/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl.xml

  • Committer: Teddy Hogeborn
  • Date: 2019-02-10 03:50:20 UTC
  • Revision ID: teddy@recompile.se-20190210035020-nttr1tybgwwixueu
Show debconf note about new TLS key IDs

If mandos-client did not see TLS keys and had to create them, or if
mandos sees GnuTLS version 3.6.6 or later, show an important notice on
package installation about the importance of adding the new key_id
options to clients.conf on the Mandos server.

* debian/control (Package: mandos, Package: mandos-client): Depend on
                                                            debconf.
* debian/mandos-client.lintian-overrides: Override warnings.
* debian/mandos-client.postinst (create_keys): Show notice if new TLS
                                               key files were created.
* debian/mandos-client.templates: New.
* debian/mandos.lintian-overrides: Override warnings.
* debian/mandos.postinst (configure): If GnuTLS 3.6.6 or later is
                                      detected, show an important
                                      notice (once) about the new
                                      key_id option required in
                                      clients.conf.
* debian/mandos.templates: New.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "mandos-ctl">
5
 
<!ENTITY TIMESTAMP "2016-03-05">
 
5
<!ENTITY TIMESTAMP "2018-02-08">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
38
38
      <year>2014</year>
39
39
      <year>2015</year>
40
40
      <year>2016</year>
 
41
      <year>2017</year>
 
42
      <year>2018</year>
41
43
      <holder>Teddy Hogeborn</holder>
42
44
      <holder>Björn Påhlsson</holder>
43
45
    </copyright>
52
54
  <refnamediv>
53
55
    <refname><command>&COMMANDNAME;</command></refname>
54
56
    <refpurpose>
55
 
      Control the operation of the Mandos server
 
57
      Control or query the operation of the Mandos server
56
58
    </refpurpose>
57
59
  </refnamediv>
58
60
  
59
61
  <refsynopsisdiv>
60
62
    <cmdsynopsis>
61
63
      <command>&COMMANDNAME;</command>
62
 
