/mandos/trunk : revision 24.1.51

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to TODO

Committer: Björn Påhlsson
Date: 2008-08-15 20:17:32 UTC
mto: (24.1.154 mandos) (237.4.3 mandos-release)
mto: This revision was merged to the branch mainline in revision 77.
Revision ID: belorn@braxen-20080815201732-b7uux3yqs05b3fy9

Added configuration files support for mandos-client
Removed plus argument support for mandos-client

files added:
COPYING

initramfs-tools-hook

initramfs-tools-hook-conf

mandos-keygen

files modified:
Makefile

TODO

clients.conf

mandos

mandos-client.c

mandos-client.xml

mandos.xml

plugins.d/password-prompt.c

plugins.d/password-request.c

Show diffs side-by-side

added added

removed removed

TODO

* [#A] README file

* [#A] COPYING file

[[file:/usr/share/common-licenses/GPL-3][GPLv3]]

* Mandos-client

** [#A] Change syntax for arguments

** [#A] Man page: man8/mandos-client.8mandos

*** SYNOPSIS

Needs options listed, not just "[OPTION...]"

*** DESCRIPTION

Move options to new OPTIONS section.

State that this command is not meant to be invoked directly, but

is meant to be run by cryptsetup by being specified in

/etc/crypttab and only run in the initrd environment, not the real

system.

*** EXIT STATUS

Create this section

*** USAGE

Describe the plus sign syntax for passing options from crypttab

*** EXIT STATUS

Text needed

*** EXAMPLES

Examples of normal usage, debug usage, debugging single or all

plugins, examples of crypttab lines with plus syntax, etc.

*** FILES

Describe plugin directory

*** DIAGNOSTICS

Create this section

Text needed

*** SECURITY

Create this section

Text needed

*** NOTES

Create this section (if needed)

Text needed

*** BUGS

Create this section

Text needed

*** SEE ALSO

Refer to mandos(8), password-request(8mandos), and

password-prompt(8mandos)

** [#B] Fix %d format strings to use [[https://secure.wikimedia.org/wikipedia/en/wiki/Inttypes.h][<inttypes.h>]]

Explaining test on what you can read

** Use asprintf instead of malloc and strcat?

** use strsep instead of strtok?

** use config file in addition to arguments

** pass things in environment, like device name, etc

** Fallback

As a fallback, if no plugins can be found or if all of them failed,

run getpass(3) itself.

* Password-request

** [#A] Man page: man8/password-request.8mandos

*** SYNOPSIS

Needs options listed, not just "[OPTION...]"

** [#B] Temporarily lower kernel log level

for less printouts during sucessfull boot.

*** DESCRIPTION

Move options to new OPTIONS section.

State that this command is not meant to be invoked directly, but

Create this section

*** SEE ALSO

Refer to mandos-client(8mandos) and password-prompt(8mandos)

** [#B] Fix %d format strings to use [[https://secure.wikimedia.org/wikipedia/en/wiki/Inttypes.h][<inttypes.h>]]

** start_mandos_communication: loop around gnutls_handshake

[[info:gnutls.info.gz:Core%20functions][gnutls_handshake]]

** Use asprintf instead of malloc and memcpy?

** IPv4 support

** use strsep instead of strtok?

** Do not depend on GPG key rings on disk

This would mean creating new GPG key rings with GPGME by importing

the key files from scratch on every program start.

** Do not depend on GnuPG key rings on disk

This would mean creating new GnuPG key rings with GPGME by

importing the key files from scratch on every program start.

* Password-prompt

** [#A] Man page: man8/password-prompt.8mandos

*** SYNOPSIS

Needs options listed, not just "[OPTION...]"

*** DESCRIPTION

Move options to new OPTIONS section.

*** EXIT STATUS

107

does not. See also [[http://sources.redhat.com/ml/libc-alpha/2003-05/msg00251.html][Marcus Brinkmann: Re: getpass obsolete?]] and

108

[[http://article.gmane.org/gmane.comp.lib.glibc.alpha/4906][Petter Reinholdtsen: Re: getpass obsolete?]], and especially also

109

[[http://www.steve.org.uk/Reference/Unix/faq_4.html#SEC48][Unix Programming FAQ 3.1 How can I make my program not echo input?]]

** Replace completely with "/lib/cryptsetup/askpass"?

110

111

* Mandos (server)

112

** [#A] Command man page: man8/mandos.8

113

*** SYNOPSIS

114

Needs options listed, not just "[OPTION...]"

115

*** DESCRIPTION

116

Move options to new OPTIONS section

117

*** EXIT STATUS

146

125

[[info:standards:Option%20Table][Table of Long Options]]

147

126

** Implement --socket

148

127

[[info:standards:Option%20Table][Table of Long Options]]

128

** Date+time on console log messages

129

Is this the default?

149

130

150

131

* Mandos-tools/utilities

151

132

All of this probably using D-Bus

154

135

** Enable client

155

136

156

137

* Installer

157

** DONE [#A] Change initrd.img file to not be publically readable

158

/etc/initramfs-tools/conf.d/mandos

159

UMASK=027

160

** [#A] Create /etc/initramfs-tools/hooks/mandos

161

[[file:/usr/share/doc/initramfs-tools/examples/example_hook][Example initramfs-tools hook script]]

162

** [#A] Create GPG key ring files in initrd

163

** [#A] Create mandos user and group for server

164

** [#A] Create /var/run/mandos directory with perm and ownership

165

166

* Package

138

** Client

139

*** DONE [#A] Change initrd.img file to not be publically readable

140

/usr/share/initramfs-tools/conf-hooks.d/mandos

141

UMASK=027

142

*** Update initrd.img after installation

143

** Server

144

*** [#A] Create mandos user and group for server

145

*** [#A] Create /var/run/mandos directory with perm and ownership

146

147

** mandos-keygen

148

*** [#A] Command man page: man8/mandos-keygen.8

149

*** [#A] Output cut-and-paste ready snippet for clients.conf.

150

151

* [#A] Package

152

** /usr/share/initramfs-tools/hooks/mandos

153

*** Do not install in initrd.img if configured not to

154

Use "/etc/initramfs-tools/conf.d/mandos"? Definitely a debconf

155

question.

167

156

** /etc/bash_completion.d/mandos

157

*** From xml sources directly?

158

** unperish

159

** bzr-builddeb

168

160

169

161

* INSTALL file

170

162

Older »