/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugin-runner.xml

  • Committer: Teddy Hogeborn
  • Date: 2016-03-19 03:19:04 UTC
  • Revision ID: teddy@recompile.se-20160319031904-v76knawxxbef79xv
Client: Fix permissions on plugin helper directory.

The Makefile target "install-client-nokey" creates the plugin-helper
directory /usr/lib/<ARCH>/mandos/plugin-helpers as mode u=rwx,go=
(0700).  Make this also the case for the Debian package.  Also change
the Makefile so it does not install the plugin helper
"mandos-client-iprouteadddel" as setuid root; this is unnecessary and
was, due to dh_fixperms, never propagated to the Debian package
anyway.

* Makefile (install-client-nokey): Do not set setuid bit on
  "plugin-helpers/mandos-client-iprouteadddel".
* debian/mandos-client.postinst (configure): If older version, fix
  permissions on plugin helper directory.
* debian/rules (override_dh_fixperms-arch): Exclude plugin helper
  directory from dh_fixperms.

Show diffs side-by-side

added added

removed removed

Lines of Context:
2
2
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3
3
        "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4
4
<!ENTITY COMMANDNAME "plugin-runner">
5
 
<!ENTITY TIMESTAMP "2015-06-28">
 
5
<!ENTITY TIMESTAMP "2016-03-17">
6
6
<!ENTITY % common SYSTEM "common.ent">
7
7
%common;
8
8
]>
33
33
    <copyright>
34
34
      <year>2008</year>
35
35
      <year>2009</year>
 
36
      <year>2010</year>
 
37
      <year>2011</year>
36
38
      <year>2012</year>
 
39
      <year>2013</year>
 
40
      <year>2014</year>
 
41
      <year>2015</year>
 
42
      <year>2016</year>
37
43
      <holder>Teddy Hogeborn</holder>
38
44
      <holder>Björn Påhlsson</holder>
39
45
    </copyright>
538
544
            </para>
539
545
          </listitem>
540
546
        </varlistentry>
 
547
        <varlistentry>
 
548
          <term><filename class="directory"
 
549
          >/lib/mandos/plugins.d</filename></term>
 
550
          <listitem>
 
551
            <para>
 
552
              The default plugin directory; can be changed by the
 
553
              <option>--plugin-dir</option> option.
 
554
            </para>
 
555
          </listitem>
 
556
        </varlistentry>
 
557
        <varlistentry>
 
558
          <term><filename class="directory"
 
559
          >/lib/mandos/plugin-helpers</filename></term>
 
560
          <listitem>
 
561
            <para>
 
562
              The default plugin helper directory; can be changed by
 
563
              the <option>--plugin-helper-dir</option> option.
 
564
            </para>
 
565
          </listitem>
 
566
        </varlistentry>
541
567
      </variablelist>
542
568
    </para>
543
569
  </refsect1>
548
574
      The <option>--config-file</option> option is ignored when
549
575
      specified from within a configuration file.
550
576
    </para>
 
577
    <xi:include href="bugs.xml"/>
551
578
  </refsect1>
552
579
  
553
580
  <refsect1 id="examples">
596
623
    </informalexample>
597
624
    <informalexample>
598
625
      <para>
599
 
        Run plugins from a different directory, read a different
600
 
        configuration file, and add two options to the
 
626
        Read a different configuration file, run plugins from a
 
627
        different directory, specify an alternate plugin helper
 
628
        directory and add two options to the
601
629
        <citerefentry><refentrytitle >mandos-client</refentrytitle>
602
630
        <manvolnum>8mandos</manvolnum></citerefentry> plugin:
603
631
      </para>
604
632
      <para>
605
633
 
606
634
<!-- do not wrap this line -->
607
 
<userinput>cd /etc/keys/mandos; &COMMANDNAME;  --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/mandos/plugins.d --options-for=mandos-client:--pubkey=pubkey.txt,--seckey=seckey.txt</userinput>
 
635
<userinput>cd /etc/keys/mandos; &COMMANDNAME;  --config-file=/etc/mandos/plugin-runner.conf --plugin-dir /usr/lib/x86_64-linux-gnu/mandos/plugins.d --plugin-helper-dir /usr/lib/x86_64-linux-gnu/mandos/plugin-helpers --options-for=mandos-client:--pubkey=pubkey.txt,--seckey=seckey.txt</userinput>
608
636
 
609
637
      </para>
610
638
    </informalexample>