| blob | 8378a2849af304e86af8ea1d8a8066da0068799f |
1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html401/loose.dtd">
2 <html>
3 <!-- Created on February 27, 2013 by texi2html 1.82
4 texi2html was written by:
5 Lionel Cons <Lionel.Cons@cern.ch> (original author)
6 Karl Berry <karl@freefriends.org>
7 Olaf Bachmann <obachman@mathematik.uni-kl.de>
8 and many others.
9 Maintained by: Many creative people.
10 Send bugs and suggestions to <texi2html-bug@nongnu.org>
11 -->
12 <head>
22 <!--
36 -->
37 </style>
40 </head>
46 <tr><td valign="middle" align="left">[<a href="#Top" title="Cover (top) of document">Top</a>]</td>
47 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
50 </tr></table>
55 <tr><td align="left" valign="top"><a href="#Introduction">1. Overview of <code>pwmd</code></a></td><td> </td><td align="left" valign="top"> Overview of pwmd.
56 </td></tr>
57 <tr><td align="left" valign="top"><a href="#Invoking">2. Invoking <code>pwmd</code></a></td><td> </td><td align="left" valign="top"> Command line options.
58 </td></tr>
59 <tr><td align="left" valign="top"><a href="#Configuration">3. <code>pwmd</code> configuration file options</a></td><td> </td><td align="left" valign="top"> Configuration file options.
60 </td></tr>
61 <tr><td align="left" valign="top"><a href="#Commands">6. Protocol commands and their syntax</a></td><td> </td><td align="left" valign="top"> Protocol commands.
62 </td></tr>
63 <tr><td align="left" valign="top"><a href="#Status-Messages">37. Status messages and their meanings</a></td><td> </td><td align="left" valign="top"> Status lines and their meaning.
64 </td></tr>
65 <tr><td align="left" valign="top"><a href="#Target-Attribute">38. The <code>target</code> attribute</a></td><td> </td><td align="left" valign="top"> A kind of symbolic link.
66 </td></tr>
67 <tr><td align="left" valign="top"><a href="#Signals">39. Recognized signals</a></td><td> </td><td align="left" valign="top"> Signals known to pwmd.
68 </td></tr>
69 <tr><td align="left" valign="top"><a href="#Concept-Index">Concept Index</a></td><td> </td><td align="left" valign="top"> Index of concepts.
70 </td></tr>
71 </table>
76 <tr><td valign="middle" align="left">[<a href="#Top" title="Previous section in reading order"> < </a>]</td>
77 <td valign="middle" align="left">[<a href="#Invoking" title="Next section in reading order"> > </a>]</td>
87 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
90 </tr></table>
100 applications connect to and send commands to store and retrieve data
102 </p>
103 <p>The server uses the Assuan protocol (See <a href="assuan.html#Implementation">(assuan)Implementation</a>) which
107 </p>
110 </p>
112 <!DOCTYPE pwmd [
115 ]>
116 </pre></td></tr></table>
120 whose value uniquely identifies the element at the current element tree depth.
123 since the <abbr>URI</abbr> contains a ‘<samp>:</samp>’ which is also the <abbr>XML</abbr>
124 namespace separator.
125 </p>
126 <p>As mentioned, an element name must be unique for the current element tree
129 path</em> at the first match then continue searching for the next element of the
130 element path beginning at the child node of the matched element.
131 </p>
135 </p>
140 [... element value or content ...]
145 </pre></td></tr></table>
147 <p>The only restriction of an element name is that it contain no whitespace
149 reserved for the <code>target</code> attribute. See section <a href="#Target-Attribute">The <code>target</code> attribute</a>.
150 </p>
154 <tr><td valign="middle" align="left">[<a href="#Introduction" title="Previous section in reading order"> < </a>]</td>
155 <td valign="middle" align="left">[<a href="#Configuration" title="Next section in reading order"> > </a>]</td>
157 <td valign="middle" align="left">[<a href="#Introduction" title="Beginning of this chapter or previous chapter"> << </a>]</td>
159 <td valign="middle" align="left">[<a href="#Configuration" title="Next chapter"> >> </a>]</td>
165 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
168 </tr></table>
176 generation, decryption, signing and caching of passphrases as the
177 default rather than symmetrically encrypted data files.
182 connections.
183 </p>
186 cache pushing on startup. It is also recommended to pass the
187 ‘<samp>--allow-loopback-pinentry</samp>’ to <code>gpg-agent</code>. This option allows
189 unavailable to the client.
190 </p>
193 </p>
194 <table><tr><td> </td><td><pre class="example">pwmd <var>options</var> [ file1 ] [ … ]
195 </pre></td></tr></table>
197 <p>Non-option arguments are data files to cache on startup. When the data file
200 environment variable is set.
201 </p>
204 <p>The following command line options are supported:
205 </p>
209 <dd><p>The root directory where pwmd will store its data and temporary files. The
211 </p>
212 </dd>
214 <dd><p>Specify an alternate configuration file. The default is
216 </p>
217 </dd>
220 encrypted with a keypair. Files previously handled by
222 able to be opened and new data files are symmetrically or conventionally
223 encrypted and without a public and private key. If
224 specified, both data file types are supported.
225 </p>
226 </dd>
229 the <code>pwmd</code> <abbr>DTD</abbr> (see section <a href="#Introduction">Overview of <code>pwmd</code></a>). You
230 will be prompted for a passphrase to encrypt with. The output is written to
233 </p>
234 </dd>
236 <dd><p>The key parameters to use when generating a new key pair while importing an
238 must be a valid S-expression (See <a href="gcrypt.html#S_002dexpressions">(gcrypt)S-expressions</a>).
239 </p>
240 </dd>
242 <dd><p>Specifies the hexadecimal encoded public key-grip to use for encryption when
243 importing or converting. When not specified a new key-pair will be created.
244 </p>
245 </dd>
247 <dd><p>Specifies the hexadecimal encoded public key-grip to use for signing of the
248 data file when importing or converting. When not specified the generated
250 used.
251 </p>
252 </dd>
254 <dd><p>Obtain the passphrase from the specified filename.
255 </p>
256 </dd>
258 <dd><p>The number of times to hash the passphrase when importing or converting. The
259 default is the gpg-agent calibrated value of the machine. When less than
261 </p>
262 </dd>
266 </p>
267 </dd>
270 configuration parameter (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>) for available ciphers. The
272 </p>
273 </dd>
276 data file. If encrypted, you will be prompted for a passphrase to use for
277 decryption unless ‘<samp>--passphrase-file</samp>’ was specified. The converted data
280 </p>
281 </dd>
283 <dd><p>Disable the <code>XPATH</code>, <code>XPATHATTR</code>, <code>LIST</code> and <code>DUMP</code>
284 protocol commands (see section <a href="#Commands">Protocol commands and their syntax</a>). This overrides any
285 <var>disable_list_and_dump</var> configuration parameter (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>).
286 </p>
287 </dd>
289 <dd><p>Run as a foreground process and do not fork into the background.
290 </p>
291 </dd>
294 if an error occurred do to an invalid passphrase or other error.
295 </p>
296 </dd>
298 <dd><p>Output libassuan See <a href="assuan.html#Top">(assuan)Top</a> protocol IO with the comma
300 <code>ctx</code>, <code>engine</code>, <code>data</code>, <code>sysio</code> and <code>control</code>.
