/mandos/trunk

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to overview.xml

Committer: Teddy Hogeborn
Date: 2024-09-08 17:17:22 UTC
Revision ID: teddy@recompile.se-20240908171722-oqkqtp0zto6ze2m6

Do not hardcode directory names; get them from pkg-config

Similarly to the directory for systemd unit files (output of
"pkg-config systemd --variable=systemdsystemunitdir"), the values of
the "tmpfilesdir" and "sysusersdir" variables should not be hardcoded
in debian/mandos.dirs and debian/mandos-client.dirs.  Fix this the
same way as with systemdsystemunitdir; i.e. remove the directories
from the .dirs files, and instead create the directories in override
rules in debian/rules.

* debian/mandos-client.dirs (usr/lib/sysusers.d): Removed.
* debian/mandos.dirs (usr/lib/tmpfiles.d, usr/lib/sysusers.d):
  Removed.
* debian/rules (override_dh_installdirs-indep): Also create
  directories for the "tmpfilesdir" and "sysusersdir" variables from
  pkg-config.
  (override_dh_installdirs-arch): New; create directory for the
  "sysusersdir" variable from pkg-config.

files added:
DBUS-API

bugs.xml

dbus-mandos.conf

debian/mandos-client.examples

debian/mandos-client.templates

debian/mandos.maintscript

debian/mandos.templates

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

debian/po/templates.pot

debian/source

debian/source/format

debian/source/lintian-overrides

debian/source/local-options

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

initramfs-unpack

intro.xml

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos-to-cryptroot-unlock

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugins.d/plymouth.c

plugins.d/plymouth.xml

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files removed:
initramfs-tools-hook-conf

files modified:
.bzrignore

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/rules

debian/watch

init.d-mandos

initramfs-tools-hook

initramfs-tools-script

legalnotice.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

8

8

program in the initial <acronym>RAM</acronym> disk environment which

9

9

will communicate with a server over a network. All network

10

10

communication is encrypted using <acronym>TLS</acronym>. The

11

clients are identified by the server using an OpenPGP key; each

12

client has one unique to it. The server sends the clients an

13

encrypted password. The encrypted password is decrypted by the

14

clients using the same OpenPGP key, and the password is then used to

15

unlock the root file system, whereupon the computers can continue

16

booting normally.

11

clients are identified by the server using a TLS key; each client

12

has one unique to it. The server sends the clients an encrypted

13

password. The encrypted password is decrypted by the clients using

14

a separate OpenPGP key, and the password is then used to unlock the

15

root file system, whereupon the computers can continue booting

16

normally.

17

17

</para>

Older »