7
** [[https://www.freedesktop.org/software/polkit/docs/latest/polkit-apps.html][Writing polkit applications]]
10
** TODO A ~--server~ option which only adds to the server list.
11
(Unlike ~--connect~, which implicitly disables ZeroConf.)
12
** TODO [#B] Use [[man:capabilities][capabilities]] instead of [[info:libc#Setting%20User%20ID][seteuid()]].
13
[[https://forums.grsecurity.net/viewtopic.php?f=7&t=2522]]
14
** TODO [#B] Use ~getaddrinfo(hints=AI_NUMERICHOST)~ instead of ~inet_pton()~
15
** TODO [#C] Make ~start_mandos_communication()~ take ~struct server~.
16
** TODO [#C] ~--interfaces=regex,eth*,noregex~ [[man:bridge-utils-interfaces][bridge-utils-interfaces(5)]]
17
** TODO [#A] Detect partial writes to stdout and exit with ~EX_TEMPFAIL~
20
** TODO [#B] use [[info:libc#Scanning%20Directory%20Content][scandir(3)]] instead of [[info:libc#Reading/Closing%20Directory][readdir(3)]]
21
** TODO [#A] Detect partial writes to stdout and exit with ~EX_TEMPFAIL~
23
* usplash (Deprecated)
24
** TODO [#B] Make it work again
25
** TODO [#B] use [[info:libc#Scanning%20Directory%20Content][scandir(3)]] instead of [[info:libc#Reading/Closing%20Directory][readdir(3)]]
26
** TODO [#A] Detect partial writes to stdout and exit with ~EX_TEMPFAIL~
29
** TODO [#A] Detect partial writes to stdout and exit with ~EX_TEMPFAIL~
32
** TODO [#B] lock stdin (with [[info:libc#File%20Locks][flock()]]?)
33
** TODO [#A] Detect partial writes to stdout and exit with ~EX_TEMPFAIL~
36
** TODO [#A] Detect partial writes to stdout and exit with ~EX_TEMPFAIL~
41
** TODO handle printing for errors for plugins
42
*** Hook up stderr of plugins, buffer them, and prepend "Mandos Plugin [plugin name]"
43
** TODO [#C] use same file name rules as [[man:run-parts][run-parts(8)]]
44
** kernel command line option for debug info
45
** TODO [#A] Restart plugins which exit with ~EX_TEMPFAIL~
48
** TODO [#B] ~--notify-command~
49
This would allow the mandos.service to use
50
~--notify-command="systemd-notify --pid --ready"~
51
** TODO [#B] python-systemd
52
*** import systemd.daemon; systemd.daemon.notify()
53
** TODO [#B] Log level :BUGS:
54
*** TODO /etc/mandos/clients.d/*.conf
55
Watch this directory and add/remove/update clients?
56
** TODO [#C] config for TXT record
57
** TODO Log level dbus option
58
SetLogLevel D-Bus call
59
** TODO [#C] DBusServiceObjectUsingSuper
60
** TODO [#B] Global enable/disable flag
61
** TODO [#B] By-client countdown on number of secrets given
62
** D-Bus Client method NeedsPassword(50) - Timeout, default disapprove
63
+ SetPass("gazonk", True) -> Approval, persistent
64
+ Approve(False) -> Close client connection immediately
65
** TODO [#C] python-parsedatetime
66
** TODO Separate logging logic to own object
67
** TODO [#B] Limit ~approval_delay~ to max GnuTLS/TLS timeout value
68
** TODO [#B] break the wait on ~approval_delay~ if connection dies
69
** TODO Generate ~Client.runtime_expansions~ from client options + extra
70
** TODO Allow %%(checker)s as a runtime expansion
71
** TODO D-Bus AddClient() method on server object
72
** TODO Use org.freedesktop.DBus.Method.NoReply annotation on async methods. :2:
73
** TODO Save state periodically to recover better from hard shutdowns
74
** TODO CheckerCompleted method, deprecate CheckedOK
75
** TODO [[https://standards.freedesktop.org/secret-service/][Secret Service]] API?
76
** TODO Remove D-Bus interfaces with old domain name :2:
77
** TODO Remove old ~string_to_delta~ format :2:
78
** TODO http://0pointer.de/blog/projects/stateless.html
79
*** File in /usr/lib/sysusers.d to create user+group "~_mandos~"
80
** TODO Error handling on error parsing config files
81
** TODO init.d script error handling
82
** TODO D-Bus server properties; address, port, interface, etc. :2:
85
** TODO Remove old string_to_delta format :2:
87
* TODO mandos-dispatch
88
Listens for specified D-Bus signals and spawns shell commands with
92
** TODO ~--servicename~ :BUGS:
93
** TODO help should be toggleable
94
** Urwid client data displayer
95
Better view of client data in the listing
97
** Print a nice "We are sorry" message, save stack trace to log.
100
** TODO "~--secfile~" option
101
Using the "secfile" option instead of "secret"
102
** TODO [#B] "~--test~" option
103
For testing decryption before rebooting.
