Apply patch from Scott Lamb: Update documentation to match tincctl changes

2007-09-04 15:06:35 +00:00 · 2007-09-04 15:06:35 +00:00 · 6c453769fd
commit 6c453769fd
parent 86358fabfe
5 changed files with 192 additions and 105 deletions
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@ -2,11 +2,11 @@

 info_TEXINFOS = tinc.texi

-man_MANS = tincd.8 tinc.conf.5
+man_MANS = tincd.8 tincctl.8 tinc.conf.5

-EXTRA_DIST = tincinclude.texi.in tincd.8.in tinc.conf.5.in sample-config.tar.gz
+EXTRA_DIST = tincinclude.texi.in tincd.8.in tincctl.8.in tinc.conf.5.in sample-config.tar.gz

-CLEANFILES = *.html tinc.info tincd.8 tinc.conf.5 tincinclude.texi
+CLEANFILES = *.html tinc.info tincd.8 tincctl.8 tinc.conf.5 tincinclude.texi

 # Use `ginstall' in the definition of man_MANS to avoid
 # confusion with the `install' target.  The install rule transforms `ginstall'
@ -25,6 +25,9 @@ texi2html: tinc.texi
 tincd.8.html: tincd.8
 	w3mman2html $< > $@

+tincctl.8.html: tincctl.8
+	w3mman2html $< > $@
+
 tinc.conf.5.html: tinc.conf.5
 	w3mman2html $< > $@

@ -37,6 +40,9 @@ substitute = sed \
 tincd.8: tincd.8.in
 	$(substitute) tincd.8.in > tincd.8

+tincctl.8: tincctl.8.in
+	$(substitute) tincctl.8.in > tincctl.8
+
 tinc.conf.5: tinc.conf.5.in
 	$(substitute) tinc.conf.5.in > tinc.conf.5

--- a/doc/tinc.texi
+++ b/doc/tinc.texi
@ -71,6 +71,7 @@ permission notice identical to this one.
 * Installation::
 * Configuration::
 * Running tinc::
+* Controlling tinc::
 * Technical information::
 * Platform specific information::
 * About us::
@ -981,7 +982,7 @@ accidental eavesdropping if you are editting the configuration file.
@cindex PrivateKeyFile
@item PrivateKeyFile = <@var{path}> (@file{@value{sysconfdir}/tinc/@var{netname}/rsa_key.priv})
 This is the full path name of the RSA private key file that was
-generated by @samp{tincd --generate-keys}.  It must be a full path, not a
+generated by @samp{tincctl generate-keys}.  It must be a full path, not a
 relative directory.

 Note that there must be exactly one of PrivateKey
@ -1053,7 +1054,7 @@ This is the RSA public key for this host.
@cindex PublicKeyFile
@item PublicKeyFile = <@var{path}> [obsolete]
 This is the full path name of the RSA public key file that was generated
-by @samp{tincd --generate-keys}.  It must be a full path, not a relative
+by @samp{tincctl generate-keys}.  It must be a full path, not a relative
 directory.

@cindex PEM format
@ -1230,7 +1231,7 @@ Now that you have already created the main configuration file and your host conf
 you can easily create a public/private keypair by entering the following command:

@example
-tincd -n @var{netname} -K
+tincctl -n @var{netname} generate-keys
@end example

 Tinc will generate a public and a private key and ask you where to put them.
@ -1459,7 +1460,7 @@ Address = 4.5.6.7
 A, B, C and D all have generated a public/private keypair with the following command:

@example
-tincd -n company -K
+tincctl -n company generate-keys
@end example

 The private key is stored in @file{@value{sysconfdir}/tinc/company/rsa_key.priv},
@ -1525,20 +1526,12 @@ This will also disable the automatic restart mechanism for fatal errors.
 Set debug level to @var{level}.  The higher the debug level, the more gets
 logged.  Everything goes via syslog.

-@item -k, --kill[=@var{signal}]
-Attempt to kill a running tincd (optionally with the specified @var{signal} instead of SIGTERM) and exit.
-Use it in conjunction with the -n option to make sure you kill the right tinc daemon.
-Under native Windows the optional argument is ignored,
-the service will always be stopped and removed.
-
@item -n, --net=@var{netname}
 Use configuration for net @var{netname}. @xref{Multiple networks}.

-@item -K, --generate-keys[=@var{bits}]
-Generate public/private keypair of @var{bits} length. If @var{bits} is not specified,
-1024 is the default. tinc will ask where you want to store the files,
-but will default to the configuration directory (you can use the -c or -n option
-in combination with -K). After that, tinc will quit.
+@item --controlsocket=@var{filename}
+Open control socket at @var{filename}. If unspecified, the default is
+@file{@value{localstatedir}/run/tinc.@var{netname}.control}.

@item -L, --mlock
 Lock tinc into main memory.
@ -1548,9 +1541,6 @@ This will prevent sensitive data like shared private keys to be written to the s
 Write log entries to a file instead of to the system logging facility.
 If @var{file} is omitted, the default is @file{@value{localstatedir}/log/tinc.@var{netname}.log}.

