/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
1
<?xml version="1.0" encoding="UTF-8"?>
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
 
<!ENTITY VERSION "1.0">
5
4
<!ENTITY CONFNAME "mandos.conf">
6
5
<!ENTITY CONFPATH "<filename>/etc/mandos/mandos.conf</filename>">
7
 
<!ENTITY TIMESTAMP "2008-08-31">
 
6
<!ENTITY TIMESTAMP "2016-03-05">
 
7
<!ENTITY % common SYSTEM "common.ent">
 
8
%common;
8
9
]>
9
10
 
10
11
<refentry xmlns:xi="http://www.w3.org/2001/XInclude">
12
13
    <title>Mandos Manual</title>
13
14
    <!-- NWalsh’s docbook scripts use this to generate the footer: -->
14
15
    <productname>Mandos</productname>
15
 
    <productnumber>&VERSION;</productnumber>
 
16
    <productnumber>&version;</productnumber>
16
17
    <date>&TIMESTAMP;</date>
17
18
    <authorgroup>
18
19
      <author>
19
20
        <firstname>Björn</firstname>
20
21
        <surname>Påhlsson</surname>
21
22
        <address>
22
 
          <email>belorn@fukt.bsnet.se</email>
 
23
          <email>belorn@recompile.se</email>
23
24
        </address>
24
25
      </author>
25
26
      <author>
26
27
        <firstname>Teddy</firstname>
27
28
        <surname>Hogeborn</surname>
28
29
        <address>
29
 
          <email>teddy@fukt.bsnet.se</email>
 
30
          <email>teddy@recompile.se</email>
30
31
        </address>
31
32
      </author>
32
33
    </authorgroup>
33
34
    <copyright>
34
35
      <year>2008</year>
 
36
      <year>2009</year>
 
37
      <year>2010</year>
 
38
      <year>2011</year>
 
39
      <year>2012</year>
 
40
      <year>2013</year>
 
41
      <year>2014</year>
 
42
      <year>2015</year>
 
43
      <year>2016</year>
35
44
      <holder>Teddy Hogeborn</holder>
36
45
      <holder>Björn Påhlsson</holder>
37
46
    </copyright>
38
47
    <xi:include href="legalnotice.xml"/>
39
48
  </refentryinfo>
40
 
 
 
49
  
41
50
  <refmeta>
42
51
    <refentrytitle>&CONFNAME;</refentrytitle>
43
52
    <manvolnum>5</manvolnum>
49
58
      Configuration file for the Mandos server
50
59
    </refpurpose>
51
60
  </refnamediv>
52
 
 
 
61
  
53
62
  <refsynopsisdiv>
54
63
    <synopsis>&CONFPATH;</synopsis>
55
64
  </refsynopsisdiv>
56
 
 
 
65
  
57
66
  <refsect1 id="description">
58
67
    <title>DESCRIPTION</title>
59
68
    <para>
71
80
      <quote>#</quote> or <quote>;</quote> are ignored and may be used
72
81
      to provide comments.
73
82
    </para>
74
 
 
 
83
    
75
84
  </refsect1>
76
85
  <refsect1>
77
86
    <title>OPTIONS</title>
84
93
          <xi:include href="mandos-options.xml" xpointer="interface"/>
85
94
        </listitem>
86
95
      </varlistentry>
87
 
 
 
96
      
88
97
      <varlistentry>
89
98
        <term><option>address<literal> = </literal><replaceable
90
99
          >ADDRESS</replaceable></option></term>
92
101
          <xi:include href="mandos-options.xml" xpointer="address"/>
93
102
        </listitem>
94
103
      </varlistentry>
95
 
 
 
104
      
96
105
      <varlistentry>
97
106
        <term><option>port<literal> = </literal><replaceable
98
107
        >NUMBER</replaceable></option></term>
100
109
          <xi:include href="mandos-options.xml" xpointer="port"/>
101
110
        </listitem>
102
111
      </varlistentry>
103
 
 
 
112
      
104
113
      <varlistentry>
105
114
        <term><option>debug<literal> = </literal>{ <literal
106
115
          >1</literal> | <literal>yes</literal> | <literal
111
120
          <xi:include href="mandos-options.xml" xpointer="debug"/>
112
121
        </listitem>
113
122
      </varlistentry>
114
 
 
 
123
      
115
124
      <varlistentry>
116
125
        <term><option>priority<literal> = </literal><replaceable
117
126
        >STRING</replaceable></option></term>
119
128
          <xi:include href="mandos-options.xml" xpointer="priority"/>
120
129
        </listitem>
121
130
      </varlistentry>
122
 
 
 
