From 3492507e7dc279be4e6c703733d8a174d0204d91 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 21 Feb 2009 18:28:20 -0500 Subject: preparing for stupid brown paper bag 0.23.1 release. --- packaging/debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 50a7071..96b719b 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,3 +1,10 @@ +monkeysphere (0.23.1-1) unstable; urgency=low + + * New Upstrem "Brown Paper Bag" Release: + - adjusts internal version numbers + + -- Daniel Kahn Gillmor Sat, 21 Feb 2009 18:09:47 -0500 + monkeysphere (0.23-1) unstable; urgency=low "The Golden Bezoar Release" -- cgit v1.2.3 From e71c7bb4dff26178f714cd0fcdbb3058effa4066 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 22 Feb 2009 12:07:34 -0500 Subject: Fix how version number is saved/retrieved. Version is now stored in VERSION file, which is created in the tarball target. This is then installed at /usr/share/monkeysphere/VERSION, and cat'ed when the version number is requested by the front-end ui. No more manual setting of version number required (to avoid future problems, aka "0.23.1"). This system is also more flexible, as the VERSION file could potentially hold more info than just the release number. --- Makefile | 2 ++ packaging/debian/changelog | 7 +++++++ src/monkeysphere | 2 +- src/monkeysphere-authentication | 2 +- src/monkeysphere-host | 2 +- src/share/common | 8 +++++--- tests/basic | 16 ---------------- utils/preparing-release | 3 --- 8 files changed, 17 insertions(+), 25 deletions(-) (limited to 'packaging') diff --git a/Makefile b/Makefile index 71df92b..0284a8a 100755 --- a/Makefile +++ b/Makefile @@ -24,6 +24,7 @@ tarball: clean mkdir -p monkeysphere-$(MONKEYSPHERE_VERSION)/doc ln -s ../../website/getting-started-user.mdwn ../../website/getting-started-admin.mdwn ../../doc/TODO ../../doc/MonkeySpec monkeysphere-$(MONKEYSPHERE_VERSION)/doc ln -s ../COPYING ../etc ../Makefile ../man ../src ../tests monkeysphere-$(MONKEYSPHERE_VERSION) + echo $(MONKEYSPHERE_VERSION) > monkeysphere-$(MONKEYSPHERE_VERSION)/VERSION tar -ch --exclude='*~' monkeysphere-$(MONKEYSPHERE_VERSION) | gzip -n > monkeysphere_$(MONKEYSPHERE_VERSION).orig.tar.gz rm -rf monkeysphere-$(MONKEYSPHERE_VERSION) @@ -50,6 +51,7 @@ install: all installman mkdir -p $(DESTDIR)$(PREFIX)/share/monkeysphere/m $(DESTDIR)$(PREFIX)/share/monkeysphere/mh $(DESTDIR)$(PREFIX)/share/monkeysphere/ma $(DESTDIR)$(PREFIX)/share/monkeysphere/transitions mkdir -p $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere mkdir -p $(DESTDIR)$(PREFIX)/share/doc/monkeysphere + install -m 0644 VERSION $(DESTDIR)$(PREFIX)/share/monkeysphere install src/monkeysphere src/keytrans/openpgp2ssh src/keytrans/pem2openpgp $(DESTDIR)$(PREFIX)/bin install src/monkeysphere-host src/monkeysphere-authentication $(DESTDIR)$(PREFIX)/sbin install -m 0644 src/share/common $(DESTDIR)$(PREFIX)/share/monkeysphere diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 96b719b..58a80a3 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,3 +1,10 @@ +monkeysphere (0.24~pre-1) UNRELEASED; urgency=low + + * New upstream release: + - Fixed how version information is stored/retrieved. + + -- Jameson Graef Rollins Sun, 22 Feb 2009 12:02:06 -0500 + monkeysphere (0.23.1-1) unstable; urgency=low * New Upstrem "Brown Paper Bag" Release: diff --git a/src/monkeysphere b/src/monkeysphere index 371983f..6db4827 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -239,7 +239,7 @@ case $COMMAND in ;; 'version'|'v') - echo "$VERSION" + version ;; '--help'|'help'|'-h'|'h'|'?') diff --git a/src/monkeysphere-authentication b/src/monkeysphere-authentication index 497470d..c009653 100755 --- a/src/monkeysphere-authentication +++ b/src/monkeysphere-authentication @@ -199,7 +199,7 @@ case $COMMAND in ;; 'version'|'v') - echo "$VERSION" + version ;; '--help'|'help'|'-h'|'h'|'?') diff --git a/src/monkeysphere-host b/src/monkeysphere-host index 1b0de0c..c454354 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -315,7 +315,7 @@ case $COMMAND in ;; 'version'|'v') - echo "$VERSION" + version ;; '--help'|'help'|'-h'|'h'|'?') diff --git a/src/share/common b/src/share/common index 0c26a91..b2dcd35 100644 --- a/src/share/common +++ b/src/share/common @@ -20,9 +20,6 @@ SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"} export SYSCONFIGDIR -# monkeysphere version -VERSION=0.23.1 - # default log level LOG_LEVEL="INFO" @@ -41,6 +38,11 @@ PROMPT="true" ######################################################################## ### UTILITY FUNCTIONS +# output version info +version() { + cat "${SYSSHAREDIR}/VERSION" +} + # failure function. exits with code 255, unless specified otherwise. failure() { [ "$1" ] && echo "$1" >&2 diff --git a/tests/basic b/tests/basic index 9308e21..b1fe9ed 100755 --- a/tests/basic +++ b/tests/basic @@ -138,22 +138,6 @@ export SOCKET="$TEMPDIR"/ssh-socket # *anything* with any running X11 session. export DISPLAY=monkeys -## make sure that the version number matches the debian changelog -## (don't bother if this is being run from the tests). - -if [ -f "$TESTDIR"/../packaging/debian/changelog ]; then - echo - echo "##################################################" - echo "### checking version string match..." - repver=$(monkeysphere version) - debver=$(head -n1 "$TESTDIR"/../packaging/debian/changelog | sed 's/.*(\([^-]*\)-.*/\1/') - if [ "$repver" = "$debver" ] ; then - echo "Versions match!" - else - printf "reported version string (%s) does not match debian changelog (%s)\n" "$repver" "$debver" - exit 1 - fi -fi ###################################################################### ### CONFIGURE ENVIRONMENTS diff --git a/utils/preparing-release b/utils/preparing-release index 3c7ded5..dd9d224 100644 --- a/utils/preparing-release +++ b/utils/preparing-release @@ -3,9 +3,6 @@ * make sure that packaging/debian/changelog has a reasonable version number. - * make sure that src/share/common contains the upstream part of that - version number in the VERSION= line - * make tarball * make releasenote -- cgit v1.2.3 From 54abd85dc6b4c54a99644eec21ce51635012ea8b Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 28 Feb 2009 13:07:36 -0500 Subject: work on maintainer scripts: - remove preinst and prerm because they were empty - put everything in postint into 'config' argument, since that's really what it is - make sure deletion of monkeysphere user is correct, based on what we found here: http://wiki.debian.org/AccountHandlingInMaintainerScripts --- packaging/debian/changelog | 3 ++- packaging/debian/monkeysphere.postinst | 34 +++++++++++++++++++--------------- packaging/debian/monkeysphere.postrm | 9 +++++++-- packaging/debian/monkeysphere.preinst | 25 ------------------------- packaging/debian/monkeysphere.prerm | 15 --------------- 5 files changed, 28 insertions(+), 58 deletions(-) delete mode 100755 packaging/debian/monkeysphere.preinst delete mode 100755 packaging/debian/monkeysphere.prerm (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 58a80a3..46f7863 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,9 +1,10 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low + * update/cleanup mainterscripts * New upstream release: - Fixed how version information is stored/retrieved. - -- Jameson Graef Rollins Sun, 22 Feb 2009 12:02:06 -0500 + -- Jameson Graef Rollins Sat, 28 Feb 2009 13:02:57 -0500 monkeysphere (0.23.1-1) unstable; urgency=low diff --git a/packaging/debian/monkeysphere.postinst b/packaging/debian/monkeysphere.postinst index 3d0d66f..bbb02cf 100755 --- a/packaging/debian/monkeysphere.postinst +++ b/packaging/debian/monkeysphere.postinst @@ -7,21 +7,25 @@ VARLIB="/var/lib/monkeysphere" -# add a monkeysphere