6
[[file:/usr/share/common-licenses/GPL-3][GPLv3]]
9
** [#A] Change syntax for arguments
10
** [#A] Man page: man8/mandos-client.8mandos
12
Describe the plus sign syntax for passing options from crypttab
16
Examples of normal usage, debug usage, debugging single or all
17
plugins, examples of crypttab lines with plus syntax, etc.
27
Explaining test on what you can read
28
** Use asprintf instead of malloc and strcat?
29
** use strsep instead of strtok?
30
** use config file in addition to arguments
31
** pass things in environment, like device name, etc
34
** [#A] Man page: man8/password-request.8mandos
35
** [#B] Temporarily lower kernel log level
36
for less printouts during sucessfull boot.
38
Move options to new OPTIONS section.
39
State that this command is not meant to be invoked directly, but
40
is run as a plugin from mandos-client(8) and only run in the
41
initrd environment, not the real system.
45
Examples of normal usage, debug usage, debugging by connecting
48
Describe the key files and the key ring files. Also note that
49
they should normally have been automatically created.
55
Create this section (if needed)
59
Refer to mandos-client(8mandos) and password-prompt(8mandos)
60
** Use asprintf instead of malloc and memcpy?
62
** use strsep instead of strtok?
63
** Do not depend on GPG key rings on disk
64
This would mean creating new GPG key rings with GPGME by importing
65
the key files from scratch on every program start.
68
** [#A] Man page: man8/password-prompt.8mandos
70
Move options to new OPTIONS section.
74
Examples of normal usage, debug usage, with a prefix, etc.
79
Not much to do here but it is noteworthy to state the danger of
80
not having a fallback option.
82
Note that this is more or less a simple getpass(3) wrapper, even
83
though actual use of getpass(3) is not guaranteed.
87
Refer to mandos-client(8mandos) and password-request(8mandos)
89
Man page says "obsolete", but [[info:libc:getpass][GNU LibC Manual: Reading Passwords]]
90
does not. See also [[http://sources.redhat.com/ml/libc-alpha/2003-05/msg00251.html][Marcus Brinkmann: Re: getpass obsolete?]] and
91
[[http://article.gmane.org/gmane.comp.lib.glibc.alpha/4906][Petter Reinholdtsen: Re: getpass obsolete?]], and especially also
92
[[http://www.steve.org.uk/Reference/Unix/faq_4.html#SEC48][Unix Programming FAQ 3.1 How can I make my program not echo input?]]
93
** Replace completely with "/lib/cryptsetup/askpass"?
96
** [#A] Command man page: man8/mandos.8
98
Move options to new OPTIONS section
104
Describe briefly that the server gets global settings from
105
mandos.conf and clients from clients.conf, but refer to their man
106
pages for more details.
112
Create this section (if needed)
116
Refer to the client man page
117
** [#A] Config file man page: man5/mandos.conf (mandos.conf)
118
** [#A] Config file man page: man5/mandos-clients.conf (clients.conf)
119
** [#A] /etc/init.d/mandos-server :teddy:
121
** /etc/mandos/clients.d/*.conf
122
Watch this directory and add/remove/update clients?
123
** config for TXT record
124
** Run-time communication with server
126
See also [[*Mandos-tools]]
127
** Implement --foreground
128
[[info:standards:Option%20Table][Table of Long Options]]
129
** Implement --socket
130
[[info:standards:Option%20Table][Table of Long Options]]
131
** Date+time on console log messages
134
* Mandos-tools/utilities
135
All of this probably using D-Bus
142
*** DONE [#A] Change initrd.img file to not be publically readable
143
/usr/share/initramfs-tools/conf-hooks.d/mandos
145
*** Update initrd.img after installation
147
*** [#A] Create mandos user and group for server
148
*** [#A] Create /var/run/mandos directory with perm and ownership
151
*** [#A] Command man page: man8/mandos-keygen.8
152
*** [#A] Output cut-and-paste ready snippet for clients.conf.
106
155
** /usr/share/initramfs-tools/hooks/mandos
107
*** TODO [#C] use same file name rules as [[man:run-parts][run-parts(8)]]
108
*** TODO [#C] Do not install in initrd.img if configured not to.
109
Use "/etc/initramfs-tools/hooksconf.d/mandos"?
110
** TODO [#C] ~$(pkg-config --variable=completionsdir bash-completion)~
111
From XML sources directly?
114
** TODO Locate which package moves the other bin/sh when busybox is deactivated
115
** TODO contact owner of package, and ask them to have that shell static in position regardless of busybox
117
* [[http://www.undeadly.org/cgi?action=article&sid=20110530221728][OpenBSD]]
156
*** Do not install in initrd.img if configured not to
157
Use "/etc/initramfs-tools/conf.d/mandos"? Definitely a debconf
159
** /etc/bash_completion.d/mandos
160
*** From xml sources directly?
170
* Announce project on news
171
[[news:comp.os.linux.announce]]
120
174
#+STARTUP: showall