From: Daniel Kahn Gillmor Date: Tue, 23 Mar 2010 19:27:27 +0000 (-0400) Subject: Merge branch 'master' into debian X-Git-Tag: monkeysphere_0.30-1~8 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=3290ebcab477ac749c150730526894909bdbbfcc;hp=8adb9ceeaee5e4684f47b80de883e1b1daf158a2;p=monkeysphere.git Merge branch 'master' into debian --- diff --git a/debian/70monkeysphere_use-validation-agent b/debian/70monkeysphere_use-validation-agent new file mode 100644 index 0000000..c3135a8 --- /dev/null +++ b/debian/70monkeysphere_use-validation-agent @@ -0,0 +1,38 @@ +# /etc/X11/Xsession.d/70monkeysphere_use-validation-agent + +# This is a script to be sourced by Xsession. It wraps the session +# startup argument with a monkeysphere-validation-agent nested +# process, if available and none already exist. + +# Enable this system-wide by setting +# MONKEYSPHERE_USE_VALIDATION_AGENT=true in +# /etc/monkeysphere/monkeysphere.conf + +# Note that there is some weird interaction between this and +# dbus-session at the moment: dbus-launch can start the msva just +# fine, but if msva tries to start dbus-launch, dbus-launch fails +# with: + +# Failed to waitpid() for babysitter intermediate process: No child processes + +# So this is placed at position 70 -- *before* the dbus Xsession +# startup script, which is at 75 as of 2010-03-12, when i wrote this. + +# this is also good, because it means that the MSVA will learn about +# the dbus session parameters, in case we want the agent to use dbus +# to communicate with the user. + +# Author: Daniel Kahn Gillmor + +MSVAGENT=/usr/bin/monkeysphere-validation-agent +MSSYSCONFIG=/etc/monkeysphere/monkeysphere.conf +MSUSERCONFIG="$HOME/.monkeysphere/monkeysphere.conf" + +if [ -x "$MSVAGENT" ] ; then + if [ "$(USE_VALIDATION_AGENT= +. "$MSSYSCONFIG" 2>/dev/null +. "$MSUSERCONFIG" 2>/dev/null || : +printf '%s' "$USE_VALIDATION_AGENT")" = "true" ] ; then + STARTUP="$MSVAGENT $STARTUP" + fi +fi diff --git a/debian/NEWS b/debian/NEWS new file mode 100644 index 0000000..8551c87 --- /dev/null +++ b/debian/NEWS @@ -0,0 +1,22 @@ +monkeysphere (0.23-1) unstable; urgency=low + + * There has been a major interface and data refactoring. Please see the + man pages for details. Major changes are listed here: + * For end users: monkeysphere-ssh-proxycommand is no more. + its functionality has been folded into monkeysphere as a subcommand. + So if you are currently using: + ssh -oProxyCommand='monkeysphere-ssh-proxycommand %h %p' + please use instead: + ssh -oProxyCommand='monkeysphere ssh-proxycommand %h %p' + * For sysadmins: monkeysphere-server has been split into + monkeysphere-host (for publishing the ssh host key of your machine) + and monkeysphere-authentication (for setting up your machine to + authenticate users via the OpenPGP Web of Trust) + * For too-curious sysadmins: the layout of /var/lib/monkeysphere has + changed dramatically. If you did any tricky tweaking of the files in + there, you probably want to check that your changes have been + preserved after the upgrade. The old files can be found in + /var/lib/monkeysphere/backup-from-0.23-transition. + + -- Daniel Kahn Gillmor Wed, 18 Feb 2009 21:29:22 -0500 + diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..aaefcaf --- /dev/null +++ b/debian/changelog @@ -0,0 +1,96 @@ +monkeysphere (0.30~pre-1) UNRELEASED; urgency=low + + * New upstream release + * Move to git buildpackage + * Specify source format 3.0 (quilt) + + -- Daniel Kahn Gillmor Tue, 23 Mar 2010 13:59:26 -0400 + +monkeysphere (0.29-1) unstable; urgency=low + + [ Jameson Graef Rollins ] + * New upstream release + + [ Daniel Kahn Gillmor ] + * bumped Standards-Version to 3.8.4 (no changes needed) + * indicated bash dependency on version 3.2 or later (see MS #1687) + * including /etc/Xsession.d/70monkeysphere_use_validation_agent