From 99cbc8cc0731fa71a390fd22e3d0c4c7e157ee5d Mon Sep 17 00:00:00 2001
From: Reyk Floeter <reyk@esdenera.com>
Date: Thu, 29 Jun 2017 14:20:23 +0200
Subject: [PATCH] Add simple cloud-agent.8 manpage

---
 agent/Makefile      |  4 +--
 agent/azure.c       |  8 +++---
 agent/cloud-agent.8 | 67 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+), 6 deletions(-)
 create mode 100644 agent/cloud-agent.8

diff --git a/agent/Makefile b/agent/Makefile
index 9b1e250..fd74541 100644
--- a/agent/Makefile
+++ b/agent/Makefile
@@ -2,6 +2,8 @@ PROG=		cloud-agent
 SRCS=		main.c xml.c azure.c cloudinit.c http.c log.c
 BINDIR=		/usr/local/libexec
 
+MAN=		cloud-agent.8
+
 .ifdef USE_OPENSSL
 CFLAGS+=	-DUSE_OPENSSL=1
 .endif
@@ -15,6 +17,4 @@ CFLAGS+=	-Wsign-compare -Wcast-qual
 LDADD+=		-lexpat -ltls -lssl -lcrypto
 DPADD+=		${LIBEXPAT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO}
 
-NOMAN=		yes
-
 .include <bsd.prog.mk>
diff --git a/agent/azure.c b/agent/azure.c
index 4746247..a43bd79 100644
--- a/agent/azure.c
+++ b/agent/azure.c
@@ -731,12 +731,12 @@ azure_getovfenv(struct system_config *sc)
 			goto done;
 		}
 
-		free(xe->xe_tag);
-		free(xe->xe_data);
-		explicit_bzero(xe->xe_data, xe->xe_datalen);
-
 		/* Replace unencrypted password with hash */
+		free(xe->xe_tag);
 		xe->xe_tag = strdup("UserPasswordHash");
+
+		explicit_bzero(xe->xe_data, xe->xe_datalen);
+		free(xe->xe_data);
 		xe->xe_data = strdup(sc->sc_password);
 		xe->xe_datalen = strlen(sc->sc_password);
 	} else if ((xe = xml_findl(&xp->xe_head,
diff --git a/agent/cloud-agent.8 b/agent/cloud-agent.8
new file mode 100644
index 0000000..6f81ba1
--- /dev/null
+++ b/agent/cloud-agent.8
@@ -0,0 +1,67 @@
+.\"	$OpenBSD: mdoc.template,v 1.15 2014/03/31 00:09:54 dlg Exp $
+.\"
+.\" Copyright (c) 2017 Reyk Floeter <reyk@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate$
+.Dt CLOUD-AGENT 8
+.Os
+.Sh NAME
+.Nm cloud-agent
+.Nd cloud provisiong for OpenBSD VMs
+.Sh SYNOPSIS
+.Nm cloud-agent
+.Op Fl nuv
+.Ar interface
+.Sh DESCRIPTION
+The
+.Nm
+program manages the OpenBSD provisioning and VM interaction in cloud
+environments, including Microsoft Azure and Amazon AWS.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl n
+Do not configure the system and skip the provisioning step.
+.It Fl u
+Deprovisiong and unconfigure the system.
+This deletes keys, passwords, and logs files without asking for permission.
+.It Fl v
+Produce more verbose output.
+.El
+.Pp
+Enable
+.Nm
+in the
+.Xr hostname.if 5
+of the VM's primary networking interface:
+.Bd -literal -offset indent
+# cat /etc/hostname.hvn0
+dhcp
+!/usr/local/libexec/cloud-agent "\$if"
+.Ed
+.Sh FILES
+.Bl -tag -width "/usr/local/libexec/cloud-agentX" -compact
+.It Pa /usr/local/libexec/cloud-agent
+The agent itself.
+.It Pa /usr/local/bin/cms
+The CMS binary that is used to decrypt messages from the Azure frabric.
+.El
+.Sh SEE ALSO
+.Xr meta-data 8 ,
+.Xr vmd 8
+.Sh AUTHORS
+.An Reyk Floeter Aq Mt reyk@openbsd.org
+.\" .Sh CAVEATS
+.\" .Sh BUGS