user if one does not already exist -if ! getent passwd monkeysphere >/dev/null ; then - echo "adding monkeysphere user..." - adduser --quiet --system --no-create-home --group \ - --home "$VARLIB" \ - --shell '/bin/bash' \ - --gecos 'monkeysphere authentication user,,,' \ - monkeysphere -fi - -# try to transition from to 0.23: -/usr/share/monkeysphere/transitions/0.23 - -# setup monkeysphere authentication -monkeysphere-authentication setup +case $1 in + configure) + # add a monkeysphere user if one does not already exist + if ! getent passwd monkeysphere >/dev/null ; then + echo "adding monkeysphere user..." + adduser --quiet --system --no-create-home --group \ + --home "$VARLIB" \ + --shell '/bin/bash' \ + --gecos 'monkeysphere authentication user,,,' \ + monkeysphere + fi + + # try to transition from to 0.23: + /usr/share/monkeysphere/transitions/0.23 + + # setup monkeysphere authentication + monkeysphere-authentication setup + ;; +esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. diff --git a/packaging/debian/monkeysphere.postrm b/packaging/debian/monkeysphere.postrm index 79f7245..e70a1b1 100755 --- a/packaging/debian/monkeysphere.postrm +++ b/packaging/debian/monkeysphere.postrm @@ -7,8 +7,13 @@ case $1 in purge) - echo "removing monkeysphere user..." - userdel monkeysphere > /dev/null || true + # delete monkeysphere user + # http://wiki.debian.org/AccountHandlingInMaintainerScripts + if type deluser >/dev/null 2>&1; then + deluser --quiet --system monkeysphere > /dev/null || true + else + echo >&2 "not removing monkeysphere system account because deluser command was not found" + fi ;; esac diff --git a/packaging/debian/monkeysphere.preinst b/packaging/debian/monkeysphere.preinst deleted file mode 100755 index fd22f6f..0000000 --- a/packaging/debian/monkeysphere.preinst +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -e - -# preinst script for monkeysphere - -# Author: Jameson Rollins -# Copyright 2008-2009 - -ETC="/etc/monkeysphere" - -# move the old server conf file to be the authentication conf file -if [ -f "$ETC"/monkeysphere-server.conf -a \ - ! -f "$ETC"/monkeysphere-authentication.conf ] ; then - mv "$ETC"/monkeysphere-server.conf "$ETC"/monkeysphere-authentication.conf -fi - -# remove the old gpg-*.conf files -rm -f "$ETC"/gpg-host.conf -rm -f "$ETC"/gpg-authentication.conf - -# dh_installdeb will replace this with shell code automatically -# generated by other debhelper scripts. - -#DEBHELPER# - -exit 0 diff --git a/packaging/debian/monkeysphere.prerm b/packaging/debian/monkeysphere.prerm deleted file mode 100755 index 5835f53..0000000 --- a/packaging/debian/monkeysphere.prerm +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -e - -# prerm script for monkeysphere - -# Author: Jameson Rollins -# Copyright 2008-2009 - -true - -# dh_installdeb will replace this with shell code automatically -# generated by other debhelper scripts. - -#DEBHELPER# - -exit 0 -- cgit v1.2.3 From 26527731b6b1bbeaa9e2e8a0507c52ca164803ed Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 1 Mar 2009 13:20:32 -0500 Subject: debian packaging overhaul. --- packaging/debian/changelog | 12 ++++++++++-- packaging/debian/control | 6 +++--- 2 files changed, 13 insertions(+), 5 deletions(-) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 46f7863..17e98e7 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,10 +1,18 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low - * update/cleanup mainterscripts * New upstream release: - Fixed how version information is stored/retrieved. + - Now uses perl-based keytrans for both pem2openpgp and openpgp2ssh + - no longer needs base64 in PATH + - added "test" make target + - improved transitions/0.23 script + * update/cleanup mainterscripts + * remove GnuTLS dependency. + * remove versioned coreutils | base64 dependency. + * added Build-Deps for dh_autotest. + * switch to Architecture: all - -- Jameson Graef Rollins Sat, 28 Feb 2009 13:02:57 -0500 + -- Daniel Kahn Gillmor Sun, 01 Mar 2009 11:47:41 -0500 monkeysphere (0.23.1-1) unstable; urgency=low diff --git a/packaging/debian/control b/packaging/debian/control index c20b978..fa2c78a 100644 --- a/packaging/debian/control +++ b/packaging/debian/control @@ -3,15 +3,15 @@ Section: net Priority: extra Maintainer: Jameson Graef Rollins Uploaders: Daniel Kahn Gillmor -Build-Depends: debhelper (>= 7.0), libgnutls-dev (>= 2.4.0) +Build-Depends: debhelper (>= 7.0), socat, openssh-server, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail Standards-Version: 3.8.0.1 Homepage: http://web.monkeysphere.info/ Vcs-Git: git://git.monkeysphere.info/monkeysphere Dm-Upload-Allowed: yes Package: monkeysphere -Architecture: any -Depends: openssh-client, gnupg, coreutils (>= 6) | base64, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail, adduser, ${shlibs:Depends} +Architecture: all +Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail, adduser, ${shlibs:Depends} Recommends: netcat | socat, ssh-askpass Enhances: openssh-client, openssh-server Description: use the OpenPGP web of trust to verify ssh connections -- cgit v1.2.3 From 7c8c631cd755ccab6bf61bfaf54a00538b93ba3e Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sun, 1 Mar 2009 15:31:03 -0500 Subject: use 'which' instead of 'type' in postrm, so lintian doesn't complain. --- packaging/debian/monkeysphere.postrm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'packaging') diff --git a/packaging/debian/monkeysphere.postrm b/packaging/debian/monkeysphere.postrm index e70a1b1..878b913 100755 --- a/packaging/debian/monkeysphere.postrm +++ b/packaging/debian/monkeysphere.postrm @@ -9,7 +9,7 @@ case $1 in purge) # delete monkeysphere user # http://wiki.debian.org/AccountHandlingInMaintainerScripts - if type deluser >/dev/null 2>&1; then + if which deluser >/dev/null 2>&1 ; then deluser --quiet --system monkeysphere > /dev/null || true else echo >&2 "not removing monkeysphere system account because deluser command was not found" -- cgit v1.2.3 From 750314da835f95fa4db35e5715508c6a551dfac9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 1 Mar 2009 16:28:29 -0500 Subject: touching up changelog; switch ${shlibs:Depends} to ${misc:Depends} to mollify lintian. --- packaging/debian/changelog | 3 ++- packaging/debian/control | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 17e98e7..bef3c03 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -6,7 +6,8 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low - no longer needs base64 in PATH - added "test" make target - improved transitions/0.23 script - * update/cleanup mainterscripts + - RSA only: no longer handles DSA keys + * update/cleanup maintainer scripts * remove GnuTLS dependency. * remove versioned coreutils | base64 dependency. * added Build-Deps for dh_autotest. diff --git a/packaging/debian/control b/packaging/debian/control index fa2c78a..6706cb9 100644 --- a/packaging/debian/control +++ b/packaging/debian/control @@ -11,7 +11,7 @@ Dm-Upload-Allowed: yes Package: monkeysphere Architecture: all -Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail, adduser, ${shlibs:Depends} +Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail, adduser, ${misc:Depends} Recommends: netcat | socat, ssh-askpass Enhances: openssh-client, openssh-server Description: use the OpenPGP web of trust to verify ssh connections -- cgit v1.2.3 From 01cc7607ee14feb1b8ebc91c9a9e5bed92f7a413 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 1 Mar 2009 20:33:16 -0500 Subject: include bug number for fixing transition script issues. --- packaging/debian/changelog | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index bef3c03..8b3b922 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -5,7 +5,8 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low - Now uses perl-based keytrans for both pem2openpgp and openpgp2ssh - no longer needs base64 in PATH - added "test" make target - - improved transitions/0.23 script + - improved transitions/0.23 script so it no longer fails in common + circumstances (Closes: #517779) - RSA only: no longer handles DSA keys * update/cleanup maintainer scripts * remove GnuTLS dependency. -- cgit v1.2.3 From a102b1533984b638094727f36f64a56ed5586553 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 1 Mar 2009 22:11:58 -0500 Subject: moved set -e from the shebang line to an explicit setting in maintainer scripts to pacify lintian --pedantic. --- packaging/debian/monkeysphere.postinst | 4 +++- packaging/debian/monkeysphere.postrm | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) (limited to 'packaging') diff --git a/packaging/debian/monkeysphere.postinst b/packaging/debian/monkeysphere.postinst index bbb02cf..6b12ee8 100755 --- a/packaging/debian/monkeysphere.postinst +++ b/packaging/debian/monkeysphere.postinst @@ -1,10 +1,12 @@ -#!