/mandos/trunk

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to debian/control

Committer: Teddy Hogeborn
Date: 2024-09-09 04:24:39 UTC
Revision ID: teddy@recompile.se-20240909042439-j85mr20uli2hnyis

Eliminate compiler warnings

Many programs use nested functions, which now result in a linker
warning about executable stack.  Hide this warning.  Also, rewrite a
loop in the plymouth plugin to avoid warning about signed overflow.
This change also makes the plugin pick the alphabetically first
process entry instead of the last, in case many plymouth processes are
found (which should be unlikely).

* Makefile (plugin-runner, dracut-module/password-agent,
  plugins.d/password-prompt, plugins.d/mandos-client,
  plugins.d/plymouth): New target; set LDFLAGS to add "-Xlinker
  --no-warn-execstack".
* plugins.d/plymouth.c (get_pid): When no pid files are found, and we
  are looking through the process list, go though it from the start
  instead of from the end, i.e. in normal alphabetical order and not
  in reverse order.

files added:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

DBUS-API

INSTALL

NEWS

README

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.maintscript

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

debian/po/templates.pot

debian/rules

debian/source

debian/source/format

debian/source/lintian-overrides

debian/source/local-options

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

debian/watch

default-mandos

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

init.d-mandos

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

initramfs-unpack

intro.xml

legalnotice.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos-to-cryptroot-unlock

mandos.lsm

mandos.service

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.conf

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files removed:
initramfs-tools-hook-conf

plugins.d/usplash

files renamed:
plugins.d/password-request.c => plugins.d/mandos-client.c

plugins.d/password-request.xml => plugins.d/mandos-client.xml

files modified:
Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

1

Source: mandos

2

Section: admin

3

Priority: optional

4

Maintainer: Mandos Maintainers <mandos@recompile.se>

5

Uploaders: Teddy Hogeborn <teddy@recompile.se>,

6

Björn Påhlsson <belorn@recompile.se>

7

Build-Depends: debhelper (>= 10), docbook-xml, docbook-xsl,

8

libavahi-core-dev, libgpgme-dev | libgpgme11-dev,

9

libglib2.0-dev (>=2.40), libgnutls28-dev (>= 3.3.0),

10

libgnutls28-dev (>= 3.6.6) | libgnutls28-dev (<< 3.6.0),

11

xsltproc, pkg-config, libnl-route-3-dev,

12

systemd-dev | systemd (<< 256~rc2-1)

13

Build-Depends-Indep: python3 (>= 3), python3-dbus, python3-gi,

14

po-debconf

15

Standards-Version: 4.7.0

16

Vcs-Bzr: https://ftp.recompile.se/pub/mandos/trunk

17

Vcs-Browser: https://bzr.recompile.se/loggerhead/mandos/trunk/files

18

Homepage: https://www.recompile.se/mandos

19

Rules-Requires-Root: binary-targets

20

21

Package: mandos

22

Architecture: all

23

Depends: ${misc:Depends}, python3 (>= 3),

24

libgnutls30t64 | libgnutls30 (>= 3.3.0),

25

libgnutls30t64 | libgnutls30 (>= 3.6.6) | libgnutls30 (<< 3.6.0),

26

python3-dbus, python3-gi, avahi-daemon, adduser,

27

python3-urwid, gnupg, systemd-sysv | lsb-base (>= 3.0-6),

28

debconf (>= 1.5.5) | debconf-2.0

29

Recommends: ssh-client | fping

30

Suggests: libc6-dev | libc-dev, c-compiler

31

Description: server giving encrypted passwords to Mandos clients

32

This is the server part of the Mandos system, which allows

33

computers to have encrypted root file systems and at the

34

same time be capable of remote and/or unattended reboots.

35

.

36

The computers run a small client program in the initial RAM

37

disk environment which will communicate with a server over a

38

network. All network communication is encrypted using TLS.

39

The clients are identified by the server using a TLS public

40

key; each client has one unique to it. The server sends the

41

clients an encrypted password. The encrypted password is

42

decrypted by the clients using an OpenPGP key, and the

43

password is then used to unlock the root file system,

44

whereupon the computers can continue booting normally.

45

46

Package: mandos-client

47

Architecture: linux-any

48

Depends: ${shlibs:Depends}, ${misc:Depends}, adduser,

49

cryptsetup (<< 2:2.0.3-1) | cryptsetup-initramfs,

50

initramfs-tools (>= 0.99) | dracut (>= 044+241-3),

51

dpkg-dev (>=1.16.0),

52

gnutls-bin (>= 3.6.6) | libgnutls30 (<< 3.6.0),

53

debconf (>= 1.5.5) | debconf-2.0

54

Recommends: ssh

55

Breaks: dropbear (<= 0.53.1-1)

56

Enhances: cryptsetup

57

Conflicts: dracut-config-generic

58

Description: do unattended reboots with an encrypted root file system

59

This is the client part of the Mandos system, which allows

60

computers to have encrypted root file systems and at the

61

same time be capable of remote and/or unattended reboots.

62

.

63

The computers run a small client program in the initial RAM

64

disk environment which will communicate with a server over a

65

network. All network communication is encrypted using TLS.

66

The clients are identified by the server using a TLS public

67

key; each client has one unique to it. The server sends the

68

clients an encrypted password. The encrypted password is

69

decrypted by the clients using an OpenPGP key, and the

70

password is then used to unlock the root file system,

71

whereupon the computers can continue booting normally.

Older »