-@item --pidfile=@var{file}
-Write PID to @var{file} instead of @file{@value{localstatedir}/run/tinc.@var{netname}.pid}.
-
@item --bypass-security
 Disables encryption and authentication.
 Only useful for debugging.
@ -1792,6 +1782,97 @@ Be sure to include the following information in your bugreport:
@item The output of any command that fails to work as it should (like ping or traceroute).
@end itemize

+@c ==================================================================
+@node    Controlling tinc
+@chapter Controlling tinc
+
+You can control and inspect a running @samp{tincd} through the @samp{tincctl}
+command. A quick example:
+
+@example
+tincctl -n @var{netname} reload
+@end example
+
+@menu
+* tincctl runtime options::
+* tincctl commands::
+@end menu
+
+
+@c ==================================================================
+@node    tincctl runtime options
+@section tincctl runtime options
+
+@c from the manpage
+@table @option
+@item -c, --config=@var{path}
+Read configuration options from the directory @var{path}.  The default is
+@file{@value{sysconfdir}/tinc/@var{netname}/}.
+
+@item -n, --net=@var{netname}
+Use configuration for net @var{netname}. @xref{Multiple networks}.
+
+@item --controlsocket=@var{filename}
+Open control socket at @var{filename}. If unspecified, the default is
+@file{@value{localstatedir}/run/tinc.@var{netname}.control}.
+
+@item --help
+Display a short reminder of runtime options and commands, then terminate.
+
+@item --version
+Output version information and exit.
+
+@end table
+
+
+@c ==================================================================
+@node    tincctl commands
+@section tincctl commands
+
+@c from the manpage
+@table @code
+
+@item start
+Start @samp{tincd}.
+
+@item stop
+Stop @samp{tincd}.
+
+@item restart
+Restart @samp{tincd}.
+
+@item reload
+Partially rereads configuration files. Connections to hosts whose host
+config files are removed are closed. New outgoing connections specified
+in @file{tinc.conf} will be made.
+
+@item pid
+Shows the PID of the currently running @samp{tincd}.
+
+@item generate-keys [@var{bits}]
+Generate public/private keypair of @var{bits} length. If @var{bits} is not specified,
+1024 is the default. tinc will ask where you want to store the files,
+but will default to the configuration directory (you can use the -c or -n
+option).
+
+@item dump nodes
+Dump a list of all known nodes in the VPN.
+
+@item dump edges
+Dump a list of all known connections in the VPN.
+
+@item dump subnets
+Dump a list of all known subnets in the VPN.
+
+@item dump connections
+Dump a list of all meta connections with ourself.
+
+@item dump graph
+Dump a graph of the VPN in dotty format.
+
+@end table
+
+
@c ==================================================================
@node    Technical information
@chapter Technical information
--- a/doc/tincd.8.in
+++ b/doc/tincd.8.in
@ -8,16 +8,13 @@
 .Nd tinc VPN daemon
 .Sh SYNOPSIS
 .Nm
-.Op Fl cdDkKnL
+.Op Fl cdDKnL
 .Op Fl -config Ns = Ns Ar DIR
 .Op Fl -no-detach
 .Op Fl -debug Ns Op = Ns Ar LEVEL
-.Op Fl -kill Ns Op = Ns Ar SIGNAL
 .Op Fl -net Ns = Ns Ar NETNAME
-.Op Fl -generate-keys Ns Op = Ns Ar BITS
 .Op Fl -mlock
 .Op Fl -logfile Ns Op = Ns Ar FILE
-.Op Fl -pidfile Ns = Ns Ar FILE
 .Op Fl -bypass-security
 .Op Fl -help
 .Op Fl -version
@ -51,24 +48,9 @@ If not mentioned otherwise, this will show log messages on the standard error ou
 Increase debug level or set it to
 .Ar LEVEL
 (see below).
-.It Fl k, -kill Ns Op = Ns Ar SIGNAL
-Attempt to kill a running
-.Nm
-(optionally with the specified
-.Ar SIGNAL
-instead of SIGTERM) and exit.
-Under Windows (not Cygwin) the optional argument is ignored,
-the service will always be stopped and removed.
 .It Fl n, -net Ns = Ns Ar NETNAME
 Connect to net
 .Ar NETNAME .
-.It Fl K, -generate-keys Ns Op = Ns Ar BITS
-Generate public/private RSA keypair and exit.
-If
-.Ar BITS
-is omitted, the default length will be 1024 bits.
-When saving keys to existing files, tinc will not delete the old keys,
-you have to remove them manually.
 .It Fl L, -mlock
 Lock tinc into main memory.
 This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
@ -78,12 +60,13 @@ If
 .Ar FILE
 is omitted, the default is
 .Pa @localstatedir@/log/tinc. Ns Ar NETNAME Ns Pa .log.
-.It Fl -pidfile Ns = Ns Ar FILE
-Write PID to
+.It Fl -controlsocket Ns = Ns Ar FILENAME
+Open control socket at
+.Ar FILENAME .
+If
 .Ar FILE
-instead of
-.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid.
-Under Windows this option will be ignored.
+is omitted, the default is
+.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .control.
 .It Fl -bypass-security
 Disables encryption and authentication of the meta protocol.
 Only useful for debugging.
@ -167,6 +150,7 @@ If you find any bugs, report them to tinc@tinc-vpn.org.
 .Sh TODO
 A lot, especially security auditing.
 .Sh SEE ALSO
+.Xr tincctl 8 ,
 .Xr tinc.conf 5 ,
 .Pa http://www.tinc-vpn.org/ ,
 .Pa http://www.cabal.org/ .