diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 323 | ||||
| -rw-r--r-- | debian/compat | 1 | ||||
| -rw-r--r-- | debian/control | 119 | ||||
| -rw-r--r-- | debian/copyright | 182 | ||||
| -rw-r--r-- | debian/gbp.conf | 10 | ||||
| -rw-r--r-- | debian/keytab-backend.dirs | 2 | ||||
| -rw-r--r-- | debian/keytab-backend.docs | 2 | ||||
| -rw-r--r-- | debian/keytab-backend.install | 5 | ||||
| -rwxr-xr-x | debian/rules | 35 | ||||
| -rw-r--r-- | debian/source/format | 1 | ||||
| -rw-r--r-- | debian/upstream/signing-key.asc | 161 | ||||
| -rw-r--r-- | debian/wallet-client.docs | 2 | ||||
| -rw-r--r-- | debian/wallet-client.install | 4 | ||||
| -rw-r--r-- | debian/wallet-server.dirs | 1 | ||||
| -rw-r--r-- | debian/wallet-server.docs | 8 | ||||
| -rw-r--r-- | debian/wallet-server.examples | 4 | ||||
| -rw-r--r-- | debian/wallet-server.install | 11 | ||||
| -rw-r--r-- | debian/watch | 3 |
18 files changed, 874 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..572f1126 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,323 @@ +wallet (1.3-2) UNRELEASED; urgency=medium + + * Add upstream-vcs-tag pattern to debian/gbp.conf. + + -- Russ Allbery <rra@debian.org> Sun, 03 Jun 2018 16:57:41 -0700 + +wallet (1.3-1) unstable; urgency=medium + + * New upstream release. + - Initial experimental support for Active Directory as the KDC by + setting KEYTAB_KRBTYPE to AD. + - New nested ACL scheme to group other ACLs. + - New external ACL scheme that runs an external command. + - New variation on the ldap-attr ACL scheme, ldap-attr-root, that + requires the principal end in /root and removes that part of the + principal name when checking LDAP. + - New password object type that generates a new, random password if no + password was previously stored. + - New update wallet command that always updates the contents of an + object before returning it, even if it is marked unchanging. In the + long term, the unchanging flag will be replaced by this distinction + between get and update. + - New acl replace wallet command that changes all objects owned by one + ACL to be owned by a different ACL. This currently only handles + owner, not the more specific ACLs. + - All ACL operations now refer to the ACL by name instead of ID. + - New report for unstored objects. + - New report to list all object types and ACL schemes. + - New report to list all ACLs that nest another ACL. + - New report that dumps all object history. + - Displays of ACLs and ACL entries are now sorted correctly. + * Add explicit build dependency on libmodule-build-perl, since it is no + no longer provided by the perl package. + * Change the branch layout to follow DEP-14. + * Run wrap-and-sort -ast on the package. + * Remove explicit setting of xz as the Debian source package compression + type. This is now the default. + * Refresh upstream signing key. + + -- Russ Allbery <rra@debian.org> Sun, 17 Jan 2016 20:25:41 -0800 + +wallet (1.2-1) unstable; urgency=medium + + * New upstream release. + - New object types duo-radius, duo-ldap, and duo-rdp. + - New rename command for file objects. + * Add a gbp.conf file to reflect the branch layout and settings of the + normal packaging repository. + * Update standards version to 3.9.6 (no changes required). + + -- Russ Allbery <rra@debian.org> Mon, 08 Dec 2014 21:13:21 -0800 + +wallet (1.1-1) unstable; urgency=medium + + * New upstream release. + - New object type, duo, which creates a UNIX integration with the Duo + Security cloud multifactor authentication service. + - The owner and getacl commands now return the name of the ACL. + - The date passed to expires can be any date format understood by + Date::Parse. + - wallet-rekey now works properly with keytabs containing multiple + principals and does not store new principals in a separate file + first. + - Fix setting enctype restrictions on keytab objects and populate the + reference table for valid enctypes on database creation. + - Fix Wallet::Config documentation of ldap_map_principal. + - Generate a long, random password when creating new principals in the + Heimdal KDC to avoid problems with password quality checks. + - Remove erroneous foreign key constraints between the object history + and objects table, an incorrect linkage