so that + administrators and users can choose to start up a validation agent for + each X session using monkeysphere.conf + + -- Daniel Kahn Gillmor Sun, 14 Mar 2010 21:07:17 -0400 + +monkeysphere (0.28-1) unstable; urgency=low + + * New upstream release + * Separate upstream and debian changelogs + + -- Jameson Rollins Tue, 19 Jan 2010 13:56:17 -0500 + +monkeysphere (0.27-1) unstable; urgency=low + + * New upstream release + * updated debian/copyright to match the latest revision of DEP5. + * updated standards version to 3.8.3 (no changes needed) + * add cpio to Build-Depends (used in test suite) (Closes: #562444) + + -- Jameson Rollins Mon, 11 Jan 2010 20:54:21 -0500 + +monkeysphere (0.26-1) unstable; urgency=low + + * New upstream release (Closes: #527765) + + -- Jameson Graef Rollins Sat, 01 Aug 2009 17:11:05 -0400 + +monkeysphere (0.25-1) unstable; urgency=low + + * New upstream release (closes: #534008) + * update Standard-Version to 3.8.2 (no changes needed) + + -- Jameson Graef Rollins Thu, 16 Jul 2009 22:09:19 -0400 + +monkeysphere (0.24-1) unstable; urgency=low + + * New upstream release (Closes: #517779) + * update/cleanup maintainer scripts + * remove GnuTLS dependency + * remove versioned coreutils | base64 dependency + * added Build-Deps for dh_autotest + * switch to Architecture: all + * added cron to Recommends + + -- Jameson Graef Rollins Tue, 03 Mar 2009 19:38:33 -0500 + +monkeysphere (0.23.1-1) unstable; urgency=low + + * New upstrem release ("brown paper bag" to adjust internal version numbers) + + -- Daniel Kahn Gillmor Sat, 21 Feb 2009 18:09:47 -0500 + +monkeysphere (0.23-1) unstable; urgency=low + + * New upstream release: "The Golden Bezoar Release" + + -- Daniel Kahn Gillmor Sat, 21 Feb 2009 17:51:06 -0500 + +monkeysphere (0.22-1) unstable; urgency=low + + * New upstream release + * debian/control: corrected alternate dependency from procfile to + procmail (which provides /usr/bin/lockfile) + + -- Jameson Graef Rollins Fri, 28 Nov 2008 14:23:31 -0500 + +monkeysphere (0.21-2) unstable; urgency=low + + * actually rmdir /var/lib/monkeysphere-* during prerm if possible. + + -- Daniel Kahn Gillmor Sat, 15 Nov 2008 16:36:57 -0500 + +monkeysphere (0.21-1) unstable; urgency=low + + * New upstream initial release to Debian (Closes: #505806) + * Add debian prerm script, and add debhelper lines to other install + scripts. + + -- Jameson Graef Rollins Sat, 15 Nov 2008 16:14:27 -0500 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7f8f011 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..6cd0143 --- /dev/null +++ b/debian/control @@ -0,0 +1,43 @@ +Source: monkeysphere +Section: net +Priority: extra +Maintainer: Jameson Rollins +Uploaders: Daniel Kahn Gillmor +Build-Depends: debhelper (>= 7.0), + cpio, + socat, + openssh-server, + gnupg, + libcrypt-openssl-rsa-perl, + libdigest-sha-perl, + lockfile-progs | procmail, + openssl, + bash (>= 3.2) +Standards-Version: 3.8.4 +Homepage: http://web.monkeysphere.info/ +Vcs-Git: git://git.monkeysphere.info/monkeysphere +Dm-Upload-Allowed: yes + +Package: monkeysphere +Architecture: all +Depends: openssh-client, + gnupg, + libcrypt-openssl-rsa-perl, + libdigest-sha-perl, + lockfile-progs | procmail, + adduser, + ${misc:Depends} +Recommends: netcat | socat, ssh-askpass, cron +Suggests: monkeysphere-validation-agent +Enhances: openssh-client, openssh-server +Description: leverage the OpenPGP web of trust for SSH and TLS authentication + SSH key-based authentication is tried-and-true, but it lacks a true + Public Key Infrastructure for key certification, revocation and + expiration. Monkeysphere is a framework that uses the OpenPGP web of + trust for these PKI functions. It can be used in both directions: + for users to get validated host keys, and for hosts to authenticate + users. Current