/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

merge

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY VERSION "1.0">
5
5
<!ENTITY COMMANDNAME "mandos">
6
 
<!ENTITY TIMESTAMP "2008-09-02">
 
6
<!ENTITY TIMESTAMP "2008-09-21">
7
7
]>
8
8
 
9
9
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
36
36
    </copyright>
37
37
    <xi:include href="legalnotice.xml"/>
38
38
  </refentryinfo>
39
 
 
 
39
  
40
40
  <refmeta>
41
41
    <refentrytitle>&COMMANDNAME;</refentrytitle>
42
42
    <manvolnum>8</manvolnum>
48
48
      Gives encrypted passwords to authenticated Mandos clients
49
49
    </refpurpose>
50
50
  </refnamediv>
51
 
 
 
51
  
52
52
  <refsynopsisdiv>
53
53
    <cmdsynopsis>
54
54
      <command>&COMMANDNAME;</command>
100
100
      <arg choice="plain"><option>--check</option></arg>
101
101
    </cmdsynopsis>
102
102
  </refsynopsisdiv>
103
 
 
 
103
  
104
104
  <refsect1 id="description">
105
105
    <title>DESCRIPTION</title>
106
106
    <para>
186
186
          <xi:include href="mandos-options.xml" xpointer="debug"/>
187
187
        </listitem>
188
188
      </varlistentry>
189
 
 
 
189
      
190
190
      <varlistentry>
191
191
        <term><option>--priority <replaceable>
192
192
        PRIORITY</replaceable></option></term>
194
194
          <xi:include href="mandos-options.xml" xpointer="priority"/>
195
195
        </listitem>
196
196
      </varlistentry>
197
 
 
 
197
      
198
198
      <varlistentry>
199
199
        <term><option>--servicename
200
200
        <replaceable>NAME</replaceable></option></term>
203
203
                      xpointer="servicename"/>
204
204
        </listitem>
205
205
      </varlistentry>
206
 
 
 
206
      
207
207
      <varlistentry>
208
208
        <term><option>--configdir
209
209
        <replaceable>DIRECTORY</replaceable></option></term>
218
218
          </para>
219
219
        </listitem>
220
220
      </varlistentry>
221
 
 
 
221
      
222
222
      <varlistentry>
223
223
        <term><option>--version</option></term>
224
224
        <listitem>
229
229
      </varlistentry>
230
230
    </variablelist>
231
231
  </refsect1>
232
 
 
 
232
  
233
233
  <refsect1 id="overview">
234
234
    <title>OVERVIEW</title>
235
235
    <xi:include href="overview.xml"/>
239
239
      <acronym>RAM</acronym> disk environment.
240
240
    </para>
241
241
  </refsect1>
242
 
 
 
242
  
243
243
  <refsect1 id="protocol">
244
244
    <title>NETWORK PROTOCOL</title>
245
245
    <para>
297
297
      </row>
298
298
    </tbody></tgroup></table>
299
299
  </refsect1>
300
 
 
 
300
  
301
301
  <refsect1 id="checking">
302
302
    <title>CHECKING</title>
303
303
    <para>
311
311
      <manvolnum>5</manvolnum></citerefentry>.
312
312
    </para>
313
313
  </refsect1>
314
 
 
 
314
  
315
315
  <refsect1 id="logging">
316
316
    <title>LOGGING</title>
317
317
    <para>
321
321
      and also show them on the console.
322
322
    </para>
323
323
  </refsect1>
324
 
 
 
324
  
325
325
  <refsect1 id="exit_status">
326
326
    <title>EXIT STATUS</title>
327
327
    <para>
329
329
      critical error is encountered.
330
330
    </para>
331
331
  </refsect1>
332
 
 
 
332
  
333
333
  <refsect1 id="environment">
334
334
    <title>ENVIRONMENT</title>
335
335
    <variablelist>
349
349
      </varlistentry>
350
350
    </variablelist>
351
351
  </refsect1>
352
 
 
 
352
  
353
353
  <refsect1 id="file">
354
354
    <title>FILES</title>
355
355
    <para>
379
379
        </listitem>
380
380
      </varlistentry>
381
381
      <varlistentry>
382
 
        <term><filename>/var/run/mandos/mandos.pid</filename></term>
 
382
        <term><filename>/var/run/mandos.pid</filename></term>
383
383
        <listitem>
384
384
          <para>
385
385
            The file containing the process id of
434
434
      Debug mode is conflated with running in the foreground.
435
435
    </para>
436
436
    <para>
437
 
      The console log messages does not show a timestamp.
 
437
      The console log messages does not show a time stamp.
 
438
    </para>
 
439
    <para>
 
440
      This server does not check the expire time of clients’ OpenPGP
 
441
      keys.
438
442
    </para>
439
443
  </refsect1>
440
444
  
475
479
      </para>
476
480
    </informalexample>
477
481
  </refsect1>
478
 
 
 
482
  
479
483
  <refsect1 id="security">
480
484
    <title>SECURITY</title>
481
485
    <refsect2 id="SERVER">
483
487
      <para>
484
488
        Running this <command>&COMMANDNAME;</command> server program
485
489
        should not in itself present any security risk to the host
486
 
        computer running it.  The program does not need any special
487
 
        privileges to run, and is designed to run as a non-root user.
 
490
        computer running it.  The program switches to a non-root user
 
491
        soon after startup.
488
492
      </para>
489
493
    </refsect2>
490
494
    <refsect2 id="CLIENTS">
500
504
        <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
501
505
        <manvolnum>5</manvolnum></citerefentry>)
502
506
        <emphasis>must</emphasis> be made non-readable by anyone
503
 
        except the user running the server.
 
507
        except the user starting the server (usually root).
504
508
      </para>
505
509
      <para>
506
510
        As detailed in <xref linkend="checking"/>, the status of all
525
529
      </para>
526
530
      <para>
527
531
        For more details on client-side security, see
528
 
        <citerefentry><refentrytitle>password-request</refentrytitle>
 
532
        <citerefentry><refentrytitle>mandos-client</refentrytitle>
529
533
        <manvolnum>8mandos</manvolnum></citerefentry>.
530
534
      </para>
531
535
    </refsect2>
532
536
  </refsect1>
533
 
 
 
537
  
534
538
  <refsect1 id="see_also">
535
539
    <title>SEE ALSO</title>
536
540
    <para>
539
543
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
540
544
        <refentrytitle>mandos.conf</refentrytitle>
541
545
        <manvolnum>5</manvolnum></citerefentry>, <citerefentry>
542
 
        <refentrytitle>password-request</refentrytitle>
 
546
        <refentrytitle>mandos-client</refentrytitle>
543
547
        <manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>
544
548
        <refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum>
545
549
      </citerefentry>