bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
1 |
# This directory contains secret client key files. |
|
1295
by Teddy Hogeborn
Change to new lintian override syntax |
2 |
mandos-client binary: non-standard-dir-perm 0700 != 0755 [etc/keys/mandos/] |
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
3 |
|
|
652
by Teddy Hogeborn
Bug fix from libdir change: make plugins get setuid bit again. |
4 |
# The directory /usr/lib/<arch>/mandos/plugins.d contains setuid |
|
1246
by Teddy Hogeborn
Debian package: Client: Update Lintian override file |
5 |
# binaries which are only meant to be run inside an initial RAM disk |
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
6 |
# environment (except for test purposes). It would be insecure to |
7 |
# allow anyone to run them. |
|
|
1295
by Teddy Hogeborn
Change to new lintian override syntax |
8 |
mandos-client binary: non-standard-dir-perm 0700 != 0755 [usr/lib/*/mandos/plugins.d/] |
|
839
by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go= |
9 |
# Likewise for helper executables for plugins
|
|
1295
by Teddy Hogeborn
Change to new lintian override syntax |
10 |
mandos-client binary: non-standard-dir-perm 0700 != 0755 [usr/lib/*/mandos/plugin-helpers/] |
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
11 |
|
12 |
# These binaries must be setuid root, since they need root powers, but |
|
13 |
# are started by plugin-runner(8mandos), which runs all plugins as |
|
|
1246
by Teddy Hogeborn
Debian package: Client: Update Lintian override file |
14 |
# user/group "_mandos". These binaries are never run in a running |
15 |
# system, but only in an initial RAM disk environment. Here they are |
|
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
16 |
# protected from non-root access by the directory permissions, above. |
|
1295
by Teddy Hogeborn
Change to new lintian override syntax |
17 |
mandos-client binary: elevated-privileges 4755 root/root [usr/lib/*/mandos/plugins.d/mandos-client] |
18 |
mandos-client binary: elevated-privileges 4755 root/root [usr/lib/*/mandos/plugins.d/askpass-fifo] |
|
19 |
mandos-client binary: elevated-privileges 4755 root/root [usr/lib/*/mandos/plugins.d/splashy] |
|
20 |
mandos-client binary: elevated-privileges 4755 root/root [usr/lib/*/mandos/plugins.d/usplash] |
|
21 |
mandos-client binary: elevated-privileges 4755 root/root [usr/lib/*/mandos/plugins.d/plymouth] |
|
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
22 |
|
|
1304
by Teddy Hogeborn
Override lintian experimental tag "executable-in-usr-lib" |
23 |
# These binaries are never executed in a running system, or from this
|
24 |
# directory. These files exist only to be copied from here into the
|
|
25 |
# initial RAM disk image.
|
|
26 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/mandos-to-cryptroot-unlock] |
|
27 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugin-helpers/mandos-client-iprouteadddel] |
|
28 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugin-runner] |
|
29 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugins.d/askpass-fifo] |
|
30 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugins.d/mandos-client] |
|
31 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugins.d/password-prompt] |
|
32 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugins.d/plymouth] |
|
33 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugins.d/splashy] |
|
34 |
mandos-client binary: executable-in-usr-lib [usr/lib/*/mandos/plugins.d/usplash] |
|
35 |
||
36 |
# This is the official directory for Dracut plugins, which are all |
|
37 |
# executable shell script files. |
|
38 |
mandos-client binary: executable-in-usr-lib [usr/lib/dracut/modules.d/90mandos/module-setup.sh] |
|
39 |
# These files are never executed in a running system, or from this |
|
40 |
# directory. These files exist only to be copied from here into the |
|
41 |
# initial RAM disk image by the dracut/90mandos/module-setup.sh |
|
42 |
# script. |
|
43 |
mandos-client binary: executable-in-usr-lib [usr/lib/dracut/modules.d/90mandos/cmdline-mandos.sh] |
|
44 |
mandos-client binary: executable-in-usr-lib [usr/lib/dracut/modules.d/90mandos/password-agent] |
|
45 |
||
|
221
by Teddy Hogeborn
* debian/changelog: New Debian revision. |
46 |
# The directory /etc/mandos/plugins.d can be used by local system |
47 |
# administrators to place plugins in, overriding and complementing |
|
|
652
by Teddy Hogeborn
Bug fix from libdir change: make plugins get setuid bit again. |
48 |
# /usr/lib/<arch>/mandos/plugins.d, and must be likewise protected. |
|
1295
by Teddy Hogeborn
Change to new lintian override syntax |
49 |
mandos-client binary: non-standard-dir-perm 0700 != 0755 [etc/mandos/plugins.d/] |
|
839
by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go= |
50 |
# Likewise for plugin-helpers directory |
|
1295
by Teddy Hogeborn
Change to new lintian override syntax |
51 |
mandos-client binary: non-standard-dir-perm 0700 != 0755 [etc/mandos/plugin-helpers/] |
|
967
by Teddy Hogeborn
Show debconf note about new TLS key IDs |
52 |
|
53 |
# The debconf templates is only used for displaying information |
|
54 |
# detected in the postinst, not for saving answers to questions, so we |
|
55 |
# don't need a .config file. |
|
56 |
mandos-client binary: no-debconf-config
|
|
57 |
||
58 |
# The notice displayed from the postinst script really is critical
|
|
59 |
mandos-client binary: postinst-uses-db-input
|
|
|
1152
by Teddy Hogeborn
Override lintian warnings about upgrading from old versions |
60 |
|
61 |
# These are very important to work around bugs or changes in the old
|
|
62 |
# versions, and there is no pressing need to remove them.
|
|
63 |
mandos-client binary: maintainer-script-supports-ancient-package-version *
|