/mandos/trunk : revision 94

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.xml

Committer: Teddy Hogeborn
Date: 2008-08-22 00:16:20 UTC
mfrom: (24.1.57 mandos)
Revision ID: teddy@fukt.bsnet.se-20080822001620-vxpn1evy0t0kyvj0

* clients.conf ([DEFAULT]/checker): Update to new default value.

* mandos (Client.start_checker): Bug fix: OSError, not
                                 subprocess.OSError.
  (main): Use "fping -q -- %(host)s" instead of "fping -q --
          %%(host)s" as default value for "checker".  Always redirect
          stdin to be from /dev/null, even if in debug mode.

* mandos-clients.conf.xml (DESCRIPTION): Improved wording and refer to
                                         the EXPANSION section.
  (OPTIONS): Added synopsis and improved wording for "checker",
             "fingerprint", and "secret".  Refer to the RUNTIME
             EXPANSION section for the "checker" option.
  (EXAMPLE): Update to new default value for "checker".

* mandos-keygen (trap): Split lines and add "set +e".

files removed:
.bzrignore

files modified:
Makefile

TODO

clients.conf

initramfs-tools-hook

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/password-request.c

plugins.d/password-request.xml

Show diffs side-by-side

added added

removed removed

mandos.xml

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY COMMANDNAME "mandos">

<!ENTITY TIMESTAMP "2008-08-31">

<title>Mandos Manual</title>

<title>&COMMANDNAME;</title>

<productname>Mandos</productname>

<productname>&COMMANDNAME;</productname>

<productnumber>&VERSION;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<refname><command>&COMMANDNAME;</command></refname>

Gives encrypted passwords to authenticated Mandos clients

Sends encrypted passwords to authenticated Mandos clients

</refpurpose>

</refnamediv>

<command>&COMMANDNAME;</command>

<group>

<arg choice="plain"><option>--interface

<arg choice="plain"><option>-i

</group>

<sbr/>

<group>

<arg choice="plain"><option>--address

<replaceable>ADDRESS</replaceable></option></arg>

<arg choice="plain"><option>-a

<replaceable>ADDRESS</replaceable></option></arg>

</group>

<sbr/>

<group>

<arg choice="plain"><option>--port

<arg choice="plain"><option>-p

</group>

<sbr/>

<arg><option>--priority

<replaceable>PRIORITY</replaceable></option></arg>

100

<sbr/>

101

<arg><option>--servicename

102

103

<sbr/>

104

<arg><option>--configdir

105

<replaceable>DIRECTORY</replaceable></option></arg>

106

<sbr/>

107

<arg><option>--debug</option></arg>

<arg>--interface<arg choice="plain">IF</arg></arg>

<arg>--address<arg choice="plain">ADDRESS</arg></arg>

<arg>--priority<arg choice="plain">PRIORITY</arg></arg>

<arg>--servicename<arg choice="plain">NAME</arg></arg>

<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>

<arg>--debug</arg>

</cmdsynopsis>

<command>&COMMANDNAME;</command>

<arg>-a<arg choice="plain">ADDRESS</arg></arg>

<arg>--priority<arg choice="plain">PRIORITY</arg></arg>

<arg>--servicename<arg choice="plain">NAME</arg></arg>

<arg>--configdir<arg choice="plain">DIRECTORY</arg></arg>

<arg>--debug</arg>

108

</cmdsynopsis>

109

110

<command>&COMMANDNAME;</command>

111

112

113

114

</group>

115

</cmdsynopsis>

116

100

117

101

<command>&COMMANDNAME;</command>

118

<arg choice="plain"><option>--version</option></arg>

102

<arg choice="plain">--version</arg>

119

103

</cmdsynopsis>

120

104

121

105

<command>&COMMANDNAME;</command>

122

<arg choice="plain"><option>--check</option></arg>

106

<arg choice="plain">--check</arg>

123

107

</cmdsynopsis>

124

108

</refsynopsisdiv>

125

109

149

133

<emphasis>encrypted root file system</emphasis>. See <xref

150

134

linkend="overview"/> for details.

