X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=doc%2Ftinc.texi;h=f16e6723484ee4a9c7dbf5f69605fe4e11344da0;hp=132a1c42944c57684d70470d872f16e3645e72be;hb=3ca724e191958ea2ba63ef10eeef7eb51b5dd230;hpb=a85864809febde02687b52dc2931ac4505f57067

diff --git a/doc/tinc.texi b/doc/tinc.texi
index 132a1c42..f16e6723 100644
--- a/doc/tinc.texi
+++ b/doc/tinc.texi
@@ -15,7 +15,7 @@
 
 This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
 
-Copyright @copyright{} 1998-2016 Ivo Timmermans,
+Copyright @copyright{} 1998-2018 Ivo Timmermans,
 Guus Sliepen <guus@@tinc-vpn.org> and
 Wessel Dankers <wsl@@tinc-vpn.org>.
 
@@ -39,7 +39,7 @@ permission notice identical to this one.
 @vskip 0pt plus 1filll
 This is the info manual for @value{PACKAGE} version @value{VERSION}, a Virtual Private Network daemon.
 
-Copyright @copyright{} 1998-2016 Ivo Timmermans,
+Copyright @copyright{} 1998-2018 Ivo Timmermans,
 Guus Sliepen <guus@@tinc-vpn.org> and
 Wessel Dankers <wsl@@tinc-vpn.org>.
 
@@ -421,7 +421,7 @@ available.  Make sure you install the development AND runtime versions
 of this package.
 
 If you have to install zlib manually, you can get the source code
-from @url{http://www.zlib.net/}.  Instructions on how to configure,
+from @url{https://zlib.net/}.  Instructions on how to configure,
 build and install this package are included within the package.  Please
 make sure you build development and runtime libraries (which is the
 default).
@@ -860,7 +860,7 @@ Also note that this can cause decrypted VPN packets to be sent out on a real net
 @cindex UML
 @item uml (not compiled in by default)
 Create a UNIX socket with the filename specified by
-@var{Device}, or @file{@value{localstatedir}/run/@var{netname}.umlsocket}
+@var{Device}, or @file{@value{runstatedir}/@var{netname}.umlsocket}
 if not specified.
 Tinc will wait for a User Mode Linux instance to connect to this socket.
 
@@ -868,7 +868,7 @@ Tinc will wait for a User Mode Linux instance to connect to this socket.
 @item vde (not compiled in by default)
 Uses the libvdeplug library to connect to a Virtual Distributed Ethernet switch,
 using the UNIX socket specified by
-@var{Device}, or @file{@value{localstatedir}/run/vde.ctl}
+@var{Device}, or @file{@value{runstatedir}/vde.ctl}
 if not specified.
 @end table
 
@@ -1730,7 +1730,7 @@ Write log entries to a file instead of to the system logging facility.
 If @var{file} is omitted, the default is @file{@value{localstatedir}/log/tinc.@var{netname}.log}.
 
 @item --pidfile=@var{file}
-Write PID to @var{file} instead of @file{@value{localstatedir}/run/tinc.@var{netname}.pid}.
+Write PID to @var{file} instead of @file{@value{runstatedir}/tinc.@var{netname}.pid}.
 
 @item --bypass-security
 Disables encryption and authentication.
@@ -1743,10 +1743,14 @@ located (@file{@value{sysconfdir}/tinc/@var{netname}/} as determined by
 The chroot is performed after all the initialization is done, after
 writing pid files and opening network sockets.
 
-Note that this option alone does not do any good without -U/--user, below.
+This option is best used in combination with the -U/--user option described below.
 
-Note also that tinc can't run scripts anymore (such as tinc-down or host-up),
-unless it's setup to be runnable inside chroot environment.
+You will need to ensure the chroot environment contains all the files necessary
+for tinc to run correctly.
+Most importantly, for tinc to be able to resolve hostnames inside the chroot environment,
+you must copy @file{/etc/resolv.conf} into the chroot directory.
+If you want to be able to run scripts other than @file{tinc-up} in the chroot,
+you must ensure the appropriate shell is also installed in the chroot, along with all its dependencies.
 
 @item -U, --user=@var{user}
 Switch to the given @var{user} after initialization, at the same time as
@@ -2439,6 +2443,7 @@ tinc or give us feedback, you are stronly encouraged to do so.
 @menu
 * Interface configuration::
 * Routes::
+* Automatically starting tinc::
 @end menu
 
 @c ==================================================================
@@ -2565,6 +2570,66 @@ Adding routes to IPv6 subnets:
 @tab @code{netsh interface ipv6 add route} @var{network address}/@var{prefixlength} @var{interface}
 @end multitable
 
+@c ==================================================================
+@node    Automatically starting tinc
+@section Automatically starting tinc
+
+@menu
+* Linux::
+* Windows::
+* Other platforms::
+@end menu
+
+@c ==================================================================
+@node       Linux
+@subsection Linux
+
+@cindex systemd
+There are many Linux distributions, and historically, many of them had their
+own way of starting programs at boot time. Today, a number of major Linux
+distributions have chosen to use systemd as their init system. Tinc ships with
+systemd service files that allow you to start and stop tinc using systemd.
+There are two service files: @code{tinc.service} is used to globally enable or
+disable all tinc daemons managed by systemd, and
+@code{tinc@@@var{netname}.service} is used to enable or disable specific tinc
+daemons. So if one has created a tinc network with netname @code{foo}, then
+you have to run the following two commands to ensure it is started at boot
+time:
+
+@example
+systemctl enable tinc
+systemctl enable tinc@@foo
+@end example
+
+To start the tinc daemon immediately if it wasn't already running, use the
+following command:
+
+@example
+systemctl start tinc@@foo
+@end example
+
+You can also use @samp{systemctl start tinc}, this will start all tinc daemons
+that are enabled. You can stop and disable tinc networks in the same way.
+
+If your system is not using systemd, then you have to look up your
+distribution's way of starting tinc at boot time.
+
+@c ==================================================================
+@node       Windows
+@subsection Windows
+
+On Windows, if tinc is started without the @code{-D} or @code{--no-detach}
+option, it will automatically register itself as a service that is started at
+boot time. When tinc is stopped using the @code{-k} or @code{--kill}, it will
+also automatically unregister itself. Once tinc is registered as a service, it
+is also possible to stop and start tinc using the Windows Services Manager.
+
+@c ==================================================================
+@node       Other platforms
+@subsection Other platforms
+
+On platforms other than the ones mentioned in the earlier sections, you have to
+look up your platform's way of starting programs at boot time.
 
 @c ==================================================================
 @node    About us