/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.xml

  • Committer: Teddy Hogeborn
  • Date: 2009-01-06 22:54:01 UTC
  • Revision ID: teddy@fukt.bsnet.se-20090106225401-7l9f7s3hw9eissra
* mandos (main): Try to find non-privileged user+group in pairs, so
                 that mismatched pairs are never used.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "plugin-runner">
5
 
<!ENTITY TIMESTAMP "2015-07-20">
 
5
<!ENTITY TIMESTAMP "2009-01-04">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
19
19
        <firstname>Björn</firstname>
20
20
        <surname>Påhlsson</surname>
21
21
        <address>
22
 
          <email>belorn@recompile.se</email>
 
22
          <email>belorn@fukt.bsnet.se</email>
23
23
        </address>
24
24
      </author>
25
25
      <author>
26
26
        <firstname>Teddy</firstname>
27
27
        <surname>Hogeborn</surname>
28
28
        <address>
29
 
          <email>teddy@recompile.se</email>
 
29
          <email>teddy@fukt.bsnet.se</email>
30
30
        </address>
31
31
      </author>
32
32
    </authorgroup>
33
33
    <copyright>
34
34
      <year>2008</year>
35
35
      <year>2009</year>
36
 
      <year>2010</year>
37
 
      <year>2011</year>
38
 
      <year>2012</year>
39
 
      <year>2013</year>
40
 
      <year>2014</year>
41
 
      <year>2015</year>
42
36
      <holder>Teddy Hogeborn</holder>
43
37
      <holder>Björn Påhlsson</holder>
44
38
    </copyright>
119
113
      <arg><option>--plugin-dir=<replaceable
120
114
      >DIRECTORY</replaceable></option></arg>
121
115
      <sbr/>
122
 
      <arg><option>--plugin-helper-dir=<replaceable
123
 
      >DIRECTORY</replaceable></option></arg>
124
 
      <sbr/>
125
116
      <arg><option>--config-file=<replaceable
126
117
      >FILE</replaceable></option></arg>
127
118
      <sbr/>
269
260
            Disable the plugin named
270
261
            <replaceable>PLUGIN</replaceable>.  The plugin will not be
271
262
            started.
272
 
          </para>
 
263
          </para>       
273
264
        </listitem>
274
265
      </varlistentry>
275
266
      
328
319
      </varlistentry>
329
320
      
330
321
      <varlistentry>
331
 
        <term><option>--plugin-helper-dir
332
 
        <replaceable>DIRECTORY</replaceable></option></term>
333
 
        <listitem>
334
 
          <para>
335
 
            Specify a different plugin helper directory.  The default
336
 
            is <filename>/lib/mandos/plugin-helpers</filename>, which
337
 
            will exist in the initial <acronym>RAM</acronym> disk
338
 
            environment.  (This will simply be passed to all plugins
339
 
            via the <envar>MANDOSPLUGINHELPERDIR</envar> environment
340
 
            variable.  See <xref linkend="writing_plugins"/>)
341
 
          </para>
342
 
        </listitem>
343
 
      </varlistentry>
344
 
      
345
 
      <varlistentry>
346
322
        <term><option>--config-file
347
323
        <replaceable>FILE</replaceable></option></term>
348
324
        <listitem>
449
425
      <para>
450
426
        The plugin will run in the initial RAM disk environment, so
451
427
        care must be taken not to depend on any files or running
452
 
        services not available there.  Any helper executables required
453
 
        by the plugin (which are not in the <envar>PATH</envar>) can
454
 
        be placed in the plugin helper directory, the name of which
455
 
        will be made available to the plugin via the
456
 
        <envar>MANDOSPLUGINHELPERDIR</envar> environment variable.
 
428
        services not available there.
457
429
      </para>
458
430
      <para>
459
431
        The plugin must exit cleanly and free all allocated resources
502
474
      only passes on its environment to all the plugins.  The
503
475
      environment passed to plugins can be modified using the
504
476
      <option>--global-env</option> and <option>--env-for</option>
505
 
      options.  Also, the <option>--plugin-helper-dir</option> option
506
 
      will affect the environment variable
507
 
      <envar>MANDOSPLUGINHELPERDIR</envar> for the plugins.
 
477
      options.
508
478
    </para>
509
479
  </refsect1>
510
480
  
601
571
    </informalexample>
602
572
    <informalexample>
603
573
      <para>
604
 
        Read a different configuration file, run plugins from a
605
 
        different directory, specify an alternate plugin helper
606
 
        directory and add two options to the
 
574
        Run plugins from a different directory, read a different
 
575
        configuration file, and add two options to the
607
576
        <citerefentry><refentrytitle >mandos-client</refentrytitle>
608
577
        <manvolnum>8mandos</manvolnum></citerefentry> plugin:
609
578
      </para>
610
579
      <para>
611
580
 
612
581
<!-- do not wrap this line -->
613
 
<userinput>cd /etc/keys/mandos; &COMMANDNAME;  --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/x86_64-linux-gnu/mandos/plugins.d --plugin-helper-dir /usr/lib/x86_64-linux-gnu/mandos/plugin-helpers --options-for=mandos-client:--pubkey=pubkey.txt,--seckey=seckey.txt</userinput>
 
582
<userinput>&COMMANDNAME;  --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/mandos/plugins.d --options-for=mandos-client:--pubkey=/etc/keys/mandos/pubkey.txt,--seckey=/etc/keys/mandos/seckey.txt</userinput>
614
583
 
615
584
      </para>
616
585
    </informalexample>
648
617
  <refsect1 id="see_also">
649
618
    <title>SEE ALSO</title>
650
619
    <para>
651
 
      <citerefentry><refentrytitle>intro</refentrytitle>
652
 
      <manvolnum>8mandos</manvolnum></citerefentry>,
653
620
      <citerefentry><refentrytitle>cryptsetup</refentrytitle>
654
621
      <manvolnum>8</manvolnum></citerefentry>,
655
622
      <citerefentry><refentrytitle>crypttab</refentrytitle>