=== modified file 'Makefile' --- Makefile 2008-09-19 20:54:58 +0000 +++ Makefile 2008-09-21 12:04:02 +0000 @@ -151,7 +151,9 @@ $(DESTDIR)/etc/init.d/mandos install --mode=u=rw,go=r default-mandos \ $(DESTDIR)/etc/default/mandos - if [ -z $(DESTDIR) ]; then update-rc.d mandos defaults; fi + if [ -z $(DESTDIR) ]; then \ + update-rc.d mandos defaults 25 15;\ + fi gzip --best --to-stdout mandos.8 \ > $(MANDIR)/man8/mandos.8.gz gzip --best --to-stdout mandos.conf.5 \ @@ -165,7 +167,7 @@ $(PREFIX)/lib/mandos/plugins.d if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \ install --mode=u=rwx \ - --directory "$(CONFDIR)/plugins.d" && \ + --directory "$(CONFDIR)/plugins.d"; \ fi install --mode=u=rwx,go=rx \ --target-directory=$(PREFIX)/lib/mandos plugin-runner === modified file 'clients.conf' --- clients.conf 2008-08-27 01:18:25 +0000 +++ clients.conf 2008-09-21 13:42:34 +0000 @@ -55,7 +55,7 @@ ;fingerprint = 3e393aeaefb84c7e89e2f547b3a107558fca3a27 ; ;# If "secret" is not specified, a file can be read for the data. -;;secfile = /etc/mandos/bar-secret.txt.asc +;secfile = /etc/mandos/bar-secret.bin ; ;# An IP address for host is also fine, if the checker accepts it. ;host = 192.0.2.3 === modified file 'debian/control' --- debian/control 2008-09-19 20:54:58 +0000 +++ debian/control 2008-09-21 13:42:34 +0000 @@ -3,15 +3,16 @@ Priority: extra Maintainer: Mandos Maintainers Build-Depends: debhelper (>= 7), docbook-xsl, libavahi-core-dev, - libgpgme11-dev, libgnutls-dev, xsltproc + libgpgme11-dev, libgnutls-dev, xsltproc, po-debconf, + pkg-config Standards-Version: 3.8.0 Vcs-Bzr: ftp://anonymous@ftp.fukt.bsnet.se/pub/mandos/latest Homepage: http://www.fukt.bsnet.se/mandos Package: mandos Architecture: all -Depends: python (>=2.5), python-gnutls, python-dbus, python-avahi, - avahi-daemon, gnupg (< 2), adduser +Depends: ${misc:Depends}, python (>=2.5), python-gnutls, python-dbus, + python-avahi, avahi-daemon, gnupg (< 2), adduser Recommends: fping Description: a server giving encrypted passwords to Mandos clients This is the server part of the Mandos system, which allows @@ -30,7 +31,7 @@ Package: mandos-client Architecture: any -Depends: ${shlibs:Depends}, adduser, cryptsetup +Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, cryptsetup Enhances: cryptsetup Description: do unattended reboots with an encrypted root file system This is the client part of the Mandos system, which allows === added file 'debian/mandos-client.config' --- debian/mandos-client.config 1970-01-01 00:00:00 +0000 +++ debian/mandos-client.config 2008-09-21 04:22:50 +0000 @@ -0,0 +1,27 @@ +#! /bin/sh +# +# config Mandos Debconf configuration. +# + +# Source debconf library. +. /usr/share/debconf/confmodule +if ! db_version 2.0; then + echo "mandos.config: need DebConf 2.0 or later" + exit 1 +fi + +set -e +umask 022 + +# Now, interaction. Batch it in case any front ends can use this. +db_beginblock + +# If this is a first time install then prompt +if [ "$1" = "configure" -a "$2" != "" ]; then + db_input high mandos-client/not-yet-configured || true +fi + +db_endblock +db_go || true + +exit 0 === added file 'debian/mandos-client.templates' --- debian/mandos-client.templates 1970-01-01 00:00:00 +0000 +++ debian/mandos-client.templates 2008-09-21 04:22:50 +0000 @@ -0,0 +1,8 @@ +Template: mandos-client/not-yet-configured +Type: note +_Description: Your system needs more configuration[ mandos-client] + Your system can not function as a Mandos client until a + password for this client has been added to the + configuration on the Mandos server. Please read + /usr/share/doc/mandos-client/README.Debian.gz to find out + how. === added file 'debian/mandos.README.Debian' --- debian/mandos.README.Debian 1970-01-01 00:00:00 +0000 +++ debian/mandos.README.Debian 2008-09-21 04:22:50 +0000 @@ -0,0 +1,7 @@ +The Mandos server cannot run without at least one configured client in +/etc/mandos/clients.conf. To create one, install the "mandos-client" +package on a client computer, and run "mandos-keygen --password" there +to get a config file stanza. Append that to /etc/mandos/clients.conf +on the Mandos server. + + -- Teddy Hogeborn , Sat, 20 Sep 2008 21:21:19 +0200 === added file 'debian/mandos.config' --- debian/mandos.config 1970-01-01 00:00:00 +0000 +++ debian/mandos.config 2008-09-21 04:22:50 +0000 @@ -0,0 +1,27 @@ +#! /bin/sh +# +# config Mandos Debconf configuration. +# + +# Source debconf library. +. /usr/share/debconf/confmodule +if ! db_version 2.0; then + echo "mandos.config: need DebConf 2.0 or later" + exit 1 +fi + +set -e +umask 022 + +# Now, interaction. Batch it in case any front ends can use this. +db_beginblock + +# If this is a first time install then prompt +if [ "$1" = "configure" -a "$2" != "" ]; then + db_input high mandos/not-yet-configured || true +fi + +db_endblock +db_go || true + +exit 0 === added file 'debian/mandos.prerm' --- debian/mandos.prerm 1970-01-01 00:00:00 +0000 +++ debian/mandos.prerm 2008-09-21 13:42:34 +0000 @@ -0,0 +1,38 @@ +#! /bin/sh +# prerm script for mandos +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `upgrade' +# * `failed-upgrade' +# * `remove' `in-favour' +# * `deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/share/doc/packaging-manual/ + +case "$1" in + remove|deconfigure) + if [ -x /etc/init.d/mandos ]; then + if [ -x /usr/sbin/invoke-rc.d ]; then + invoke-rc.d mandos stop + else + /etc/init.d/mandos stop + fi + fi + ;; + upgrade|failed-upgrade) + ;; + *) + echo "prerm called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +#DEBHELPER# + +exit 0 === added file 'debian/mandos.templates' --- debian/mandos.templates 1970-01-01 00:00:00 +0000 +++ debian/mandos.templates 2008-09-21 04:22:50 +0000 @@ -0,0 +1,9 @@ +Template: mandos/not-yet-configured +Type: note +_Description: Your system needs more configuration[ mandos] + Your system has not yet been completely configured as a + Mandos server - clients need to be added to to + /etc/mandos/clients.conf. Please read + /usr/share/doc/mandos/README.Debian.gz to find out how. + . + (The server has not been started.) === added directory 'debian/po' === added file 'debian/po/POTFILES.in' --- debian/po/POTFILES.in 1970-01-01 00:00:00 +0000 +++ debian/po/POTFILES.in 2008-09-21 04:22:50 +0000 @@ -0,0 +1,2 @@ +[type: gettext/rfc822deb] mandos.templates +[type: gettext/rfc822deb] mandos-client.templates === added file 'debian/po/sv.po' --- debian/po/sv.po 1970-01-01 00:00:00 +0000 +++ debian/po/sv.po 2008-09-21 04:22:50 +0000 @@ -0,0 +1,66 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the mandos package. +# FIRST AUTHOR , YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: 1.0\n" +"Report-Msgid-Bugs-To: mandos@packages.debian.org\n" +"POT-Creation-Date: 2008-09-20 23:01+0200\n" +"PO-Revision-Date: 2008-09-21 06:01+0200\n" +"Last-Translator: Teddy Hogeborn \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../mandos.templates:1001 +msgid "Your system needs more configuration[ mandos]" +msgstr "Ditt system behöver ytterligare konfigurering" + +#. Type: note +#. Description +#: ../mandos.templates:1001 +#| msgid "" +#| "Your system has not yet been completely configured as a Mandos server - " +#| "you need to setup /etc/mandos/clients.conf. Please read /usr/share/doc/" +#| "mandos/README.Debian.gz to find out how." +msgid "" +"Your system has not yet been completely configured as a Mandos server - " +"clients need to be added to to /etc/mandos/clients.conf. Please read /usr/" +"share/doc/mandos/README.Debian.gz to find out how." +msgstr "" +"Ditt system är inte helt inställd som en Mandos-server än -\n" +"det behövs läggas till klienter i Mandos-serverns\n" +"inställingar. Var vänlig läs\n" +"/usr/share/doc/mandos-client/README.Debian.gz för att få\n" +"veta hur." + +#. Type: note +#. Description +#: ../mandos.templates:1001 +msgid "(The server has not been started.)" +msgstr "(Servern har inte startats.)" + +#. Type: note +#. Description +#: ../mandos-client.templates:1001 +msgid "Your system needs more configuration[ mandos-client]" +msgstr "Ditt system behöver ytterligare konfigurering" + +#. Type: note +#. Description +#: ../mandos-client.templates:1001 +msgid "" +"Your system can not function as a Mandos client until a password for this " +"client has been added to the configuration on the Mandos server. Please " +"read /usr/share/doc/mandos-client/README.Debian.gz to find out how." +msgstr "" +"Ditt system kan inte fungera som en Mandos-klient förrän\n" +"ett krypterat lösenord har lagts till i Mandos-serverns\n" +"inställingar. Var vänlig läs\n" +"/usr/share/doc/mandos-client/README.Debian.gz för att få\n" +"veta hur." === modified file 'debian/rules' --- debian/rules 2008-09-19 13:50:22 +0000 +++ debian/rules 2008-09-21 12:04:02 +0000 @@ -38,6 +38,7 @@ rm -f build-arch-stamp build-indep-stamp configure-stamp dh_auto_clean dh_clean + debconf-updatepo install: install-indep install-arch install-indep: @@ -47,7 +48,8 @@ dh_installdirs --indep $(MAKE) DESTDIR=$(CURDIR)/debian/mandos install-server dh_lintian - dh_installinit --onlyscripts --no-start + dh_installinit --onlyscripts --no-start \ + --update-rcd-params="defaults 25 15" dh_install --indep install-arch: @@ -64,7 +66,7 @@ dh_testroot dh_installchangelogs dh_installdocs -# dh_installdebconf + dh_installdebconf dh_link dh_strip dh_compress === modified file 'init.d-mandos' --- init.d-mandos 2008-09-05 16:24:33 +0000 +++ init.d-mandos 2008-09-21 12:04:02 +0000 @@ -1,7 +1,7 @@ #! /bin/sh ### BEGIN INIT INFO # Provides: mandos -# Required-Start: $remote_fs +# Required-Start: $remote_fs avahi-daemon # Required-Stop: $remote_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 === modified file 'mandos.xml' --- mandos.xml 2008-09-12 19:12:40 +0000 +++ mandos.xml 2008-09-21 12:20:55 +0000 @@ -3,7 +3,7 @@ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [ - + ]> @@ -504,7 +504,7 @@ mandos-clients.conf 5) must be made non-readable by anyone - except the user running the server. + except the user starting the server (usually root). As detailed in , the status of all === added file 'plugins.d/splashy' --- plugins.d/splashy 1970-01-01 00:00:00 +0000 +++ plugins.d/splashy 2008-09-22 07:37:53 +0000 @@ -0,0 +1,28 @@ +#!/bin/sh -e + +# If not on a tty, then get rid of possibly disrupting stderr output +if ! tty -s; then + exec 2>/dev/null +fi + +test -x /sbin/splashy_update + +# We get some variables from cryptsetup: +# $cryptsource the device node, like "/dev/sda3" +# $crypttarget the device mapper name, like "sda3_crypt". + +prompt="Enter passphrase to unlock" +if [ -n "$crypttarget" ]; then + prompt="$prompt the disk $crypttarget" +fi +if [ -n "$cryptsource" ]; then + prompt="$prompt ($cryptsource)" +fi + +splash_input_password(){ + /sbin/splashy_update "getpass $1" +} + +password="`splash_input_password \"$prompt: \"`" + +echo -n "$password" === modified file 'plugins.d/usplash' --- plugins.d/usplash 2008-08-14 02:24:59 +0000 +++ plugins.d/usplash 2008-09-22 07:37:53 +0000 @@ -33,7 +33,7 @@ trap "kill -TERM $usplash; sleep 2; kill -KILL $usplash; kill -TERM $$" TERM HUP -password="`splash_input_password \"$prompt: \" password`" +password="`splash_input_password \"$prompt: \"`" trap - TERM