From 6c453769fd16125ec18e8e6d102a3eaa09d370c7 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Tue, 4 Sep 2007 15:06:35 +0000 Subject: [PATCH] Apply patch from Scott Lamb: Update documentation to match tincctl changes --- doc/Makefile.am | 12 +++-- doc/tinc.texi | 117 ++++++++++++++++++++++++++++++++++------- doc/tincd.8.in | 32 +++--------- po/nl.po | 135 +++++++++++++++++++++++++++--------------------- src/tincd.c | 1 + 5 files changed, 192 insertions(+), 105 deletions(-) diff --git a/doc/Makefile.am b/doc/Makefile.am index 7c49d844..66de6d93 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -2,11 +2,11 @@ info_TEXINFOS = tinc.texi -man_MANS = tincd.8 tinc.conf.5 +man_MANS = tincd.8 tincctl.8 tinc.conf.5 -EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz +EXTRA_DIST = tincinclude.texi.in tincd.8.in tincctl.8.in tinc.conf.5.in sample-config.tar.gz -CLEANFILES = *.html tinc.info tincd.8 tinc.conf.5 tincinclude.texi +CLEANFILES = *.html tinc.info tincd.8 tincctl.8 tinc.conf.5 tincinclude.texi # Use `ginstall' in the definition of man_MANS to avoid # confusion with the `install' target. The install rule transforms `ginstall' @@ -25,6 +25,9 @@ texi2html: tinc.texi tincd.8.html: tincd.8 w3mman2html $< > $@ +tincctl.8.html: tincctl.8 + w3mman2html $< > $@ + tinc.conf.5.html: tinc.conf.5 w3mman2html $< > $@ @@ -37,6 +40,9 @@ substitute = sed \ tincd.8: tincd.8.in $(substitute) tincd.8.in > tincd.8 +tincctl.8: tincctl.8.in + $(substitute) tincctl.8.in > tincctl.8 + tinc.conf.5: tinc.conf.5.in $(substitute) tinc.conf.5.in > tinc.conf.5 diff --git a/doc/tinc.texi b/doc/tinc.texi index c968eb30..2ea54be2 100644 --- a/doc/tinc.texi +++ b/doc/tinc.texi @@ -71,6 +71,7 @@ permission notice identical to this one. * Installation:: * Configuration:: * Running tinc:: +* Controlling tinc:: * Technical information:: * Platform specific information:: * About us:: @@ -981,7 +982,7 @@ accidental eavesdropping if you are editting the configuration file. @cindex PrivateKeyFile @item PrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/rsa_key.priv}) This is the full path name of the RSA private key file that was -generated by @samp{tincd --generate-keys}. It must be a full path, not a +generated by @samp{tincctl generate-keys}. It must be a full path, not a relative directory. Note that there must be exactly one of PrivateKey @@ -1053,7 +1054,7 @@ This is the RSA public key for this host. @cindex PublicKeyFile @item PublicKeyFile = <@var{path}> [obsolete] This is the full path name of the RSA public key file that was generated -by @samp{tincd --generate-keys}. It must be a full path, not a relative +by @samp{tincctl generate-keys}. It must be a full path, not a relative directory. @cindex PEM format @@ -1230,7 +1231,7 @@ Now that you have already created the main configuration file and your host conf you can easily create a public/private keypair by entering the following command: @example -tincd -n @var{netname} -K +tincctl -n @var{netname} generate-keys @end example Tinc will generate a public and a private key and ask you where to put them. @@ -1459,7 +1460,7 @@ Address = 4.5.6.7 A, B, C and D all have generated a public/private keypair with the following command: @example -tincd -n company -K +tincctl -n company generate-keys @end example The private key is stored in @file{@value{sysconfdir}/tinc/company/rsa_key.priv}, @@ -1525,20 +1526,12 @@ This will also disable the automatic restart mechanism for fatal errors. Set debug level to @var{level}. The higher the debug