131
      
123
132
      <varlistentry>
124
133
        <term><option>servicename<literal> = </literal
125
134
        ><replaceable>NAME</replaceable></option></term>
129
138
        </listitem>
130
139
      </varlistentry>
131
140
      
 
141
      <varlistentry>
 
142
        <term><option>use_dbus<literal> = </literal>{ <literal
 
143
          >1</literal> | <literal>yes</literal> | <literal
 
144
          >true</literal> | <literal>on</literal> | <literal
 
145
          >0</literal> | <literal>no</literal> | <literal
 
146
          >false</literal> | <literal>off</literal> }</option></term>
 
147
        <listitem>
 
148
          <xi:include href="mandos-options.xml" xpointer="dbus"/>
 
149
        </listitem>
 
150
      </varlistentry>
 
151
      
 
152
      <varlistentry>
 
153
        <term><option>use_ipv6<literal> = </literal>{ <literal
 
154
          >1</literal> | <literal>yes</literal> | <literal
 
155
          >true</literal> | <literal>on</literal> | <literal
 
156
          >0</literal> | <literal>no</literal> | <literal
 
157
          >false</literal> | <literal>off</literal> }</option></term>
 
158
        <listitem>
 
159
          <xi:include href="mandos-options.xml" xpointer="ipv6"/>
 
160
        </listitem>
 
161
      </varlistentry>
 
162
      
 
163
      <varlistentry>
 
164
        <term><option>restore<literal> = </literal>{ <literal
 
165
          >1</literal> | <literal>yes</literal> | <literal
 
166
          >true</literal> | <literal>on</literal> | <literal
 
167
          >0</literal> | <literal>no</literal> | <literal
 
168
          >false</literal> | <literal>off</literal> }</option></term>
 
169
        <listitem>
 
170
          <xi:include href="mandos-options.xml" xpointer="restore"/>
 
171
        </listitem>
 
172
      </varlistentry>
 
173
      
 
174
      <varlistentry>
 
175
        <term><option>statedir<literal> = </literal><replaceable
 
176
        >DIRECTORY</replaceable></option></term>
 
177
        <listitem>
 
178
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
 
179
        </listitem>
 
180
      </varlistentry>
 
181
      
 
182
      <varlistentry>
 
183
        <term><option>socket<literal> = </literal><replaceable
 
184
        >NUMBER</replaceable></option></term>
 
185
        <listitem>
 
186
          <xi:include href="mandos-options.xml" xpointer="socket"/>
 
187
        </listitem>
 
188
      </varlistentry>
 
189
      
132
190
    </variablelist>
133
191
  </refsect1>
134
192
  
144
202
    <para>
145
203
      The <literal>[DEFAULT]</literal> is necessary because the Python
146
204
      built-in module <systemitem class="library">ConfigParser</systemitem>
147
 
      requres it.
 
205
      requires it.
148
206
    </para>
 
207
    <xi:include href="bugs.xml"/>
149
208
  </refsect1>
150
209
  
151
210
  <refsect1 id="example">
166
225
[DEFAULT]
167
226
# A configuration example
168
227
interface = eth0
169
 
address = 2001:db8:f983:bd0b:30de:ae4a:71f2:f672
 
228
address = fe80::aede:48ff:fe71:f6f2
170
229
port = 1025
171
 
debug = true
172
 
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
 
230
debug = True
 
231
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA
173
232
servicename = Daena
 
233
use_dbus = False
 
234
use_ipv6 = True
 
235
restore = True
 
236
statedir = /var/lib/mandos
174
237
      </programlisting>
175
238
    </informalexample>
176
239
  </refsect1>
178
241
  <refsect1 id="see_also">
179
242
    <title>SEE ALSO</title>
180
243
    <para>
 
244
      <citerefentry><refentrytitle>intro</refentrytitle>
 
245
      <manvolnum>8mandos</manvolnum></citerefentry>,
181
246
      <citerefentry><refentrytitle>gnutls_priority_init</refentrytitle
182
247
      ><manvolnum>3</manvolnum></citerefentry>,
183
248
      <citerefentry><refentrytitle>mandos</refentrytitle>
185
250
      <citerefentry><refentrytitle>mandos-clients.conf</refentrytitle>
186
251
      <manvolnum>5</manvolnum></citerefentry>
187
252
    </para>
188
 
 
 
253
    
189
254
    <variablelist>
190
255
      <varlistentry>
191
256
        <term>
211
276
              <para>
212
277
                The clients use IPv6 link-local addresses, which are
213
278
                immediately usable since a link-local addresses is
214
 
                automatically assigned to a network interfaces when it
 
279
                automatically assigned to a network interface when it
215
280
                is brought up.
216
281
              </para>
217
282
            </listitem>