in the ACL history table, + and add indices for object type, name, and ACL. + - Use DateTime objects uniformly in the database layer. + - ACL renames are now recorded in the ACL history. + - Fix wallet-backend parsing of the expires command to expect only one + argument. + - Fix ordering of table drops during wallet-admin destroy to honor + foreign key reference constraints. + - The initial ADMIN ACL creation is no longer documented in history. + * Document in the wallet-server package description that a DBD::* module + and corresponding DateTime::Format::* module are required. (There + isn't a way to fully represent the required dependency.) + * Rebuild Autoconf and Automake files during the build. + * Define AUTOMATED_TESTING to enable some additional Perl tests. + * Adjust debian/rules for the new Module::Build Perl build system. + * Drop now-unneeded dh_builddeb override for xz compression. + * Enable uscan verification of the GnuPG signatures on upstream + releases in debian/watch. + * Update standards version to 3.9.5 (no changes required). + + -- Russ Allbery <rra@debian.org> Wed, 16 Jul 2014 17:08:35 -0700 + +wallet (1.0-5) unstable; urgency=low + + * Cherry-pick upstream commit to randomize the password used for initial + Kerberos principal creation when talking to a Heimdal KDC. + + -- Russ Allbery <rra@debian.org> Thu, 09 Jan 2014 14:05:19 -0800 + +wallet (1.0-4) unstable; urgency=low + + * Cherry-pick upstream commit to fix wallet-rekey when used with keytabs + that contain multiple principals. + * Cherry-pick upstream commit to fix the skipped test count for the + ldap-attr verifier test. + * Add libauthen-sasl-perl and libnet-ldap-perl to Build-Depends for the + test suite. + + -- Russ Allbery <rra@debian.org> Mon, 06 Jan 2014 21:27:50 -0800 + +wallet (1.0-3) unstable; urgency=low + + * Cherry-pick upstream commits to fix ACL history entries with + PostgreSQL, an incorrect foreign key constraint for the object + history, and bugs in handling of enctype restrictions for keytabs. + * Move the DateTime::Format::* Perl modules for various databases to + Depends from Recommends and add the Pg and MySQL versions as + alternatives. + + -- Russ Allbery <rra@debian.org> Tue, 05 Nov 2013 13:17:51 -0800 + +wallet (1.0-2) unstable; urgency=low + + * Cherry-pick upstream commits to fix the t/admin.t test with the + squeeze version of DBIx::Class. + + -- Russ Allbery <rra@debian.org> Fri, 29 Mar 2013 13:58:42 -0700 + +wallet (1.0-1) unstable; urgency=low + + * New upstream release. + - New wallet-admin upgrade command to upgrade the schema to the latest + version. This should be run manually after upgrading the server. + - Owners of wallet objects are now allowed to destroy them by default. + - New ACL type ldap-attr to check whether the caller has an attribute + in an LDAP directory (needs libauthen-sasl-perl and libnet-ldap-perl + and only works with GSS-API binds). + - New object type wa-keyring to store WebAuth keyrings (needs + libwebauth-perl). + - New acl check command that returns whether the named ACL exists. + - New comments field for objects and wallet commands to set and + retrieve it. + * Switch to xz compression for the upstream and Debian tarballs and + binary packages. + * Update debhelper compatibility level to V9. + - Enable all hardening build flags. + - Enable parallel builds. + * Check for any files left uninstalled by dh_install. + * Tag all packages as Multi-Arch: foreign. + * Move single-debian-patch to local-options and patch-header to + local-patch-header so that they only apply to the packages I build and + NMUs get regular version-numbered patches. + * Convert debian/copyright to copyright-format 1.0. + * Update standards version to 3.9.4. + - Indicate the Debian packaging branch in the Vcs-Git header. + + -- Russ Allbery <rra@debian.org> Wed, 27 Mar 2013 20:06:21 -0700 + +wallet (0.12-1) unstable; urgency=low + + * New upstream release. + - New wallet-rekey client program to rekey a keytab. + - New ACL type krb5-regex for the server. + - New objects unused wallet-report report. + - New acls duplicate wallet-report report. + - Add a help command to wallet-report. + * Don't install wallet-summary in /usr/sbin in the wallet-server package + and