Merge branch 'master' of git://tinc-vpn.org/tinc into 1.1

[meshlink] / doc / tincd.8.in

diff --git a/doc/tincd.8.in b/doc/tincd.8.in
index e4bbaeb7bfd04b32f94284a82e9fa03eb2d8d0f1..24b4da462cdd2b6a9b95e4ed765d082c46c0d97c 100644 (file)
--- a/doc/tincd.8.in
+++ b/doc/tincd.8.in
@@ -1,4 +1,4 @@
-.Dd 2002-03-25
+.Dd 2011-06-25
 .Dt TINCD 8
 .\" Manual page created by:
 .\" Ivo Timmermans
@@ -8,14 +8,17 @@
 .Nd tinc VPN daemon
 .Sh SYNOPSIS
 .Nm
-.Op Fl cdDKnL
+.Op Fl cdDKnoLRU
 .Op Fl -config Ns = Ns Ar DIR
 .Op Fl -no-detach
 .Op Fl -debug Ns Op = Ns Ar LEVEL
 .Op Fl -net Ns = Ns Ar NETNAME
+.Op Fl -option Ns = Ns Ar [HOST.]KEY=VALUE
 .Op Fl -mlock
 .Op Fl -logfile Ns Op = Ns Ar FILE
 .Op Fl -bypass-security
+.Op Fl -chroot
+.Op Fl -user Ns = Ns Ar USER
 .Op Fl -help
 .Op Fl -version
 .Sh DESCRIPTION
@@ -51,6 +54,30 @@ Increase debug level or set it to
 .It Fl n, -net Ns = Ns Ar NETNAME
 Connect to net
 .Ar NETNAME .
+This will let tinc read all configuration files from
+.Pa @sysconfdir@/tinc/ Ar NETNAME .
+Specifying
+.Li .
+for
+.Ar NETNAME
+is the same as not specifying any
+.Ar NETNAME .
+.It Fl o, -option Ns = Ns Ar [HOST.]KEY=VALUE
+Without specifying a
+.Ar HOST ,
+this will set server configuration variable
+.Ar KEY 
+to
+.Ar VALUE .
+If specified as
+.Ar HOST.KEY=VALUE ,
+this will set the host configuration variable 
+.Ar KEY
+of the host named
+.Ar HOST
+to
+.Ar VALUE .
+This option can be used more than once to specify multiple configuration variables.
 .It Fl L, -mlock
 Lock tinc into main memory.
 This will prevent sensitive data like shared private keys to be written to the system swap files/partitions.
@@ -60,16 +87,27 @@ If
 .Ar FILE
 is omitted, the default is
 .Pa @localstatedir@/log/tinc. Ns Ar NETNAME Ns Pa .log.
-.It Fl -controlsocket Ns = Ns Ar FILENAME
-Open control socket at
-.Ar FILENAME .
+.It Fl -pidfile Ns = Ns Ar FILENAME
+Store a cookie in
+.Ar FILENAME
+which allows
+.Xr tincctl 8
+to authenticate.
 If
 .Ar FILE
 is omitted, the default is
-.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .control.
+.Pa @localstatedir@/run/tinc. Ns Ar NETNAME Ns Pa .pid.
 .It Fl -bypass-security
 Disables encryption and authentication of the meta protocol.
 Only useful for debugging.
+.It Fl R, -chroot
+With this option tinc chroots into the directory where network
+config is located (@sysconfdir@/tinc/NETNAME if -n option is used,
+or to the directory specified with -c option) after initialization.
+.It Fl U, -user Ns = Ns Ar USER
+setuid to the specified
+.Ar USER
+after initialization.
 .It Fl -help
 Display short list of options.
 .It Fl -version
@@ -77,12 +115,28 @@ Output version information and exit.
 .El
 .Sh SIGNALS
 .Bl -tag -width indent
+.It ALRM
+Forces
+.Nm
+to try to connect to all uplinks immediately.
+Usually
+.Nm
+attempts to do this itself,
+but increases the time it waits between the attempts each time it failed,
+and if
+.Nm
+didn't succeed to connect to an uplink the first time after it started,
+it defaults to the maximum time of 15 minutes.
 .It HUP
 Partially rereads configuration files.
 Connections to hosts whose host config file are removed are closed.
 New outgoing connections specified in
 .Pa tinc.conf
 will be made.
+If the
+.Fl -logfile
+option is used, this will also close and reopen the log file,
+useful when log rotation is used.
 .El
 .Sh DEBUG LEVELS
 The tinc daemon can send a lot of messages to the syslog.