301 </p>
302 </dd>
304 <dd><p>Show the version, copyright and compile time features and exit.
305 </p>
306 </dd>
308 <dd><p>Print a summary of options.
309 </p></dd>
310 </dl>
316 <tr><td valign="middle" align="left">[<a href="#Invoking" title="Previous section in reading order"> < </a>]</td>
317 <td valign="middle" align="left">[<a href="#TLS" title="Next section in reading order"> > </a>]</td>
319 <td valign="middle" align="left">[<a href="#Invoking" title="Beginning of this chapter or previous chapter"> << </a>]</td>
327 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
330 </tr></table>
335 <p>If no configuration file is specified with the <code>pwmd</code> ‘<samp>-f</samp>’
337 exists, and if not, will use defaults. Blank lines and lines beginning with
338 ‘<samp>#</samp>’ are ignored. Some parameters may have data file specific settings by
339 placing them in a file section. A file section is declared by surrounding the
341 specified in a ‘<samp>[global]</samp>’ section and are the default options for new or
342 unspecified files.
343 </p>
345 when contained in a parameter whose value is a filename.
346 </p>
350 </p>
353 </p>
357 </p>
358 </dd>
360 <dd><p>Permissions to set after creating the socket. This will override any
362 </p>
363 </dd>
365 <dd><p>A comma separated list of local user names or group names allowed to connect
366 to the socket. Groups should be prefixed with a ‘<samp>@</samp>’. When not specified
367 only the invoking user may connect.
368 </p>
369 </dd>
372 will use more physical memory but may also be more secure since no swapping to
374 </p>
375 </dd>
377 <dd><p>Logs informational messages to the specified file. The default is
379 </p>
380 </dd>
383 </p>
384 </dd>
388 </p>
389 </dd>
394 </p>
395 </dd>
397 <dd><p>When true, enable <code>gpg-agent</code> support (see section <a href="#Invoking">Invoking <code>pwmd</code></a>).
398 </p>
399 </dd>
403 option.
404 </p>
405 </dd>
407 <dd><p>Kill <code>scdaemon</code> after each <code>OPEN</code> (see section <a href="#OPEN">OPEN command</a>) or <code>SAVE</code>
409 </p>
410 </dd>
412 <dd><p>When <code>true</code>, the <code>XPATH</code>, <code>XPATHATTR</code>, <code>LIST</code> and
413 <code>DUMP</code> protocol commands (see section <a href="#Commands">Protocol commands and their syntax</a>) will be disabled.
414 </p>
415 </dd>
417 <dd><p>A comma separated list of filenames that will be pushed into the file cache
420 matching file section.
421 </p>
422 </dd>
424 <dd><p>The priority, or niceness, of the server. The default is inherited from the
425 parent process.
426 </p>
427 </dd>
429 <dd><p>The default cipher to use for data encryption. The algorithm must be one of:
435 </p>
436 </dd>
438 <dd><p>The number of times to encrypt the XML data. This differs from the
441 still done.
442 </p>
443 </dd>
445 <dd><p>Send a progress message to the client after the specified amount of encryption
446 or decryption iterations have been done. The default is 2000.
447 </p>
448 </dd>
450 <dd><p>The default algorithm to use when generating a new key-pair. The default is
452 </p>
453 </dd>
455 <dd><p>The default number of bits to use when generating a new key-pair. The default
457 </p>
458 </dd>
462 is specified at compile time.
463 </p>
464 </dd>
466 <dd><p>The number of seconds to wait for a pinentry before giving up and
467 returning an error. This timeout value is used for both waiting for
468 another pinentry to complete and for the pinentry waiting for user input.
469 </p></dd>
470 </dl>
473 <p>The following options are defaults for new files when specified in the
475 specific to that data file only.
476 </p>
479 <dd><p>Whether to create a backup of the data file when saving. The backup filename
482 </p>
483 </dd>
487 <code>OPEN</code>ed (see section <a href="#OPEN">OPEN command</a>) a passphrase will be required. The default
489 </p>
490 </dd>
493 status message (see section <a href="#Status-Messages">Status messages and their meanings</a>) after the specified number of bytes
496 </p>
497 </dd>
499 <dd><p>The passphrase to use for this file. If specified in the ‘<samp>global</samp>’ section
500 then ‘<samp>global</samp>’ is treated as a data filename and not a default for other
501 files. Note that if a client changes the passphrase for this data file then
502 this value is not modified and will need to be updated.
503 </p>
504 </dd>
507 the specified filename.
508 </p>
509 </dd>
512 element in an element path (see section <a href="#Target-Attribute">The <code>target</code> attribute</a>). An error is returned
515 </p>
516 </dd>
517 </dl>
519 <tr><td align="left" valign="top"><a href="#TLS">4. Configuring remote connections over TLS.</a></td><td> </td><td align="left" valign="top"> Remote connections over TLS.
520 </td></tr>
521 <tr><td align="left" valign="top"><a href="#Pinentry">5. Pinentry configuration</a></td><td> </td><td align="left" valign="top"> Configuration file and defaults.
522 </td></tr>
523 </table>
528 <tr><td valign="middle" align="left">[<a href="#Configuration" title="Previous section in reading order"> < </a>]</td>
529 <td valign="middle" align="left">[<a href="#Pinentry" title="Next section in reading order"> > </a>]</td>
531 <td valign="middle" align="left">[<a href="#Configuration" title="Beginning of this chapter or previous chapter"> << </a>]</td>
539 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
542 </tr></table>
546 Authentication is done by using X509 client certificates that are signed with
548 </p>
550 ‘<tt>~/.pwmd/ca-cert.pem</tt>’ while the <code>pwmd</code> server certificate and key
553 </p>
555 on creating self-signed certificates.
556 </p>
557 <p>The following TLS configuration options are available:
558 </p>
561 <dd><p>Whether to enable TCP/TLS server support. If enabled, both TCP and the local
562 unix domain socket will listen for connections. The default is
564 </p>
565 </dd>
567 <dd><p>The TCP port to listen on when <var>enable_tcp</var> is <code>true</code>. The default is
569 </p>
570 </dd>
572 <dd><p>The internet protocol to listen with. Must be one of <code>ipv4</code>, <code>ipv6</code>
574 </p>
575 </dd>
577 <dd><p>Only useful if running as root.
578 </p>
579 </dd>
581 <dd><p>The number of seconds to wait for a read() or write() call on a
584 </p>
585 <p>Note that the <code>SAVE</code> command (see section <a href="#SAVE">SAVE command</a>) may take a longer time
586 to complete than other commands since key generation may need to be done
588 </p>
589 </dd>
591 <dd><p>Send a keepalive status message to an idle remote client. An idle
592 client is one who is not in a command. The purpose of this status
593 message is to disconnect a hung remote client and release any file mutex
594 locks so another client may open the same data file.
595 </p>
596 </dd>
599 format that will be allowed to connect or open a file. If prefixed with
601 found by itself in the list it is treated as a default for remaining
603 allows access.
