/mandos/trunk : revision 585

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-options.xml

Committer: Teddy Hogeborn
Date: 2012-05-17 01:55:58 UTC
Revision ID: teddy@recompile.se-20120517015558-5703p8nkquc2rhgd

* .bzrignore (statedir): Added.

files removed:
debian/mandos-client.examples

debian/upstream

debian/upstream/signing-key.asc

initramfs-unpack

mandos.service

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

files modified:
DBUS-API

INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.docs

debian/mandos-client.lintian-overrides

debian/mandos.dirs

debian/mandos.postinst

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

network-hooks.d/bridge

network-hooks.d/openvpn

network-hooks.d/wireless

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

mandos-options.xml

<emphasis>not</emphasis> run in debug mode.

</para>

GnuTLS priority string for the <acronym>TLS</acronym> handshake.

The default is <quote><literal

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal>

<literal>:+SIGN-RSA-SHA224:+SIGN-RSA-RMD160</literal></quote>.

See <citerefentry><refentrytitle

>gnutls_priority_init</refentrytitle>

<manvolnum>3</manvolnum></citerefentry> for the syntax.

<emphasis>Warning</emphasis>: changing this may make the

<acronym>TLS</acronym> handshake fail, making server-client

communication impossible. Changing this option may also make the

network traffic decryptable by an attacker.

</para>

GnuTLS priority string for the <acronym>TLS</acronym> handshake.

The default is <quote><literal

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA</literal></quote>.

See <citerefentry><refentrytitle

>gnutls_priority_init</refentrytitle>

>SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP</literal></quote>. See

<citerefentry><refentrytitle>gnutls_priority_init</refentrytitle>

<manvolnum>3</manvolnum></citerefentry> for the syntax.

<emphasis>Warning</emphasis>: changing this may make the

<acronym>TLS</acronym> handshake fail, making server-client

communication impossible. Changing this option may also make the

network traffic decryptable by an attacker.

communication impossible.

</para>

113

class="directory">/var/lib/mandos</filename></quote>.

114

</para>

115

116

117

If this option is used, the server will not create a new network

118

socket, but will instead use the supplied file descriptor. By

119

default, the server will create a new network socket.

120

</para>

121

122

123

This option will make the server run in the foreground and not

124

write a PID file. The default is to <emphasis>not</emphasis> run

125

in the foreground, except in <option>debug</option> mode, which

126

implies this option.

127

</para>

128

129

130

This option controls whether the server will announce its

131

existence using Zeroconf. Default is to use Zeroconf. If

132

Zeroconf is not used, a <option>port</option> number or a

133

<option>socket</option> is required.

134

</para>

135

136

100

</section>

Older »