.IR socket ]
.B \-C
.RI [ "request args" ...]
+.br
+.B pixie
+.RB [ \-s
+.IR socket ]
+.BR \-P [ P ]
+.I tag
.SH "DESCRIPTION"
The passphrase pixie manages passphrases. When it starts up, it creates
a Unix-domain socket in a private directory. Clients may connect to it
.B "\-C, \-\-client"
Connect to a running pixie as a client. If command-line arguments are
supplied, they are concatenated with spaces between them and submitted
-to the pixie as a request; a reply is read from the pixie and printed
-on stdout. If no command-line arguments are given, requestss are read
-interactively from stdin and sent to the pixie; the pixie's responses
-are printed on stdout.
+to the pixie as a request; a reply is read from the pixie and formatted:
+information is written to standard output; errors are reported via
+standard error and the exit status. If no command-line arguments are
+given, requestss are read interactively from stdin and sent to the
+pixie; the pixie's responses are printed on stdout uninterpreted.
+.TP
+.B "\-P, \-\-passphrase"
+Connect to a running pixie and request the passphrase with tag
+.IR tag .
+If no pixie is running then request the passphrase from the terminal.
+Print the result on standard output, followed by a newline.
+.TP
+.B "\-PP, \-\-verify-passphrase"
+Connect to a running pixie and request verification of the passphrase
+with tag
+.IR tag .
+If no pixie is running, request the passphrase from the terminal. Print
+the result on standard output, followed by a newline.
.TP
.B "\-q, \-\-quiet"
Causes the pixie to emit fewer log messages.
.\"
.SS "Memory management"
During initialization, the pixie attempts to allocate a block of memory
-from the kernel and protect it against being swapped to disk. On most
-systems, this requires that the pixie start with root privileges,
-although it will drop them as soon as it can (before parsing
-command-line options).
+from the kernel and protect it against being swapped to disk. On Linux
+and other systems with
+.B RLIMIT_MEMLOCK
+or similar, this should just work assuming that the limit is set
+sensibly. On other systems, this requires that the pixie start with
+root privileges, although it will drop them as soon as it can (before
+parsing command-line options, for example).
.PP
The locked memory is used for all of the passphrases which the pixie
stores, and for the buffers used to hold requests from clients.
.B auto-pgp
documentation.
.SH "AUTHOR"
-Mark Wooding, <mdw@nsict.org>
+Mark Wooding, <mdw@distorted.org.uk>