604 </p>
606 fingerprint is matched against the list of allowed fingerprints in the
607 ‘<samp>global</samp>’ section. When allowed in the ‘<samp>global</samp>’ section the
609 (see section <a href="#OPEN">OPEN command</a>) a data file. During the <code>OPEN</code> command the
612 </p>
613 </dd>
616 to open a data file even if the file is cached. Note that the cache entry is
617 cleared during the see section <a href="#OPEN">OPEN command</a> command and the passphrase will be retrieved
621 </p>
622 </dd>
626 </p>
627 </dd>
629 <dd><p>The GnuTLS cipher suite and protocol to use. See the GnuTLS documentation for
631 </p></dd>
632 </dl>
637 <tr><td valign="middle" align="left">[<a href="#TLS" title="Previous section in reading order"> < </a>]</td>
638 <td valign="middle" align="left">[<a href="#Commands" title="Next section in reading order"> > </a>]</td>
640 <td valign="middle" align="left">[<a href="#TLS" title="Beginning of this chapter or previous chapter"> << </a>]</td>
648 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
651 </tr></table>
656 input or as a confirmation dialog; it needs to know where to prompt for
657 the input, beit from a terminal or an X11 display.
658 </p>
660 the terminal or X11 display before requiring the input. This is done by
661 using the <code>pwmd</code> see section <a href="#OPTION">OPTION command</a> protocol command. It need be
662 done only once per client connection. To avoid the use of
663 <code>pinentry</code> entirely, use the <code>OPTION</code> (see section <a href="#OPTION">OPTION command</a>)
665 </p>
669 <tr><td valign="middle" align="left">[<a href="#Pinentry" title="Previous section in reading order"> < </a>]</td>
670 <td valign="middle" align="left">[<a href="#AGENT" title="Next section in reading order"> > </a>]</td>
672 <td valign="middle" align="left">[<a href="#Pinentry" title="Beginning of this chapter or previous chapter"> << </a>]</td>
680 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
683 </tr></table>
687 <tr><td align="left" valign="top"><a href="#AGENT">7. AGENT command</a></td><td> </td><td align="left" valign="top">
688 </td></tr>
689 <tr><td align="left" valign="top"><a href="#ATTR">8. ATTR command</a></td><td> </td><td align="left" valign="top">
690 </td></tr>
691 <tr><td align="left" valign="top"><a href="#CACHETIMEOUT">9. CACHETIMEOUT command</a></td><td> </td><td align="left" valign="top">
692 </td></tr>
693 <tr><td align="left" valign="top"><a href="#CLEARCACHE">10. CLEARCACHE command</a></td><td> </td><td align="left" valign="top">
694 </td></tr>
695 <tr><td align="left" valign="top"><a href="#COPY">11. COPY command</a></td><td> </td><td align="left" valign="top">
696 </td></tr>
697 <tr><td align="left" valign="top"><a href="#DELETE">12. DELETE command</a></td><td> </td><td align="left" valign="top">
698 </td></tr>
699 <tr><td align="left" valign="top"><a href="#DUMP">13. DUMP command</a></td><td> </td><td align="left" valign="top">
700 </td></tr>
701 <tr><td align="left" valign="top"><a href="#GET">14. GET command</a></td><td> </td><td align="left" valign="top">
702 </td></tr>
703 <tr><td align="left" valign="top"><a href="#GETCONFIG">15. GETCONFIG command</a></td><td> </td><td align="left" valign="top">
704 </td></tr>
705 <tr><td align="left" valign="top"><a href="#GETINFO">16. GETINFO command</a></td><td> </td><td align="left" valign="top">
706 </td></tr>
707 <tr><td align="left" valign="top"><a href="#HELP">17. HELP command</a></td><td> </td><td align="left" valign="top">
708 </td></tr>
709 <tr><td align="left" valign="top"><a href="#IMPORT">18. IMPORT command</a></td><td> </td><td align="left" valign="top">
710 </td></tr>
711 <tr><td align="left" valign="top"><a href="#ISCACHED">19. ISCACHED command</a></td><td> </td><td align="left" valign="top">
712 </td></tr>
713 <tr><td align="left" valign="top"><a href="#KEYGRIP">20. KEYGRIP command</a></td><td> </td><td align="left" valign="top">
714 </td></tr>
715 <tr><td align="left" valign="top"><a href="#LIST">21. LIST command</a></td><td> </td><td align="left" valign="top">
716 </td></tr>
717 <tr><td align="left" valign="top"><a href="#LOCK">22. LOCK command</a></td><td> </td><td align="left" valign="top">
718 </td></tr>
719 <tr><td align="left" valign="top"><a href="#LS">23. LS command</a></td><td> </td><td align="left" valign="top">
720 </td></tr>
721 <tr><td align="left" valign="top"><a href="#MOVE">24. MOVE command</a></td><td> </td><td align="left" valign="top">
722 </td></tr>
723 <tr><td align="left" valign="top"><a href="#NOP">25. NOP command</a></td><td> </td><td align="left" valign="top">
724 </td></tr>
725 <tr><td align="left" valign="top"><a href="#OPEN">26. OPEN command</a></td><td> </td><td align="left" valign="top">
726 </td></tr>
727 <tr><td align="left" valign="top"><a href="#OPTION">27. OPTION command</a></td><td> </td><td align="left" valign="top">
728 </td></tr>
729 <tr><td align="left" valign="top"><a href="#PASSWD">28. PASSWD command</a></td><td> </td><td align="left" valign="top">
730 </td></tr>
731 <tr><td align="left" valign="top"><a href="#REALPATH">29. REALPATH command</a></td><td> </td><td align="left" valign="top">
732 </td></tr>
733 <tr><td align="left" valign="top"><a href="#RENAME">30. RENAME command</a></td><td> </td><td align="left" valign="top">
734 </td></tr>
735 <tr><td align="left" valign="top"><a href="#RESET">31. RESET command</a></td><td> </td><td align="left" valign="top">
736 </td></tr>
737 <tr><td align="left" valign="top"><a href="#SAVE">32. SAVE command</a></td><td> </td><td align="left" valign="top">
738 </td></tr>
739 <tr><td align="left" valign="top"><a href="#STORE">33. STORE command</a></td><td> </td><td align="left" valign="top">
740 </td></tr>
741 <tr><td align="left" valign="top"><a href="#UNLOCK">34. UNLOCK command</a></td><td> </td><td align="left" valign="top">
742 </td></tr>
743 <tr><td align="left" valign="top"><a href="#XPATH">35. XPATH command</a></td><td> </td><td align="left" valign="top">
744 </td></tr>
745 <tr><td align="left" valign="top"><a href="#XPATHATTR">36. XPATHATTR command</a></td><td> </td><td align="left" valign="top">
746 </td></tr>
747 </table>
751 <tr><td valign="middle" align="left">[<a href="#Commands" title="Previous section in reading order"> < </a>]</td>
752 <td valign="middle" align="left">[<a href="#ATTR" title="Next section in reading order"> > </a>]</td>
754 <td valign="middle" align="left">[<a href="#Commands" title="Beginning of this chapter or previous chapter"> << </a>]</td>
762 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
765 </tr></table>
769 <p>Syntax:
771 </pre></td></tr></table>
775 </p>
780 <tr><td valign="middle" align="left">[<a href="#AGENT" title="Previous section in reading order"> < </a>]</td>
781 <td valign="middle" align="left">[<a href="#CACHETIMEOUT" title="Next section in reading order"> > </a>]</td>
783 <td valign="middle" align="left">[<a href="#AGENT" title="Beginning of this chapter or previous chapter"> << </a>]</td>
785 <td valign="middle" align="left">[<a href="#CACHETIMEOUT" title="Next chapter"> >> </a>]</td>
791 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
794 </tr></table>
798 <p>Syntax:
799 </p><table><tr><td> </td><td><pre class="example">ATTR [--inquire] SET|GET|DELETE|LIST [<attribute>] [!]element[<TAB>[!]child[..]] ..
