/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos.conf.xml

  • Committer: Teddy Hogeborn
  • Date: 2019-02-10 03:50:20 UTC
  • Revision ID: teddy@recompile.se-20190210035020-nttr1tybgwwixueu
http://bugs.debian.org/879538
http://bugs.debian.org/916673
Show debconf note about new TLS key IDs

If mandos-client did not see TLS keys and had to create them, or if
mandos sees GnuTLS version 3.6.6 or later, show an important notice on
package installation about the importance of adding the new key_id
options to clients.conf on the Mandos server.

* debian/control (Package: mandos, Package: mandos-client): Depend on
                                                            debconf.
* debian/mandos-client.lintian-overrides: Override warnings.
* debian/mandos-client.postinst (create_keys): Show notice if new TLS
                                               key files were created.
* debian/mandos-client.templates: New.
* debian/mandos.lintian-overrides: Override warnings.
* debian/mandos.postinst (configure): If GnuTLS 3.6.6 or later is
                                      detected, show an important
                                      notice (once) about the new
                                      key_id option required in
                                      clients.conf.
* debian/mandos.templates: New.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos.conf.xml
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY CONFNAME "mandos.conf">
5
5
<!ENTITY CONFPATH "<filename>/etc/mandos/mandos.conf</filename>">
6
 
<!ENTITY TIMESTAMP "2009-02-25">
 
6
<!ENTITY TIMESTAMP "2018-02-08">
7
7
<!ENTITY % common SYSTEM "common.ent">
8
8
%common;
9
9
]>
20
20
        <firstname>Björn</firstname>
21
21
        <surname>Påhlsson</surname>
22
22
        <address>
23
 
          <email>belorn@fukt.bsnet.se</email>
 
23
          <email>belorn@recompile.se</email>
24
24
        </address>
25
25
      </author>
26
26
      <author>
27
27
        <firstname>Teddy</firstname>
28
28
        <surname>Hogeborn</surname>
29
29
        <address>
30
 
          <email>teddy@fukt.bsnet.se</email>
 
30
          <email>teddy@recompile.se</email>
31
31
        </address>
32
32
      </author>
33
33
    </authorgroup>
34
34
    <copyright>
35
35
      <year>2008</year>
36
36
      <year>2009</year>
 
37
      <year>2010</year>
 
38
      <year>2011</year>
 
39
      <year>2012</year>
 
40
      <year>2013</year>
 
41
      <year>2014</year>
 
42
      <year>2015</year>
 
43
      <year>2016</year>
 
44
      <year>2017</year>
 
45
      <year>2018</year>
37
46
      <holder>Teddy Hogeborn</holder>
38
47
      <holder>Björn Påhlsson</holder>
39
48
    </copyright>
153
162
        </listitem>
154
163
      </varlistentry>
155
164
      
 
165
      <varlistentry>
 
166
        <term><option>restore<literal> = </literal>{ <literal
 
167
          >1</literal> | <literal>yes</literal> | <literal
 
168
          >true</literal> | <literal>on</literal> | <literal
 
169
          >0</literal> | <literal>no</literal> | <literal
 
170
          >false</literal> | <literal>off</literal> }</option></term>
 
171
        <listitem>
 
172
          <xi:include href="mandos-options.xml" xpointer="restore"/>
 
173
        </listitem>
 
174
      </varlistentry>
 
175
      
 
176
      <varlistentry>
 
177
        <term><option>statedir<literal> = </literal><replaceable
 
178
        >DIRECTORY</replaceable></option></term>
 
179
        <listitem>
 
180
          <xi:include href="mandos-options.xml" xpointer="statedir"/>
 
181
        </listitem>
 
182
      </varlistentry>
 
183
      
 
184
      <varlistentry>
 
185
        <term><option>socket<literal> = </literal><replaceable
 
186
        >NUMBER</replaceable></option></term>
 
187
        <listitem>
 
188
          <xi:include href="mandos-options.xml" xpointer="socket"/>
 
189
        </listitem>
 
190
      </varlistentry>
 
191
      
156
192
    </variablelist>
157
193
  </refsect1>
158
194
  
170
206
      built-in module <systemitem class="library">ConfigParser</systemitem>
171
207
      requires it.
172
208
    </para>
 
209
    <xi:include href="bugs.xml"/>
173
210
  </refsect1>
174
211
  
175
212
  <refsect1 id="example">
192
229
interface = eth0
193
230
address = fe80::aede:48ff:fe71:f6f2
194
231
port = 1025
195
 
debug = true
196
 
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP
 
232
debug = True
 
233
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:!RSA
197
234
servicename = Daena
198
235
use_dbus = False
199
236
use_ipv6 = True
 
237
restore = True
 
238
statedir = /var/lib/mandos
200
239
      </programlisting>
201
240
    </informalexample>
202
241
  </refsect1>
204
243
  <refsect1 id="see_also">
205
244
    <title>SEE ALSO</title>
206
245
    <para>
 
246
      <citerefentry><refentrytitle>intro</refentrytitle>
 
247
      <manvolnum>8mandos</manvolnum></citerefentry>,
207
248
      <citerefentry><refentrytitle>gnutls_priority_init</refentrytitle
208
249
      ><manvolnum>3</manvolnum></citerefentry>,
209
250
      <citerefentry><refentrytitle>mandos</refentrytitle>