/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to debian/mandos-client.postinst

  • Committer: Teddy Hogeborn
  • Date: 2024-09-08 02:18:57 UTC
  • Revision ID: teddy@recompile.se-20240908021857-821e09dd4mp37h9k
Be more tolerant when a client is misconfigured in clients.conf

* mandos (Client/config_parser): If a client config section in
  clients.conf lacks both a fingerprint= and a key_id= setting, show
  an error and skip that client instead of crashing.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/mandos-client.postinst
37
37
            # Dracut preserves old permissions of initramfs image
38
38
            # files, so we adjust permissions before creating new
39
39
            # initramfs image containing secret keys.
40
 
            chmod go-r /boot/initrd.img-"$kversion"
 
40
            if [ -e /boot/initrd.img-"$kversion" ]; then
 
41
                chmod go-r /boot/initrd.img-"$kversion"
 
42
            else
 
43
                # An initrd image has not yet been created for this
 
44
                # kernel, possibly because this new kernel is about to
 
45
                # be, but has not yet been, installed.  In this case,
 
46
                # we create an empty file with the right permissions
 
47
                # so that Dracut will preserve those permissions when
 
48
                # it creates the real, new initrd image for this
 
49
                # kernel.
 
50
                install --mode=u=rw /dev/null \
 
51
                        /boot/initrd.img-"$kversion"
 
52
            fi
41
53
            if [ "$kversion" != "*" ]; then
42
54
                /etc/kernel/postinst.d/dracut "$kversion"
43
55
            fi