/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen.xml

  • Committer: Teddy Hogeborn
  • Date: 2015-08-02 09:36:40 UTC
  • Revision ID: teddy@recompile.se-20150802093640-nc0n17rbmqlbaxuf
Add D-Bus annotations on a few properties on the Client object.

The D-Bus property "Secret" on the interface
"se.recompile.Mandos.Client" should have the annotation
"org.freedesktop.DBus.Property.EmitsChangedSignal" set to
"invalidates".  Also, the properties "Created", "Fingerprint", "Name",
and "ObjectPath" should have the same annotation set to "const".

* mandos (ClientDBus.Name_dbus_property): Set annotation
                    "org.freedesktop.DBus.Property.EmitsChangedSignal"
                    to "const".
  (ClientDBus.Fingerprint_dbus_property): - '' -
  (ClientDBus.Created_dbus_property): - '' -
  (ClientDBus.ObjectPath_dbus_property): - '' -
  (ClientDBus.Secret_dbus_property): Set annotation
                    "org.freedesktop.DBus.Property.EmitsChangedSignal"
                    to "invalidates".

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-keygen">
5
 
<!ENTITY TIMESTAMP "2019-02-10">
 
5
<!ENTITY TIMESTAMP "2015-07-20">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
39
39
      <year>2013</year>
40
40
      <year>2014</year>
41
41
      <year>2015</year>
42
 
      <year>2016</year>
43
 
      <year>2017</year>
44
 
      <year>2018</year>
45
 
      <year>2019</year>
46
42
      <holder>Teddy Hogeborn</holder>
47
43
      <holder>Björn Påhlsson</holder>
48
44
    </copyright>
128
124
      </group>
129
125
      <sbr/>
130
126
      <group>
131
 
        <arg choice="plain"><option>--tls-keytype
132
 
        <replaceable>KEYTYPE</replaceable></option></arg>
133
 
        <arg choice="plain"><option>-T
134
 
        <replaceable>KEYTYPE</replaceable></option></arg>
135
 
      </group>
136
 
      <sbr/>
137
 
      <group>
138
127
        <arg choice="plain"><option>--force</option></arg>
139
128
        <arg choice="plain"><option>-f</option></arg>
140
129
      </group>
188
177
    <title>DESCRIPTION</title>
189
178
    <para>
190
179
      <command>&COMMANDNAME;</command> is a program to generate the
191
 
      TLS and OpenPGP keys used by
 
180
      OpenPGP key used by
192
181
      <citerefentry><refentrytitle>mandos-client</refentrytitle>
193
 
      <manvolnum>8mandos</manvolnum></citerefentry>.  The keys are
194
 
      normally written to /etc/keys/mandos for later installation into
195
 
      the initrd image, but this, and most other things, can be
196
 
      changed with command line options.
 
182
      <manvolnum>8mandos</manvolnum></citerefentry>.  The key is
 
183
      normally written to /etc/mandos for later installation into the
 
184
      initrd image, but this, and most other things, can be changed
 
185
      with command line options.
197
186
    </para>
198
187
    <para>
199
188
      This program can also be used with the
236
225
        <replaceable>DIRECTORY</replaceable></option></term>
237
226
        <listitem>
238
227
          <para>
239
 
            Target directory for key files.  Default is <filename
240
 
            class="directory">/etc/keys/mandos</filename>.
 
228
            Target directory for key files.  Default is
 
229
            <filename class="directory">/etc/mandos</filename>.
241
230
          </para>
242
231
        </listitem>
243
232
      </varlistentry>
249
238
        <replaceable>TYPE</replaceable></option></term>
250
239
        <listitem>
251
240
          <para>
252
 
            OpenPGP key type.  Default is <quote>RSA</quote>.
 
241
            Key type.  Default is <quote>RSA</quote>.
253
242
          </para>
254
243
        </listitem>
255
244
      </varlistentry>
261
250
        <replaceable>BITS</replaceable></option></term>
262
251
        <listitem>
263
252
          <para>
264
 
            OpenPGP key length in bits.  Default is 4096.
 
253
            Key length in bits.  Default is 4096.
265
254
          </para>
266
255
        </listitem>
267
256
      </varlistentry>
273
262
        <replaceable>KEYTYPE</replaceable></option></term>
274
263
        <listitem>
275
264
          <para>
276
 
            OpenPGP subkey type.  Default is <quote>RSA</quote>
 
265
            Subkey type.  Default is <quote>RSA</quote> (Elgamal
 
266
            encryption-only).
277
267
          </para>
278
268
        </listitem>
279
269
      </varlistentry>
285
275
        <replaceable>BITS</replaceable></option></term>
286
276
        <listitem>
287
277
          <para>
288
 
            OpenPGP subkey length in bits.  Default is 4096.
 