151

135

</para>

152

136

153

137

</refsect1>

154

138

155

139

156

140

<title>OPTIONS</title>

157

141

158

142

159

143

160

161

144

162

145

163

146

<para>

164

147

Show a help message and exit

165

148

</para>

166

149

</listitem>

167

150

</varlistentry>

168

151

169

152

170

<term><option>--interface</option>

171

172

173

153

<term><literal>-i</literal>, <literal>--interface <replaceable>

154

IF</replaceable></literal></term>

174

155

175

156

<xi:include href="mandos-options.xml" xpointer="interface"/>

176

157

</listitem>

177

158

</varlistentry>

178

159

179

160

180

<term><option>--address

181

<replaceable>ADDRESS</replaceable></option></term>

182

<term><option>-a

183

<replaceable>ADDRESS</replaceable></option></term>

161

<term><literal>-a</literal>, <literal>--address <replaceable>

162

ADDRESS</replaceable></literal></term>

184

163

185

164

<xi:include href="mandos-options.xml" xpointer="address"/>

186

165

</listitem>

187

166

</varlistentry>

188

167

189

168

190

<term><option>--port

191

192

<term><option>-p

193

169

170

PORT</replaceable></literal></term>

194

171

195

172

<xi:include href="mandos-options.xml" xpointer="port"/>

196

173

</listitem>

197

174

</varlistentry>

198

175

199

176

200

<term><option>--check</option></term>

177

<term><literal>--check</literal></term>

201

178

202

179

<para>

203

180

Run the server’s self-tests. This includes any unit

205

182

</para>

206

183

</listitem>

207

184

</varlistentry>

208

185

209

186

210

<term><option>--debug</option></term>

187

<term><literal>--debug</literal></term>

211

188

212

189

<xi:include href="mandos-options.xml" xpointer="debug"/>

213

190

</listitem>

214

191

</varlistentry>

215

192

216

193

217

<term><option>--priority <replaceable>

218

PRIORITY</replaceable></option></term>

194

<term><literal>--priority <replaceable>

195

PRIORITY</replaceable></literal></term>

219

196

220

197

<xi:include href="mandos-options.xml" xpointer="priority"/>

221

198

</listitem>

222

199

</varlistentry>

223

200

224

201

225

<term><option>--servicename

226

202

<term><literal>--servicename <replaceable>NAME</replaceable>

203

</literal></term>

227

204

228

205

<xi:include href="mandos-options.xml"

229

206

xpointer="servicename"/>

231

208

</varlistentry>

232

209

233

210

234

<term><option>--configdir

235

<replaceable>DIRECTORY</replaceable></option></term>

211

<term><literal>--configdir <replaceable>DIR</replaceable>

212

</literal></term>

236

213

237

214

<para>

238

215

Directory to search for configuration files. Default is

246

223

</varlistentry>

247

224

248

225

249

<term><option>--version</option></term>

226

<term><literal>--version</literal></term>

250

227

251

228

<para>

252

229

Prints the program version and exit.

360

337

<title>ENVIRONMENT</title>

361

338

362

339

363

340

364

341

365

342

<para>

366

343

To start the configured checker (see <xref

471

448

Normal invocation needs no options:

472

449

</para>

473

450

<para>

474

<userinput>&COMMANDNAME;</userinput>

451

<userinput>mandos</userinput>

475

452

</para>

476

453

</informalexample>

477

454

484

461

<para>

485

462

486

463

487

<userinput>&COMMANDNAME; --debug --configdir ~/mandos --servicename Test</userinput>

464

<userinput>mandos --debug --configdir ~/mandos --servicename Test</userinput>

488

465

489

466

</para>

490

467

</informalexample>

496

473

<para>

497

474

498

475

499

<userinput>&COMMANDNAME; --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>

476

<userinput>mandos --interface eth7 --address fe80::aede:48ff:fe71:f6f2</userinput>

500

477

501

478

</para>

502

479

</informalexample>

561

538

562

539

<para>

563

540

541

<refentrytitle>mandos.conf</refentrytitle>

542

564

543

<refentrytitle>mandos-clients.conf</refentrytitle>

565

544

566

<refentrytitle>mandos.conf</refentrytitle>

567

568

545

<refentrytitle>password-request</refentrytitle>

569

546

<manvolnum>8mandos</manvolnum></citerefentry>, <citerefentry>

570

547

595

572

</varlistentry>

596

573

597

574

<term>

598

<ulink url="http://www.gnu.org/software/gnutls/"

599

>GnuTLS</ulink>

575

<ulink

576

url="http://www.gnu.org/software/gnutls/">GnuTLS</ulink>

600

577

</term>

601

578

602

579

<para>

608

585

</varlistentry>

609

586

610

587

<term>

611

RFC 4291: <citetitle>IP Version 6 Addressing

612

Architecture</citetitle>

588

<citation>RFC 4291: <citetitle>IP Version 6 Addressing

589

Architecture</citetitle>, section 2.5.6, Link-Local IPv6

590

Unicast Addresses</citation>

613

591

</term>

614

592

615

616

617

<term>Section 2.2: <citetitle>Text Representation of

618

Addresses</citetitle></term>

619

620

</varlistentry>

621

622

<term>Section 2.5.5.2: <citetitle>IPv4-Mapped IPv6

623

Address</citetitle></term>

624

625

</varlistentry>

626

627

<term>Section 2.5.6, <citetitle>Link-Local IPv6 Unicast

628

Addresses</citetitle></term>

629

630

<para>

631

The clients use IPv6 link-local addresses, which are

632

immediately usable since a link-local addresses is

633

automatically assigned to a network interfaces when it

634

is brought up.

635

</para>

636

</listitem>

637

</varlistentry>

638

</variablelist>

593

<para>

594

The clients use IPv6 link-local addresses, which are

595

immediately usable since a link-local addresses is

596

automatically assigned to a network interfaces when it is

597

brought up.

598

</para>

639

599

</listitem>

640

600

</varlistentry>

641

601

642

602

<term>

643

RFC 4346: <citetitle>The Transport Layer Security (TLS)

644

Protocol Version 1.1</citetitle>

603

<citation>RFC 4346: <citetitle>The Transport Layer Security

604

(TLS) Protocol Version 1.1</citetitle></citation>

645

605

</term>

646

606

647

607

<para>

651

611

</varlistentry>

652

612

653

613

<term>

654

RFC 4880: <citetitle>OpenPGP Message Format</citetitle>

614

<citation>RFC 4880: <citetitle>OpenPGP Message

615

Format</citetitle></citation>

655

616

</term>

656

617

657

618

<para>

661

622

</varlistentry>

662

623

663

624

<term>

664

RFC 5081: <citetitle>Using OpenPGP Keys for Transport Layer

665

Security</citetitle>

625

<citation>RFC 5081: <citetitle>Using OpenPGP Keys for

626

Transport Layer Security</citetitle></citation>

666

627

</term>

667

628

668

629

<para>

674

635

</variablelist>

675

636

</refsect1>

676

637

</refentry>

677

678

679

680

681

Older »