[src/netbsd-3]: src/sbin/veriexecctl Pull up revision 1.9 (requested by elad ...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/4711596e96eb
branches:  netbsd-3
changeset: 576115:4711596e96eb
user:      tron <tron%NetBSD.org@localhost>
date:      Fri Jun 10 14:55:20 2005 +0000

description:
Pull up revision 1.9 (requested by elad in ticket #389):
Mention command names in SYNOPSIS; add gen_rmd160 to SEE ALSO;
improve formatting; bump date.

diffstat:

 sbin/veriexecctl/veriexecctl.8 |  66 +++++++++++++++++++++---------------------
 1 files changed, 33 insertions(+), 33 deletions(-)

diffs (120 lines):

diff -r 69bd321baf96 -r 4711596e96eb sbin/veriexecctl/veriexecctl.8
--- a/sbin/veriexecctl/veriexecctl.8    Fri Jun 10 14:55:05 2005 +0000
+++ b/sbin/veriexecctl/veriexecctl.8    Fri Jun 10 14:55:20 2005 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: veriexecctl.8,v 1.7.2.1 2005/06/10 14:47:56 tron Exp $
+.\" $NetBSD: veriexecctl.8,v 1.7.2.2 2005/06/10 14:55:20 tron Exp $
 .\"
 .\" Copyright (c) 1999
 .\"    Brett Lymn - blymn%baea.com.au@localhost, brett_lymn%yahoo.com.au@localhost
@@ -29,9 +29,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"    $Id: veriexecctl.8,v 1.7.2.1 2005/06/10 14:47:56 tron Exp $
+.\"    $Id: veriexecctl.8,v 1.7.2.2 2005/06/10 14:55:20 tron Exp $
 .\"
-.Dd January 6, 2005
+.Dd April 22, 2005
 .Dt VERIEXECCTL 8
 .Os
 .Sh NAME
@@ -39,10 +39,9 @@
 .Nd load or report verified exec fingerprints
 .Sh SYNOPSIS
 .Nm
-.Ar command
-.Oo
-.Ar arg
-.Oc
+.Cm fingerprints
+.Nm
+.Cm load Ar veriexec.conf
 .Sh DESCRIPTION
 The
 .Nm
@@ -50,10 +49,28 @@
 Verified Exec must have been configured into the booted kernel for this
 commaned to work.
 .Sh COMMANDS
-.Pp
-.Cm load
-.Ar veriexec.conf
-.Pp
+.Bl -tag -width 25n
+.It Cm fingerprints
+Report the fingerprint methods that are available in the currently running
+kernel.
+This command will return a space separated list of supported fingerprint
+methods that will be accepted by the kernel.
+The default list is:
+.Bl -item -offset indent -compact
+.It
+MD5
+.It
+RMD160
+.It
+SHA1
+.It
+SHA256
+.It
+SHA384
+.It
+SHA512
+.El
+.It Cm load Ar veriexec.conf
 Load the fingerprint entries contained in
 .Ar veriexec.conf
 into the in kernel tables.
@@ -62,27 +79,10 @@
 Once loaded the kernel can then validate executed programs
 or files against the loaded fingerprints and report when fingerprints
 do not match.
-.Pp
-.Cm fingerprints
-.Pp
-Report the fingerprint methods that are available in the currently running
-kernel.
-This command will return a space separated list of supported fingerprint
-methods that will be accepted by the kernel.
-The default list is:
-.Bd -literal -offset indent
-MD5
-RMD160
-SHA1
-SHA256
-SHA384
-SHA512
-.Ed
-.Pp
+.El
 .Sh VERIEXEC.CONF
-.Pp
 The
-.Ar veriexec.conf
+.Pa veriexec.conf
 file contains lines of fields (separated by one or more whitespace
 characters) of the form:
 .Pp
@@ -108,11 +108,10 @@
 Currently there are two valid options:
 .Pp
 .Bl -tag -width INDIRECT -compact
-.Pp
-.It Pa INDIRECT
+.It Dv INDIRECT
 If this option is set then the executable cannot be invoked directly, it
 can only be used as an interpreter in shell scripts.
-.It Pa FILE
+.It Dv FILE
 Indicates that the fingerprint is associated with a file, not an
 executable.
 Files have their fingerprints verified during
@@ -133,6 +132,7 @@
 .El
 .Sh SEE ALSO
 .Pa /usr/share/examples/veriexecctl/gen_md5 ,
+.Pa /usr/share/examples/veriexecctl/gen_rmd160 ,
 .Pa /usr/share/examples/veriexecctl/gen_sha1
 .Sh HISTORY
 .Nm