From: Sebastian Harl Date: Sun, 1 Feb 2015 17:44:54 +0000 (+0100) Subject: sysdb(1), sysdbd(1): Document client authentication. X-Git-Tag: sysdb-0.7.0~13 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=2a77f65fe90397f95f6f83fa394e7c1ee304b09e;p=sysdb.git sysdb(1), sysdbd(1): Document client authentication. --- diff --git a/doc/Makefile.am b/doc/Makefile.am index af7962b..b795d62 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -9,6 +9,7 @@ EXTRA_DIST = \ sysdb.1.txt \ sysdbd.1.txt \ sysdbd.conf.5.txt \ + sysdb-auth.txt \ sysdb-description.txt \ sysdbd-cname-dns.5.txt \ sysdbd-collectd-unixsock.5.txt \ @@ -93,8 +94,8 @@ ADOC_FLAGS = \ MAN_DEPS = asciidoc.conf ../version -sysdb.1.xml: sysdb.1.txt $(MAN_DEPS) -sysdbd.1.xml: sysdbd.1.txt $(MAN_DEPS) +sysdb.1.xml: sysdb.1.txt sysdb-auth.txt $(MAN_DEPS) +sysdbd.1.xml: sysdbd.1.txt sysdb-auth.txt $(MAN_DEPS) sysdbd.conf.5.xml: sysdbd.conf.5.txt $(MAN_DEPS) sysdbd-cname-dns.5.xml: sysdbd-cname-dns.5.txt $(MAN_DEPS) sysdbd-collectd-unixsock.5.xml: sysdbd-collectd-unixsock.5.txt $(MAN_DEPS) @@ -119,8 +120,8 @@ sysdbd-timeseries-rrdtool.5: sysdbd-timeseries-rrdtool.5.xml sysdb.7: sysdb.7.xml sysdbql.7: sysdbql.7.xml -sysdb.1.html: sysdb.1.txt $(MAN_DEPS) -sysdbd.1.html: sysdbd.1.txt $(MAN_DEPS) +sysdb.1.html: sysdb.1.txt sysdb-auth.txt $(MAN_DEPS) +sysdbd.1.html: sysdbd.1.txt sysdb-auth.txt $(MAN_DEPS) sysdbd.conf.5.html: sysdbd.conf.5.txt $(MAN_DEPS) sysdbd-cname-dns.5.html: sysdbd-cname-dns.5.txt $(MAN_DEPS) sysdbd-collectd-unixsock.5.html: sysdbd-collectd-unixsock.5.txt $(MAN_DEPS) @@ -129,8 +130,8 @@ sysdbd-mk-livestatus.5.html: sysdbd-mk-livestatus.5.txt $(MAN_DEPS) sysdbd-puppet-store-configs.5.html: sysdbd-puppet-store-configs.5.txt $(MAN_DEPS) sysdbd-syslog.5.html: sysdbd-syslog.5.txt $(MAN_DEPS) sysdbd-timeseries-rrdtool.5.html: sysdbd-timeseries-rrdtool.5.txt $(MAN_DEPS) -sysdb.7.html: sysdb.7.txt sysdb-description.txt $(MAN_DEPS) -sysdbql.7.html: sysdbql.7.txt sysdb-description.txt $(MAN_DEPS) +sysdb.7.html: sysdb.7.txt sysdb-auth.txt sysdb-description.txt $(MAN_DEPS) +sysdbql.7.html: sysdbql.7.txt sysdb-auth.txt sysdb-description.txt $(MAN_DEPS) html-local: $(html_DATA) install-html-local: install-htmlDATA diff --git a/doc/sysdb-auth.txt b/doc/sysdb-auth.txt new file mode 100644 index 0000000..2105f9b --- /dev/null +++ b/doc/sysdb-auth.txt @@ -0,0 +1,18 @@ +SysDB requires all client connections to a database server to be +authenticated. The following authentication mechanism are supported at this +time: + +*Peer authentication for UNIX domain socket connections*:: + Connections via UNIX domain sockets are authenticated by obtaining the + client's operating system user name from the kernel. The name has to match + the username used to connect to the server. + +*SSL certificate authentication for TCP connection*:: + SSL client certificates will be used to authenticate TCP connections. The + 'cn' (common name) attribute of the certificate has to match the username + used to connect to the server. + Note that full client and server verification is currently enforced on all + TCP connections. + +// vim: set tw=78 sw=4 ts=4 noexpandtab spell spelllang=en_us : + diff --git a/doc/sysdb.1.txt b/doc/sysdb.1.txt index 33a561d..ce73dbe 100644 --- a/doc/sysdb.1.txt +++ b/doc/sysdb.1.txt @@ -61,6 +61,11 @@ General options: *-V*:: Display the version number and copyright information. +AUTHENTICATION +-------------- + +include::sysdb-auth.txt[] + EXIT CODES ---------- *0*:: diff --git a/doc/sysdbd.1.txt b/doc/sysdbd.1.txt index 443927f..6bf4b96 100644 --- a/doc/sysdbd.1.txt +++ b/doc/sysdbd.1.txt @@ -41,6 +41,11 @@ OPTIONS *-V*:: Display the version number and copyright information. +CLIENT AUTHENTICATION +--------------------- + +include::sysdb-auth.txt[] + FILES -----