/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to debian/mandos-client.postrm

  • Committer: Teddy Hogeborn
  • Date: 2014-06-22 02:19:30 UTC
  • Revision ID: teddy@recompile.se-20140622021930-icl7h4cm97blhjml
mandos-keygen: Generate "checker" option to use SSH fingerprints.

To turn this off, use a new "--no-ssh" option to mandos-keygen.

* INSTALL (Mandos Server, Mandos Client): Document new suggested
                                          installation of SSH.
* Makefile (confdir/clients.conf): Use new "--no-ssh" option to
                                   "mandos-keygen".
* debian/control (mandos/Depends): Changed to "fping | ssh-client".
  (mandos-client/Recommends): New; set to "ssh".
* intro.xml (FREQUENTLY ASKED QUESTIONS): Rename and rewrite section
                                          called "Faking ping
                                          replies?" to address new
                                          default behavior.
* mandos-clients.conf.xml (OPTIONS/checker): Briefly discuss new
                                             behavior of
                                             mandos-keygen.
* mandos-keygen: Bug fix: Suppress failure output of "shred" to remove
                 "sec*", since no such files may exist.
 (password mode): Scan for SSH key fingerprints and output as new
                  "checker" and "ssh_fingerprint" options, unless new
                  "--no-ssh" option is given.
* mandos-keygen.xml (SYNOPSIS/--force): Bug fix: Document short form.
  (OPTIONS/--no-ssh): New.
  (SEE ALSO): Add reference "ssh-keyscan(1)".
* plugins.d/mandos-client.xml (SECURITY): Briefly mention the
                                          possibility of using SSH key
                                          fingerprints for checking.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/mandos-client.postrm
 
1
#!/bin/sh
 
2
# This script can be called in the following ways:
 
3
#
 
4
# After the package was removed:
 
5
#       <postrm> remove
 
6
#
 
7
# After the package was purged:
 
8
#       <postrm> purge
 
9
#
 
10
# After the package was upgraded:
 
11
#       <old-postrm> upgrade <new-version>
 
12
# if that fails:
 
13
#       <new-postrm> failed-upgrade <old-version>
 
14
#
 
15
#
 
16
# After all of the packages files have been replaced:
 
17
#       <postrm> disappear <overwriting-package> <version>
 
18
#
 
19
#
 
20
# If preinst fails during install:
 
21
#       <new-postrm> abort-install
 
22
#
 
23
# If preinst fails during upgrade of removed package:
 
24
#       <new-postrm> abort-install <old-version>
 
25
#
 
26
# If preinst fails during upgrade:
 
27
#       <new-postrm> abort-upgrade <old-version>
 
28
 
 
29
set -e
 
30
 
 
31
# Update the initial RAM file system image
 
32
update_initramfs()
 
33
{
 
34
    if [ -x /usr/sbin/update-initramfs ]; then
 
35
        update-initramfs -u -k all
 
36
    fi
 
37
}
 
38
 
 
39
case "$1" in
 
40
    remove)
 
41
        update_initramfs
 
42
        ;;
 
43
 
 
44
    purge)
 
45
        shred --remove /etc/keys/mandos/seckey.txt 2>/dev/null || :
 
46
        rm --force /etc/mandos/plugin-runner.conf \
 
47
            /etc/keys/mandos/pubkey.txt \
 
48
            /etc/keys/mandos/seckey.txt 2>/dev/null
 
49
        update_initramfs
 
50
        ;;
 
51
    upgrade|failed-upgrade|disappear|abort-install|abort-upgrade)
 
52
        ;;
 
53
 
 
54
    *)
 
55
        echo "$0 called with unknown argument '$1'" 1>&2
 
56
        exit 1
 
57
        ;;
 
58
esac
 
59
 
 
60
#DEBHELPER#
 
61
 
 
62
exit 0