From a899d9be0cab72dcfe00f100527c52ea598fed70 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Sun, 1 Apr 2012 21:53:04 +0200
Subject: Add enable-in and disable-in options to module config

 * These can be used to load certain modules in certain
   programs, or prevent loading in others.
 * Useful for a key manager like seahorse, so we can load
   extra modules (think NSS) that other modules shouldn't
   load.
---
 doc/p11-kit-config.xml   | 27 +++++++++++++++++++++++++++
 doc/p11-kit-sections.txt |  1 +
 2 files changed, 28 insertions(+)

(limited to 'doc')

diff --git a/doc/p11-kit-config.xml b/doc/p11-kit-config.xml
index 7c28f86..11fb41f 100644
--- a/doc/p11-kit-config.xml
+++ b/doc/p11-kit-config.xml
@@ -140,8 +140,35 @@ critical: yes
 					<para>This argument is optional and defaults to <literal>no</literal>.</para>
 				</listitem>
 			</varlistentry>
+			<varlistentry>
+				<term>enable-in:</term>
+				<listitem>
+					<para>A comma and/or space separated list of names of programs that
+					this module should only be loaded in. The module will not be loaded
+					for other programs using p11-kit. The base name of the process executable
+					should be used here, for example
+					<literal>seahorse, ssh</literal>.</para>
+					<para>This is not a security feature. The argument is optional. If
+					not present, then any process will load the module.</para>
+				</listitem>
+			</varlistentry>
+			<varlistentry>
+				<term>disable-in:</term>
+				<listitem>
+					<para>A comma and/or space separated list of names of programs that
+					this module should not be loaded in. The module will be loaded for any
+					other programs using p11-kit. The base name of the process
+					executable should be used here, for example
+					<literal>firefox, thunderbird-bin</literal>.</para>
+					<para>This is not a security feature. The argument is optional. If
+					not present, then any process will load the module.</para>
+				</listitem>
+			</varlistentry>
 		</variablelist>
 
+		<para>Do not specify both <literal>enable-in</literal> and <literal>disable-in</literal>
+		for the same module.</para>
+
 		<para>Other fields may be present, but it is recommended that field names
 		that are not specified in this document start with a <literal>x-</literal>
 		prefix.</para>
diff --git a/doc/p11-kit-sections.txt b/doc/p11-kit-sections.txt
index 37fceb5..bdd0434 100644
--- a/doc/p11-kit-sections.txt
+++ b/doc/p11-kit-sections.txt
@@ -81,6 +81,7 @@ p11_kit_uri_type_t
 
 <SECTION>
 <FILE>p11-kit-future</FILE>
+p11_kit_set_progname
 p11_kit_be_quiet
 p11_kit_message
 </SECTION>
\ No newline at end of file
-- 
cgit v1.1