/mandos/trunk : revision 223

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.xml

Committer: Teddy Hogeborn
Date: 2008-10-03 09:32:30 UTC
Revision ID: teddy@fukt.bsnet.se-20081003093230-rshn19e0c19zz12i

* .bzrignore (plugins.d/askpass-fifo): Added.

* Makefile (FORTIFY): Added "-fstack-protector-all".
  (mandos, mandos-keygen): Use more strict regexps when updating the
                           version number.

* mandos (Client.__init__): Use os.path.expandvars() and
                            os.path.expanduser() on the "secfile"
                            config value.

* plugins.d/splashy.c: Update comments and order of #include's.
  (main): Check user and group when looking for running splashy
          process.  Do not ignore ENOENT from execl().  Use _exit()
          instead of "return" when an error happens in child
          processes.  Bug fix: Only wait for splashy_update
          completion if it was started.  Bug fix: detect failing
          waitpid().  Only kill splashy_update if it is running.  Do
          the killing of the old splashy process before the fork().
          Do setsid() and setuid(geteuid()) before starting the new
          splashy.  Report failing execl().

* plugins.d/usplash.c: Update comments and order of #include's.
  (main): Check user and group when looking for running usplash
          process.  Do not report execv() error if interrupted by a
          signal.

files added:
debian/mandos-client.config

debian/mandos-client.templates

debian/mandos.config

debian/mandos.templates

debian/po/POTFILES.in

debian/po/sv.po

files removed:
DBUS-API

NEWS

dbus-mandos.conf

debian/mandos-client.examples

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

debian/watch

initramfs-unpack

intro.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos.lsm

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugins.d/askpass-fifo.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.xml

plugins.d/usplash.xml

files modified:
.bzrignore

INSTALL

Makefile

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

plugin-runner.xml

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY COMMANDNAME "plugin-runner">

<!ENTITY TIMESTAMP "2015-06-28">

<!ENTITY TIMESTAMP "2008-09-30">

<!ENTITY % common SYSTEM "common.ent">

%common;

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@recompile.se</email>

<email>belorn@fukt.bsnet.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@recompile.se</email>

<email>teddy@fukt.bsnet.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

114

112

<arg><option>--plugin-dir=<replaceable

115

113

>DIRECTORY</replaceable></option></arg>

116

114

<sbr/>

117

<arg><option>--plugin-helper-dir=<replaceable

118

>DIRECTORY</replaceable></option></arg>

119

<sbr/>

120

115

<arg><option>--config-file=<replaceable

121

116

>FILE</replaceable></option></arg>

122

117

<sbr/>

264

259

Disable the plugin named

265

260

<replaceable>PLUGIN</replaceable>. The plugin will not be

266

261

started.

267

</para>

262

</para>

268

263

</listitem>

269

264

</varlistentry>

270

265

323

318

</varlistentry>

324

319

325

320

326

<term><option>--plugin-helper-dir

327

<replaceable>DIRECTORY</replaceable></option></term>

328

329

<para>

330

Specify a different plugin helper directory. The default

331

is <filename>/lib/mandos/plugin-helpers</filename>, which

332

will exist in the initial <acronym>RAM</acronym> disk

333

environment. (This will simply be passed to all plugins

334

via the <envar>MANDOSPLUGINHELPERDIR</envar> environment

335

variable. See <xref linkend="writing_plugins"/>)

336

</para>

337

</listitem>

338

</varlistentry>

339

340

341

321

<term><option>--config-file

342

322

343

323

444

424

<para>

445

425

The plugin will run in the initial RAM disk environment, so

446

426

care must be taken not to depend on any files or running

447

services not available there. Any helper executables required

448

by the plugin (which are not in the <envar>PATH</envar>) can

449

be placed in the plugin helper directory, the name of which

450

will be made available to the plugin via the

451

<envar>MANDOSPLUGINHELPERDIR</envar> environment variable.

427

services not available there.

452

428

</para>

453

429

<para>

454

430

The plugin must exit cleanly and free all allocated resources

497

473

only passes on its environment to all the plugins. The

498

474

environment passed to plugins can be modified using the

499

475

<option>--global-env</option> and <option>--env-for</option>

500

options. Also, the <option>--plugin-helper-dir</option> option

501

will affect the environment variable

502

<envar>MANDOSPLUGINHELPERDIR</envar> for the plugins.

476

options.

503

477

</para>

504

478

</refsect1>

505

479

596

570

</informalexample>

597

571

598

572

<para>

599

Read a different configuration file, run plugins from a

600

different directory, specify an alternate plugin helper

601

directory and add two options to the

573

Run plugins from a different directory, read a different

574

configuration file, and add two options to the

602

575

<citerefentry><refentrytitle >mandos-client</refentrytitle>

603

576

<manvolnum>8mandos</manvolnum></citerefentry> plugin:

604

577

</para>

605

578

<para>

606

579

607

580

608

<userinput>cd /etc/keys/mandos; &COMMANDNAME; --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/x86_64-linux-gnu/mandos/plugins.d --plugin-helper-dir /usr/lib/x86_64-linux-gnu/mandos/plugin-helpers --options-for=mandos-client:--pubkey=pubkey.txt,--seckey=seckey.txt</userinput>

581

<userinput>&COMMANDNAME; --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/mandos/plugins.d --options-for=mandos-client:--pubkey=/etc/keys/mandos/pubkey.txt,--seckey=/etc/keys/mandos/seckey.txt</userinput>

609

582

610

583

</para>

611

584

</informalexample>

643

616

644

617

645

618

<para>

646

<citerefentry><refentrytitle>intro</refentrytitle>

647

<manvolnum>8mandos</manvolnum></citerefentry>,

648

619

<citerefentry><refentrytitle>cryptsetup</refentrytitle>

649

620

<manvolnum>8</manvolnum></citerefentry>,

650

621

<citerefentry><refentrytitle>crypttab</refentrytitle>

Older »