level, the more gets logged. Everything goes via syslog. -@item -k, --kill[=@var{signal}] -Attempt to kill a running tincd (optionally with the specified @var{signal} instead of SIGTERM) and exit. -Use it in conjunction with the -n option to make sure you kill the right tinc daemon. -Under native Windows the optional argument is ignored, -the service will always be stopped and removed. - @item -n, --net=@var{netname} Use configuration for net @var{netname}. @xref{Multiple networks}. -@item -K, --generate-keys[=@var{bits}] -Generate public/private keypair of @var{bits} length. If @var{bits} is not specified, -1024 is the default. tinc will ask where you want to store the files, -but will default to the configuration directory (you can use the -c or -n option -in combination with -K). After that, tinc will quit. +@item --controlsocket=@var{filename} +Open control socket at @var{filename}. If unspecified, the default is +@file{@value{localstatedir}/run/tinc.@var{netname}.control}. @item -L, --mlock Lock tinc into main memory. @@ -1548,9 +1541,6 @@ This will prevent sensitive data like shared private keys to be written to the s Write log entries to a file instead of to the system logging facility. If @var{file} is omitted, the default is @file{@value{localstatedir}/log/tinc.@var{netname}.log}. -@item --pidfile=@var{file} -Write PID to @var{file} instead of @file{@value{localstatedir}/run/tinc.@var{netname}.pid}. - @item --bypass-security Disables encryption and authentication. Only useful for debugging. @@ -1792,6 +1782,97 @@ Be sure to include the following information in your bugreport: @item The output of any command that fails to work as it should (like ping or traceroute). @end itemize +@c ================================================================== +@node Controlling tinc +@chapter Controlling tinc + +You can control and inspect a running @samp{tincd} through the @samp{tincctl} +command. A quick example: + +@example +tincctl -n @var{netname} reload +@end example + +@menu +* tincctl runtime options:: +* tincctl commands:: +@end menu + + +@c ================================================================== +@node tincctl runtime options +@section tincctl runtime options + +@c from the manpage +@table @option +@item -c, --config=@var{path} +Read configuration options from the directory @var{path}. The default is +@file{@value{sysconfdir}/tinc/@var{netname}/}. + +@item -n, --net=@var{netname} +Use configuration for net @var{netname}. @xref{Multiple networks}. + +@item --controlsocket=@var{filename} +Open control socket at @var{filename}. If unspecified, the default is +@file{@value{localstatedir}/run/tinc.@var{netname}.control}. + +@item --help +Display a short reminder of runtime options and commands, then terminate. + +@item --version +Output version information and exit. + +@end table + + +@c ================================================================== +@node tincctl commands +@section tincctl commands + +@c from the manpage +@table @code + +@item start +Start @samp{tincd}. + +@item stop +Stop @samp{tincd}. + +@item restart +Restart @samp{tincd}. + +@item reload +Partially rereads configuration files. Connections to hosts whose host +config files are removed are closed. New outgoing connections specified +in @file{tinc.conf} will be made. + +@item pid +Shows the PID of the currently running @samp{tincd}. + +@item generate-keys [@var{bits}] +Generate public/private keypair of @var{bits} length. If @var{bits} is not specified, +1024 is the default. tinc will