/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to INSTALL

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
INSTALL
38
38
    "man -l mandos.8".
39
39
    
40
40
*** Mandos Server
41
 
    + GnuTLS 3.3          https://www.gnutls.org/
42
 
      (but not 3.6.0 or later, until 3.6.6, which works)
43
 
    + Avahi 0.6.16        https://www.avahi.org/
 
41
    + GnuTLS 3.3          http://www.gnutls.org/
 
42
    + Avahi 0.6.16        http://www.avahi.org/
44
43
    + Python 2.7          https://www.python.org/
45
 
    + dbus-python 0.82.4 https://dbus.freedesktop.org/doc/dbus-python/
 
44
    + dbus-python 0.82.4  http://dbus.freedesktop.org/doc/dbus-python/
46
45
    + PyGObject 3.7.1     https://wiki.gnome.org/Projects/PyGObject
47
 
    + pkg-config https://www.freedesktop.org/wiki/Software/pkg-config/
 
46
    + pkg-config  http://www.freedesktop.org/wiki/Software/pkg-config/
48
47
    + Urwid 1.0.1         http://urwid.org/
49
48
      (Only needed by the "mandos-monitor" tool.)
50
49
    
57
56
    fping ssh-client
58
57
    
59
58
*** Mandos Client
60
 
    + GNU C Library 2.17 https://gnu.org/software/libc/
61
 
    + GnuTLS 3.3        https://www.gnutls.org/
62
 
      (but not 3.6.0 or later, until 3.6.6 which works)
63
 
    + Avahi 0.6.16      https://www.avahi.org/
 
59
    + GNU C Library 2.16 https://gnu.org/software/libc/
 
60
    + initramfs-tools 0.85i
 
61
                        https://tracker.debian.org/pkg/initramfs-tools
 
62
    + GnuTLS 3.3        http://www.gnutls.org/
 
63
    + Avahi 0.6.16      http://www.avahi.org/
64
64
    + GnuPG 1.4.9       https://www.gnupg.org/
65
65
    + GPGME 1.1.6       https://www.gnupg.org/related_software/gpgme/
66
 
    + pkg-config https://www.freedesktop.org/wiki/Software/pkg-config/
67
 
    + libnl-route 3     https://www.infradead.org/~tgr/libnl/
68
 
    + GLib 2.40         http://www.gtk.org/
69
 
    
70
 
    One of:
71
 
    + initramfs-tools 0.85i
72
 
                        https://tracker.debian.org/pkg/initramfs-tools
73
 
    + dracut 044+241
74
 
         http://www.kernel.org/pub/linux/utils/boot/dracut/dracut.html
 
66
    + pkg-config  http://www.freedesktop.org/wiki/Software/pkg-config/
75
67
    
76
68
    Strongly recommended:
77
69
    + OpenSSH           http://www.openssh.com/
78
70
    
79
71
    Package names:
80
 
    initramfs-tools dracut libgnutls-dev gnutls-bin libavahi-core-dev
81
 
    gnupg libgpgme11-dev pkg-config ssh libnl-route-3-dev
82
 
    libglib2.0-dev
 
72
    initramfs-tools libgnutls-dev libavahi-core-dev gnupg
 
73
    libgpgme11-dev pkg-config ssh
83
74
 
84
75
* Installing the Mandos server
85
76
  
132
123
     
133
124
        # /usr/lib/mandos/plugins.d/mandos-client \
134
125
                --pubkey=/etc/keys/mandos/pubkey.txt \
135
 
                --seckey=/etc/keys/mandos/seckey.txt \
136
 
                --tls-privkey=/etc/keys/mandos/tls-privkey.pem \
137
 
                --tls-pubkey=/etc/keys/mandos/tls-pubkey.pem; echo
 
126
                --seckey=/etc/keys/mandos/seckey.txt; echo
138
127
     
139
128
     This command should retrieve the password from the server,
140
129
     decrypt it, and output it to standard output.