summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog6
-rw-r--r--debian/control2
-rwxr-xr-xdebian/monkeysphere.postinst17
-rwxr-xr-xdebian/monkeysphere.postrm21
4 files changed, 44 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 82f274a..c6b5de4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,7 +3,11 @@ monkeysphere (0.4-1) UNRELEASED; urgency=low
[Daniel Kahn Gillmor]
* New version (switch UNRELEASED to experimental when ready)
- -- Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net> Tue, 24 Jun 2008 01:25:45 -0400
+ [ Jameson Graef Rollins ]
+ * Privilege separation: use monkeysphere user to handle maintenance of
+ the gnupg authentication keychain for server.
+
+ -- Jameson Graef Rollins <jrollins@phys.columbia.edu> Tue, 24 Jun 2008 13:52:28 -0400
monkeysphere (0.3-1) experimental; urgency=low
diff --git a/debian/control b/debian/control
index 4f0e5f5..f5760d9 100644
--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Dm-Upload-Allowed: yes
Package: monkeysphere
Architecture: any
-Depends: openssh-client, gnupg | gnupg2, coreutils (>= 6), moreutils, lockfile-progs, ${shlibs:Depends}
+Depends: openssh-client, gnupg | gnupg2, coreutils (>= 6), moreutils, lockfile-progs, adduser, ${shlibs:Depends}
Recommends: netcat
Enhances: openssh-client, openssh-server
Description: use the OpenPGP web of trust to verify ssh connections
diff --git a/debian/monkeysphere.postinst b/debian/monkeysphere.postinst
new file mode 100755
index 0000000..50eaefa
--- /dev/null
+++ b/debian/monkeysphere.postinst
@@ -0,0 +1,17 @@
+#!/bin/sh -e
+
+# postinst script for monkeysphere
+
+# Author: Jameson Rollins <jrollins@fifthhorseman.net>
+# (c) 2008
+
+if ! getent passwd monkeysphere >/dev/null ; then
+ echo "adding monkeysphere user..."
+ adduser --quiet --system --no-create-home --home '/var/lib/monkeysphere' \
+ --shell '/bin/sh' --gecos 'monkeysphere authentication user,,,' monkeysphere
+fi
+
+# install host gnupg home directories
+install --mode 700 -d /var/lib/monkeysphere/gnupg-host
+# install authentication gnupg home directories
+install --mode 700 --owner monkeysphere -d /var/lib/monkeysphere/gnupg-authentication
diff --git a/debian/monkeysphere.postrm b/debian/monkeysphere.postrm
new file mode 100755
index 0000000..a103fc8
--- /dev/null
+++ b/debian/monkeysphere.postrm
@@ -0,0 +1,21 @@
+#!/bin/sh -e
+
+# postrm script for monkeysphere
+
+# Author: Jameson Rollins <jrollins@fifthhorseman.net>
+# (c) 2008
+
+case $1 in
+ purge)
+ rmdir --ignore-fail-on-non-empty /var/lib/monkeysphere || true
+ echo "removing monkeysphere user..."
+ userdel monkeysphere > /dev/null || true
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 13:03:52 +0000