/mandos/trunk : revision 541

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2011-12-31 20:07:11 UTC
mfrom: (535.1.9 wireless-network-hook)
Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r

Merge new wireless network hook. Fix bridge network hook to use
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.

files removed:
debian/mandos-client.examples

initramfs-unpack

mandos.service

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.docs

debian/mandos-client.lintian-overrides

debian/mandos.dirs

debian/mandos.postinst

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

network-hooks.d/bridge

network-hooks.d/openvpn

network-hooks.d/wireless

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2013-10-26">

<!ENTITY TIMESTAMP "2011-11-26">

<!ENTITY % common SYSTEM "common.ent">

%common;

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

101

<sbr/>

102

100

<arg><option>--statedir

103

101

<replaceable>DIRECTORY</replaceable></option></arg>

104

<sbr/>

105

<arg><option>--socket

106

107

<sbr/>

108

<arg><option>--foreground</option></arg>

109

102

</cmdsynopsis>

110

103

111

104

<command>&COMMANDNAME;</command>

234

227

<term><option>--priority <replaceable>

235

228

PRIORITY</replaceable></option></term>

236

229

237

<xi:include href="mandos-options.xml"

238

xpointer="priority_compat"/>

230

<xi:include href="mandos-options.xml" xpointer="priority"/>

239

231

</listitem>

240

232

</varlistentry>

241

233

293

285

<term><option>--no-restore</option></term>

294

286

295

287

<xi:include href="mandos-options.xml" xpointer="restore"/>

296

<para>

297

See also <xref linkend="persistent_state"/>.

298

</para>

299

288

</listitem>

300

289

</varlistentry>

301

290

306

295

<xi:include href="mandos-options.xml" xpointer="statedir"/>

307

296

</listitem>

308

297

</varlistentry>

309

310

311

<term><option>--socket

312

313

314

<xi:include href="mandos-options.xml" xpointer="socket"/>

315

</listitem>

316

</varlistentry>

317

318

319

<term><option>--foreground</option></term>

320

321

<xi:include href="mandos-options.xml"

322

xpointer="foreground"/>

323

</listitem>

324

</varlistentry>

325

326

298

</variablelist>

327

299

</refsect1>

328

300

405

377

extended timeout, checker program, and interval between checks

406

378

can be configured both globally and per client; see

407

379

<citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>

408

<manvolnum>5</manvolnum></citerefentry>.

380

<manvolnum>5</manvolnum></citerefentry>. A client successfully

381

receiving its password will also be treated as a successful

382

checker run.

409

383

</para>

410

384

</refsect1>

411

385

439

413

</para>

440

414

</refsect1>

441

415

442

443

<title>PERSISTENT STATE</title>

444

<para>

445

Client settings, initially read from

446

<filename>clients.conf</filename>, are persistent across

447

restarts, and run-time changes will override settings in

448

<filename>clients.conf</filename>. However, if a setting is

449

<emphasis>changed</emphasis> (or a client added, or removed) in

450

<filename>clients.conf</filename>, this will take precedence.

451

</para>

452

</refsect1>

453

454

416

455

417

<title>D-BUS INTERFACE</title>

456

418

<para>

518

480

</listitem>

519

481

</varlistentry>

520

482

521

<term><filename>/run/mandos.pid</filename></term>

483

<term><filename>/var/run/mandos.pid</filename></term>

522

484

523

485

<para>

524

486

The file containing the process id of the

525

487

<command>&COMMANDNAME;</command> process started last.

526

<emphasis >Note:</emphasis> If the <filename

527

class="directory">/run</filename> directory does not

528

exist, <filename>/var/run/mandos.pid</filename> will be

529

used instead.

530

488

</para>

531

489

</listitem>

532

490

</varlistentry>

577

535

There is no fine-grained control over logging and debug output.

578

536

</para>

579

537

<para>

538

Debug mode is conflated with running in the foreground.

539

</para>

540

<para>

580

541

This server does not check the expire time of clients’ OpenPGP

581

542

keys.

582

543

</para>

Older »