X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftincd.8.in;h=195869b60cd14812a4e93a74383bff6d24984500;hp=e7789f01dd4a32d551398e667459a0020390a2b6;hb=ba25e899d0f13f84a0300240b8f67df818dcafa6;hpb=42e01abd54bd36ee84a45a2b646cfa27034de8d1 diff --git a/doc/tincd.8.in b/doc/tincd.8.in index e7789f01..195869b6 100644 --- a/doc/tincd.8.in +++ b/doc/tincd.8.in @@ -1,24 +1,27 @@ -.Dd 2002-03-25 +.Dd 2014-05-11 .Dt TINCD 8 .\" Manual page created by: -.\" Ivo Timmermans -.\" Guus Sliepen +.\" Ivo Timmermans +.\" Guus Sliepen .Sh NAME .Nm tincd .Nd tinc VPN daemon .Sh SYNOPSIS .Nm -.Op Fl cdDkKnL +.Op Fl cdDkKnoLRU .Op Fl -config Ns = Ns Ar DIR .Op Fl -no-detach .Op Fl -debug Ns Op = Ns Ar LEVEL .Op Fl -kill Ns Op = Ns Ar SIGNAL .Op Fl -net Ns = Ns Ar NETNAME .Op Fl -generate-keys Ns Op = Ns Ar BITS +.Op Fl -option Ns = Ns Ar [HOST.]KEY=VALUE .Op Fl -mlock .Op Fl -logfile Ns Op = Ns Ar FILE .Op Fl -pidfile Ns = Ns Ar FILE .Op Fl -bypass-security +.Op Fl -chroot +.Op Fl -user Ns = Ns Ar USER .Op Fl -help .Op Fl -version .Sh DESCRIPTION @@ -62,13 +65,37 @@ the service will always be stopped and removed. .It Fl n, -net Ns = Ns Ar NETNAME Connect to net .Ar NETNAME . +This will let tinc read all configuration files from +.Pa @sysconfdir@/tinc/ Ar NETNAME . +Specifying +.Li . +for +.Ar NETNAME +is the same as not specifying any +.Ar NETNAME . .It Fl K, -generate-keys Ns Op = Ns Ar BITS Generate public/private RSA keypair and exit. If .Ar BITS -is omitted, the default length will be 1024 bits. +is omitted, the default length will be 2048 bits. When saving keys to existing files, tinc will not delete the old keys, you have to remove them manually. +.It Fl o, -option Ns = Ns Ar [HOST.]KEY=VALUE +Without specifying a +.Ar HOST , +this will set server configuration variable +.Ar KEY +to +.Ar VALUE . +If specified as +.Ar HOST.KEY=VALUE , +this will set the host configuration variable +.Ar KEY +of the host named +.Ar HOST +to +.Ar VALUE . +This option can be used more than once to specify multiple configuration variables. .It Fl L, -mlock Lock tinc into main memory. This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. @@ -87,6 +114,14 @@ Under Windows this option will be ignored. .It Fl -bypass-security Disables encryption and authentication of the meta protocol. Only useful for debugging. +.It Fl R, -chroot +With this option tinc chroots into the directory where network +config is located (@sysconfdir@/tinc/NETNAME if -n option is used, +or to the directory specified with -c option) after initialization. +.It Fl U, -user Ns = Ns Ar USER +setuid to the specified +.Ar USER +after initialization. .It Fl -help Display short list of options. .It Fl -version @@ -112,6 +147,10 @@ Connections to hosts whose host config file are removed are closed. New outgoing connections specified in .Pa tinc.conf will be made. +If the +.Fl -logfile +option is used, this will also close and reopen the log file, +useful when log rotation is used. .It INT Temporarily increases debug level to 5. Send this signal again to revert to the original level. @@ -163,12 +202,12 @@ option may not work correctly. .Pp .Sy The cryptography in tinc is not well tested yet. Use it at your own risk! .Pp -If you find any bugs, report them to tinc@nl.linux.org. +If you find any bugs, report them to tinc@tinc-vpn.org. .Sh TODO A lot, especially security auditing. .Sh SEE ALSO .Xr tinc.conf 5 , -.Pa http://tinc.nl.linux.org/ , +.Pa https://www.tinc-vpn.org/ , .Pa http://www.cabal.org/ . .Pp The full documentation for tinc is maintained as a Texinfo manual. @@ -181,7 +220,7 @@ tinc comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions; see the file COPYING for details. .Sh AUTHORS -.An "Ivo Timmermans" Aq ivo@o2w.nl -.An "Guus Sliepen" Aq guus@sliepen.eu.org +.An "Ivo Timmermans" +.An "Guus Sliepen" Aq guus@tinc-vpn.org .Pp And thanks to many others for their contributions to tinc!