800 </pre></td></tr></table>
804 <dd>
807 </p>
808 </dd>
810 <dd>
812 </p>
813 </dd>
815 <dd>
816 <p> Retrieves a newline separated list of attributes names and values
817 from the specified element. Each attribute name and value is space delimited.
818 </p>
819 </dd>
821 <dd>
823 </p></dd>
824 </dl>
827 Use the <code>DELETE</code> (see section <a href="#DELETE">DELETE command</a>) or <code>RENAME</code> (see section <a href="#RENAME">RENAME command</a>)
828 commands instead.
829 </p>
831 either storing content, editing attributes or by deleting a child element.
833 path.
834 </p>
837 </p>
838 <p>See section <a href="#Target-Attribute">The <code>target</code> attribute</a>, for details about this special attribute.
839 </p>
844 <tr><td valign="middle" align="left">[<a href="#ATTR" title="Previous section in reading order"> < </a>]</td>
845 <td valign="middle" align="left">[<a href="#CLEARCACHE" title="Next section in reading order"> > </a>]</td>
847 <td valign="middle" align="left">[<a href="#ATTR" title="Beginning of this chapter or previous chapter"> << </a>]</td>
849 <td valign="middle" align="left">[<a href="#CLEARCACHE" title="Next chapter"> >> </a>]</td>
855 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
858 </tr></table>
862 <p>Syntax:
863 </p><table><tr><td> </td><td><pre class="example">CACHETIMEOUT <filename> <seconds>
864 </pre></td></tr></table>
868 the passphrase for each <code>OPEN</code> or <code>SAVE</code> command (see section <a href="#OPEN">OPEN command</a>,
869 see section <a href="#SAVE">SAVE command</a>). See section <a href="#Configuration"><code>pwmd</code> configuration file options</a>, and the <code>cache_timeout</code>
870 parameter.
871 </p>
876 <tr><td valign="middle" align="left">[<a href="#CACHETIMEOUT" title="Previous section in reading order"> < </a>]</td>
877 <td valign="middle" align="left">[<a href="#COPY" title="Next section in reading order"> > </a>]</td>
879 <td valign="middle" align="left">[<a href="#CACHETIMEOUT" title="Beginning of this chapter or previous chapter"> << </a>]</td>
887 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
890 </tr></table>
894 <p>Syntax:
896 </pre></td></tr></table>
899 </p>
904 <tr><td valign="middle" align="left">[<a href="#CLEARCACHE" title="Previous section in reading order"> < </a>]</td>
905 <td valign="middle" align="left">[<a href="#DELETE" title="Next section in reading order"> > </a>]</td>
907 <td valign="middle" align="left">[<a href="#CLEARCACHE" title="Beginning of this chapter or previous chapter"> << </a>]</td>
915 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
918 </tr></table>
922 <p>Syntax:
923 </p><table><tr><td> </td><td><pre class="example">COPY [--inquire] [!]source[<TAB>[!]child[..]] [!]dest[<TAB>[!]child[..]]
924 </pre></td></tr></table>
926 <p>Copies the entire element tree starting from the child node of the source
927 element, to the destination element path. If the destination element path
928 does not exist then it will be created; otherwise it is overwritten.
929 </p>
930 <p>Note that attributes from the source element are merged into the
931 destination element when the destination element path exists. When an
932 attribute of the same name exists in both the source and destination
933 elements then the destination attribute will be updated to the source
934 attribute value.
935 </p>
938 </p>
943 <tr><td valign="middle" align="left">[<a href="#COPY" title="Previous section in reading order"> < </a>]</td>
944 <td valign="middle" align="left">[<a href="#DUMP" title="Next section in reading order"> > </a>]</td>
946 <td valign="middle" align="left">[<a href="#COPY" title="Beginning of this chapter or previous chapter"> << </a>]</td>
954 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
957 </tr></table>
961 <p>Syntax:
962 </p><table><tr><td> </td><td><pre class="example">DELETE [--inquire] [!]element[<TAB>[!]child[..]]
963 </pre></td></tr></table>
965 <p>Removes the specified element path and all of its children. This may break
966 an element with a <code>target</code> attribute (see section <a href="#Target-Attribute">The <code>target</code> attribute</a>) that
967 refers to this element or any of its children.
968 </p>
971 </p>
976 <tr><td valign="middle" align="left">[<a href="#DELETE" title="Previous section in reading order"> < </a>]</td>
977 <td valign="middle" align="left">[<a href="#GET" title="Next section in reading order"> > </a>]</td>
979 <td valign="middle" align="left">[<a href="#DELETE" title="Beginning of this chapter or previous chapter"> << </a>]</td>
987 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
990 </tr></table>
994 <p>Syntax:
996 </pre></td></tr></table>
998 <p>Shows the in memory <abbr>XML</abbr> document with indenting. See section <a href="#XPATH">XPATH command</a>, for
999 dumping a specific node.
1000 </p>
1005 <tr><td valign="middle" align="left">[<a href="#DUMP" title="Previous section in reading order"> < </a>]</td>
1006 <td valign="middle" align="left">[<a href="#GETCONFIG" title="Next section in reading order"> > </a>]</td>
1008 <td valign="middle" align="left">[<a href="#DUMP" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1010 <td valign="middle" align="left">[<a href="#GETCONFIG" title="Next chapter"> >> </a>]</td>
1016 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1019 </tr></table>
1023 <p>Syntax:
1024 </p><table><tr><td> </td><td><pre class="example">GET [--inquire] [!]element[<TAB>[!]child[..]]
1025 </pre></td></tr></table>
1027 <p>Retrieves the content of the specified element. The content is returned
1028 with a data response.
1029 </p>
1030 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1032 </p>
1037 <tr><td valign="middle" align="left">[<a href="#GET" title="Previous section in reading order"> < </a>]</td>
1038 <td valign="middle" align="left">[<a href="#GETINFO" title="Next section in reading order"> > </a>]</td>
1040 <td valign="middle" align="left">[<a href="#GET" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1048 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1051 </tr></table>
1055 <p>Syntax:
1057 </pre></td></tr></table>
1063 set with the <code>OPTION</code> command (see section <a href="#OPTION">OPTION command</a>) will be returned.
1064 </p>
1069 <tr><td valign="middle" align="left">[<a href="#GETCONFIG" title="Previous section in reading order"> < </a>]</td>
1070 <td valign="middle" align="left">[<a href="#HELP" title="Next section in reading order"> > </a>]</td>
1072 <td valign="middle" align="left">[<a href="#GETCONFIG" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1080 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1083 </tr></table>
1087 <p>Syntax:
1088 </p><table><tr><td> </td><td><pre class="example">GETINFO [--data] CACHE | CLIENTS | PID | LAST_ERROR | VERSION
1089 </pre></td></tr></table>
1095 version number and compile-time features with a data response with each
1097 the last failed command when available. See section <a href="#Status-Messages">Status messages and their meanings</a>.
