/mandos/trunk : revision 1152

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to initramfs-tools-hook

Committer: Teddy Hogeborn
Date: 2019-08-05 21:14:05 UTC
Revision ID: teddy@recompile.se-20190805211405-9m6hecekaihpttz9

Override lintian warnings about upgrading from old versions

There are some really things which are imperative that we fix in case
someone were to upgrade from a really old version.  We want to keep
these fixes in the postinst maintainer scripts, even though lintian
complains about such old upgrades not being supported by Debian in
general.  We prefer the code being there, for the sake of the users.

* debian/mandos-client.lintian-overrides
  (maintainer-script-supports-ancient-package-version): New.
  debian/mandos.lintian-overrides
  (maintainer-script-supports-ancient-package-version): - '' -

files added:
bugs.xml

debian/mandos-client.templates

debian/mandos.templates

debian/po/POTFILES.in

debian/po/en_US.po

debian/po/templates.pot

debian/source/lintian-overrides

debian/tests

debian/tests/control

debian/upstream/metadata

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

mandos-to-cryptroot-unlock

tmpfiles.d-mandos.conf

files removed:
initramfs-tools-hook-conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.dirs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

initramfs-unpack

intro.xml

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

network-hooks.d/bridge

network-hooks.d/openvpn

network-hooks.d/wireless

overview.xml

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

initramfs-tools-hook

# Make directories

install --directory --mode=u=rwx,go=rx "${DESTDIR}${CONFDIR}" \

"${DESTDIR}${MANDOSDIR}" "${DESTDIR}${HOOKDIR}" \

"${DESTDIR}${MANDOSDIR}" "${DESTDIR}${HOOKDIR}"

install --owner=${mandos_user} --group=${mandos_group} --directory \

--mode=u=rwx "${DESTDIR}${PLUGINDIR}" \

"${DESTDIR}${PLUGINHELPERDIR}"

install --owner=${mandos_user} --group=${mandos_group} --directory \

--mode=u=rwx "${DESTDIR}${PLUGINDIR}"

copy_exec "$libdir"/mandos/mandos-to-cryptroot-unlock "${MANDOSDIR}"

# Copy the Mandos plugin runner

copy_exec "$libdir"/mandos/plugin-runner "${MANDOSDIR}"

142

144

for conf in /etc/initramfs-tools/conf.d/*; do

143

145

if [ -n `basename \"$conf\" | grep '^[[:alnum:]][[:alnum:]\._-]*$' \

144

146

| grep -v '\.dpkg-.*$'` ]; then

145

[ -f ${conf} ] && . ${conf}

147

[ -f "${conf}" ] && . "${conf}"

146

148

147

149

done

148

150

export DEVICE

157

159

if [ -x "$hook" ]; then

158

160

# Copy any files needed by the network hook

159

161

MANDOSNETHOOKDIR=/etc/mandos/network-hooks.d MODE=files \

160

VERBOSITY=0 "$hook" files | while read file target; do

162

VERBOSITY=0 "$hook" files | while read -r file target; do

161

163

if [ ! -e "${file}" ]; then

162

164

echo "WARNING: file ${file} not found, requested by Mandos network hook '${hook##*/}'" >&2

163

165

169

171

done

170

172

# Copy and load any modules needed by the network hook

171

173

MANDOSNETHOOKDIR=/etc/mandos/network-hooks.d MODE=modules \

172

VERBOSITY=0 "$hook" modules | while read module; do

173

if [ -z "${target}" ]; then

174

force_load "$module"

175

174

VERBOSITY=0 "$hook" modules | while read -r module; do

175

force_load "$module"

176

done

177

178

done

186

copy_exec /usr/bin/gpgconf

187

188

gpg="`/usr/bin/gpgconf|sed --quiet --expression='s/^gpg:[^:]*://p'`"

189

gpgagent="`/usr/bin/gpgconf|sed --quiet --expression='s/^gpg-agent:[^:]*://p'`"

190

# Newer versions of GnuPG 2 requires the gpg-agent binary

191

if [ -e "$gpgagent" ] && [ ! -e "${DESTDIR}$gpgagent" ]; then

192

copy_exec "$gpgagent"

193

189

194

190

195

elif dpkg --compare-versions "$libgpgme11_version" ge 1.4.1-0.1; then

191

196

gpg=/usr/bin/gpg2

247

252

# initrd; it is intended to affect the initrd.img file itself, since

248

253

# it now contains secret key files. There is, however, no other way

249

254

# to set the permission of the initrd.img file without a race

250

# condition. This umask is set by "initramfs-tools-hook-conf",

251

# installed as "/usr/share/initramfs-tools/conf-hooks.d/mandos".)

255

# condition. This umask is set by "initramfs-tools-conf", installed

256

# as "/usr/share/initramfs-tools/conf.d/mandos-conf".)

252

257

253

258

for full in "${MANDOSDIR}" "${CONFDIR}"; do

254

259

while [ "$full" != "/" ]; do

266

271

done

267

272

for dir in "${DESTDIR}"/lib* "${DESTDIR}"/usr/lib*; do

268

273

if [ -d "$dir" ]; then

269

find "$dir" \! -perm -u+rw,g+r -prune -or -print0 \

270

| xargs --null --no-run-if-empty chmod a+rX

274

find "$dir" \! -perm -u+rw,g+r -prune -or \! -type l -print0 \

275

| xargs --null --no-run-if-empty chmod a+rX --

271

276

272

277

done

Older »