278
            Subkey length in bits.  Default is 4096.
289
279
          </para>
290
280
        </listitem>
291
281
      </varlistentry>
329
319
      </varlistentry>
330
320
      
331
321
      <varlistentry>
332
 
        <term><option>--tls-keytype
333
 
        <replaceable>KEYTYPE</replaceable></option></term>
334
 
        <term><option>-T
335
 
        <replaceable>KEYTYPE</replaceable></option></term>
336
 
        <listitem>
337
 
          <para>
338
 
            TLS key type.  Default is <quote>ed25519</quote>
339
 
          </para>
340
 
        </listitem>
341
 
      </varlistentry>
342
 
      
343
 
      <varlistentry>
344
322
        <term><option>--force</option></term>
345
323
        <term><option>-f</option></term>
346
324
        <listitem>
355
333
        <listitem>
356
334
          <para>
357
335
            Prompt for a password and encrypt it with the key already
358
 
            present in either <filename>/etc/keys/mandos</filename> or
359
 
            the directory specified with the <option>--dir</option>
 
336
            present in either <filename>/etc/mandos</filename> or the
 
337
            directory specified with the <option>--dir</option>
360
338
            option.  Outputs, on standard output, a section suitable
361
339
            for inclusion in <citerefentry><refentrytitle
362
340
            >mandos-clients.conf</refentrytitle><manvolnum
402
380
    <title>OVERVIEW</title>
403
381
    <xi:include href="overview.xml"/>
404
382
    <para>
405
 
      This program is a small utility to generate new TLS and OpenPGP
406
 
      keys for new Mandos clients, and to generate sections for
407
 
      inclusion in <filename>clients.conf</filename> on the server.
 
383
      This program is a small utility to generate new OpenPGP keys for
 
384
      new Mandos clients, and to generate sections for inclusion in
 
385
      <filename>clients.conf</filename> on the server.
408
386
    </para>
409
387
  </refsect1>
410
388
  
442
420
    </para>
443
421
    <variablelist>
444
422
      <varlistentry>
445
 
        <term><filename>/etc/keys/mandos/seckey.txt</filename></term>
 
423
        <term><filename>/etc/mandos/seckey.txt</filename></term>
446
424
        <listitem>
447
425
          <para>
448
426
            OpenPGP secret key file which will be created or
451
429
        </listitem>
452
430
      </varlistentry>
453
431
      <varlistentry>
454
 
        <term><filename>/etc/keys/mandos/pubkey.txt</filename></term>
 
432
        <term><filename>/etc/mandos/pubkey.txt</filename></term>
455
433
        <listitem>
456
434
          <para>
457
435
            OpenPGP public key file which will be created or
460
438
        </listitem>
461
439
      </varlistentry>
462
440
      <varlistentry>
463
 
        <term><filename>/etc/keys/mandos/tls-privkey.pem</filename></term>
464
 
        <listitem>
465
 
          <para>
466
 
            Private key file which will be created or overwritten.
467
 
          </para>
468
 
        </listitem>
469
 
      </varlistentry>
470
 
      <varlistentry>
471
 
        <term><filename>/etc/keys/mandos/tls-pubkey.pem</filename></term>
472
 
        <listitem>
473
 
          <para>
474
 
            Public key file which will be created or overwritten.
475
 
          </para>
476
 
        </listitem>
477
 
      </varlistentry>
478
 
      <varlistentry>
479
441
        <term><filename class="directory">/tmp</filename></term>
480
442
        <listitem>
481
443
          <para>
487
449
    </variablelist>
488
450
  </refsect1>
489
451
  
490
 
  <refsect1 id="bugs">
491
 
    <title>BUGS</title>
492
 
    <xi:include href="bugs.xml"/>
493
 
  </refsect1>
 
452
<!--   <refsect1 id="bugs"> -->
 
453
<!--     <title>BUGS</title> -->
 
454
<!--     <para> -->
 
455
<!--     </para> -->
 
456
<!--   </refsect1> -->
494
457
  
495
458
  <refsect1 id="example">
496
459
    <title>EXAMPLE</title>
516
479
    </informalexample>
517
480
    <informalexample>
518
481
      <para>
519
 
        Prompt for a password, encrypt it with the keys in <filename
520
 
        class="directory">/etc/keys/mandos</filename> and output a
521
 
        section suitable for <filename>clients.conf</filename>.
 
482
        Prompt for a password, encrypt it with the key in <filename
 
483
        class="directory">/etc/mandos</filename> and output a section
 
484
        suitable for <filename>clients.conf</filename>.
522
485
      </para>
523
486
      <para>
524
487
        <userinput>&COMMANDNAME; --password</userinput>
526
489
    </informalexample>
527
490
    <informalexample>
528
491
      <para>
529
 
        Prompt for a password, encrypt it with the keys in the
 
492
        Prompt for a password, encrypt it with the key in the
530
493
        <filename>client-key</filename> directory and output a section
531
494
        suitable for <filename>clients.conf</filename>.
532
495
      </para>