monkeysphere SSH tools are designed to integrate + with the OpenSSH implementation of the Secure Shell protocol. + . + Monkeysphere can also be used by a validation agent to validate TLS + connections (e.g. https). diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..7ddbec4 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,25 @@ +Name: Monkeysphere +Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=59 +Source: http://web.monkeysphere.info/download +Maintainer: Monkeysphere Developers + +Files: * +Copyright: 2008,2009 Jameson Rollins , + Daniel Kahn Gillmor , + Jamie McClelland , + Micah Anderson , + Matthew Goins , + Mike Castleman , + Elliot Winard , + Ross Glover , + Greg Lyle +License: GPL-3+ + +License: GPL-3+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + . + On Debian systems, the complete text of the GNU General Public License + version 3 can be found in file "/usr/share/common-licenses/GPL-3". diff --git a/debian/monkeysphere.dirs b/debian/monkeysphere.dirs new file mode 100644 index 0000000..3e39efe --- /dev/null +++ b/debian/monkeysphere.dirs @@ -0,0 +1,12 @@ +var/lib/monkeysphere +usr/bin +usr/sbin +usr/share +usr/share/monkeysphere +usr/share/man +usr/share/man/man1 +usr/share/man/man7 +usr/share/man/man8 +etc/monkeysphere +etc/X11 +etc/X11/Xsession.d diff --git a/debian/monkeysphere.install b/debian/monkeysphere.install new file mode 100644 index 0000000..63a2dd7 --- /dev/null +++ b/debian/monkeysphere.install @@ -0,0 +1 @@ +debian/70monkeysphere_use-validation-agent etc/X11/Xsession.d diff --git a/debian/monkeysphere.postinst b/debian/monkeysphere.postinst new file mode 100755 index 0000000..8c6a555 --- /dev/null +++ b/debian/monkeysphere.postinst @@ -0,0 +1,44 @@ +#!/bin/sh + +# postinst script for monkeysphere + +# Author: Jameson Rollins +# Copyright 2008-2010 + +set -e + +VARLIB="/var/lib/monkeysphere" + +case $1 in + configure) + # add a monkeysphere user if one does not already exist + if ! getent passwd monkeysphere >/dev/null ; then + echo "adding monkeysphere user..." + adduser --quiet --system --no-create-home --group \ + --home "$VARLIB" \ + --shell '/bin/bash' \ + --gecos 'monkeysphere authentication user,,,' \ + monkeysphere + fi + + # try all available transitions: + for trans in 0.23 0.28 ; do + /usr/share/monkeysphere/transitions/$trans || { \ + RET=$? + echo "Failed running transition script /usr/share/monkeysphere/transitions/$trans" >&2 + exit $RET + } + done + + + # setup monkeysphere authentication + monkeysphere-authentication setup + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/monkeysphere.postrm b/debian/monkeysphere.postrm new file mode 100755 index 0000000..d789012 --- /dev/null +++ b/debian/monkeysphere.postrm @@ -0,0 +1,27 @@ +#!/bin/sh + +# postrm script for monkeysphere + +# Author: Jameson Rollins +# Copyright 2008-2009 + +set -e + +case $1 in + purge) + # delete monkeysphere user + # http://wiki.debian.org/AccountHandlingInMaintainerScripts + if which deluser >/dev/null 2>&1 ; then + deluser --quiet --system monkeysphere > /dev/null || true + else + echo >&2 "not removing monkeysphere system account because deluser command was not found" + fi + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 diff --git a/debian/monkeysphere.prerm b/debian/monkeysphere.prerm new file mode 100755 index 0000000..1a5135a --- /dev/null +++ b/debian/monkeysphere.prerm @@ -0,0 +1,36 @@ +#!/bin/sh -e + +# prerm script for monkeysphere + +# the only thing we're doing here is making sure that the local +# administrator is not trying to downgrade to a version below 0.23, +# since there was such a major reorganization of system data during +# the transition to 0.23. + +# Author: Daniel Kahn Gillmor +# Copyright 2009 + +set -e + +case "$1" in + upgrade) + if dpkg --compare-versions "$2" lt 0.23 ; then + cat >&2 <