1098 </p>
1100 via a data response rather than a status message.
1101 </p>
1106 <tr><td valign="middle" align="left">[<a href="#GETINFO" title="Previous section in reading order"> < </a>]</td>
1107 <td valign="middle" align="left">[<a href="#IMPORT" title="Next section in reading order"> > </a>]</td>
1109 <td valign="middle" align="left">[<a href="#GETINFO" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1117 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1120 </tr></table>
1124 <p>Syntax:
1126 </pre></td></tr></table>
1128 <p>Show available commands or command specific help text.
1129 </p>
1134 <tr><td valign="middle" align="left">[<a href="#HELP" title="Previous section in reading order"> < </a>]</td>
1135 <td valign="middle" align="left">[<a href="#ISCACHED" title="Next section in reading order"> > </a>]</td>
1137 <td valign="middle" align="left">[<a href="#HELP" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1139 <td valign="middle" align="left">[<a href="#ISCACHED" title="Next chapter"> >> </a>]</td>
1145 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1148 </tr></table>
1152 <p>Syntax:
1153 </p><table><tr><td> </td><td><pre class="example">IMPORT <content>[<TAB>[!]element[<TAB>[!]child[..]]]
1154 </pre></td></tr></table>
1157 </p>
1158 <p>Like the <code>STORE</code> command (see section <a href="#STORE">STORE command</a>), but the <var>content</var>
1160 specified element path and will overwrite an existing element of the same
1161 name. If an element of the element path does not exist then it will be
1162 created.
1163 </p>
1164 <p>The content must begin with an <abbr>XML</abbr> element node. See section <a href="#Introduction">Overview of <code>pwmd</code></a>,
1165 for details.
1166 </p>
1171 <tr><td valign="middle" align="left">[<a href="#IMPORT" title="Previous section in reading order"> < </a>]</td>
1172 <td valign="middle" align="left">[<a href="#KEYGRIP" title="Next section in reading order"> > </a>]</td>
1174 <td valign="middle" align="left">[<a href="#IMPORT" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1182 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1185 </tr></table>
1189 <p>Syntax:
1191 </pre></td></tr></table>
1194 in the file cache. If not found in the cache but exists on the filesystem
1196 returned.
1197 </p>
1198 <p>The ‘<samp>lock</samp>’ option will lock the file mutex of <var>filename</var> when the
1199 file exists; it does not need to be opened nor cached.
1200 </p>
1205 <tr><td valign="middle" align="left">[<a href="#ISCACHED" title="Previous section in reading order"> < </a>]</td>
1206 <td valign="middle" align="left">[<a href="#LIST" title="Next section in reading order"> > </a>]</td>
1208 <td valign="middle" align="left">[<a href="#ISCACHED" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1216 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1219 </tr></table>
1223 <p>Syntax:
1225 </pre></td></tr></table>
1228 data response.
1229 </p>
1230 <p>When the ‘<samp>--sign</samp>’ option is specified then the key used for signing
1232 </p>
1233 <p>For symmetrically encrypted data files this command returns the error
1234 GPG_ERR_NOT_SUPPORTED.
1235 </p>
1240 <tr><td valign="middle" align="left">[<a href="#KEYGRIP" title="Previous section in reading order"> < </a>]</td>
1241 <td valign="middle" align="left">[<a href="#LOCK" title="Next section in reading order"> > </a>]</td>
1243 <td valign="middle" align="left">[<a href="#KEYGRIP" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1251 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1254 </tr></table>
1258 <p>Syntax:
1259 </p><table><tr><td> </td><td><pre class="example">LIST [--inquire] [--no-recurse] [--verbose] [--with-target] [--all] [[!]element[<TAB>[!]child[..]]]
1260 </pre></td></tr></table>
1262 <p>If no element path is given then a newline separated list of root elements
1263 is returned with a data response. If given, then all reachable elements
1265 option is specified. If specified, only the child elements of the element
1266 path are returned without recursing into grandchildren. Each resulting
1268 contains no <code>target</code> attribute. See section <a href="#Target-Attribute">The <code>target</code> attribute</a>, for details.
1269 </p>
1271 returned will have zero or more flags appened to it. These flags are
1272 delimited from the element path by a single space character. A flag itself
1277 (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>). Flag <code>T</code> will append the resolved element path
1279 </p>
1280 <p>The ‘<samp>--with-target</samp>’ option implies ‘<samp>--verbose</samp>’ and will append
1282 The appended element path is the resolved path (see section <a href="#REALPATH">REALPATH command</a>) of the
1285 </p>
1286 <p>The ‘<samp>--no-recurse</samp>’ option limits the amount of data returned to only
1287 the listing of children of the specified element path and not any
1288 grandchildren.
1289 </p>
1292 </p>
1293 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1295 </p>
1300 <tr><td valign="middle" align="left">[<a href="#LIST" title="Previous section in reading order"> < </a>]</td>
1301 <td valign="middle" align="left">[<a href="#LS" title="Next section in reading order"> > </a>]</td>
1303 <td valign="middle" align="left">[<a href="#LIST" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1311 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1314 </tr></table>
1318 <p>Syntax:
1320 </pre></td></tr></table>
1322 <p>Locks the mutex associated with the opened file. This prevents other clients
1323 from sending commands to the same opened file until the client
1326 </p>
1331 <tr><td valign="middle" align="left">[<a href="#LOCK" title="Previous section in reading order"> < </a>]</td>
1332 <td valign="middle" align="left">[<a href="#MOVE" title="Next section in reading order"> > </a>]</td>
1334 <td valign="middle" align="left">[<a href="#LOCK" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1342 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1345 </tr></table>
1349 <p>Syntax:
1351 </pre></td></tr></table>
1353 <p>Lists the available data files stored in the data directory
1355 </p>
1360 <tr><td valign="middle" align="left">[<a href="#LS" title="Previous section in reading order"> < </a>]</td>
1361 <td valign="middle" align="left">[<a href="#NOP" title="Next section in reading order"> > </a>]</td>
1363 <td valign="middle" align="left">[<a href="#LS" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1371 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1374 </tr></table>
1378 <p>Syntax:
1379 </p><table><tr><td> </td><td><pre class="example">MOVE [--inquire] [!]source[<TAB>[!]child[..]] [[!]dest[<TAB>[!]child[..]]]
1380 </pre></td></tr></table>
1382 <p>Moves the source element path to the destination element path. If the
1383 destination is not specified then it will be moved to the root node of the
1384 document. If the destination is specified and exists then it will be
1385 overwritten; otherwise non-existing elements of the destination element
1386 path will be created.
1387 </p>
1388 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1390 </p>
1395 <tr><td valign="middle" align="left">[<a href="#MOVE" title="Previous section in reading order"> < </a>]</td>
1396 <td valign="middle" align="left">[<a href="#OPEN" title="Next section in reading order"> > </a>]</td>
1398 <td valign="middle" align="left">[<a href="#MOVE" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1406 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1409 </tr></table>
1413 <p>Syntax:
1415 </pre></td></tr></table>
1417 <p>Does nothing. Always returns successfully.
