Manual page update.

[pwmd.git] / doc / pwmd.1

.\" This program is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation; either version 2 of the License, or
.\" (at your option) any later version.
.\" 
.\" This program is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\" 
.\" You should have received a copy of the GNU General Public License
.\" along with this program; if not, write to the Free Software
.\" Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
.de URL
\\$2 \(laURL: \\$1 \(ra\\$3
..
.if \n[.g] .mso www.tmac
.TH PWMD 1 "13 Jan 2007" "Password Manager Daemon" "Password Manager Daemon"
.SH NAME

pwmd \- local socket data server
.SH SYNOPSIS
.B pwmd
[\-hv] [\-f <rcfile>] [\-I <filename>]

.SH DESCRIPTION
.B pwmd
is a daemon that listens for connections on a local socket. Clients connect to
the server and can get or modify "account" data. The word "account" is just a
placeholder for the element describing and item. But what the data actually is
can be anything. The data is stored in an AES encrypted XML file.

.SH OPTIONS
.TP
.I "\-f rcfile"
Specify an alternate configuration file. The default is \fB~/.pwmdrc\fR.
.TP
.I "\-I filename"
Import an XML file prompting for a key to use for encryption. The encrypted
data will be written to stdout.
.TP
.I "\-v"
Version information.
.TP
.I "\-h"
Help text.

.SH CONFIGURATION FILE
Blank lines and lines beginning with '#' are ignored. The file requires a
group of options named "default". Groups are declared with [groupname]. Only
the group "default" will be used. If the first character of a string value is
a tilde, it will be expanded to your home directory.
.TP
.I "socket_path=<string>"
Listen on the specified socket. The default is \fB~/.pwmd/socket\fR.
.TP
.I "data_directory=<string>"
Where
.B pwmd
should store and retrieve data files. The default is \fB~/.pwmd\fR.
.TP
.I "disable_mlockall=<boolean>"
If set to "true" then
.B pwmd
wont call
.BR mlockall (2).
If you have resource limits beyond your control and
.B pwmd
is taking to much physical memory then this option may help at the cost of
security. The data might be swapped to virtual memory and later recovered.
Reguardless of this option
.BR mlock (2)
will still be used for the file cache. The default is \fBfalse\fR.
.TP
.I "cache_size=<integer>"
Specfies the size of the file cache. Must be in multiples of your systems
\fBPAGE_SIZE\fR. The default is one page which on Linux-x86 is 4096 bytes or
78 files.
.TP
.I "log_path=<string>"
Logs informational messages to the specified file. The default is
\fB~/.pwmd/.log\fR.
.TP
.I "enable_logging=<boolean>"
Enable or disable logging to \fBlog_path\fR. The default is \fBfalse\fR.
.TP
.I "iterations=<integer>"
The number of times to encrypt the data. A value of 10000 or more will make
dictionary attacks very slow depending on the CPU. The default is 0.
.TP
.I "cache_push=<list>"
A list of filenames separated by commas that will be pushed into the file
cache upon startup.
.B pwmd
will ask for the key for each file specified. The default is none.
.SH SIGNALS
.TP
.B SIGHUP
Clears the entire file cache. If there are any clients connected, a key will
be required for the next OPEN or SAVE command.

.SH FILES
.TP
.B ~/.pwmdrc
Default configuration file.
.TP
.B ~/.pwmd
Default data directory.
.TP
.B ~/.pwmd/socket
Default listening socket.
.TP
.B /dev/shm/pwmd.<uid>
On Linux, and maybe other systems, where the file cache is stored for the
duration of the daemon. If your
.BR mmap (2)
supports MAP_ANONYMOUS with MAP_SHARED then no file will need to be created.

.SH AUTHOR
Ben Kibbey <bjk@luxsci.net>
.br
.URL "http://bjk.sourceforge.net/pwmd/" "PWMD Homepage" .

.SH "SEE ALSO"
.BR shm_open (2),
.BR mlock (2),
.BR mlockall (2),
.BR libxml (3) ,
.BR mmap (2)