/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to debian/control

  • Committer: Teddy Hogeborn
  • Date: 2016-03-04 22:07:35 UTC
  • Revision ID: teddy@recompile.se-20160304220735-4xeeqt5p4nhw5cuh
Restrict the Mandos server daemon in the systemd service file.

* mandos.service ([Service]/ProtectSystem): Set to "full".
 ([Service]/PrivateTmp, [Service]/PrivateDevices,
  [Service]/ProtectHome): Set to "yes".
 ([Service]/CapabilityBoundingSet): Set to "CAP_SETUID
                                    CAP_DAC_OVERRIDE CAP_NET_RAW".

Show diffs side-by-side

added added

removed removed

Lines of Context:
5
5
Uploaders: Teddy Hogeborn <teddy@recompile.se>,
6
6
           Björn Påhlsson <belorn@recompile.se>
7
7
Build-Depends: debhelper (>= 9), docbook-xml, docbook-xsl,
8
 
        libavahi-core-dev, libgpgme11-dev, libgnutls-dev, xsltproc,
9
 
        pkg-config
10
 
Build-Depends-Indep: systemd, python (>=2.6), python-gnutls,
11
 
        python-dbus, python-avahi, python-gobject,
12
 
        python (>=2.7) | python-argparse
13
 
Standards-Version: 3.9.5
 
8
        libavahi-core-dev, libgpgme11-dev, libgnutls28-dev (>= 3.3.0)
 
9
        | gnutls-dev (>= 3.3.0), xsltproc, pkg-config,
 
10
        libnl-route-3-dev
 
11
Build-Depends-Indep: systemd, python (>= 2.7), python (<< 3),
 
12
        python-dbus, python-avahi, python-gobject | python-gi
 
13
Standards-Version: 3.9.7
14
14
Vcs-Bzr: http://ftp.recompile.se/pub/mandos/trunk
15
15
Vcs-Browser: http://bzr.recompile.se/loggerhead/mandos/trunk/files
16
16
Homepage: http://www.recompile.se/mandos
17
17
 
18
18
Package: mandos
19
19
Architecture: all
20
 
Depends: ${misc:Depends}, python (>=2.6), python-gnutls, python-dbus,
21
 
        python-avahi, python-gobject, avahi-daemon, adduser,
22
 
        python-urwid, python (>=2.7) | python-argparse, gnupg (<< 2),
23
 
        initscripts (>= 2.88dsf-13.3)
24
 
Recommends: fping
 
20
Depends: ${misc:Depends}, python (>= 2.7), python (<< 3),
 
21
        libgnutls28-dev (>= 3.3.0) | libgnutls30 (>= 3.3.0),
 
22
        python-dbus, python-avahi, python-gobject | python-gi,
 
23
        avahi-daemon, adduser, python-urwid, gnupg
 
24
Recommends: ssh-client | fping
25
25
Description: server giving encrypted passwords to Mandos clients
26
26
 This is the server part of the Mandos system, which allows
27
27
 computers to have encrypted root file systems and at the
40
40
Package: mandos-client
41
41
Architecture: linux-any
42
42
Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, cryptsetup,
43
 
        gnupg (<< 2), initramfs-tools, dpkg-dev (>=1.16.0)
 
43
        initramfs-tools, dpkg-dev (>=1.16.0)
 
44
Recommends: ssh, gnutls-bin | openssl
44
45
Breaks: dropbear (<= 0.53.1-1)
45
46
Enhances: cryptsetup
46
47
Description: do unattended reboots with an encrypted root file system