1418 </p>
1423 <tr><td valign="middle" align="left">[<a href="#NOP" title="Previous section in reading order"> < </a>]</td>
1424 <td valign="middle" align="left">[<a href="#OPTION" title="Next section in reading order"> > </a>]</td>
1426 <td valign="middle" align="left">[<a href="#NOP" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1434 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1437 </tr></table>
1441 <p>Syntax:
1442 </p><table><tr><td> </td><td><pre class="example">OPEN [--lock] <filename> [<passphrase>]
1443 </pre></td></tr></table>
1446 found on the file-system then a new document will be created. If the file
1447 is found, it is looked for in the file cache. If cached and no
1450 for decryption unless ‘<samp>disable-pinentry</samp>’ (see section <a href="#OPTION">OPTION command</a>) was
1451 specified.
1452 </p>
1454 locked as if the <code>LOCK</code> command (see section <a href="#LOCK">LOCK command</a>) had been sent after the
1455 file has been opened.
1456 </p>
1461 <tr><td valign="middle" align="left">[<a href="#OPEN" title="Previous section in reading order"> < </a>]</td>
1462 <td valign="middle" align="left">[<a href="#PASSWD" title="Next section in reading order"> > </a>]</td>
1464 <td valign="middle" align="left">[<a href="#OPEN" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1472 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1475 </tr></table>
1479 <p>Syntax:
1481 </pre></td></tr></table>
1484 kept for the duration of the connection.
1485 </p>
1489 server inquire is sent to the client to obtain the passphrase. This option
1490 may be set as needed before the see section <a href="#OPEN">OPEN command</a>, see section <a href="#PASSWD">PASSWD command</a>, and
1492 </p>
1493 </dd>
1496 </p>
1497 </dd>
1500 </p>
1501 </dd>
1504 </p>
1505 </dd>
1507 <dd><p> Sets the description string of the <code>gpg-agent</code> and <code>pinentry</code> dialog.
1508 </p>
1509 </dd>
1512 </p>
1513 </dd>
1516 </p>
1517 </dd>
1520 </p>
1521 </dd>
1524 </p>
1525 </dd>
1527 <dd><p> Associates the thread ID of the connection with the specified textual
1528 representation. Useful for debugging log messages.
1529 </p>
1530 </dd>
1533 mutex which has been locked by another thread to be released before returning
1535 </p></dd>
1536 </dl>
1542 <tr><td valign="middle" align="left">[<a href="#OPTION" title="Previous section in reading order"> < </a>]</td>
1543 <td valign="middle" align="left">[<a href="#REALPATH" title="Next section in reading order"> > </a>]</td>
1545 <td valign="middle" align="left">[<a href="#OPTION" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1547 <td valign="middle" align="left">[<a href="#REALPATH" title="Next chapter"> >> </a>]</td>
1553 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1556 </tr></table>
1560 <p>Syntax:
1562 </pre></td></tr></table>
1564 <p>Changes the passphrase of the secret key required to open the current
1565 file or the passphrase of a symmetrically encrypted data file. When the
1567 file will be reset and the passphrase, if any, will be required during the
1569 </p>
1573 See section <a href="#SAVE">SAVE command</a>. This option has no effect for symmetrically encrypted data
1574 files.
1575 </p>
1580 <tr><td valign="middle" align="left">[<a href="#PASSWD" title="Previous section in reading order"> < </a>]</td>
1581 <td valign="middle" align="left">[<a href="#RENAME" title="Next section in reading order"> > </a>]</td>
1583 <td valign="middle" align="left">[<a href="#PASSWD" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1591 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1594 </tr></table>
1598 <p>Syntax:
1599 </p><table><tr><td> </td><td><pre class="example">REALPATH [--inquire] [!]element[<TAB>[!]child[..]]
1600 </pre></td></tr></table>
1603 returns the result with a data response. See section <a href="#Target-Attribute">The <code>target</code> attribute</a>, for details.
1604 </p>
1605 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1607 </p>
1612 <tr><td valign="middle" align="left">[<a href="#REALPATH" title="Previous section in reading order"> < </a>]</td>
1613 <td valign="middle" align="left">[<a href="#RESET" title="Next section in reading order"> > </a>]</td>
1615 <td valign="middle" align="left">[<a href="#REALPATH" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1623 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1626 </tr></table>
1630 <p>Syntax:
1631 </p><table><tr><td> </td><td><pre class="example">RENAME [--inquire] [!]element[<TAB>[!]child[..]] <value>
1632 </pre></td></tr></table>
1636 </p>
1637 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1639 </p>
1644 <tr><td valign="middle" align="left">[<a href="#RENAME" title="Previous section in reading order"> < </a>]</td>
1645 <td valign="middle" align="left">[<a href="#SAVE" title="Next section in reading order"> > </a>]</td>
1647 <td valign="middle" align="left">[<a href="#RENAME" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1655 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1658 </tr></table>
1662 <p>Syntax:
1664 </pre></td></tr></table>
1666 <p>Closes the currently opened file but keeps any previously set client options.
1667 </p>
1672 <tr><td valign="middle" align="left">[<a href="#RESET" title="Previous section in reading order"> < </a>]</td>
1673 <td valign="middle" align="left">[<a href="#STORE" title="Next section in reading order"> > </a>]</td>
1675 <td valign="middle" align="left">[<a href="#RESET" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1683 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1686 </tr></table>
1690 <p>Syntax:
1691 </p><table><tr><td> </td><td><pre class="example">SAVE [--no-passphrase] [--reset] [--no-agent] [--s2k-count=N] [--cipher=<algo>] [--cipher-iterations=N] [--inquire-keyparam] [--keygrip=hexstring [--sign-keygrip=hexstring]]
1692 </pre></td></tr></table>
1695 was opened using the <code>OPEN</code> command (see section <a href="#OPEN">OPEN command</a>). If the file is a
1697 keypair will be generated and a pinentry will be used to prompt for the
1699 passed, in which case the data file will not be passphrase protected.
1700 </p>
1703 use is enabled. The datafile will be symmetrically encrypted and will not
1704 use or generate any keypair.
1705 </p>
1706 <p>The ‘<samp>--reset</samp>’ option will clear the cache entry for the current file
1707 and require a passphrase, if needed, before saving.
1708 </p>
1709 <p>The ‘<samp>--cipher</samp>’ option can be used to encrypt the <abbr>XML</abbr> data to
1711 (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>) for available ciphers.
1712 </p>
1715 </p>
1716 <p>The ‘<samp>--inquire-keyparam</samp>’ option will send a server <em>INQUIRE</em> to
1717 the client to obtain the key paramaters to use when generating a new
1718 keypair. The inquired data is expected to be an S-expression. If not
1719 specified then an ‘<samp>RSA</samp>’ key of ‘<samp>2048</samp>’ bits will be generated
1720 unless otherwise set in the configuration file (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>). Note
1721 that when this option is specified a new keypair will be generated
1722 reguardless if the file is a new one or not.
1723 </p>
1724 <p>You can encrypt the data file to a public key other than the one that it
1726 the hex encoded keygrip of the public key as its argument. The keygrip may
1729 secret key. This option may be needed when using a smartcard. This option
1730 has no effect with symmetrically encrypted data files.