ask where you want to store the files, +but will default to the configuration directory (you can use the -c or -n +option). + +@item dump nodes +Dump a list of all known nodes in the VPN. + +@item dump edges +Dump a list of all known connections in the VPN. + +@item dump subnets +Dump a list of all known subnets in the VPN. + +@item dump connections +Dump a list of all meta connections with ourself. + +@item dump graph +Dump a graph of the VPN in dotty format. + +@end table + + @c ================================================================== @node Technical information @chapter Technical information diff --git a/doc/tincd.8.in b/doc/tincd.8.in index 97654f33..37a134e0 100644 --- a/doc/tincd.8.in +++ b/doc/tincd.8.in @@ -8,16 +8,13 @@ .Nd tinc VPN daemon .Sh SYNOPSIS .Nm -.Op Fl cdDkKnL +.Op Fl cdDKnL .Op Fl -config Ns = Ns Ar DIR .Op Fl -no-detach .Op Fl -debug Ns Op = Ns Ar LEVEL -.Op Fl -kill Ns Op = Ns Ar SIGNAL .Op Fl -net Ns = Ns Ar NETNAME -.Op Fl -generate-keys Ns Op = Ns Ar BITS .Op Fl -mlock .Op Fl -logfile Ns Op = Ns Ar FILE -.Op Fl -pidfile Ns = Ns Ar FILE .Op Fl -bypass-security .Op Fl -help .Op Fl -version @@ -51,24 +48,9 @@ If not mentioned otherwise, this will show log messages on the standard error ou Increase debug level or set it to .Ar LEVEL (see below). -.It Fl k, -kill Ns Op = Ns Ar SIGNAL -Attempt to kill a running -.Nm -(optionally with the specified -.Ar SIGNAL -instead of SIGTERM) and exit. -Under Windows (not Cygwin) the optional argument is ignored, -the service will always be stopped and removed. .It Fl n, -net Ns = Ns Ar NETNAME Connect to net .Ar NETNAME . -.It Fl K, -generate-keys Ns Op = Ns Ar BITS -Generate public/private RSA keypair and exit. -If -.Ar BITS -is omitted, the default length will be 1024 bits. -When saving keys to existing files, tinc will not delete the old keys, -you have to remove them manually. .It Fl L, -mlock Lock tinc into main memory. This will prevent sensitive data like shared private keys to be written to the system swap files/partitions. @@ -78,12 +60,13 @@ If .Ar FILE is omitted, the default is .Pa @localstatedir@/log/tinc. Ns Ar NETNAME Ns Pa .log. -.It Fl -pidfile Ns = Ns Ar FILE -Write PID to +.It Fl -controlsocket Ns = Ns Ar FILENAME +Open control socket at +.Ar FILENAME . +If .Ar FILE -instead of -.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid. -Under Windows this option will be ignored. +is omitted, the default is +.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .control. .It Fl -bypass-security Disables encryption and authentication of the meta protocol. Only useful for debugging. @@ -167,6 +150,7 @@ If you find any bugs, report them to tinc@tinc-vpn.org. .Sh TODO A lot, especially security auditing. .Sh SEE ALSO +.Xr tincctl 8 , .Xr tinc.conf 5 , .Pa http://www.tinc-vpn.org/ , .Pa http://www.cabal.org/ . diff --git a/po/nl.po b/po/nl.po index 198f8008..d67f25ed 100644 --- a/po/nl.po +++ b/po/nl.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: tinc 1.0-svn\n" "Report-Msgid-Bugs-To: tinc-devel@tinc-vpn.org\n" -"POT-Creation-Date: 2007-01-05 14:14+0100\n" +"POT-Creation-Date: 2007-03-07 18:48+0100\n" "PO-Revision-Date: 2007-01-05 14:14+0100\n" "Last-Translator: Guus Sliepen \n" "Language-Team: Dutch\n" @@ -90,16 +90,16 @@ msgstr "iedereen" msgid "BROADCAST" msgstr "BROADCAST" -#: src/connection.c:120 +#: src/connection.c:115 msgid "Connections:" msgstr "Verbindingen:" -#: src/connection.c:124 +#: src/connection.c:119 #, c-format msgid " %s at %s options %lx socket %d status %04x outbuf %d/%d/%d" msgstr " %s op %s opties %lx socket %d status %04x outbuf %d/%d/%d" -#: src/connection.c:129 +#: src/connection.c:124 msgid "End of connections." msgstr "Einde van verbindingen." @@ -161,52 +161,57 @@ msgstr "Verwijderen onbereikbare nodes" msgid "Purging node %s (%s)" msgstr "Verwijdering node %s (%s)" -#: src/net.c:173 +#: src/net.c:159 #, c-format msgid "Closing connection with %s (%s)" msgstr "Beëindigen verbinding met %s (%s)" -#: src/net.c:244 +#: src/net.c:230 #, c-format msgid "%s (%s) didn't respond to PING in %ld seconds" msgstr "%s (%s) antwoordde niet binnen %ld seconden op PING" -#: src/net.c:253 +#: src/net.c:239 #, c-format msgid "Old connection_t for %s (%s) status %04x still lingering, deleting..." msgstr "" "Oude connection_t voor %s (%s) status %04x nog steeds aanwezig, wordt " "verwijderd..." -#: src/net.c:258 +#: src/net.c:244 #, c-format msgid "Timeout from %s (%s) during authentication" msgstr "Timeout van %s (%s) tijdens authenticatie" -#: src/net.c:273 +#: src/net.c:259 #, c-format msgid "%s (%s) could not flush for %ld seconds (%d bytes remaining)" msgstr "%s (%s) kon niet binnen %ld seconden wegschrijven (%d bytes over)" -#: src/net.c:318 +#: src/net.c:286 #, c-format msgid "Error while connecting to %s (%s): %s" msgstr "Fout tijdens schrijven naar %s (%s): %s" -#: src/net.c:383 +#: src/net.c:345 +#, fuzzy, c-format +msgid "Error building fdset: %s" +msgstr "Fout tijdens lezen van standaardinvoer: %s\n" + +#: src/net.c:354 #, c-format msgid "Error while waiting for input: %s" msgstr "Fout tijdens wachten op invoer: %s" -#: src/net.c:414 +#: src/net.c:383 msgid "Regenerating symmetric key" msgstr "Hergenereren symmetrische sleutel" -#: src/net.c:431 +#: src/net.c:400 msgid "Flushing event queue" msgstr "Legen taakrij" -#: src/net.c:455 +#: src/net.c:419 msgid "Unable to reread configuration file, exitting." msgstr "Kan configuratiebestand niet herlezen, beëindigen." @@ -287,9 +292,9 @@ msgstr "Fout tijdens versleutelen pakket naar %s (%s): %s" msgid "Setting outgoing packet priority to %d" msgstr "Instellen prioriteit uitgaand pakket op %d" -#: src/net_packet.c:393 src/net_setup.c:478 src/net_socket.c:129 -#: src/net_socket.c:158 src/tincd.c:435 src/tincd.c:472 src/process.c:198 -#: src/process.c:231 src/process.c:428 src/bsd/device.c:93 +#: src/net_packet.c:393 src/net_setup.c:487 src/net_socket.c:129 +#: src/net_socket.c:158 src/tincd.c:435 src/tincd.c:477 src/process.c:198 +#: src/process.c:231 src/process.c:430 src/bsd/device.c:93 #: src/bsd/device.c:112 src/cygwin/device.c:140 src/cygwin/device.c:171 #: src/mingw/device.c:73 src/mingw/device.c:82 src/mingw/device.c:87 #: src/mingw/device.c:256 src/mingw/device.c:263 src/mingw/device.c:268 @@ -340,113 +345,118 @@ msgstr "Ontvangst pakket mislukt: %s" msgid "Received UDP packet from unknown source %s" msgstr "Ontvangst UDP pakket van onbekende oorsprong %s" -#: src/net_setup.c:77 src/net_setup.c:94 +#: src/net_setup.c:78 src/net_setup.c:95 #, c-format msgid "Error reading RSA public key file `%s': %s" msgstr "Fout tijdens lezen RSA publieke sleutel bestand `%s': %s" -#: src/net_setup.c:109 +#: src/net_setup.c:110 #, c-format msgid "Reading RSA public key file `%s' failed: %s" msgstr "Lezen RSA publieke sleutel bestand `%s' mislukt: %s" -#: src/net_setup.c:145 +#: src/net_setup.c:146 #, c-format msgid "No public key for %s specified!" msgstr "Geen publieke sleutel bekend voor %s gespecificeerd!" -#: src/net_setup.c:160 +#: src/net_setup.c:161 msgid "PrivateKey used but