</filename>, by

140

extracting the information of the root file system from

141

<filename >/etc/crypttab</filename>.

142

</para>

143

<para>

144

This behavior is meant to exactly mirror the behavior of

145

<command>askpass</command>, the default password prompter.

146

</para>

147

</listitem>

148

</varlistentry>

149

</variablelist>

150

</refsect1>

151

152

153

<title>FILES</title>

154

155

156

<term><filename>/dev/.initramfs/usplash_fifo</filename></term>

157

158

<para>

159

This is the <acronym>FIFO</acronym> to where this program

160

will write the commands for <citerefentry><refentrytitle

161

>usplash</refentrytitle><manvolnum>8</manvolnum>

162

</citerefentry>. See <citerefentry><refentrytitle

163

>fifo</refentrytitle><manvolnum>7</manvolnum>

164

</citerefentry>.

165

</para>

166

</listitem>

167

</varlistentry>

168

169

<term><filename>/dev/.initramfs/usplash_outfifo</filename></term>

170

171

<para>

172

This is the <acronym>FIFO</acronym> where this program

173

will read the password from <citerefentry><refentrytitle

174

>usplash</refentrytitle><manvolnum>8</manvolnum>

175

</citerefentry>. See <citerefentry><refentrytitle

176

>fifo</refentrytitle><manvolnum>7</manvolnum>

177

</citerefentry>.

178

</para>

179

</listitem>

180

</varlistentry>

181

182

183

184

<para>

185

To find the running <citerefentry><refentrytitle

186

>usplash</refentrytitle><manvolnum>8</manvolnum>

187

</citerefentry>, this directory will be searched for

188

numeric entries which will be assumed to be directories.

189

In all those directories, the <filename>exe</filename> and

190

<filename>cmdline</filename> entries will be used to

191

determine the name of the running binary, effective user

192

and group <abbrev>ID</abbrev>, and the command line

193

arguments. See <citerefentry><refentrytitle

194

>proc</refentrytitle><manvolnum>5</manvolnum>

195

</citerefentry>.

196

</para>

197

</listitem>

198

</varlistentry>

199

200

<term><filename>/sbin/usplash</filename></term>

201

202

<para>

203

This is the name of the binary which will be searched for

204

in the process list. See <citerefentry><refentrytitle

205

>usplash</refentrytitle><manvolnum>8</manvolnum>

206

</citerefentry>.

207

</para>

208

</listitem>

209

</varlistentry>

210

</variablelist>

211

</refsect1>

212

213

214

215

<para>

216

Killing <citerefentry><refentrytitle>usplash</refentrytitle>

217

<manvolnum>8</manvolnum></citerefentry> and starting a new one

218

is ugly, but necessary as long as it does not support aborting a

219

password request.

220

</para>

221

</refsect1>

222

223

224

<title>EXAMPLE</title>

225

<para>

226

Note that normally, this program will not be invoked directly,

227

but instead started by the Mandos <citerefentry><refentrytitle

228

>plugin-runner</refentrytitle><manvolnum>8mandos</manvolnum>

229

</citerefentry>.

230

</para>

231

232

<para>

233

This program takes no options.

234

</para>

235

<para>

236

<userinput>&COMMANDNAME;</userinput>

237

</para>

238

</informalexample>

239

</refsect1>

240

241

242

<title>SECURITY</title>

243

<para>

244

If this program is killed by a signal, it will kill the process

245

<abbrev>ID</abbrev> which at the start of this program was

246

determined to run <citerefentry><refentrytitle

247

>usplash</refentrytitle><manvolnum>8</manvolnum></citerefentry>

248

as root (see also <xref linkend="files"/>). There is a very

249

slight risk that, in the time between those events, that process

250

<abbrev>ID</abbrev> was freed and then taken up by another

251

process; the wrong process would then be killed. Now, this

252

program can only be killed by the user who started it; see

253

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

254

<manvolnum>8mandos</manvolnum></citerefentry>. This program

255

should therefore be started by a completely separate

256

non-privileged user, and no other programs should be allowed to

257

run as that special user. This means that it is not recommended

258

to use the user "nobody" to start this program, as other

259

possibly less trusted programs could be running as "nobody", and

260

they would then be able to kill this program, triggering the

261

killing of the process <abbrev>ID</abbrev> which may or may not

262

be <citerefentry><refentrytitle>usplash</refentrytitle>

263

<manvolnum>8</manvolnum></citerefentry>.

264

</para>

265

<para>

266

The only other thing that could be considered worthy of note is

267

this: This program is meant to be run by <citerefentry>

268

<refentrytitle>plugin-runner</refentrytitle><manvolnum

269

>8mandos</manvolnum></citerefentry>, and will, when run

270

standalone, outside, in a normal environment, immediately output

271

on its standard output any presumably secret password it just

272

received. Therefore, when running this program standalone

273

(which should never normally be done), take care not to type in

274

any real secret password by force of habit, since it would then

275

immediately be shown as output.

276

</para>

277

</refsect1>

278

279

280

281

<para>

282

<citerefentry><refentrytitle>intro</refentrytitle>

283

<manvolnum>8mandos</manvolnum></citerefentry>,

284

<citerefentry><refentrytitle>crypttab</refentrytitle>

285

<manvolnum>5</manvolnum></citerefentry>,

286

287

<manvolnum>7</manvolnum></citerefentry>,

288

<citerefentry><refentrytitle>plugin-runner</refentrytitle>

289

<manvolnum>8mandos</manvolnum></citerefentry>,

290

291

<manvolnum>5</manvolnum></citerefentry>,

292

<citerefentry><refentrytitle>usplash</refentrytitle>

293

294

</para>

295

</refsect1>

296

</refentry>

297

298

299

300

301

Older »