1 .\" Copyright (C) 2006, 2007, 2008, 2009, 2010, 2011, 2012
2 .\" Ben Kibbey <bjk@luxsci.net>
4 .\" This file is part of pwmd.
6 .\" Pwmd is free software: you can redistribute it and/or modify
7 .\" it under the terms of the GNU General Public License as published by
8 .\" the Free Software Foundation, either version 2 of the License, or
9 .\" (at your option) any later version.
11 .\" Pwmd is distributed in the hope that it will be useful,
12 .\" but WITHOUT ANY WARRANTY; without even the implied warranty of
13 .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 .\" GNU General Public License for more details.
16 .\" You should have received a copy of the GNU General Public License
17 .\" along with Pwmd. If not, see <http://www.gnu.org/licenses/>.
19 \\$2 \(laURL: \\$1 \(ra\\$3
21 .if \n[.g] .mso www.tmac
22 .TH PWMD 1 "06 Oct 2011" "Password Manager Daemon" "Password Manager Daemon"
25 pwmd \- a universal data server
28 [options] [file1] [...]
32 is a daemon the listens on a local UNIX domain socket. Clients connect and
33 send commands to send and retrieve data that is stored in an encrypted XML
34 data file. \fBpwmd\fP uses
36 for keypair generation, decryption and signing of the data file. See the
37 section \fBGPG-AGENT\fP for further information.
40 The following are the available command line options. Remaining arguments are
41 files to add to the cache on startup.
43 .I "\-\-rcfile, \-f rcfile"
44 Specify an alternate configuration file. The default is \fI~/.pwmd/config\fR.
47 .I "\-\-import, \-I filename \-\-outfile filename"
48 Imports an XML file. The XML file should be in conformance to the pwmd DTD.
49 See \fBCOMMANDS\fP contained in the distributed pwmd archive for details. You
50 will be prompted for a passphrase to encrypt with. The output is written to
51 the filename specified with \fI\-\-outfile\fP. To make use of the imported
52 data, place the resulting file in the data directory (\fI~/.pwmd/data\fP).
55 .I "\-\-keyparam <s-exp>"
56 The key parameters to use when generating a new key pair when importing or
57 converting. The argument must be a valid S-expression.
60 .I "\-\-keygrip hexstring"
61 Specifies the public keygrip to use for encryption when importing or
62 converting. When not specified a new keypair will be created.
65 .I "\-\-passphrase-file, \-k filename"
66 Obtain the passphrase from the specified filename.
69 .I "\-\-no-passphrase-file
70 When converting and \fB--passphrase-file\fP was specified, do not use the
71 passphrase obtained from the file when generating the new keypair.
74 .I "\-\-cipher string"
75 When importing, the cipher to use for data encryption. See the
77 configuration file setting below for available ciphers. The default is
82 The number of passphrase hashing iterations to use when importing or
83 converting. The default is the gpg-agent calibrated value for the machine.
84 Must be 65536 or greater.
87 .I "\-\-cipher\-iterations N
88 The number of times to encrypt the XML data. The value is actually N+1. The
92 .I "\-\-convert, \-C filename \-\-outfile filename"
93 Converts a \fBpwmd\fP version 2 data file to a version 3 data file. If
94 encrypted, you will be prompted for a passphrase to use for decryption unless
95 a \fI\-\-passphrase-file\fP was specified. The converted data file will be
96 saved to the filename specified with \fI\-\-outfile\fP. All \fI\-\-import\fP
97 related options may also be used when converting.
100 .I "\-\-disable\-dump, \-D"
101 Disable the \fBXPATH\fP, \fBLIST\fP and \fBDUMP\fP protocol commands. This
102 overrides any \fIdisable_list_and_dump\fP configuration parameter.
105 .I "\-\-no\-fork, \-n"
106 Run as a foreground process and do not fork into the background.
110 Ignore cache pushing failures on startup. By default, \fBpwmd\fP will exit if
111 an error occured do to an invalid passphrase or some other access error.
114 .I "\-\-debug-level keyword,keyword,..."
115 Output assuan protocol IO with the comma separated list of output keywords.
116 Valid keywords are: \fBinit\fP, \fBctx\fP, \fBengine\fP, \fBdata\fP,
117 \fBsysio\fP and \fBcontrol\fP.
127 .SH CONFIGURATION FILE
128 Blank lines and lines beginning with '#' are ignored. Some options can have
129 data file-specific settings by placing them in a file section. A file section
130 is declared by surrounding the filename with braces (i.e., \fI[filename]\fP).
131 Global options may be specified in a \fI[global]\fP section and are the
132 default options for new or unspecified files. When the first character of a
133 filename is a tilde then it will be expanded to your home directory. First the
134 \fBglobal\fP options:
136 .I "socket_path=<string>"
137 Listen on the specified socket. The default is \fI~/.pwmd/socket\fR.
140 .I "socket_perms=<integer>"
141 Permissions to set after creating the socket. This will override any
146 .I "allowed=<user,@group,...>"
147 A comma separated list of local usernames or group names allowed to connect to
148 the socket. Groups should be prefixed with a '\fB@\fP'. When not specified
149 only the invoking user may connect. The connecting username is obtained via
153 .I "disable_mlockall=<boolean>"
154 When set to \fIfalse\fP,
156 will be called after the client connects. This will use more physical memory
157 but may also be more secure since no swapping to disk will occur.
