/mandos/trunk : revision 84

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to TODO

Committer: Teddy Hogeborn
Date: 2008-08-17 22:42:28 UTC
Revision ID: teddy@fukt.bsnet.se-20080817224228-nhor2yuv230if01i

* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
                           not rely on a stylesheet declaration.

* mandos.xml: Removed <?xml-stylesheet>.  New entity "&OVERVIEW;"
              refers to "overview.xml". Changed all single quotes to
              double quotes for consistency.
  (DESCRIPTION): Use the term "TLS" and not "GnuTLS" for the protocol.
                 Refer to the "OVERVIEW" section for reason for IPv6
                 link-local addresses.
  (PURPOSE): Shortened a lot.  Refer to "OVERVIEW" section for details.
  (OVERVIEW): New section.  Include &OVERVIEW; and add a paragraph
              about what the role of this program is.
  (SECURITY/CLIENTS): Refer to the "CHECKING" section for details on
                      checking.
  (SEE ALSO): Changed from an <itemizedlist> to a <variablelist>.
              Added a short text for each entry.  Removed reference to
              plugin-runner(8mandos).  Add reference to RFC 4291 and
              RFC 4346.

* overview.xml: New file, containing a single <para>.  The idea is to
                use this in all the man pages.

* plugins.d/password-request.c: Updated comments about spurious
                                warnings.

Show diffs side-by-side

added added

removed removed

TODO

* [#A] README file

* plugin-runner

* Plugin-runner

** [#B] Add more comments to code

** [#B] Add more if(debug) calls

** [#B] Seperate more code to function for more readability

** [#A] Man page: man8/plugin-runner.8mandos

*** EXIT STATUS

Text needed

*** EXAMPLES

Examples of normal usage, debug usage, debugging single or all

plugins, etc.

*** FILES

Text needed

*** SECURITY

Text needed

*** BUGS

Text needed

*** SEE ALSO

Explaining text on what you can read

** Keydir move: /etc/mandos -> /etc/keys/mandos

Must create in preinst if not pre-depending on cryptsetup

* password-request

* Password-request

** [#A] Man page: man8/password-request.8mandos

** [#B] Temporarily lower kernel log level

for less printouts during sucessfull boot.

*** DESCRIPTION

Move options to new OPTIONS section.

State that this command is not meant to be invoked directly, but

is run as a plugin from mandos-client(8) and only run in the

initrd environment, not the real system.

*** PURPOSE

As in mandos.xml

*** OVERVIEW

As in mandos.xml

*** EXIT STATUS

*** ENVIRONMENT

Note that it does *not* currently use cryptsource or crypttarget.

Create this section

*** EXAMPLES

Examples of normal usage, debug usage, debugging by connecting

directly, etc.

*** FILES

Describe the key files and the key ring files. Also note that

they should normally have been automatically created.

*** DIAGNOSTICS

Create this section

*** SECURITY

Create this section

*** BUGS

*** EXAMPLE

Examples of normal usage, debug usage, debugging by connecting

directly, etc.

*** SECURITY

Create this section

*** SEE ALSO

Update from mandos.xml

** [#B] Temporarily lower kernel log level

for less printouts during sucessfull boot.

Refer to mandos-client(8mandos) and password-prompt(8mandos)

*** ENVIRONMENT

Document use of "cryptsource" and "crypttarget".

** IPv4 support

** use strsep instead of strtok?

** Do not depend on GnuPG key rings on disk

This would mean creating new GnuPG key rings with GPGME by

importing the key files from scratch on every program start.

** Keydir move: /etc/mandos -> /etc/keys/mandos

Must create in preinst if not pre-depending on cryptsetup

* password-prompt

** [#C] Use getpass(3)?

* Password-prompt

** [#A] Man page: man8/password-prompt.8mandos

*** DESCRIPTION

Move options to new OPTIONS section.

Note that this is more or less a simple getpass(3) wrapper, even

though actual use of getpass(3) is not guaranteed.

*** EXIT STATUS

Create this section

*** EXAMPLES

Examples of normal usage, debug usage, with a prefix, etc.

*** DIAGNOSTICS

Create this section

*** SECURITY

Create this section

Not much to do here but it is noteworthy to state the danger of

not having a fallback option.

*** BUGS

Create this section

*** SEE ALSO

Refer to mandos-client(8mandos) and password-request(8mandos)

** Use getpass(3)?

Man page says "obsolete", but [[info:libc:getpass][GNU LibC Manual: Reading Passwords]]

does not. See also [[http://sources.redhat.com/ml/libc-alpha/2003-05/msg00251.html][Marcus Brinkmann: Re: getpass obsolete?]] and

[[http://article.gmane.org/gmane.comp.lib.glibc.alpha/4906][Petter Reinholdtsen: Re: getpass obsolete?]], and especially also

[[http://www.steve.org.uk/Reference/Unix/faq_4.html#SEC48][Unix Programming FAQ 3.1 How can I make my program not echo input?]]

* mandos (server)

* Mandos (server)

** [#A] Command man page: man8/mandos.8

** [#A] Config file man page: man5/mandos.conf (mandos.conf)

** [#A] Config file man page: man5/mandos-clients.conf (clients.conf)

** [#A] /etc/init.d/mandos-server :teddy:

** [#B] Log level :bugs:

** Log level

** /etc/mandos/clients.d/*.conf

Watch this directory and add/remove/update clients?

** config for TXT record

** [#B] Run-time communication with server :bugs:

** Run-time communication with server

Probably using D-Bus