Mention command names in SYNOPSIS; add gen_rmd160 to SEE ALSO;

improve formatting; bump date.
2005-04-22 14:35:13 +00:00 · 2005-04-22 14:35:13 +00:00 · bb1cbe5e1c
parent df9d0a0359
commit bb1cbe5e1c
1 changed files with 33 additions and 33 deletions
--- a/sbin/veriexecctl/veriexecctl.8
+++ b/sbin/veriexecctl/veriexecctl.8
@ -1,4 +1,4 @@
-.\" $NetBSD: veriexecctl.8,v 1.8 2005/04/20 13:44:45 blymn Exp $
+.\" $NetBSD: veriexecctl.8,v 1.9 2005/04/22 14:35:13 wiz Exp $
 .\"
 .\" Copyright (c) 1999
 .\"	Brett Lymn - blymn@baea.com.au, brett_lymn@yahoo.com.au
@ -29,9 +29,9 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"	$Id: veriexecctl.8,v 1.8 2005/04/20 13:44:45 blymn Exp $
+.\"	$Id: veriexecctl.8,v 1.9 2005/04/22 14:35:13 wiz Exp $
 .\"
-.Dd January 6, 2005
+.Dd April 22, 2005
 .Dt VERIEXECCTL 8
 .Os
 .Sh NAME
@ -39,10 +39,9 @@
 .Nd load or report verified exec fingerprints
 .Sh SYNOPSIS
 .Nm
-.Ar command
-.Oo
-.Ar arg
-.Oc
+.Cm fingerprints
+.Nm
+.Cm load Ar veriexec.conf
 .Sh DESCRIPTION
 The
 .Nm
@ -50,10 +49,28 @@ command is used to manipulate the Verified Exec feature.
 Verified Exec must have been configured into the booted kernel for this
 commaned to work.
 .Sh COMMANDS
-.Pp
-.Cm load
-.Ar veriexec.conf
-.Pp
+.Bl -tag -width 25n
+.It Cm fingerprints
+Report the fingerprint methods that are available in the currently running
+kernel.
+This command will return a space separated list of supported fingerprint
+methods that will be accepted by the kernel.
+The default list is:
+.Bl -item -offset indent -compact
+.It
+MD5
+.It
+RMD160
+.It
+SHA1
+.It
+SHA256
+.It
+SHA384
+.It
+SHA512
+.El
+.It Cm load Ar veriexec.conf
 Load the fingerprint entries contained in
 .Ar veriexec.conf
 into the in kernel tables.
@ -62,27 +79,10 @@ equal to zero.
 Once loaded the kernel can then validate executed programs
 or files against the loaded fingerprints and report when fingerprints
 do not match.
-.Pp
-.Cm fingerprints
-.Pp
-Report the fingerprint methods that are available in the currently running
-kernel.
-This command will return a space separated list of supported fingerprint
-methods that will be accepted by the kernel.
-The default list is:
-.Bd -literal -offset indent
-MD5
-RMD160
-SHA1
-SHA256
-SHA384
-SHA512
-.Ed
-.Pp
+.El
 .Sh VERIEXEC.CONF
-.Pp
 The
-.Ar veriexec.conf
+.Pa veriexec.conf
 file contains lines of fields (separated by one or more whitespace
 characters) of the form:
 .Pp
@ -108,11 +108,10 @@ contains the associated options for the file.
 Currently there are two valid options:
 .Pp
 .Bl -tag -width INDIRECT -compact
-.Pp
-.It Pa INDIRECT
+.It Dv INDIRECT
 If this option is set then the executable cannot be invoked directly, it
 can only be used as an interpreter in shell scripts.
-.It Pa FILE
+.It Dv FILE
 Indicates that the fingerprint is associated with a file, not an
 executable.
 Files have their fingerprints verified during
@ -133,6 +132,7 @@ verified executable device node
 .El
 .Sh SEE ALSO
 .Pa /usr/share/examples/veriexecctl/gen_md5 ,
+.Pa /usr/share/examples/veriexecctl/gen_rmd160 ,
 .Pa /usr/share/examples/veriexecctl/gen_sha1
 .Sh HISTORY
 .Nm