      <group>
63
 
        <arg choice="plain"><option>--enable</option></arg>
64
 
        <arg choice="plain"><option>-e</option></arg>
65
 
        <sbr/>
66
 
        <arg choice="plain"><option>--disable</option></arg>
67
 
        <arg choice="plain"><option>-d</option></arg>
68
 
      </group>
69
 
      <sbr/>
70
 
      <group>
71
 
        <arg choice="plain"><option>--bump-timeout</option></arg>
72
 
        <arg choice="plain"><option>-b</option></arg>
73
 
      </group>
74
 
      <sbr/>
75
 
      <group>
76
 
        <arg choice="plain"><option>--start-checker</option></arg>
77
 
      </group>
78
 
      <sbr/>
79
 
      <group>
80
 
        <arg choice="plain"><option>--stop-checker</option></arg>
81
 
      </group>
82
 
      <sbr/>
83
 
      <group>
84
 
        <arg choice="plain"><option>--remove</option></arg>
85
 
        <arg choice="plain"><option>-r</option></arg>
86
 
      </group>
87
 
      <sbr/>
88
 
      <group>
89
 
        <arg choice="plain"><option>--checker
90
 
        <replaceable>COMMAND</replaceable></option></arg>
91
 
        <arg choice="plain"><option>-c
92
 
        <replaceable>COMMAND</replaceable></option></arg>
93
 
      </group>
94
 
      <sbr/>
95
 
      <group>
96
 
        <arg choice="plain"><option>--timeout
97
 
        <replaceable>TIME</replaceable></option></arg>
98
 
        <arg choice="plain"><option>-t
99
 
        <replaceable>TIME</replaceable></option></arg>
100
 
      </group>
101
 
      <sbr/>
102
 
      <group>
103
 
        <arg choice="plain"><option>--extended-timeout
104
 
        <replaceable>TIME</replaceable></option></arg>
105
 
      </group>
106
 
      <sbr/>
107
 
      <group>
108
 
        <arg choice="plain"><option>--interval
109
 
        <replaceable>TIME</replaceable></option></arg>
110
 
        <arg choice="plain"><option>-i
111
 
        <replaceable>TIME</replaceable></option></arg>
112
 
      </group>
113
 
      <sbr/>
114
 
      <group>
115
 
        <arg choice="plain"><option>--approve-by-default</option
116
 
        ></arg>
117
 
        <sbr/>
118
 
        <arg choice="plain"><option>--deny-by-default</option></arg>
119
 
      </group>
120
 
      <sbr/>
121
 
      <group>
122
 
        <arg choice="plain"><option>--approval-delay
123
 
        <replaceable>TIME</replaceable></option></arg>
124
 
      </group>
125
 
      <sbr/>
126
 
      <group>
127
 
        <arg choice="plain"><option>--approval-duration
128
 
        <replaceable>TIME</replaceable></option></arg>
129
 
      </group>
130
 
      <sbr/>
131
 
      <group>
132
 
        <arg choice="plain"><option>--interval
133
 
        <replaceable>TIME</replaceable></option></arg>
134
 
        <arg choice="plain"><option>-i
135
 
        <replaceable>TIME</replaceable></option></arg>
136
 
      </group>
137
 
      <sbr/>
138
 
      <group>
139
 
        <arg choice="plain"><option>--host
140
 
        <replaceable>STRING</replaceable></option></arg>
141
 
        <arg choice="plain"><option>-H
142
 
        <replaceable>STRING</replaceable></option></arg>
143
 
      </group>
144
 
      <sbr/>
145
 
      <group>
146
 
        <arg choice="plain"><option>--secret
147
 
        <replaceable>FILENAME</replaceable></option></arg>
148
 
        <arg choice="plain"><option>-s
149
 
        <replaceable>FILENAME</replaceable></option></arg>
150
 
      </group>
151
 
      <sbr/>
152
 
      <group>
153
 
        <arg choice="plain"><option>--approve</option></arg>
154
 
        <arg choice="plain"><option>-A</option></arg>
155
 
        <sbr/>
156
 
        <arg choice="plain"><option>--deny</option></arg>
157
 
        <arg choice="plain"><option>-D</option></arg>
 
64
      <group choice="req">
 
65
        <group>
 
66
          <arg choice="plain"><option>--enable</option></arg>
 
67
          <arg choice="plain"><option>-e</option></arg>
 
68
          <sbr/>
 
69
          <arg choice="plain"><option>--disable</option></arg>
 
70
          <arg choice="plain"><option>-d</option></arg>
 
71
        </group>
 
72
        <sbr/>
 
73
        <group>
 
74
          <arg choice="plain"><option>--bump-timeout</option></arg>
 
75
          <arg choice="plain"><option>-b</option></arg>
 
76
        </group>
 
77
        <sbr/>
 
78
        <group>
 
79
          <arg choice="plain"><option>--start-checker</option></arg>
 
80
        </group>
 
81
        <sbr/>
 
82
        <group>
 
83
          <arg choice="plain"><option>--stop-checker</option></arg>
 
84
        </group>
 
85
        <sbr/>
 
86
        <group>
 
87
          <arg choice="plain"><option>--remove</option></arg>
 
88
          <arg choice="plain"><option>-r</option></arg>
 
89
        </group>
 
90
        <sbr/>
 
91
        <group>
 
92
