/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.xml

  • Committer: Teddy Hogeborn
  • Date: 2015-07-01 20:01:26 UTC
  • mto: This revision was merged to the branch mainline in revision 759.
  • Revision ID: teddy@recompile.se-20150701200126-qb3f6c3jcas2f4og
mandos-client: Try to start a plugin to add and remove a local route.

* debian/mandos-client.README.Debian: Add setting of environment
                                      variable MANDOSPLUGINHELPERDIR
                                      to command line testing
                                      mandos-client.
* mandos-client.c (raise_privileges): Moved to top of file.
                  (raise_privileges_permanently): - '' -
                  (lower_privileges): - '' -
                  (lower_privileges_permanently): - '' -
  (add_remove_local_route, add_local_route, remove_local_route): New.
  (start_mandos_communication): Set SOCK_CLOEXEC flag on socket.  Run
                                the above functions to add (and
                                remove) local route, if the conditions
                                indicates it could help.
  (run_network_hooks): Use O_DIRECTORY, O_PATH, and O_CLOEXEC flags
                       when opening network hook directory. Do
                       TEMP_FAILURE_RETRY around opening of /dev/null
                       and network hook executables.  Move redirecting
                       of stdout and stderr to as late as possible
                       before fexecve().
  (main): Use O_DIRECTORY and O_PATH when opening temporary directory.
* plugins.d/mandos-client.xml (ENVIRONMENT): Document usage of the
                                             MANDOSPLUGINHELPERDIR
                                             environment variable.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "plugin-runner">
5
 
<!ENTITY TIMESTAMP "2009-01-17">
 
5
<!ENTITY TIMESTAMP "2015-06-28">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
19
19
        <firstname>Björn</firstname>
20
20
        <surname>Påhlsson</surname>
21
21
        <address>
22
 
          <email>belorn@fukt.bsnet.se</email>
 
22
          <email>belorn@recompile.se</email>
23
23
        </address>
24
24
      </author>
25
25
      <author>
26
26
        <firstname>Teddy</firstname>
27
27
        <surname>Hogeborn</surname>
28
28
        <address>
29
 
          <email>teddy@fukt.bsnet.se</email>
 
29
          <email>teddy@recompile.se</email>
30
30
        </address>
31
31
      </author>
32
32
    </authorgroup>
33
33
    <copyright>
34
34
      <year>2008</year>
35
35
      <year>2009</year>
 
36
      <year>2012</year>
36
37
      <holder>Teddy Hogeborn</holder>
37
38
      <holder>Björn Påhlsson</holder>
38
39
    </copyright>
113
114
      <arg><option>--plugin-dir=<replaceable
114
115
      >DIRECTORY</replaceable></option></arg>
115
116
      <sbr/>
 
117
      <arg><option>--plugin-helper-dir=<replaceable
 
118
      >DIRECTORY</replaceable></option></arg>
 
119
      <sbr/>
116
120
      <arg><option>--config-file=<replaceable
117
121
      >FILE</replaceable></option></arg>
118
122
      <sbr/>
260
264
            Disable the plugin named
261
265
            <replaceable>PLUGIN</replaceable>.  The plugin will not be
262
266
            started.
263
 
          </para>       
 
267
          </para>
264
268
        </listitem>
265
269
      </varlistentry>
266
270
      
319
323
      </varlistentry>
320
324
      
321
325
      <varlistentry>
 
326
        <term><option>--plugin-helper-dir
 
327
        <replaceable>DIRECTORY</replaceable></option></term>
 
328
        <listitem>
 
329
          <para>
 
330
            Specify a different plugin helper directory.  The default
 
331
            is <filename>/lib/mandos/plugin-helpers</filename>, which
 
332
            will exist in the initial <acronym>RAM</acronym> disk
 
333
            environment.  (This will simply be passed to all plugins
 
334
            via the <envar>MANDOSPLUGINHELPERDIR</envar> environment
 
335
            variable.  See <xref linkend="writing_plugins"/>)
 
336
          </para>
 
337
        </listitem>
 
338
      </varlistentry>
 
339
      
 
340
      <varlistentry>
322
341
        <term><option>--config-file
323
342
        <replaceable>FILE</replaceable></option></term>
324
343
        <listitem>
425
444
      <para>
426
445
        The plugin will run in the initial RAM disk environment, so
427
446
        care must be taken not to depend on any files or running
428
 
        services not available there.
 
447
        services not available there.  Any helper executables required
 
448
        by the plugin (which are not in the <envar>PATH</envar>) can
 
449
        be placed in the plugin helper directory, the name of which
 
450
        will be made available to the plugin via the
 
451
        <envar>MANDOSPLUGINHELPERDIR</envar> environment variable.
429
452
      </para>
430
453
      <para>
431
454
        The plugin must exit cleanly and free all allocated resources
474
497
      only passes on its environment to all the plugins.  The
475
498
      environment passed to plugins can be modified using the
476
499
      <option>--global-env</option> and <option>--env-for</option>
477
 
      options.
 
500
      options.  Also, the <option>--plugin-helper-dir</option> option
 
501
      will affect the environment variable
 
502
      <envar>MANDOSPLUGINHELPERDIR</envar> for the plugins.
478
503
    </para>
479
504
  </refsect1>
480
505
  
617
642
  <refsect1 id="see_also">
618
643
    <title>SEE ALSO</title>
619
644
    <para>
 
645
      <citerefentry><refentrytitle>intro</refentrytitle>
 
646
      <manvolnum>8mandos</manvolnum></citerefentry>,
620
647
      <citerefentry><refentrytitle>cryptsetup</refentrytitle>
621
648
      <manvolnum>8</manvolnum></citerefentry>,
622
649
      <citerefentry><refentrytitle>crypttab</refentrytitle>