1731 </p>
1734 value which is the default. This setting only affects new files. To change
1735 the setting, use the <code>PASSWD</code> command (see section <a href="#PASSWD">PASSWD command</a>). This option
1736 has no effect with symmetrically encrypted data files.
1737 </p>
1742 <tr><td valign="middle" align="left">[<a href="#SAVE" title="Previous section in reading order"> < </a>]</td>
1743 <td valign="middle" align="left">[<a href="#UNLOCK" title="Next section in reading order"> > </a>]</td>
1745 <td valign="middle" align="left">[<a href="#SAVE" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1753 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1756 </tr></table>
1760 <p>Syntax:
1761 </p><table><tr><td> </td><td><pre class="example">STORE [!]element[<TAB>[!]child[..]]<TAB>[content]
1762 </pre></td></tr></table>
1765 </p>
1767 element. If only a single element is specified then a new root element is
1771 be removed, or empty when creating a new element.
1772 </p>
1773 <p>The only restriction of an element name is that it not contain whitespace
1775 literal element (see section <a href="#Target-Attribute">The <code>target</code> attribute</a>). There is no whitespace between
1779 </p>
1784 <tr><td valign="middle" align="left">[<a href="#STORE" title="Previous section in reading order"> < </a>]</td>
1785 <td valign="middle" align="left">[<a href="#XPATH" title="Next section in reading order"> > </a>]</td>
1787 <td valign="middle" align="left">[<a href="#STORE" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1795 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1798 </tr></table>
1802 <p>Syntax:
1804 </pre></td></tr></table>
1807 a commands’ ‘<samp>--lock</samp>’ option (see section <a href="#LOCK">LOCK command</a>, see section <a href="#OPEN">OPEN command</a>,
1809 </p>
1814 <tr><td valign="middle" align="left">[<a href="#UNLOCK" title="Previous section in reading order"> < </a>]</td>
1815 <td valign="middle" align="left">[<a href="#XPATHATTR" title="Next section in reading order"> > </a>]</td>
1817 <td valign="middle" align="left">[<a href="#UNLOCK" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1819 <td valign="middle" align="left">[<a href="#XPATHATTR" title="Next chapter"> >> </a>]</td>
1825 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1828 </tr></table>
1832 <p>Syntax:
1833 </p><table><tr><td> </td><td><pre class="example">XPATH [--inquire] <expression>[<TAB>[value]]
1834 </pre></td></tr></table>
1837 specified, it is assumed the expression is a request to return a result.
1840 is assumed to be empty and the document is updated. For example:
1841 <br>
1842 </p><table><tr><td> </td><td><pre class="example">XPATH //element[@_name='password']<TAB>
1843 </pre></td></tr></table>
1844 <br>
1848 </p>
1849 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1851 </p>
1852 <p>See <a href="http://www.w3schools.com/xpath/xpath_syntax.asp">http://www.w3schools.com/xpath/xpath_syntax.asp</a> for <abbr>XPATH</abbr>
1853 expression syntax.
1854 </p>
1859 <tr><td valign="middle" align="left">[<a href="#XPATH" title="Previous section in reading order"> < </a>]</td>
1860 <td valign="middle" align="left">[<a href="#Status-Messages" title="Next section in reading order"> > </a>]</td>
1862 <td valign="middle" align="left">[<a href="#XPATH" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1864 <td valign="middle" align="left">[<a href="#Status-Messages" title="Next chapter"> >> </a>]</td>
1870 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1873 </tr></table>
1877 <p>Syntax:
1878 </p><table><tr><td> </td><td><pre class="example">XPATHATTR [--inquire] SET|DELETE <name> <expression>[<TAB>[<value>]]
1879 </pre></td></tr></table>
1881 <p>Like the <code>XPATH</code> command (see section <a href="#XPATH">XPATH command</a>) but operates on element
1884 the attribute value will be empty. For example:
1885 <br>
1886 </p><table><tr><td> </td><td><pre class="example">XPATHATTR SET password //element[@_name='password']<TAB>
1887 </pre></td></tr></table>
1888 <br>
1890 found in the document. The attribute value will be empty but still exist.
1891 </p>
1892 <p>When the ‘<samp>--inquire</samp>’ option is passed then all remaining non-option
1894 </p>
1895 <p>See <a href="http://www.w3schools.com/xpath/xpath_syntax.asp">http://www.w3schools.com/xpath/xpath_syntax.asp</a> for <abbr>XPATH</abbr>
1896 expression syntax.
1897 </p>
1903 <tr><td valign="middle" align="left">[<a href="#XPATHATTR" title="Previous section in reading order"> < </a>]</td>
1904 <td valign="middle" align="left">[<a href="#Target-Attribute" title="Next section in reading order"> > </a>]</td>
1906 <td valign="middle" align="left">[<a href="#XPATHATTR" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1908 <td valign="middle" align="left">[<a href="#Target-Attribute" title="Next chapter"> >> </a>]</td>
1914 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1917 </tr></table>
1920 <p>Some commands send status messages to inform the client about certain
1921 operations or as a progress indicator. Status messages begin with a
1923 require it. What status messages are sent, when, and how often depend on
1924 configuration settings (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>). A status message sent from
1925 <code>gpg-agent</code> (See <a href="gnupg.html#Invoking-GPG_002dAGENT">(gnupg)Invoking GPG-AGENT</a>) is also forwarded to
1926 the client.
1927 </p>
1928 <table>
1929 <thead><tr><th width="20%">Message</th><th width="25%">Arguments</th><th width="55%">Description</th></tr></thead>
1931 <a name="index-CACHE"></a></td><td width="25%"><code><integer></code></td><td width="55%">The number of cached documents. Sent to each client after connecting
1932 (see section <a href="#GETINFO">GETINFO command</a>) and after every cache modification.</td></tr>
1934 <a name="index-CLIENTS"></a></td><td width="25%"><code><integer></code></td><td width="55%">The number of connected clients (see section <a href="#GETINFO">GETINFO command</a>). Sent to each client
1935 when another client either connects or disconnects.</td></tr>
1937 <a name="index-DECRYPT"></a></td><td width="25%"><code>n</code> <code>total</code></td><td width="55%">Sent to the current client during a decrypt operation. How often this
1939 (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>) setting.</td></tr>
1941 <a name="index-ENCRYPT"></a></td><td width="25%"><code>n</code> <code>total</code></td><td width="55%">Sent to the current client during an encrypt operation. How often this
1943 (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>) setting.</td></tr>
1945 <a name="index-GENKEY"></a></td><td width="25%"></td><td width="55%">Sent once to the current client just before generating a new key-pair.</td></tr>
1947 <a name="index-INQUIRE_005fMAXLEN"></a></td><td width="25%"><code><bytes></code></td><td width="55%">Sent to the client from <code>gpg-agent</code> when inquiring data. This
1948 specifies the maximum number of bytes allowed for the client to send and
1949 should not be exceeded.</td></tr>
1951 <a name="index-KEEPALIVE"></a></td><td width="25%"></td><td width="55%">Sent to each idle client every <var>keepalive_interval</var>
1952 (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>) seconds.</td></tr>
1954 <a name="index-LOCKED"></a></td><td width="25%"></td><td width="55%">Sent to the current client when another client is holding the lock for
1955 the mutex associated with a file.</td></tr>
1957 <a name="index-NEWFILE"></a></td><td width="25%"></td><td width="55%">Sent to the current client when the opened (see section <a href="#OPEN">OPEN command</a>) file does not
1958 exist on the file-system.</td></tr>
1960 <a name="index-XFER"></a></td><td width="25%"><code><sent> <total></code></td><td width="55%">Sent to the current client when transferring data. It has two space
1961 delimited arguments. The first being the current amount of bytes transferred
1962 and the other being the total bytes to be transferred.</td></tr>
1963 </table>
1968 <tr><td valign="middle" align="left">[<a href="#Status-Messages" title="Previous section in reading order"> < </a>]</td>
1969 <td valign="middle" align="left">[<a href="#Signals" title="Next section in reading order"> > </a>]</td>
1971 <td valign="middle" align="left">[<a href="#Status-Messages" title="Beginning of this chapter or previous chapter"> << </a>]</td>
1979 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
1982 </tr></table>
1987 when found in each element of an element path. This attribute, like other
1989 (see section <a href="#ATTR">ATTR command</a>). The value of this attribute is an existing element path
1991 maybe the <abbr>HTML</abbr> <code>id</code> or <code>target</code> attributes or a symbolic link
1992 in a file-system, you may find this attribute behaves similar to any of those.