160 .I "log_path=<string>"
161 Logs informational messages to the specified file. The default is
165 .I "enable_logging=<boolean>"
166 Enable or disable logging to \fIlog_path\fR. The default is \fIfalse\fR.
169 .I "syslog=<boolean>"
172 with facility \fBLOG_DAEMON\fP and priority \fBLOG_INFO\fP. The default is
176 .I "log_level=<integer>"
177 When \fI0\fP, only connections and errors are logged. When \fI1\fP, client
178 commands, options and the return code are also logged. The default is \fI0\fP.
181 .I "agent_env_file=<filename>"
182 A file containing the \fBGPG_AGENT_INFO\fP environment variable and value as
183 output by the \fB--write-env-file\fP option of \fBgpg-agent\fP.
186 .I "kill_scd=<boolean>"
187 Kill the smartcard daemon after each OPEN or SAVE command. This option
188 requires libassuan 2.0.3 or later at compile time.
191 .I "disable_list_and_dump=<boolean>"
192 When \fItrue\fP, the \fBXPATH\fP, \fBLIST\fP and \fBDUMP\fP protocol commands
196 .I "cache_push=<list>"
197 A comma separated list of filenames that will be pushed into the file cache
198 upon startup. \fBpwmd\fP will prompt for the passphrase for each file unless
199 specified with the \fIpassphrase\fP or \fIpassphrase_file\fP parameters in a
200 matching file section.
203 .I "priority=<integer>"
204 The priority, or niceness, of the server. The default is inherited from the
209 The default cipher to use for data encryption. Should be one of:
210 \fIaes128\fP, \fIaes192\fP, \fIaes256\fP, \fIserpent128\fP, \fIserpent192\fP,
211 \fIserpent256\fP, \fIcamellia128\fP, \fIcamellia192\fP, \fIcamellia256\fP,
212 \fI3des\fP, \fIcast5\fP, \fIblowfish\fP, \fItwofish128\fP or
213 \fItwofish256\fP. The default is \fIaes256\fP.
216 Below are options that can be specified in the \fB[global]\fP or
217 \fB[filename]\fP section. If in both then \fB[filename]\fP will have
220 .I "backup=<boolean>"
221 Whether to create a backup of the data file when saving. The backup filename
222 has the .backup extension appended to the opened file. The default is
226 .I "cache_timeout=<integer>"
227 The number of seconds to keep the cache entry for this file. If \fI-1\fP, the
228 cache entry is kept forever. If \fI0\fP, each time an encrypted file is OPEN'd
229 passphrase will be required. The default is \fI-1\fP.
232 .I "xfer_progress=<integer>"
233 Commands that send data lines to the client will send the XFER status message
234 after the specified number of bytes have been sent. The number of bytes is
235 rounded to ASSUAN_LINELENGTH or 1002 bytes. The default is \fI8196\fP.
238 .I "passphrase=<string>"
239 The initial passphrase to use for this file. If specified in the
240 \fBglobal\fP section then "\fIglobal\fP" is treated as a data filename and
241 not a default for other files. Note that if a client changes the passphrase
242 for this data file then this value is not modified and will need to be
246 .I "passphrase_file=<string>"
247 Same as the \fIpassphrase\fP parameter above but obtains the passphrase from
248 the specified filename. Note that if the cache entry for a data file using a
249 \fIpassphrase_file\fP is removed then the only way to add it again is to
250 restart \fBpwmd\fP or to re-read the configuration file.
253 .I "recursion_depth=<integer>"
254 The maximum number of times to resolve a "target" attribute for an element in
255 an element path. An error is returned when this value is exceeded. The
256 default is \fI100\fP but can be disabled by setting to \fI0\fP (not
260 Since \fBpwmd\fP uses
262 for public and private key operations, \fBgpg-agent\fP needs to be running and
263 have set the \fBGPG_AGENT_INFO\fP environment variable before \fBpwmd\fP has
268 to prompt for a passphrase, or a PIN code if using a smartcard, when a secret
269 key needs to be unlocked. It is up to the client to tell \fBpwmd\fP where to
270 have the pinentry prompt for input. \fBpwmd\fP will then pass this information
277 will only keep track of keygrips for keypairs that it knows about when
278 caching. It will not do anything with secret keys outside of \fBpwmd\fP unless
279 a key is shared with a \fBpwmd\fP data file. The \fBpwmd\fP cache is cleared
280 when exiting. This will also clear \fBgpg-agent\fP cache entries that were
281 added by \fBpwmd\fP. This may have undesirable effects when using a keypair
282 for a data file that is also used outside of \fBpwmd\fP.
285 Note that for passphrase caching on startup or a passphrase obtained via a
286 server inquire in the \fBOPEN\fP command, the
287 \fI\-\-allow-preset-passphrase\fP option must be passed to
289 for these features to work.
294 Clears the entire file cache. If there are any clients connected, a passphrase
295 may be required for the next \fBOPEN\fP command.
298 Reloads the configuration file. Any files specified in the \fIcache_push\fP
299 configuration parameter are added to the cache when no passphrase is required.
301 .B SIGTERM and SIGINT
302 Disallows new connections and waits for all clients to disconnect before
303 terminating. Sending this signal again will terminate without waiting.
308 Default configuration file.
311 Default data directory.
314 Default listening socket.
317 Default log file when logging is enabled.
320 Ben Kibbey <bjk@luxsci.net>
322 .URL "http://pwmd.sourceforge.net/" "PWMD Homepage" .
325 .BR gpg-agent (1), pinentry (1)
327 Also see the pwmd.info documentation which is more complete.