/bin/sh -e +#!/bin/sh # postinst script for monkeysphere # Author: Jameson Rollins # Copyright 2008-2009 +set -e + VARLIB="/var/lib/monkeysphere" case $1 in diff --git a/packaging/debian/monkeysphere.postrm b/packaging/debian/monkeysphere.postrm index 878b913..d789012 100755 --- a/packaging/debian/monkeysphere.postrm +++ b/packaging/debian/monkeysphere.postrm @@ -1,10 +1,12 @@ -#!/bin/sh -e +#!/bin/sh # postrm script for monkeysphere # Author: Jameson Rollins # Copyright 2008-2009 +set -e + case $1 in purge) # delete monkeysphere user -- cgit v1.2.3 From 547b84f3861c0d376818c0f04bfe6f79e5845606 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 1 Mar 2009 22:12:49 -0500 Subject: point explicitly to GPL v3 in debian/copyright (satisfies lintian --pedantic) --- packaging/debian/copyright | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'packaging') diff --git a/packaging/debian/copyright b/packaging/debian/copyright index 4c25286..c85128f 100644 --- a/packaging/debian/copyright +++ b/packaging/debian/copyright @@ -21,4 +21,4 @@ License: GPL-3+ (at your option) any later version. . On Debian systems, the complete text of the GNU General Public License - can be found in file "/usr/share/common-licenses/GPL". + version 3 can be found in file "/usr/share/common-licenses/GPL-3". -- cgit v1.2.3 From d86b79c54bca47211511fc18f3d626cf3b30fcb1 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 2 Mar 2009 14:17:35 -0500 Subject: added a prerm script to explicitly fail if someone attempts to downgrade to anything before 0.23 --- packaging/debian/monkeysphere.prerm | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100755 packaging/debian/monkeysphere.prerm (limited to 'packaging') diff --git a/packaging/debian/monkeysphere.prerm b/packaging/debian/monkeysphere.prerm new file mode 100755 index 0000000..1a5135a --- /dev/null +++ b/packaging/debian/monkeysphere.prerm @@ -0,0 +1,36 @@ +#!/bin/sh -e + +# prerm script for monkeysphere + +# the only thing we're doing here is making sure that the local +# administrator is not trying to downgrade to a version below 0.23, +# since there was such a major reorganization of system data during +# the transition to 0.23. + +# Author: Daniel Kahn Gillmor +# Copyright 2009 + +set -e + +case "$1" in + upgrade) + if dpkg --compare-versions "$2" lt 0.23 ; then + cat >&2 < Date: Mon, 2 Mar 2009 15:35:06 -0500 Subject: added ability to specify subkeys to add to agent with MONKEYSPHERE_SUBKEYS_FOR_AGENT variable. --- packaging/debian/changelog | 4 ++- src/share/m/subkey_to_ssh_agent | 55 +++++++++++++++++++++++++++-------------- 2 files changed, 39 insertions(+), 20 deletions(-) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 8b3b922..786d410 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -8,13 +8,15 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low - improved transitions/0.23 script so it no longer fails in common circumstances (Closes: #517779) - RSA only: no longer handles DSA keys + - added ability to specify subkeys to add to ssh agent with + new MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable * update/cleanup maintainer scripts * remove GnuTLS dependency. * remove versioned coreutils | base64 dependency. * added Build-Deps for dh_autotest. * switch to Architecture: all - -- Daniel Kahn Gillmor Sun, 01 Mar 2009 11:47:41 -0500 + -- Jameson Graef Rollins Mon, 02 Mar 2009 15:33:44 -0500 monkeysphere (0.23.1-1) unstable; urgency=low diff --git a/src/share/m/subkey_to_ssh_agent b/src/share/m/subkey_to_ssh_agent index ec596bd..aa647a6 100644 --- a/src/share/m/subkey_to_ssh_agent +++ b/src/share/m/subkey_to_ssh_agent @@ -37,26 +37,34 @@ subkey_to_ssh_agent() { if [ "$sshaddresponse" = "2" ]; then failure "Could not connect to ssh-agent" fi - - # get list of secret keys (to work around bug - # https://bugs.g10code.com/gnupg/issue945): - secretkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ - --fingerprint | \ - grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') - - if [ -z "$secretkeys" ]; then - failure "You have no secret keys in your keyring! + + # if the MONKEYSPHERE_SUBKEYS_FOR_AGENT variable is set, use the + # keys specified there + if [ "$MONKEYSPHERE_SUBKEYS_FOR_AGENT" ] ; then + authsubkeys="$MONKEYSPHERE_SUBKEYS_FOR_AGENT" + + # otherwise find all authentication-capable subkeys and use those + else + # get list of secret keys + # (to work around bug https://bugs.g10code.com/gnupg/issue945): + secretkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint | \ + grep '^fpr:' | cut -f10 -d: | awk '{ print "0x" $1 "!" }') + + if [ -z "$secretkeys" ]; then + failure "You have no secret keys in your keyring! You might want to run 'gpg --gen-key'." - fi + fi - authsubkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ - --fingerprint --fingerprint $secretkeys | \ - cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ - grep '^fpr::' | cut -f3 -d: | sort -u) - - if [ -z "$authsubkeys" ]; then - failure "no authentication-capable subkeys available. -You might want to 'monkeysphere gen-subkey'" + authsubkeys=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint --fingerprint $secretkeys | \ + cut -f1,5,10,12 -d: | grep -A1 '^ssb:[^:]*::[^:]*a[^:]*$' | \ + grep '^fpr::' | cut -f3 -d: | sort -u) + + if [ -z "$authsubkeys" ]; then + failure "no authentication-capable subkeys available. +You might want to run 'monkeysphere gen-subkey'." + fi fi workingdir=$(msmktempdir) @@ -68,7 +76,16 @@ You might want to 'monkeysphere gen-subkey'" # through to ssh-add. should we limit it to known ones? For # example: -d or -c and/or -t - for subkey in $authsubkeys; do + for subkey in $authsubkeys; do + # test that the subkey has proper capability + capability=$(gpg_user --list-secret-keys --with-colons --fixed-list-mode \ + --fingerprint --fingerprint "0x${subkey}!" \ + | egrep -B 1 "^fpr:::::::::${subkey}:$" | grep "^ssb:" | cut -d: -f12) + if ! check_capability "$capability" 'a' ; then + log error "Did not find authentication-capable subkey with key ID '$subkey'." + continue + fi + # choose a label by which this key will be known in the agent: # we are labelling the key by User ID instead of by # fingerprint, but filtering out all / characters to make sure -- cgit v1.2.3 From 0ae1b83bf02bdec7b26e87e16a393b007941f871 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 2 Mar 2009 17:49:53 -0500 Subject: clearer error reporting for transition scripts in postinst. --- packaging/debian/monkeysphere.postinst | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'packaging') diff --git a/packaging/debian/monkeysphere.postinst b/packaging/debian/monkeysphere.postinst index 6b12ee8..4e81167 100755 --- a/packaging/debian/monkeysphere.postinst +++ b/packaging/debian/monkeysphere.postinst @@ -21,8 +21,15 @@ case $1 in monkeysphere fi - # try to transition from to 0.23: - /usr/share/monkeysphere/transitions/0.23 + # try all available transitions: + for trans in 0.23 ; do + /usr/share/monkeysphere/transitions/$trans || { \ + RET=$? + echo "Failed running transition script /usr/share/monkeysphere/transitions/$trans" >&2 + exit $RET + } + done + # setup monkeysphere authentication monkeysphere-authentication setup -- cgit v1.2.3 From 75c24f110ed8509519a8377eefdcc2be8a61b04a Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 3 Mar 2009 19:40:35 -0500 Subject: add cron to Recommends --- packaging/debian/changelog | 13 +++++++------ packaging/debian/control | 2 +- 2 files changed, 8 insertions(+), 7 deletions(-) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 786d410..245be1b 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,8 +1,8 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low * New upstream release: - - Fixed how version information is stored/retrieved. - - Now uses perl-based keytrans for both pem2openpgp and openpgp2ssh + - fixed how version information is stored/retrieved + - now uses perl-based keytrans for both pem2openpgp and openpgp2ssh - no longer needs base64 in PATH - added "test" make target - improved transitions/0.23 script so it no longer fails in common @@ -11,12 +11,13 @@ monkeysphere (0.24~pre-1) UNRELEASED; urgency=low - added ability to specify subkeys to add to ssh agent with new MONKEYSPHERE_SUBKEYS_FOR_AGENT environment variable * update/cleanup maintainer scripts - * remove GnuTLS dependency. - * remove versioned coreutils | base64 dependency. - * added Build-Deps for dh_autotest. + * remove GnuTLS dependency + * remove versioned coreutils | base64 dependency + * added Build-Deps for dh_autotest * switch to Architecture: all + * added cron to Recommends - -- Jameson Graef Rollins Mon, 02 Mar 2009 15:33:44 -0500 + -- Jameson Graef Rollins Tue, 03 Mar 2009 19:38:33 -0500 monkeysphere (0.23.1-1) unstable; urgency=low diff --git a/packaging/debian/control b/packaging/debian/control index 6706cb9..616a95a 100644 --- a/packaging/debian/control +++ b/packaging/debian/control @@ -12,7 +12,7 @@ Dm-Upload-Allowed: yes Package: monkeysphere Architecture: all Depends: openssh-client, gnupg, libcrypt-openssl-rsa-perl, libdigest-sha1-perl, lockfile-progs | procmail, adduser, ${misc:Depends} -Recommends: netcat | socat, ssh-askpass +Recommends: netcat | socat, ssh-askpass, cron Enhances: openssh-client, openssh-server Description: use the OpenPGP web of trust to verify ssh connections SSH key-based authentication is tried-and-true, but it lacks a true -- cgit v1.2.3 From e41e47bde4fe94e1503a9210dd3fef0c68bd491f Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 3 Mar 2009 21:56:17 -0500 Subject: prepare for 0.24 release --- packaging/debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'packaging') diff --git a/packaging/debian/changelog b/packaging/debian/changelog index 245be1b..873b058 100644 --- a/packaging/debian/changelog +++ b/packaging/debian/changelog @@ -1,4 +1,4 @@ -monkeysphere (0.24~pre-1) UNRELEASED; urgency=low +monkeysphere (0.24-1) unstable; urgency=low * New upstream release: - fixed how version information is stored/retrieved -- cgit v1.2.3 From 6b4f7702969176aad8e587f3fe39dabc0a458134 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 9 Mar 2009 22:02:17 -0400 Subject: updating FreeBSD port for 0.24 --- packaging/freebsd/security/monkeysphere/Makefile | 2 +- packaging/freebsd/security/monkeysphere/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index 24f9b2b..7049aba 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -6,7 +6,7 @@ # PORTNAME= monkeysphere -PORTVERSION= 0.22 +PORTVERSION= 0.24 CATEGORIES= security MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/ # hack for debian orig tarballs diff --git a/packaging/freebsd/security/monkeysphere/distinfo b/packaging/freebsd/security/monkeysphere/distinfo index d6c6e5e..a0a9df9 100644 --- a/packaging/freebsd/security/monkeysphere/distinfo +++ b/packaging/freebsd/security/monkeysphere/distinfo @@ -1,3 +1,3 @@ -MD5 (monkeysphere_0.22.orig.tar.gz) = 2bb00c86323409b98aff53f94d9ce0a6 -SHA256 (monkeysphere_0.22.orig.tar.gz) = 2566facda807a67a4d2d6de3833cccfa0b78b454909e8d25f47a235a9e621b24 -SIZE (monkeysphere_0.22.orig.tar.gz) = 70245 +MD5 (monkeysphere_0.24.orig.tar.gz) = 8590532f4702fa44027a6a583657c9ef +SHA256 (monkeysphere_0.24.orig.tar.gz) = 2a58cee998ddb1b21b953826fc746a743e17d94e6fa34ac9cbee4262873b5c5f +SIZE (monkeysphere_0.24.orig.tar.gz) = 86044 -- cgit v1.2.3 From 02ef7e000ee2ed085135905c7fecf2a342ae7fc5 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 9 Mar 2009 22:39:41 -0400 Subject: update freebsd Makefile to reflect reorganization of Monkeysphere, and transition to perl. --- packaging/freebsd/security/monkeysphere/Makefile | 26 ++++++++++-------------- 1 file changed, 11 insertions(+), 15 deletions(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index 7049aba..f625db6 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -15,16 +15,15 @@ DISTFILES= ${PORTNAME}_${DISTVERSION}.orig.tar.gz MAINTAINER= dkg@fifthhorseman.net COMMENT= use the OpenPGP web of trust to verify ssh connections -LIB_DEPENDS= gnutls.26:${PORTSDIR}/security/gnutls -RUN_DEPENDS= base64:${PORTSDIR}/converters/base64 \ - gpg:${PORTSDIR}/security/gnupg1 \ +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ lockfile:${PORTSDIR}/mail/procmail \ - /usr/local/bin/getopt:${PORTSDIR}/misc/getopt \ - bash:${PORTSDIR}/shells/bash + bash:${PORTSDIR}/shells/bash \ + ${SITE_PERL}/${PERL_ARCH}/Crypt/OpenSSL/RSA.pm:${PORTSDIR}/security/p5-Crypt-OpenSSL-RSA \ + ${SITE_PERL}/${PERL_ARCH}/Digest/SHA1.pm:${PORTSDIR}/security/p5-Digest-SHA1 -MAN1= monkeysphere.1 openpgp2ssh.1 monkeysphere-ssh-proxycommand.1 +MAN1= monkeysphere.1 openpgp2ssh.1 pem2openpgp.1 MAN7= monkeysphere.7 -MAN8= monkeysphere-server.8 +MAN8= monkeysphere-host.8 monkeysphere-authentication.8 MANCOMPRESSED= yes MAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample @@ -34,17 +33,14 @@ post-patch: find . -iname '*.orig' -delete post-install: - @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-host.conf ]; then \ - ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-host.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-host.conf ; \ - fi - @if [ ! -f ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ]; then \ - ${CP} -p ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf.sample ${PREFIX}/etc/monkeysphere/gnupg-authentication.conf ; \ - fi @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \ ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere.conf ; \ fi - @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ]; then \ - ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere-server.conf ; \ + @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-host.conf ]; then \ + ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-host.