1993 </p>
1995 </p>
1996 <table><tr><td> </td><td><pre class="example">ATTR SET target [!]element[<TAB>[!]child[..]] [!]element[<TAB>[!]child[..]]
1997 </pre></td></tr></table>
1999 <p>Note the single space between the two element paths. The first element path is
2002 (see section <a href="#ATTR">ATTR command</a>) command will create elements. The attribute is created in the
2003 final element of the element path.
2004 </p>
2005 <p>The second element path is the destination of where you want the first element
2006 path to resolve to. When an element path is passed to a protocol command
2010 any element of an element path then prefix the element with the literal
2012 </p>
2014 resolves to then an error will occur. You may need to either update the
2017 it will need to be prefixed with the literal element character ‘<samp>!</samp>’ when
2019 attribute for an element containing it:
2020 </p>
2021 <table><tr><td> </td><td><pre class="example">ATTR DELETE target path<TAB>to<TAB>!element
2022 </pre></td></tr></table>
2025 resolve to themselves. See the <var>recursion_depth</var> (see section <a href="#Configuration"><code>pwmd</code> configuration file options</a>)
2026 configuration parameter for details.
2027 </p>
2028 <p>The <code>REALPATH</code> command (see section <a href="#REALPATH">REALPATH command</a>) can be used to show the element
2030 </p>
2035 <tr><td valign="middle" align="left">[<a href="#Target-Attribute" title="Previous section in reading order"> < </a>]</td>
2036 <td valign="middle" align="left">[<a href="#Concept-Index" title="Next section in reading order"> > </a>]</td>
2038 <td valign="middle" align="left">[<a href="#Target-Attribute" title="Beginning of this chapter or previous chapter"> << </a>]</td>
2040 <td valign="middle" align="left">[<a href="#Concept-Index" title="Next chapter"> >> </a>]</td>
2046 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
2049 </tr></table>
2055 cache.
2056 </p>
2062 <tr><td valign="middle" align="left">[<a href="#Signals" title="Previous section in reading order"> < </a>]</td>
2065 <td valign="middle" align="left">[<a href="#Signals" title="Beginning of this chapter or previous chapter"> << </a>]</td>
2073 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
2076 </tr></table>
2084 <tr><td valign="middle" align="left">[<a href="#Top" title="Cover (top) of document">Top</a>]</td>
2085 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
2088 </tr></table>
2093 <li><a name="toc-Overview-of-pwmd" href="#Introduction">1. Overview of <code>pwmd</code></a></li>
2095 <li><a name="toc-pwmd-configuration-file-options" href="#Configuration">3. <code>pwmd</code> configuration file options</a></li>
2096 <li><a name="toc-Configuring-remote-connections-over-TLS_002e" href="#TLS">4. Configuring remote connections over TLS.</a></li>
2098 <li><a name="toc-Protocol-commands-and-their-syntax" href="#Commands">6. Protocol commands and their syntax</a></li>
2129 <li><a name="toc-Status-messages-and-their-meanings" href="#Status-Messages">37. Status messages and their meanings</a></li>
2130 <li><a name="toc-The-target-attribute" href="#Target-Attribute">38. The <code>target</code> attribute</a></li>
2133 </ul>
2134 </div>
2138 <tr><td valign="middle" align="left">[<a href="#Top" title="Cover (top) of document">Top</a>]</td>
2139 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
2142 </tr></table>
2146 <li><a name="stoc-Overview-of-pwmd" href="#Introduction">1. Overview of <code>pwmd</code></a></li>
2148 <li><a name="stoc-pwmd-configuration-file-options" href="#Configuration">3. <code>pwmd</code> configuration file options</a></li>
2149 <li><a name="stoc-Configuring-remote-connections-over-TLS_002e" href="#TLS">4. Configuring remote connections over TLS.</a></li>
2151 <li><a name="stoc-Protocol-commands-and-their-syntax" href="#Commands">6. Protocol commands and their syntax</a></li>
2182 <li><a name="stoc-Status-messages-and-their-meanings" href="#Status-Messages">37. Status messages and their meanings</a></li>
2183 <li><a name="stoc-The-target-attribute" href="#Target-Attribute">38. The <code>target</code> attribute</a></li>
2186 </ul>
2187 </div>
2191 <tr><td valign="middle" align="left">[<a href="#Top" title="Cover (top) of document">Top</a>]</td>
2192 <td valign="middle" align="left">[<a href="#SEC_Contents" title="Table of contents">Contents</a>]</td>
2195 </tr></table>
2197 <p>
2198 This document was generated by <em>me</em> on <em>February 27, 2013</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.82</em></a>.
2199 </p>
2200 <p>
2201 The buttons in the navigation panels have the following meaning:
2202 </p>
2204 <tr>
2209 </tr>
2210 <tr>
2215 </tr>
2216 <tr>
2221 </tr>
2222 <tr>
2227 </tr>
2228 <tr>
2233 </tr>
2234 <tr>
2239 </tr>
2240 <tr>
2245 </tr>
2246 <tr>
2251 </tr>
2252 <tr>
2257 </tr>
2258 <tr>
2263 </tr>
2264 </table>
2266 <p>
2267 where the <strong> Example </strong> assumes that the current position is at <strong> Subsubsection One-Two-Three </strong> of a document of the following structure:
2268 </p>
2270 <ul>
2272 <ul>
2274 <ul>
2276 </ul>
2277 </li>
2279 <ul>
2285 </ul>
2286 </li>
2288 <ul>
2290 </ul>
2291 </li>
2293 </ul>
2294 </li>
2295 </ul>
2298 <p>
2300 This document was generated by <em>me</em> on <em>February 27, 2013</em> using <a href="http://www.nongnu.org/texi2html/"><em>texi2html 1.82</em></a>.
2301 </font>
2302 <br>
2304 </p>
2305 </body>
2306 </html>