/mandos/trunk : revision 951

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.conf.xml

Committer: Teddy Hogeborn
Date: 2018-08-15 09:26:02 UTC
Revision ID: teddy@recompile.se-20180815092602-xoyb5s6gf8376i7u

http://bugs.debian.org/894495

mandos-client: Set system clock if necessary

* plugins.d/mandos-client.c (init_gpgme/import_key): If the system
  clock is not set, or set to january 1970, set the system clock to
  the more plausible value that is the mtime of the key file.  This is
  required by GnuPG to be able to import the keys.  (We can't pass the
  --ignore-time-conflict or the --ignore-valid-from options though
  GPGME.)

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

DBUS-API

NEWS

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/source

debian/source/format

debian/source/local-options

debian/upstream

debian/upstream/signing-key.asc

debian/watch

initramfs-unpack

intro.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos.lsm

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

tmpfiles.d-mandos.conf

files removed:
etc-plugins.d-README

plugins.d/usplash

files modified:
.bzrignore

INSTALL

Makefile

README

TODO

clients.conf

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

mandos.conf.xml

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"

"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [

<!ENTITY VERSION "1.0">

<!ENTITY CONFNAME "mandos.conf">

<!ENTITY CONFPATH "<filename>/etc/mandos/mandos.conf</filename>">

<!ENTITY TIMESTAMP "2008-09-12">

<!ENTITY TIMESTAMP "2018-02-08">

<!ENTITY % common SYSTEM "common.ent">

%common;

<title>Mandos Manual</title>

<productname>Mandos</productname>

<productnumber>&VERSION;</productnumber>

<productnumber>&version;</productnumber>

<date>&TIMESTAMP;</date>

<firstname>Björn</firstname>

<surname>Påhlsson</surname>

<email>belorn@fukt.bsnet.se</email>

<email>belorn@recompile.se</email>

</address>

</author>

<firstname>Teddy</firstname>

<surname>Hogeborn</surname>

<email>teddy@fukt.bsnet.se</email>

<email>teddy@recompile.se</email>

</address>

</author>

</authorgroup>

<holder>Teddy Hogeborn</holder>

<holder>Björn Påhlsson</holder>

</copyright>

129

140

</listitem>

130

141

</varlistentry>

131

142

143

144

<term><option>use_dbus<literal> = </literal>{ <literal

145

>1</literal> | <literal>yes</literal> | <literal

146

>true</literal> | <literal>on</literal> | <literal

147

>0</literal> | <literal>no</literal> | <literal

148

>false</literal> | <literal>off</literal> }</option></term>

149

150

<xi:include href="mandos-options.xml" xpointer="dbus"/>

151

</listitem>

152

</varlistentry>

153

154

155

<term><option>use_ipv6<literal> = </literal>{ <literal

156

>1</literal> | <literal>yes</literal> | <literal

157

>true</literal> | <literal>on</literal> | <literal

158

>0</literal> | <literal>no</literal> | <literal

159

>false</literal> | <literal>off</literal> }</option></term>

160

161

<xi:include href="mandos-options.xml" xpointer="ipv6"/>

162

</listitem>

163

</varlistentry>

164

165

166

<term><option>restore<literal> = </literal>{ <literal

167

>1</literal> | <literal>yes</literal> | <literal

168

>true</literal> | <literal>on</literal> | <literal

169

>0</literal> | <literal>no</literal> | <literal

170

>false</literal> | <literal>off</literal> }</option></term>

171

172

<xi:include href="mandos-options.xml" xpointer="restore"/>

173

</listitem>

174

</varlistentry>

175

176

177

<term><option>statedir<literal> = </literal><replaceable

178

>DIRECTORY</replaceable></option></term>

179

180

<xi:include href="mandos-options.xml" xpointer="statedir"/>

181

</listitem>

182

</varlistentry>

183

184

185

<term><option>socket<literal> = </literal><replaceable

186

>NUMBER</replaceable></option></term>

187

188

<xi:include href="mandos-options.xml" xpointer="socket"/>

189

</listitem>

190

</varlistentry>

191

132

192

</variablelist>

133

193

</refsect1>

134

194

146

206

built-in module <systemitem class="library">ConfigParser</systemitem>

147

207

requires it.

148

208

</para>

209

<xi:include href="bugs.xml"/>

149

210

</refsect1>

150

211

151

212

166

227

[DEFAULT]

167

228

# A configuration example

168

229

interface = eth0

169

address = 2001:db8:f983:bd0b:30de:ae4a:71f2:f672

230

address = fe80::aede:48ff:fe71:f6f2

170

231

port = 1025

171

debug = true

172

priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP

232

debug = True

233

priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA

173

234

servicename = Daena

235

use_dbus = False

236

use_ipv6 = True

237

restore = True

238

statedir = /var/lib/mandos

174

239

</programlisting>

175

240

</informalexample>

176

241

</refsect1>

178

243

179

244

180

245

<para>

246

<citerefentry><refentrytitle>intro</refentrytitle>

247

<manvolnum>8mandos</manvolnum></citerefentry>,

181

248

<citerefentry><refentrytitle>gnutls_priority_init</refentrytitle

182

249

><manvolnum>3</manvolnum></citerefentry>,

183

250

<citerefentry><refentrytitle>mandos</refentrytitle>

211

278

<para>

212

279

The clients use IPv6 link-local addresses, which are

213

280

immediately usable since a link-local addresses is

214

automatically assigned to a network interfaces when it

281

automatically assigned to a network interface when it

215

282

is brought up.

216

283

</para>

217

284

</listitem>

Older »