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere-host.conf ; \ + fi + @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere-authentication.conf ]; then \ + ${CP} -p ${PREFIX}/etc/monkeysphere/monkeysphere-authentication.conf.sample ${PREFIX}/etc/monkeysphere/monkeysphere-authentication.conf ; \ fi .if !defined(PACKAGE_BUILDING) @${SETENV} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL -- cgit v1.2.3 From ffc22c69eb3376d0e7576f2be2e79e6a94375398 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Mon, 9 Mar 2009 22:56:17 -0400 Subject: More FreeBSD packaging work: removing gnutls patches -- not needed for monkeysphere; updating maintainer scripts. --- ...patch-lib__opencdk__opencdk__use-GNU-dummy.diff | 144 --------------------- .../freebsd/security/monkeysphere/pkg-deinstall | 4 +- .../freebsd/security/monkeysphere/pkg-install | 16 +-- packaging/freebsd/security/monkeysphere/pkg-plist | 47 +++++-- 4 files changed, 42 insertions(+), 169 deletions(-) delete mode 100644 packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff (limited to 'packaging') diff --git a/packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff b/packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff deleted file mode 100644 index 2450bc3..0000000 --- a/packaging/freebsd/security/gnutls/files/patch-lib__opencdk__opencdk__use-GNU-dummy.diff +++ /dev/null @@ -1,144 +0,0 @@ ---- ./lib/opencdk/opencdk.h.orig 2008-06-30 16:45:51.000000000 -0400 -+++ ./lib/opencdk/opencdk.h 2008-08-21 19:23:44.000000000 -0400 -@@ -214,7 +214,11 @@ - enum cdk_s2k_type_t { - CDK_S2K_SIMPLE = 0, - CDK_S2K_SALTED = 1, -- CDK_S2K_ITERSALTED = 3 -+ CDK_S2K_ITERSALTED = 3, -+ CDK_S2K_GNU_EXT = 101 -+ /* GNU S2K extensions: refer to DETAILS from GnuPG: -+ http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/doc/DETAILS?root=GnuPG -+ */ - }; - - ---- ./lib/opencdk/read-packet.c.orig 2008-06-30 16:45:51.000000000 -0400 -+++ ./lib/opencdk/read-packet.c 2008-08-21 19:30:09.000000000 -0400 -@@ -78,10 +78,35 @@ - } - - --static int -+/* read about S2K at http://tools.ietf.org/html/rfc4880#section-3.7.1 */ -+static cdk_error_t - read_s2k (cdk_stream_t inp, cdk_s2k_t s2k) - { -- return CDK_Not_Implemented; -+ size_t nread; -+ -+ s2k->mode = cdk_stream_getc (inp); -+ s2k->hash_algo = cdk_stream_getc (inp); -+ if (s2k->mode == CDK_S2K_SIMPLE) -+ return 0; -+ else if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED) -+ { -+ if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread)) -+ return CDK_Inv_Packet; -+ if (nread != DIM (s2k->salt)) -+ return CDK_Inv_Packet; -+ -+ if (s2k->mode == CDK_S2K_ITERSALTED) -+ s2k->count = cdk_stream_getc (inp); -+ } -+ else if (s2k->mode == CDK_S2K_GNU_EXT) -+ { -+ /* GNU extensions to the S2K : read DETAILS from gnupg */ -+ return 0; -+ } -+ else -+ return CDK_Not_Implemented; -+ -+ return 0; - } - - -@@ -194,6 +219,7 @@ - static cdk_error_t - read_symkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_symkey_enc_t ske) - { -+ cdk_error_t ret; - cdk_s2k_t s2k; - size_t minlen; - size_t nread, nleft; -@@ -213,7 +239,9 @@ - return CDK_Out_Of_Core; - - ske->cipher_algo = cdk_stream_getc (inp); -- s2k->mode = cdk_stream_getc (inp); -+ ret = read_s2k(inp, s2k); -+ if (ret != 0) -+ return ret; - switch (s2k->mode) - { - case CDK_S2K_SIMPLE : minlen = 0; break; -@@ -225,18 +253,6 @@ - return CDK_Inv_Packet; - } - -- s2k->hash_algo = cdk_stream_getc (inp); -- if (s2k->mode == CDK_S2K_SALTED || s2k->mode == CDK_S2K_ITERSALTED) -- { -- if (stream_read (inp, s2k->salt, DIM (s2k->salt), &nread)) -- return CDK_Inv_Packet; -- if (nread != DIM (s2k->salt)) -- return CDK_Inv_Packet; -- -- if (s2k->mode == CDK_S2K_ITERSALTED) -- s2k->count = cdk_stream_getc (inp); -- } -- - ske->seskeylen = pktlen - 4 - minlen; - /* We check if there is an encrypted session key and if it fits into - the buffer. The maximal key length is 256-bit. */ -@@ -421,14 +437,19 @@ - rc = read_s2k (inp, sk->protect.s2k); - if (rc) - return rc; -- sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo); -- if (!sk->protect.ivlen) -- return CDK_Inv_Packet; -- rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread); -- if (rc) -- return rc; -- if (nread != sk->protect.ivlen) -- return CDK_Inv_Packet; -+ /* refer to --export-secret-subkeys in gpg(1) */ -+ if (sk->protect.s2k->mode == CDK_S2K_GNU_EXT) -+ sk->protect.ivlen = 0; -+ else { -+ sk->protect.ivlen = gcry_cipher_get_algo_blklen (sk->protect.algo); -+ if (!sk->protect.ivlen) -+ return CDK_Inv_Packet; -+ rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread); -+ if (rc) -+ return rc; -+ if (nread != sk->protect.ivlen) -+ return CDK_Inv_Packet; -+ } - } - else - sk->protect.algo = sk->s2k_usage; -@@ -476,6 +497,22 @@ - return CDK_Out_Of_Core; - if (stream_read (inp, sk->encdata, sk->enclen, &nread)) - return CDK_Inv_Packet; -+ /* Handle the GNU S2K extensions we know (just gnu-dummy right now): */ -+ if (sk->protect.s2k->mode == CDK_S2K_GNU_EXT) { -+ unsigned char gnumode; -+ if ((sk->enclen < strlen("GNU") + 1) || -+ (0 != memcmp("GNU", sk->encdata, strlen("GNU")))) -+ return CDK_Inv_Packet; -+ gnumode = sk->encdata[strlen("GNU")]; -+ /* we only handle gnu-dummy (mode 1). -+ mode 2 should refer to external smart cards. -+ */ -+ if (gnumode != 1) -+ return CDK_Inv_Packet; -+ /* gnu-dummy should have no more data */ -+ if (sk->enclen != strlen("GNU") + 1) -+ return CDK_Inv_Packet; -+ } - nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) - return CDK_Inv_Algo; diff --git a/packaging/freebsd/security/monkeysphere/pkg-deinstall b/packaging/freebsd/security/monkeysphere/pkg-deinstall index 3000878..3e69eab 100755 --- a/packaging/freebsd/security/monkeysphere/pkg-deinstall +++ b/packaging/freebsd/security/monkeysphere/pkg-deinstall @@ -4,9 +4,9 @@ # monkeysphere's debian/monkeysphere.postrm) # Author: Daniel Kahn Gillmor -# Copyright 2008 +# Copyright 2008,2009 -# FIXME: is /var/lib/monkeysphere the right place for this stuff on +# FIXME: is /var/monkeysphere the right place for this stuff on # FreeBSD? VARLIB="/var/monkeysphere" diff --git a/packaging/freebsd/security/monkeysphere/pkg-install b/packaging/freebsd/security/monkeysphere/pkg-install index 70d37b5..435c69a 100755 --- a/packaging/freebsd/security/monkeysphere/pkg-install +++ b/packaging/freebsd/security/monkeysphere/pkg-install @@ -5,9 +5,9 @@ # debian/monkeysphere.postinst) # Author: Daniel Kahn Gillmor -# Copyright 2008 +# Copyright 2008,2009 -# FIXME: is /var/lib/monkeysphere the right place for this stuff on +# FIXME: is /var/monkeysphere the right place for this stuff on # FreeBSD? # PostgreSQL puts its data in /usr/local/pgsql/data @@ -57,16 +57,8 @@ POST-INSTALL) fi fi - ## set up the cache directories, and link them to the config files: + ## set up the monkeysphere authentication cache directory: - install -d -o root -g monkeysphere -m 750 "$VARLIB"/gnupg-host - ln -sf "$ETCDIR"/gnupg-host.conf "$VARLIB"/gnupg-host/gpg.conf - - install -d -o monkeysphere -g monkeysphere -m 700 "$VARLIB"/gnupg-authentication - ln -sf "$ETCDIR"/gnupg-authentication.conf "$VARLIB"/gnupg-authentication/gpg.conf - - install -d "$VARLIB"/tmp "$VARLIB"/authorized_keys - - monkeysphere-server diagnostics + monkeysphere-authentication setup ;; esac diff --git a/packaging/freebsd/security/monkeysphere/pkg-plist b/packaging/freebsd/security/monkeysphere/pkg-plist index 9d9d40a..b52f998 100644 --- a/packaging/freebsd/security/monkeysphere/pkg-plist +++ b/packaging/freebsd/security/monkeysphere/pkg-plist @@ -1,24 +1,49 @@ -sbin/monkeysphere-server +sbin/monkeysphere-host +sbin/monkeysphere-authentication share/doc/monkeysphere/TODO share/doc/monkeysphere/MonkeySpec share/doc/monkeysphere/getting-started-user.mdwn share/doc/monkeysphere/getting-started-admin.mdwn bin/openpgp2ssh -bin/monkeysphere-ssh-proxycommand +bin/pem2openpgp bin/monkeysphere +share/monkeysphere/mh +share/monkeysphere/mh/publish_key +share/monkeysphere/mh/import_key +share/monkeysphere/mh/set_expire +share/monkeysphere/mh/diagnostics +share/monkeysphere/mh/add_hostname +share/monkeysphere/mh/add_revoker +share/monkeysphere/mh/revoke_hostname +share/monkeysphere/mh/revoke_key +share/monkeysphere/keytrans +share/monkeysphere/defaultenv +share/monkeysphere/VERSION +share/monkeysphere/transitions +share/monkeysphere/transitions/0.23 +share/monkeysphere/transitions/README.txt +share/monkeysphere/ma +share/monkeysphere/ma/list_certifiers +share/monkeysphere/ma/add_certifier +share/monkeysphere/ma/update_users +share/monkeysphere/ma/setup +share/monkeysphere/ma/remove_certifier +share/monkeysphere/ma/diagnostics share/monkeysphere/common +share/monkeysphere/m +share/monkeysphere/m/gen_subkey +share/monkeysphere/m/ssh_proxycommand +share/monkeysphere/m/subkey_to_ssh_agent +share/monkeysphere/m/import_subkey @unexec if cmp -s %D/etc/monkeysphere/monkeysphere.conf.sample %D/etc/monkeysphere/monkeysphere.conf; then rm -f %D/etc/monkeysphere/monkeysphere.conf; fi etc/monkeysphere/monkeysphere.conf.sample @exec if [ ! -f %D/etc/monkeysphere/monkeysphere.conf ] ; then cp -p %D/%F %B/monkeysphere.conf; fi -@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-server.conf.sample %D/etc/monkeysphere/monkeysphere-server.conf; then rm -f %D/etc/monkeysphere/monkeysphere-server.conf; fi -etc/monkeysphere/monkeysphere-server.conf.sample -@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-server.conf ] ; then cp -p %D/%F %B/monkeysphere-server.conf; fi -@unexec if cmp -s %D/etc/monkeysphere/gnupg-host.conf.sample %D/etc/monkeysphere/gnupg-host.conf; then rm -f %D/etc/monkeysphere/gnupg-host.conf; fi -etc/monkeysphere/gnupg-host.conf.sample -@exec if [ ! -f %D/etc/monkeysphere/gnupg-host.conf ] ; then cp -p %D/%F %B/gnupg-host.conf; fi -@unexec if cmp -s %D/etc/monkeysphere/gnupg-authentication.conf.sample %D/etc/monkeysphere/gnupg-authentication.conf; then rm -f %D/etc/monkeysphere/gnupg-authentication.conf; fi -etc/monkeysphere/gnupg-authentication.conf.sample -@exec if [ ! -f %D/etc/monkeysphere/gnupg-authentication.conf ] ; then cp -p %D/%F %B/gnupg-authentication.conf; fi +@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-host.conf.sample %D/etc/monkeysphere/monkeysphere-host.conf; then rm -f %D/etc/monkeysphere/monkeysphere-host.conf; fi +etc/monkeysphere/monkeysphere-host.conf.sample +@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-host.conf ] ; then cp -p %D/%F %B/monkeysphere-host.conf; fi +@unexec if cmp -s %D/etc/monkeysphere/monkeysphere-authentication.conf.sample %D/etc/monkeysphere/monkeysphere-authentication.conf; then rm -f %D/etc/monkeysphere/monkeysphere-authentication.conf; fi +etc/monkeysphere/monkeysphere-authentication.conf.sample +@exec if [ ! -f %D/etc/monkeysphere/monkeysphere-authentication.conf ] ; then cp -p %D/%F %B/monkeysphere-authentication.conf; fi @dirrm share/doc/monkeysphere @dirrm share/monkeysphere @dirrm etc/monkeysphere -- cgit v1.2.3 From e63549bb6a927d737546a74ba8a912a9b60c979e Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 00:43:04 -0400 Subject: FreeBSD porting: using in-place sed to replace paths. Using pack("%32U",...) for checksum, which seems to work for both perl 5.8 and 5.10 --- packaging/freebsd/security/monkeysphere/Makefile | 19 ++++- .../security/monkeysphere/files/patch-etclocation | 54 ------------- .../monkeysphere/files/patch-sharelocation | 33 -------- .../monkeysphere/files/patch-src_share_keytrans | 11 +++ .../security/monkeysphere/files/patch-varlocation | 90 ---------------------- 5 files changed, 28 insertions(+), 179 deletions(-) delete mode 100644 packaging/freebsd/security/monkeysphere/files/patch-etclocation delete mode 100644 packaging/freebsd/security/monkeysphere/files/patch-sharelocation create mode 100644 packaging/freebsd/security/monkeysphere/files/patch-src_share_keytrans delete mode 100644 packaging/freebsd/security/monkeysphere/files/patch-varlocation (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index f625db6..46a1d01 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -28,9 +28,24 @@ MANCOMPRESSED= yes MAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample -# get rid of cruft after the patching: +# use proper system paths for FreeBSD instead of debian's: post-patch: - find . -iname '*.orig' -delete + @${REINPLACE_CMD} -e 's|/etc/monkeysphere|/usr/local/etc/monkeysphere|g' \ + ${WRKSRC}/src/share/defaultenv \ + ${WRKSRC}/src/transitions/0.23 \ + ${WRKSRC}/man/man1/monkeysphere.1 \ + ${WRKSRC}/man/man8/monkeysphere-authentication.8 \ + ${WRKSRC}/man/man8/monkeysphere-host.8 \ + ${WRKSRC}/etc/monkeysphere-authentication.conf + @${REINPLACE_CMD} -e 's|/var/lib/monkeysphere|/var/monkeysphere|g' \ + ${WRKSRC}/src/transitions/0.23 \ + ${WRKSRC}/man/man1/monkeysphere.1 \ + ${WRKSRC}/man/man8/monkeysphere-authentication.8 \ + ${WRKSRC}/man/man8/monkeysphere-host.8 \ + ${WRKSRC}/src/monkeysphere-host \ + ${WRKSRC}/src/monkeysphere-authentication \ + ${WRKSRC}/doc/getting-started-admin.mdwn + post-install: @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \ diff --git a/packaging/freebsd/security/monkeysphere/files/patch-etclocation b/packaging/freebsd/security/monkeysphere/files/patch-etclocation deleted file mode 100644 index 2ab3ac0..0000000 --- a/packaging/freebsd/security/monkeysphere/files/patch-etclocation +++ /dev/null @@ -1,54 +0,0 @@ -diff --git etc/monkeysphere-server.conf etc/monkeysphere-server.conf -index c001f2d..d33fd36 100644 ---- etc/monkeysphere-server.conf -+++ etc/monkeysphere-server.conf -@@ -17,7 +17,7 @@ - # authorized_keys file. '%h' will be replaced by the home directory - # of the user, and %u will be replaced by the username of the user. - # For purely admin-controlled authorized_user_ids, you might put them --# in /etc/monkeysphere/authorized_user_ids/%u, for instance. -+# in /usr/local/etc/monkeysphere/authorized_user_ids/%u, for instance. - #AUTHORIZED_USER_IDS="%h/.monkeysphere/authorized_user_ids" - - # Whether to add user controlled authorized_keys file to -diff --git man/man1/monkeysphere.1 man/man1/monkeysphere.1 -index 3ece735..09320d2 100644 ---- man/man1/monkeysphere.1 -+++ man/man1/monkeysphere.1 -@@ -111,7 +111,7 @@ Path to ssh authorized_keys file (~/.ssh/authorized_keys). - ~/.monkeysphere/monkeysphere.conf - User monkeysphere config file. - .TP --/etc/monkeysphere/monkeysphere.conf -+/usr/local/etc/monkeysphere/monkeysphere.conf - System-wide monkeysphere config file. - .TP - ~/.monkeysphere/authorized_user_ids -diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8 -index f207e2c..360408e 100644 ---- man/man8/monkeysphere-server.8 -+++ man/man8/monkeysphere-server.8 -@@ -203,10 +203,10 @@ User to control authentication keychain (monkeysphere). - .SH FILES - - .TP --/etc/monkeysphere/monkeysphere-server.conf -+/usr/local/etc/monkeysphere/monkeysphere-server.conf - System monkeysphere-server config file. - .TP --/etc/monkeysphere/monkeysphere.conf -+/usr/local/etc/monkeysphere/monkeysphere.conf - System-wide monkeysphere config file. - .TP - /var/lib/monkeysphere/authorized_keys/USER ---- src/common.orig 2008-10-12 14:58:00.000000000 -0400 -+++ src/common 2008-10-25 17:40:34.000000000 -0400 -@@ -16,7 +16,7 @@ - ### COMMON VARIABLES - - # managed directories --SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/etc/monkeysphere"} -+SYSCONFIGDIR=${MONKEYSPHERE_SYSCONFIGDIR:-"/usr/local/etc/monkeysphere"} - export SYSCONFIGDIR - - ######################################################################## diff --git a/packaging/freebsd/security/monkeysphere/files/patch-sharelocation b/packaging/freebsd/security/monkeysphere/files/patch-sharelocation deleted file mode 100644 index e41c479..0000000 --- a/packaging/freebsd/security/monkeysphere/files/patch-sharelocation +++ /dev/null @@ -1,33 +0,0 @@ ---- src/monkeysphere.orig 2008-10-12 14:58:00.000000000 -0400 -+++ src/monkeysphere 2008-10-25 