.Dd 2002-03-25
.Dt TINCD 8
.\" Manual page created by:
-.\" Ivo Timmermans <ivo@o2w.nl>
-.\" Guus Sliepen <guus@sliepen.eu.org>
+.\" Ivo Timmermans
+.\" Guus Sliepen <guus@tinc-vpn.org>
.Sh NAME
.Nm tincd
.Nd tinc VPN daemon
.Sh SYNOPSIS
.Nm
-.Op Fl cdDkKnL
+.Op Fl cdDKnL
.Op Fl -config Ns = Ns Ar DIR
.Op Fl -no-detach
.Op Fl -debug Ns Op = Ns Ar LEVEL
-.Op Fl -kill Ns Op = Ns Ar SIGNAL
.Op Fl -net Ns = Ns Ar NETNAME
-.Op Fl -generate-keys Ns Op = Ns Ar BITS
.Op Fl -mlock
.Op Fl -logfile Ns Op = Ns Ar FILE
-.Op Fl -pidfile Ns = Ns Ar FILE
.Op Fl -bypass-security
.Op Fl -help
.Op Fl -version
it will detach from the controlling terminal and continue in the background,
accepting and setting up connections to other tinc daemons
that are part of the virtual private network.
-Under Windows (native) tinc will install itself as a service,
+Under Windows (not Cygwin) tinc will install itself as a service,
which will be restarted automatically after reboots.
.Sh OPTIONS
.Bl -tag -width indent
.It Fl c, -config Ns = Ns Ar DIR
-Read configuration options from
-.Ar DIR .
+Read configuration files from
+.Ar DIR
+instead of
+.Pa @sysconfdir@/tinc/ .
.It Fl D, -no-detach
Don't fork and detach.
This will also disable the automatic restart mechanism for fatal errors.
+If not mentioned otherwise, this will show log messages on the standard error output.
.It Fl d, -debug Ns Op = Ns Ar LEVEL
Increase debug level or set it to
.Ar LEVEL
(see below).
-.It Fl k, -kill Ns Op = Ns Ar SIGNAL
-Attempt to kill a running
-.Nm
-(optionally with the specified
-.Ar SIGNAL
-instead of SIGTERM) and exit.
-Under native Windows the optional argument is ignored,
-the service will always be stopped and removed.
.It Fl n, -net Ns = Ns Ar NETNAME
Connect to net
.Ar NETNAME .
-.It Fl K, -generate-keys Ns Op = Ns Ar BITS
-Generate public/private RSA keypair and exit.
-If
-.Ar BITS
-is omitted, the default length will be 1024 bits.
.It Fl L, -mlock
Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
.Ar FILE
is omitted, the default is
.Pa @localstatedir@/log/tinc. Ns Ar NETNAME Ns Pa .log.
-.It Fl -pidfile Ns = Ns Ar FILE
-Write PID to
+.It Fl -controlsocket Ns = Ns Ar FILENAME
+Open control socket at
+.Ar FILENAME .
+If
.Ar FILE
-instead of
-.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid.
+is omitted, the default is
+.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .control.
.It Fl -bypass-security
Disables encryption and authentication of the meta protocol.
Only useful for debugging.
This will log a message indicating
.Nm
has started along with a version number.
-It will also any serious error.
+It will also log any serious error.
.It 1
This will log all connections that are made with other tinc daemons.
.It 2
-This will log status and error messages from other tinc daemons.
+This will log status and error messages from scripts and other tinc daemons.
.It 3
This will log all requests that are exchanged with other tinc daemons. These include
authentication, key exchange and connection list updates.
.El
.Sh FILES
.Bl -tag -width indent
-.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc.conf
-The configuration file for
-.Nm .
-.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-up
-Script which is executed as soon as the virtual network device has been allocated.
-Purpose is to further configure that device.
-.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /tinc-down
-Script which is executed when
-.Nm
-exits.
-Purpose is to cleanly shut down the virtual network device before it will be deallocated.
-.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/*
-The directory containing the host configuration files
-used to authenticate other tinc daemons.
-.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Ns Ar NAME Ns Pa -up
-Script which is executed as soon as host
-.Ar NAME
-becomes reachable.
-.It Pa @sysconfdir@/tinc/ Ns Ar NETNAME Ns Pa /hosts/ Ns Ar NAME Ns Pa -down
-Script which is executed as soon as host
-.Ar NAME
-becomes unreachable.
+.It Pa @sysconfdir@/tinc/
+Directory containing the configuration files tinc uses.
+For more information, see
+.Xr tinc.conf 5 .
.It Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid
The PID of the currently running
.Nm
.Pp
.Sy The cryptography in tinc is not well tested yet. Use it at your own risk!
.Pp
-If you find any bugs, report them to tinc@nl.linux.org.
+If you find any bugs, report them to tinc@tinc-vpn.org.
.Sh TODO
A lot, especially security auditing.
.Sh SEE ALSO
+.Xr tincctl 8 ,
.Xr tinc.conf 5 ,
-.Pa http://tinc.nl.linux.org/ ,
+.Pa http://www.tinc-vpn.org/ ,
.Pa http://www.cabal.org/ .
.Pp
The full documentation for tinc is maintained as a Texinfo manual.
This is free software, and you are welcome to redistribute it under certain conditions;
see the file COPYING for details.
.Sh AUTHORS
-.An "Ivo Timmermans" Aq ivo@o2w.nl
-.An "Guus Sliepen" Aq guus@sliepen.eu.org
+.An "Ivo Timmermans"
+.An "Guus Sliepen" Aq guus@tinc-vpn.org
.Pp
And thanks to many others for their contributions to tinc!