          <arg choice="plain"><option>--checker
 
93
          <replaceable>COMMAND</replaceable></option></arg>
 
94
          <arg choice="plain"><option>-c
 
95
          <replaceable>COMMAND</replaceable></option></arg>
 
96
        </group>
 
97
        <sbr/>
 
98
        <group>
 
99
          <arg choice="plain"><option>--timeout
 
100
          <replaceable>TIME</replaceable></option></arg>
 
101
          <arg choice="plain"><option>-t
 
102
          <replaceable>TIME</replaceable></option></arg>
 
103
        </group>
 
104
        <sbr/>
 
105
        <group>
 
106
          <arg choice="plain"><option>--extended-timeout
 
107
          <replaceable>TIME</replaceable></option></arg>
 
108
        </group>
 
109
        <sbr/>
 
110
        <group>
 
111
          <arg choice="plain"><option>--interval
 
112
          <replaceable>TIME</replaceable></option></arg>
 
113
          <arg choice="plain"><option>-i
 
114
          <replaceable>TIME</replaceable></option></arg>
 
115
        </group>
 
116
        <sbr/>
 
117
        <group>
 
118
          <arg choice="plain"><option>--approve-by-default</option
 
119
          ></arg>
 
120
          <sbr/>
 
121
          <arg choice="plain"><option>--deny-by-default</option></arg>
 
122
        </group>
 
123
        <sbr/>
 
124
        <group>
 
125
          <arg choice="plain"><option>--approval-delay
 
126
          <replaceable>TIME</replaceable></option></arg>
 
127
        </group>
 
128
        <sbr/>
 
129
        <group>
 
130
          <arg choice="plain"><option>--approval-duration
 
131
          <replaceable>TIME</replaceable></option></arg>
 
132
        </group>
 
133
        <sbr/>
 
134
        <group>
 
135
          <arg choice="plain"><option>--interval
 
136
          <replaceable>TIME</replaceable></option></arg>
 
137
          <arg choice="plain"><option>-i
 
138
          <replaceable>TIME</replaceable></option></arg>
 
139
        </group>
 
140
        <sbr/>
 
141
        <group>
 
142
          <arg choice="plain"><option>--host
 
143
          <replaceable>STRING</replaceable></option></arg>
 
144
          <arg choice="plain"><option>-H
 
145
          <replaceable>STRING</replaceable></option></arg>
 
146
        </group>
 
147
        <sbr/>
 
148
        <group>
 
149
          <arg choice="plain"><option>--secret
 
150
          <replaceable>FILENAME</replaceable></option></arg>
 
151
          <arg choice="plain"><option>-s
 
152
          <replaceable>FILENAME</replaceable></option></arg>
 
153
        </group>
 
154
        <sbr/>
 
155
        <group>
 
156
          <arg choice="plain"><option>--approve</option></arg>
 
157
          <arg choice="plain"><option>-A</option></arg>
 
158
          <sbr/>
 
159
          <arg choice="plain"><option>--deny</option></arg>
 
160
          <arg choice="plain"><option>-D</option></arg>
 
161
        </group>
158
162
      </group>
159
163
      <sbr/>
160
164
      <group choice="req">
168
172
    <cmdsynopsis>
169
173
      <command>&COMMANDNAME;</command>
170
174
      <group>
171
 
        <arg choice="plain"><option>--verbose</option></arg>
172
 
        <arg choice="plain"><option>-v</option></arg>
 
175
          <arg choice="plain"><option>--verbose</option></arg>
 
176
          <arg choice="plain"><option>-v</option></arg>
 
177
          <sbr/>
 
178
          <arg choice="plain"><option>--dump-json</option></arg>
 
179
          <arg choice="plain"><option>-j</option></arg>
173
180
      </group>
174
181
      <group>
175
182
        <arg rep='repeat' choice='plain'>
208
215
  <refsect1 id="description">
209
216
    <title>DESCRIPTION</title>
210
217
    <para>
211
 
      <command>&COMMANDNAME;</command> is a program to control the
212
 
      operation of the Mandos server <citerefentry><refentrytitle
213
 
      >mandos</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
 
218
      <command>&COMMANDNAME;</command> is a program to control or
 
219
      query the operation of the Mandos server
 
220
      <citerefentry><refentrytitle>mandos</refentrytitle><manvolnum
 
221
      >8</manvolnum></citerefentry>.
214
222
    </para>
215
223
    <para>
216
224
      This program can be used to change client settings, approve or
474
482
      </varlistentry>
475
483
      
476
484
      <varlistentry>
 
485
        <term><option>--dump-json</option></term>
 
486
        <term><option>-j</option></term>
 
487
        <listitem>
 
488
          <para>
 
489
            Dump client settings as JSON to standard output.
 
490
          </para>
 
491
        </listitem>
 
492
      </varlistentry>
 
493
      
 
494
      <varlistentry>
477
495
        <term><option>--is-enabled</option></term>
478
496
        <term><option>-V</option></term>
479
497
        <listitem>