17:41:41.000000000 -0400 -@@ -13,7 +13,7 @@ - ######################################################################## - PGRM=$(basename $0) - --SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} -+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"} - export SYSSHAREDIR - . "${SYSSHAREDIR}/common" || exit 1 - ---- src/monkeysphere-server.orig 2008-10-25 14:17:50.000000000 -0400 -+++ src/monkeysphere-server 2008-10-25 17:42:50.000000000 -0400 -@@ -13,7 +13,7 @@ - ######################################################################## - PGRM=$(basename $0) - --SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} -+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"} - export SYSSHAREDIR - . "${SYSSHAREDIR}/common" || exit 1 - ---- src/monkeysphere-ssh-proxycommand.orig -+++ src/monkeysphere-ssh-proxycommand -@@ -16,7 +16,7 @@ - ######################################################################## - PGRM=$(basename $0) - --SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/share/monkeysphere"} -+SYSSHAREDIR=${MONKEYSPHERE_SYSSHAREDIR:-"/usr/local/share/monkeysphere"} - export SYSSHAREDIR - . "${SYSSHAREDIR}/common" || exit 1 - diff --git a/packaging/freebsd/security/monkeysphere/files/patch-src_share_keytrans b/packaging/freebsd/security/monkeysphere/files/patch-src_share_keytrans new file mode 100644 index 0000000..9d584ac --- /dev/null +++ b/packaging/freebsd/security/monkeysphere/files/patch-src_share_keytrans @@ -0,0 +1,11 @@ +--- src/share/keytrans 2009-03-01 13:39:50.000000000 -0500 ++++ src/share/keytrans 2009-03-10 00:39:53.681890554 -0400 +@@ -199,7 +199,7 @@ + sub simple_checksum { + my $bytes = shift; + +- return unpack("%32W*",$bytes) % 65536; ++ return unpack("%32U*",$bytes) % 65536; + } + + # calculate the multiplicative inverse of a mod b this is euclid's diff --git a/packaging/freebsd/security/monkeysphere/files/patch-varlocation b/packaging/freebsd/security/monkeysphere/files/patch-varlocation deleted file mode 100644 index c4d8dcd..0000000 --- a/packaging/freebsd/security/monkeysphere/files/patch-varlocation +++ /dev/null @@ -1,90 +0,0 @@ -diff --git man/man8/monkeysphere-server.8 man/man8/monkeysphere-server.8 -index f207e2c..29c7b6a 100644 ---- man/man8/monkeysphere-server.8 -+++ man/man8/monkeysphere-server.8 -@@ -128,7 +128,7 @@ command to push the key to a keyserver. You must also modify the - sshd_config on the server to tell sshd where the new server host key - is located: - --HostKey /var/lib/monkeysphere/ssh_host_rsa_key -+HostKey /var/monkeysphere/ssh_host_rsa_key - - In order for users logging into the system to be able to verify the - host via the monkeysphere, at least one person (e.g. a server admin) -@@ -170,7 +170,7 @@ users. You must also tell sshd to look at the monkeysphere-generated - authorized_keys file for user authentication by setting the following - in the sshd_config: - --AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u -+AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u - - It is recommended to add "monkeysphere-server update-users" to a - system crontab, so that user keys are kept up-to-date, and key -@@ -209,17 +209,17 @@ System monkeysphere-server config file. - /etc/monkeysphere/monkeysphere.conf - System-wide monkeysphere config file. - .TP --/var/lib/monkeysphere/authorized_keys/USER -+/var/monkeysphere/authorized_keys/USER - Monkeysphere-generated user authorized_keys files. - .TP --/var/lib/monkeysphere/ssh_host_rsa_key -+/var/monkeysphere/ssh_host_rsa_key - Copy of the host's private key in ssh format, suitable for use by - sshd. - .TP --/var/lib/monkeysphere/gnupg-host -+/var/monkeysphere/gnupg-host - Monkeysphere host GNUPG home directory. - .TP --/var/lib/monkeysphere/gnupg-authentication -+/var/monkeysphere/gnupg-authentication - Monkeysphere authentication GNUPG home directory. - - .SH AUTHOR -diff --git doc/getting-started-admin.mdwn doc/getting-started-admin.mdwn -index 6c8ad53..67fdda1 100644 ---- doc/getting-started-admin.mdwn -+++ doc/getting-started-admin.mdwn -@@ -30,7 +30,7 @@ To use the newly-generated host key for ssh connections, put the - following line in `/etc/ssh/sshd_config` (be sure to remove references - to any other keys): - -- HostKey /var/lib/monkeysphere/ssh_host_rsa_key -+ HostKey /var/monkeysphere/ssh_host_rsa_key - - FIXME: should we just suggest symlinks in the filesystem here instead? - -@@ -40,7 +40,7 @@ To enable users to use the monkeysphere to authenticate using the - OpenPGP web of trust, add this line to `/etc/ssh/sshd_config` (again, - making sure that no other AuthorizedKeysFile directive exists): - -- AuthorizedKeysFile /var/lib/monkeysphere/authorized_keys/%u -+ AuthorizedKeysFile /var/monkeysphere/authorized_keys/%u - - And then read the section below about how to ensure these files are - maintained. You'll need to restart `sshd` to have your changes take ---- src/monkeysphere-server.orig 2008-10-25 18:01:19.000000000 -0400 -+++ src/monkeysphere-server 2008-10-25 18:01:24.000000000 -0400 -@@ -17,7 +17,7 @@ - export SYSSHAREDIR - . "${SYSSHAREDIR}/common" || exit 1 - --SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} -+SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/monkeysphere"} - export SYSDATADIR - - # UTC date in ISO 8601 format if needed ---- etc/gnupg-authentication.conf.orig 2008-10-25 18:02:58.000000000 -0400 -+++ etc/gnupg-authentication.conf 2008-10-25 18:03:04.000000000 -0400 -@@ -4,8 +4,8 @@ - # It is highly recommended that you - # DO NOT MODIFY - # these variables. --primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg --keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg -+primary-keyring /var/monkeysphere/gnupg-authentication/pubring.gpg -+keyring /var/monkeysphere/gnupg-host/pubring.gpg - - # PGP keyserver to use for PGP queries. - keyserver hkp://pgp.mit.edu -- cgit v1.2.3 From 4be67d246780ed85bc45c730f374100949fa61e9 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 00:44:29 -0400 Subject: FreeBSD porting: do one more path translation. --- packaging/freebsd/security/monkeysphere/Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index 46a1d01..c54f56c 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -45,7 +45,10 @@ post-patch: ${WRKSRC}/src/monkeysphere-host \ ${WRKSRC}/src/monkeysphere-authentication \ ${WRKSRC}/doc/getting-started-admin.mdwn - + @${REINPLACE_CMD} -e 's|/usr/share/monkeysphere|/usr/local/share/monkeysphere|g' \ + ${WRKSRC}/src/monkeysphere-host \ + ${WRKSRC}/src/monkeysphere-authentication \ + ${WRKSRC}/src/monkeysphere post-install: @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \ -- cgit v1.2.3 From 9e9966f07914d394771aa33900f5b86576318a23 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 01:08:59 -0400 Subject: FreeBSD: clean up some portlint warnings. --- packaging/freebsd/security/monkeysphere/Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index c54f56c..4fad979 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -10,10 +10,11 @@ PORTVERSION= 0.24 CATEGORIES= security MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/ # hack for debian orig tarballs -DISTFILES= ${PORTNAME}_${DISTVERSION}.orig.tar.gz +DISTNAME= ${PORTNAME}_${DISTVERSION} +EXTRACT_SUFX= .orig.tar.gz MAINTAINER= dkg@fifthhorseman.net -COMMENT= use the OpenPGP web of trust to verify ssh connections +COMMENT= Use the OpenPGP web of trust to verify ssh connections RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ lockfile:${PORTSDIR}/mail/procmail \ -- cgit v1.2.3 From e6c5dca14f7e694d77621e671202464bba41666a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 01:18:16 -0400 Subject: FreeBSD packaging: use tabs for variable declarations in Makefile --- packaging/freebsd/security/monkeysphere/Makefile | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index 4fad979..ba293ea 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -5,18 +5,18 @@ # $FreeBSD$ # -PORTNAME= monkeysphere -PORTVERSION= 0.24 -CATEGORIES= security -MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/ +PORTNAME= monkeysphere +PORTVERSION= 0.24 +CATEGORIES= security +MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/ # hack for debian orig tarballs -DISTNAME= ${PORTNAME}_${DISTVERSION} -EXTRACT_SUFX= .orig.tar.gz +DISTNAME= ${PORTNAME}_${DISTVERSION} +EXTRACT_SUFX= .orig.tar.gz -MAINTAINER= dkg@fifthhorseman.net -COMMENT= Use the OpenPGP web of trust to verify ssh connections +MAINTAINER= dkg@fifthhorseman.net +COMMENT= Use the OpenPGP web of trust to verify ssh connections -RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ +RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ lockfile:${PORTSDIR}/mail/procmail \ bash:${PORTSDIR}/shells/bash \ ${SITE_PERL}/${PERL_ARCH}/Crypt/OpenSSL/RSA.pm:${PORTSDIR}/security/p5-Crypt-OpenSSL-RSA \ @@ -25,9 +25,9 @@ RUN_DEPENDS= gpg:${PORTSDIR}/security/gnupg1 \ MAN1= monkeysphere.1 openpgp2ssh.1 pem2openpgp.1 MAN7= monkeysphere.7 MAN8= monkeysphere-host.8 monkeysphere-authentication.8 -MANCOMPRESSED= yes +MANCOMPRESSED= yes -MAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample +MAKE_ARGS= ETCPREFIX=${PREFIX} MANPREFIX=${PREFIX}/man ETCSUFFIX=.sample # use proper system paths for FreeBSD instead of debian's: post-patch: -- cgit v1.2.3 From db21b3340c2b7ade19eaecb306814fc0e54666f1 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 02:06:25 -0400 Subject: cleaning up a lingering non-portable mktemp invocation. --- .../security/monkeysphere/files/patch-src_monkeysphere-host | 11 +++++++++++ src/monkeysphere-host | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 packaging/freebsd/security/monkeysphere/files/patch-src_monkeysphere-host (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/files/patch-src_monkeysphere-host b/packaging/freebsd/security/monkeysphere/files/patch-src_monkeysphere-host new file mode 100644 index 0000000..9414c73 --- /dev/null +++ b/packaging/freebsd/security/monkeysphere/files/patch-src_monkeysphere-host @@ -0,0 +1,11 @@ +--- src/monkeysphere-host ++++ src/monkeysphere-host +@@ -103,7 +103,7 @@ update_gpg_pub_file() { + load_fingerprint() { + if [ -f "$HOST_KEY_FILE" ] ; then + HOST_FINGERPRINT=$( \ +- (FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \ ++ (FUBAR=$(msmktempdir) && export GNUPGHOME="$FUBAR" \ + && gpg --quiet --import \ + && gpg --quiet --list-keys --with-colons --with-fingerprint \ + && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \ diff --git a/src/monkeysphere-host b/src/monkeysphere-host index b052ca1..6136399 100755 --- a/src/monkeysphere-host +++ b/src/monkeysphere-host @@ -103,7 +103,7 @@ update_gpg_pub_file() { load_fingerprint() { if [ -f "$HOST_KEY_FILE" ] ; then HOST_FINGERPRINT=$( \ - (FUBAR=$(mktemp -d) && export GNUPGHOME="$FUBAR" \ + (FUBAR=$(msmktempdir) && export GNUPGHOME="$FUBAR" \ && gpg --quiet --import \ && gpg --quiet --list-keys --with-colons --with-fingerprint \ && rm -rf "$FUBAR") <"$HOST_KEY_FILE" \ -- cgit v1.2.3 From 53c9fcabe2881cbb7e231ab9ec7270e54a211845 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 02:07:15 -0400 Subject: FreeBSD porting: trying to make sure package cleanup goes smoothly. --- packaging/freebsd/security/monkeysphere/Makefile | 1 + packaging/freebsd/security/monkeysphere/pkg-plist | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index ba293ea..b6cacaf 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -12,6 +12,7 @@ MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkey # hack for debian orig tarballs DISTNAME= ${PORTNAME}_${DISTVERSION} EXTRACT_SUFX= .orig.tar.gz +WRKSRC= work/${PORTNAME}-${DISTVERSION} MAINTAINER= dkg@fifthhorseman.net COMMENT= Use the OpenPGP web of trust to verify ssh connections diff --git a/packaging/freebsd/security/monkeysphere/pkg-plist b/packaging/freebsd/security/monkeysphere/pkg-plist index b52f998..95afa01 100644 --- a/packaging/freebsd/security/monkeysphere/pkg-plist +++ b/packaging/freebsd/security/monkeysphere/pkg-plist @@ -7,7 +7,6 @@ share/doc/monkeysphere/getting-started-admin.mdwn bin/openpgp2ssh bin/pem2openpgp bin/monkeysphere -share/monkeysphere/mh share/monkeysphere/mh/publish_key share/monkeysphere/mh/import_key share/monkeysphere/mh/set_expire @@ -19,10 +18,8 @@ share/monkeysphere/mh/revoke_key share/monkeysphere/keytrans share/monkeysphere/defaultenv share/monkeysphere/VERSION -share/monkeysphere/transitions share/monkeysphere/transitions/0.23 share/monkeysphere/transitions/README.txt -share/monkeysphere/ma share/monkeysphere/ma/list_certifiers share/monkeysphere/ma/add_certifier share/monkeysphere/ma/update_users @@ -30,7 +27,6 @@ share/monkeysphere/ma/setup share/monkeysphere/ma/remove_certifier share/monkeysphere/ma/diagnostics share/monkeysphere/common -share/monkeysphere/m share/monkeysphere/m/gen_subkey share/monkeysphere/m/ssh_proxycommand share/monkeysphere/m/subkey_to_ssh_agent @@ -45,5 +41,9 @@ etc/monkeysphere/monkeysphere-host.conf.sample etc/monkeysphere/monkeysphere-authentication.conf.sample @exec if [ ! -f %D/etc/monkeysphere/monkeysphere-authentication.conf ] ; then cp -p %D/%F %B/monkeysphere-authentication.conf; fi @dirrm share/doc/monkeysphere +@dirrm share/monkeysphere/transitions +@dirrm share/monkeysphere/mh +@dirrm share/monkeysphere/ma +@dirrm share/monkeysphere/m @dirrm share/monkeysphere @dirrm etc/monkeysphere -- cgit v1.2.3 From 309e0854c96d9f2702fec433af049ad7d41d8e71 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 02:14:36 -0400 Subject: FreeBSD packaging: make sure to clean up cruft after in-place sed replacement. --- packaging/freebsd/security/monkeysphere/Makefile | 2 ++ 1 file changed, 2 insertions(+) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index b6cacaf..f2484b5 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -51,6 +51,8 @@ post-patch: ${WRKSRC}/src/monkeysphere-host \ ${WRKSRC}/src/monkeysphere-authentication \ ${WRKSRC}/src/monkeysphere + # and clean up cruft from the sed replacements: + find ${WRKSRC} -name '*.bak' -delete post-install: @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \ -- cgit v1.2.3 From 69b3e256e2017d5664ef37d06aae5e5bcf446575 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Tue, 10 Mar 2009 02:33:29 -0400 Subject: FreeBSD packaging: revert to simpler hack for debian tarballs; use ${FIND} instead of find --- packaging/freebsd/security/monkeysphere/Makefile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'packaging') diff --git a/packaging/freebsd/security/monkeysphere/Makefile b/packaging/freebsd/security/monkeysphere/Makefile index f2484b5..65d71f4 100644 --- a/packaging/freebsd/security/monkeysphere/Makefile +++ b/packaging/freebsd/security/monkeysphere/Makefile @@ -10,9 +10,7 @@ PORTVERSION= 0.24 CATEGORIES= security MASTER_SITES= http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/ # hack for debian orig tarballs -DISTNAME= ${PORTNAME}_${DISTVERSION} -EXTRACT_SUFX= .orig.tar.gz -WRKSRC= work/${PORTNAME}-${DISTVERSION} +DISTFILES= ${PORTNAME}_${DISTVERSION}.orig.tar.gz MAINTAINER= dkg@fifthhorseman.net COMMENT= Use the OpenPGP web of trust to verify ssh connections @@ -52,7 +50,7 @@ post-patch: ${WRKSRC}/src/monkeysphere-authentication \ ${WRKSRC}/src/monkeysphere # and clean up cruft from the sed replacements: - find ${WRKSRC} -name '*.bak' -delete + ${FIND} ${WRKSRC} -name '*.bak' -delete post-install: @if [ ! -f ${PREFIX}/etc/monkeysphere/monkeysphere.conf ]; then \ -- cgit v1.2.3