6
[[file:/usr/share/common-licenses/GPL-3][GPLv3]]
6
** [#A] Change syntax for arguments
7
9
** [#A] Man page: man8/mandos-client.8mandos
11
Needs options listed, not just "[OPTION...]"
13
Move options to new OPTIONS section.
14
State that this command is not meant to be invoked directly, but
15
is meant to be run by cryptsetup by being specified in
16
/etc/crypttab and only run in the initrd environment, not the real
9
21
Describe the plus sign syntax for passing options from crypttab
13
23
Examples of normal usage, debug usage, debugging single or all
14
24
plugins, examples of crypttab lines with plus syntax, etc.
26
Describe plugin directory
32
Create this section (if needed)
24
Explaining test on what you can read
25
** Use asprintf instead of malloc and strcat?
36
Refer to mandos(8), password-request(8mandos), and
37
password-prompt(8mandos)
38
** [#B] Fix %d format strings to use [[https://secure.wikimedia.org/wikipedia/en/wiki/Inttypes.h][<inttypes.h>]]
26
39
** use strsep instead of strtok?
27
40
** use config file in addition to arguments
28
41
** pass things in environment, like device name, etc
43
As a fallback, if no plugins can be found or if all of them failed,
44
run getpass(3) itself.
31
47
** [#A] Man page: man8/password-request.8mandos
32
** [#B] Temporarily lower kernel log level
33
for less printouts during sucessfull boot.
49
Needs options listed, not just "[OPTION...]"
35
51
Move options to new OPTIONS section.
36
52
State that this command is not meant to be invoked directly, but
54
70
Create this section
56
72
Refer to mandos-client(8mandos) and password-prompt(8mandos)
57
** Use asprintf instead of malloc and memcpy?
73
** [#B] Fix %d format strings to use [[https://secure.wikimedia.org/wikipedia/en/wiki/Inttypes.h][<inttypes.h>]]
74
** start_mandos_communication: loop around gnutls_handshake
75
[[info:gnutls.info.gz:Core%20functions][gnutls_handshake]]
59
77
** use strsep instead of strtok?
60
** Do not depend on GnuPG key rings on disk
61
This would mean creating new GnuPG key rings with GPGME by
62
importing the key files from scratch on every program start.
78
** Do not depend on GPG key rings on disk
79
This would mean creating new GPG key rings with GPGME by importing
80
the key files from scratch on every program start.
65
83
** [#A] Man page: man8/password-prompt.8mandos
85
Needs options listed, not just "[OPTION...]"
67
87
Move options to new OPTIONS section.
87
107
does not. See also [[http://sources.redhat.com/ml/libc-alpha/2003-05/msg00251.html][Marcus Brinkmann: Re: getpass obsolete?]] and
88
108
[[http://article.gmane.org/gmane.comp.lib.glibc.alpha/4906][Petter Reinholdtsen: Re: getpass obsolete?]], and especially also
89
109
[[http://www.steve.org.uk/Reference/Unix/faq_4.html#SEC48][Unix Programming FAQ 3.1 How can I make my program not echo input?]]
90
** Replace completely with "/lib/cryptsetup/askpass"?
93
112
** [#A] Command man page: man8/mandos.8
114
Needs options listed, not just "[OPTION...]"
95
116
Move options to new OPTIONS section
139
*** DONE [#A] Change initrd.img file to not be publically readable
140
/usr/share/initramfs-tools/conf-hooks.d/mandos
142
*** Update initrd.img after installation
144
*** [#A] Create mandos user and group for server
145
*** [#A] Create /var/run/mandos directory with perm and ownership
148
*** [#A] Command man page: man8/mandos-keygen.8
149
*** [#A] Output cut-and-paste ready snippet for clients.conf.
152
** /usr/share/initramfs-tools/hooks/mandos
153
*** Do not install in initrd.img if configured not to
154
Use "/etc/initramfs-tools/conf.d/mandos"? Definitely a debconf
157
** DONE [#A] Change initrd.img file to not be publically readable
158
/etc/initramfs-tools/conf.d/mandos
160
** [#A] Create /etc/initramfs-tools/hooks/mandos
161
[[file:/usr/share/doc/initramfs-tools/examples/example_hook][Example initramfs-tools hook script]]
162
** [#A] Create GPG key ring files in initrd
163
** [#A] Create mandos user and group for server
164
** [#A] Create /var/run/mandos directory with perm and ownership
156
167
** /etc/bash_completion.d/mandos
157
*** From xml sources directly?