no PublicKey found!" msgstr "PrivateKey gebruikt maar geen PublicKey gevonden!" -#: src/net_setup.c:179 +#: src/net_setup.c:180 #, c-format msgid "Error reading RSA private key file `%s': %s" msgstr "Fout tijdens lezen RSA privé sleutel bestand `%s': %s" -#: src/net_setup.c:187 +#: src/net_setup.c:188 #, c-format msgid "Could not stat RSA private key file `%s': %s'" msgstr "Kon gegevens RSA privé sleutel bestand `%s' niet opvragen: %s" -#: src/net_setup.c:194 +#: src/net_setup.c:195 #, c-format msgid "Warning: insecure file permissions for RSA private key file `%s'!" msgstr "" "Waarschuwing: onveilige permissies voor RSA privé sleutel bestand `%s'!" -#: src/net_setup.c:201 +#: src/net_setup.c:202 #, c-format msgid "Reading RSA private key file `%s' failed: %s" msgstr "Fout tijdens lezen RSA privé sleutel bestand `%s': %s" -#: src/net_setup.c:231 src/net_setup.c:232 +#: src/net_setup.c:232 src/net_setup.c:233 msgid "MYSELF" msgstr "MIJZELF" -#: src/net_setup.c:238 +#: src/net_setup.c:239 msgid "Name for tinc daemon required!" msgstr "Naam voor tinc daemon verplicht!" -#: src/net_setup.c:243 +#: src/net_setup.c:244 msgid "Invalid name for myself!" msgstr "Ongeldige naam voor mijzelf!" -#: src/net_setup.c:252 +#: src/net_setup.c:253 msgid "Cannot open host configuration file for myself!" msgstr "Kan host configuratie bestand voor mijzelf niet openen!" -#: src/net_setup.c:305 +#: src/net_setup.c:306 msgid "Invalid routing mode!" msgstr "Ongeldige routing modus!" -#: src/net_setup.c:316 +#: src/net_setup.c:317 msgid "PriorityInheritance not supported on this platform" msgstr "PriorityInheritance wordt niet ondersteund op dit platform" -#: src/net_setup.c:324 +#: src/net_setup.c:325 msgid "Bogus maximum timeout!" msgstr "Onzinnige maximum timeout!" -#: src/net_setup.c:338 +#: src/net_setup.c:339 msgid "Invalid address family!" msgstr "Ongeldige adresfamilie!" -#: src/net_setup.c:356 +#: src/net_setup.c:357 msgid "Unrecognized cipher type!" msgstr "Onbekend cipher type!" -#: src/net_setup.c:381 src/protocol_auth.c:194 +#: src/net_setup.c:382 src/protocol_auth.c:194 #, c-format msgid "Error during initialisation of cipher for %s (%s): %s" msgstr "Fout tijdens initialisatie van cipher voor %s (%s): %s" -#: src/net_setup.c:398 +#: src/net_setup.c:399 msgid "Unrecognized digest type!" msgstr "Onbekend digest type!" -#: src/net_setup.c:411 +#: src/net_setup.c:412 msgid "MAC length exceeds size of digest!" msgstr "MAC lengte is groter dan dat van digest!" -#: src/net_setup.c:414 +#: src/net_setup.c:415 msgid "Bogus MAC length!" msgstr "Onzinnige MAC lengte!" -#: src/net_setup.c:428 +#: src/net_setup.c:429 msgid "Bogus compression level!" msgstr "Onzinnig compressieniveau!" -#: src/net_setup.c:500 +#: src/net_setup.c:454 src/net_setup.c:514 src/net_setup.c:525 +#, fuzzy, c-format +msgid "event_add failed: %s" +msgstr "Ontvangst pakket mislukt: %s" + +#: src/net_setup.c:534 #, c-format msgid "Listening on %s" msgstr "Luisterend op %s" -#: src/net_setup.c:511 +#: src/net_setup.c:545 msgid "Ready" msgstr "Gereed" -#: src/net_setup.c:513 +#: src/net_setup.c:547 msgid "Unable to create any listening socket!" msgstr "Kon geen enkele luistersocket aanmaken!" @@ -529,12 +539,12 @@ msgstr "Geen adres gespecificeerd voor %s" msgid "Accepting a new connection failed: %s" msgstr "Aanname van nieuwe verbinding is mislukt: %s" -#: src/net_socket.c:418 +#: src/net_socket.c:417 #, c-format msgid "Connection from %s" msgstr "Verbinding van %s" -#: src/net_socket.c:443 +#: src/net_socket.c:440 #, c-format msgid "Invalid name for outgoing connection in %s line %d" msgstr "Ongeldige naam voor uitgaande verbinding in %s regel %d" @@ -1002,10 +1012,15 @@ msgid "mlockall() not supported on this platform!" msgstr "mlockall() wordt niet ondersteund op dit platform!" #: src/tincd.c:466 +#, fuzzy +msgid "Error initializing libevent!" +msgstr "Fout tijdens initialiseren LZO compressor!" + +#: src/tincd.c:471 msgid "Error initializing LZO compressor!" msgstr "Fout tijdens initialiseren LZO compressor!" -#: src/tincd.c:507 +#: src/tincd.c:512 msgid "Terminating" msgstr "Beëindigen" @@ -1129,56 +1144,56 @@ msgstr "Kon pid bestand %s niet schrijven: %s\n" msgid "tincd %s (%s %s) starting, debug level %d" msgstr "tincd %s (%s %s) start, debug niveau %d" -#: src/process.c:385 +#: src/process.c:387 #, c-format msgid "Executing script %s" msgstr "Uitvoeren script %s" -#: src/process.c:415 +#: src/process.c:417 #, c-format msgid "Script %s exited with non-zero status %d" msgstr "Script %s beëindigde met status %d" -#: src/process.c:420 +#: src/process.c:422 #, c-format msgid "Script %s was killed by signal %d (%s)" msgstr "Script %s was gestopt door signaal %d (%s)" -#: src/process.c:424 +#: src/process.c:426 #, c-format msgid "Script %s terminated abnormally" msgstr "Script %s abnormaal beëindigd" -#: src/process.c:444 src/process.c:453 src/process.c:494 src/process.c:500 -#: src/process.c:518 +#: src/process.c:446 src/process.c:455 src/process.c:496 src/process.c:502 +#: src/process.c:520 #, c-format msgid "Got %s signal" msgstr "Kreeg %s signaal" -#: src/process.c:462 +#: src/process.c:464 #, c-format msgid "Got another fatal signal %d (%s): not restarting." msgstr "Kreeg nog een fataal signaal %d (%s): geen herstart." -#: src/process.c:471 +#: src/process.c:473 #, c-format msgid "Got fatal signal %d (%s)" msgstr "Kreeg fataal signaal %d (%s)" -#: src/process.c:475 +#: src/process.c:477 msgid "Trying to re-execute in 5 seconds..." msgstr "Poging tot herstarten over 5 seconden..." -#: src/process.c:487 +#: src/process.c:489 msgid "Not restarting." msgstr "Geen herstart." -#: src/process.c:503 +#: src/process.c:505 #, c-format msgid "Reverting to old debug level (%d)" msgstr "Herstellen van oud debug niveau (%d)" -#: src/process.c:509 +#: src/process.c:511 #, c-format msgid "" "Temporarily setting debug level to 5. Kill me with SIGINT again to go back " @@ -1187,17 +1202,17 @@ msgstr "" "Tijdelijk instellen debug niveau op 5. Zend nog een SIGINT signaal om niveau " "%d te herstellen." -#: src/process.c:542 +#: src/process.c:544 #, c-format msgid "Got unexpected signal %d (%s)" msgstr "Kreeg onverwacht signaal %d (%s)" -#: src/process.c:548 +#: src/process.c:550 #, c-format msgid "Ignored signal %d (%s)" msgstr "Signaal %d (%s) genegeerd" -#: src/process.c:602 +#: src/process.c:604 #, c-format msgid "Installing signal handler for signal %d (%s) failed: %s\n" msgstr "Installeren van signaal afhandelaar voor signaal %d (%s) faalde: %s\n" diff --git a/src/tincd.c b/src/tincd.c index c0c12add..cb86cd8b 100644 --- a/src/tincd.c +++ b/src/tincd.c @@ -104,6 +104,7 @@ static void usage(bool status) " -L, --mlock Lock tinc into main memory.\n" " --logfile[=FILENAME] Write log entries to a logfile.\n" " --controlsocket=FILENAME Open control socket at FILENAME.\n" + " --bypass-security Disables meta protocol security, for debugging.\n" " --help Display this help and exit.\n" " --version Output version information and exit.\n\n")); printf(_("Report bugs to tinc@tinc-vpn.org.\n")); -- 2.20.1