-.Dd 2011-01-02
+.Dd 2013-01-14
.Dt TINCD 8
.\" Manual page created by:
.\" Ivo Timmermans
.Nd tinc VPN daemon
.Sh SYNOPSIS
.Nm
-.Op Fl cdDKnLRU
+.Op Fl cdDKnsoLRU
.Op Fl -config Ns = Ns Ar DIR
.Op Fl -no-detach
.Op Fl -debug Ns Op = Ns Ar LEVEL
.Op Fl -net Ns = Ns Ar NETNAME
+.Op Fl -option Ns = Ns Ar [HOST.]KEY=VALUE
.Op Fl -mlock
.Op Fl -logfile Ns Op = Ns Ar FILE
+.Op Fl -syslog
.Op Fl -bypass-security
.Op Fl -chroot
.Op Fl -user Ns = Ns Ar USER
it will detach from the controlling terminal and continue in the background,
accepting and setting up connections to other tinc daemons
that are part of the virtual private network.
-Under Windows (not Cygwin) tinc will install itself as a service,
+Under Windows tinc will install itself as a service,
which will be restarted automatically after reboots.
.Sh OPTIONS
.Bl -tag -width indent
.Ar NETNAME
is the same as not specifying any
.Ar NETNAME .
+.It Fl o, -option Ns = Ns Ar [HOST.]KEY=VALUE
+Without specifying a
+.Ar HOST ,
+this will set server configuration variable
+.Ar KEY
+to
+.Ar VALUE .
+If specified as
+.Ar HOST.KEY=VALUE ,
+this will set the host configuration variable
+.Ar KEY
+of the host named
+.Ar HOST
+to
+.Ar VALUE .
+This option can be used more than once to specify multiple configuration variables.
.It Fl L, -mlock
Lock tinc into main memory.
This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
+This option is not supported on all platforms.
.It Fl -logfile Ns Op = Ns Ar FILE
Write log entries to a file instead of to the system logging facility.
If
.Ar FILE
is omitted, the default is
.Pa @localstatedir@/log/tinc. Ns Ar NETNAME Ns Pa .log.
-.It Fl -controlsocket Ns = Ns Ar FILENAME
-Open control socket at
-.Ar FILENAME .
+.It Fl s, -syslog
+When this option is is set, tinc uses syslog instead of stderr in --no-detach mode.
+.It Fl -pidfile Ns = Ns Ar FILENAME
+Store a cookie in
+.Ar FILENAME
+which allows
+.Xr tinc 8
+to authenticate.
If
.Ar FILE
is omitted, the default is
-.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .control.
+.Pa @runstatedir@/tinc. Ns Ar NETNAME Ns Pa .pid.
.It Fl -bypass-security
Disables encryption and authentication of the meta protocol.
Only useful for debugging.
With this option tinc chroots into the directory where network
config is located (@sysconfdir@/tinc/NETNAME if -n option is used,
or to the directory specified with -c option) after initialization.
+This option is not supported on all platforms.
.It Fl U, -user Ns = Ns Ar USER
setuid to the specified
.Ar USER
after initialization.
+This option is not supported on all platforms.
.It Fl -help
Display short list of options.
.It Fl -version
.El
.Sh SIGNALS
.Bl -tag -width indent
+.It ALRM
+Forces
+.Nm
+to try to connect to all uplinks immediately.
+Usually
+.Nm
+attempts to do this itself,
+but increases the time it waits between the attempts each time it failed,
+and if
+.Nm
+didn't succeed to connect to an uplink the first time after it started,
+it defaults to the maximum time of 15 minutes.
.It HUP
Partially rereads configuration files.
Connections to hosts whose host config file are removed are closed.
.Fl -logfile
option is used, this will also close and reopen the log file,
useful when log rotation is used.
-.It INT
-Temporarily increases debug level to 5.
-Send this signal again to revert to the original level.
-.It USR1
-Dumps the connection list to syslog.
-.It USR2
-Dumps virtual network device statistics, all known nodes, edges and subnets to syslog.
-.It WINCH
-Purges all information remembered about unreachable nodes.
.El
.Sh DEBUG LEVELS
The tinc daemon can send a lot of messages to the syslog.
Directory containing the configuration files tinc uses.
For more information, see
.Xr tinc.conf 5 .
-.It Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid
+.It Pa @runstatedir@/tinc. Ns Ar NETNAME Ns Pa .pid
The PID of the currently running
.Nm
is stored in this file.
.Sh TODO
A lot, especially security auditing.
.Sh SEE ALSO
-.Xr tincctl 8 ,
+.Xr tinc 8 ,
.Xr tinc.conf 5 ,
-.Pa http://www.tinc-vpn.org/ ,
+.Pa https://www.tinc-vpn.org/ ,
.Pa http://www.cabal.org/ .
.Pp
The full documentation for tinc is maintained as a Texinfo manual.