instead install it in /usr/share/doc/wallet-server/examples. This + program is Stanford-specific and would require extensive changes for + other sites. + * Install the other contrib scripts except convert-srvtab-db to the + examples directory for wallet-server. + * Switch to 3.0 (quilt) source format. Force a single Debian patch and + include a custom patch header explaining that it is a rollup of any + fixes cherry-picked from upstream and breaking those patches out + separately would be work for no gain. + * Update standards version to 3.9.1 (no changes required). + + -- Russ Allbery <rra@debian.org> Wed, 25 Aug 2010 18:49:48 -0700 + +wallet (0.11-1) unstable; urgency=low + + * New upstream release. + - Verify that deleted ACLs are not referenced. + - Add Wallet::Config verify_acl_name function to check ACL names. + - Add audit command to wallet-report to check for naming violations. + - Add acl unused report to wallet-report. + + -- Russ Allbery <rra@debian.org> Mon, 08 Mar 2010 10:59:00 -0800 + +wallet (0.10-1) unstable; urgency=low + + * New upstream release. + - Add support for Heimdal KDCs as well as MIT Kerberos KDCs. New + mandatory configuration setting KEYTAB_KRBTYPE which must be set to + either MIT or Heimdal. + - Remove kaserver synchronization support and kasetkey. + - wallet -S now generates a srvtab based on the DES key of the keytab + and does not enable synchronization. No synchronization targets are + supported now. + - The wallet client and wallet-backend server can now handle store of + files containing nuls provided that the server uses remctl 2.14 and + the remctl configuration is updated to use stdin=last. + - Correctly store data that begins with a dash. + - Do not log the data passed to store. + - New wallet-report script and multiple additional database reports. + - Report ACL names as well as numbers in object history. + * Update debhelper compatibility level to V7. + - Use debhelper rule minimization with overrides. + - Add ${misc:Depends} to dependencies. + * Clarify in long description that keytab-backend is only needed for MIT + Kerberos. + * Move wallet-server's dependency on krb5-user to Recommends, since it's + only needed for keytab support, and allow libheimdal-kadm5-perl as an + alternative. + * Recommend remctl-server 2.14 or later for improved store support. + * Add Homepage, Vcs-Git, and Vcs-Browser control fields. + * Add a watch file. + * Update standards version to 3.8.4 (no changes required). + + -- Russ Allbery <rra@debian.org> Sun, 21 Feb 2010 21:13:40 -0800 + +wallet (0.9-1) unstable; urgency=low + + * New upstream release. + - The wallet client now supports -f and stdin for store. + - kasetkey supports enable, disable, and examine. + - Stop setting Stanford-specific server defaults. + * The test suite no longer needs libio-string-perl. + * Use a separate stamp file for configure and install and use touch $@ + to create stamp files. + * Update debhelper compatibility level to V5 (no changes required). + + -- Russ Allbery <rra@debian.org> Thu, 24 Apr 2008 16:09:19 -0700 + +wallet (0.8-1) unstable; urgency=low + + * New upstream version. + - Fix protocol mismatch between client and server. + - Add file object support to the wallet server. + - Correctly handle empty objects in the wallet client. + - Add -q flag to wallet-backend to suppress syslog logging. + - Add class registration to the wallet-admin utility. + - Updated design documentation. + + -- Russ Allbery <rra@debian.org> Wed, 13 Feb 2008 13:59:06 -0800 + +wallet (0.7-1) unstable; urgency=low + + * New upstream version. + - Add exists and autocreate wallet server interfaces. + - Implement autocreation on the client instead of the server. + - Make create once again an ADMIN-only function. + - Always generate the srvtab from the newly downloaded keys. + - Pass kadmin.local ktadd its options in the correct order. + - Check naming policy before checking default ACLs. + - Work around a bug in Net::Remctl with explicit undef arguments. + - Correctly enable syslog logging in wallet-backend. + - Fix the remctl configuration for keytab-backend. + * Create /var/lib/keytabs in the keytab-backend package. + + -- Russ Allbery <rra@debian.org> Fri, 08 Feb 2008 11:22:54 -0800 + +wallet (0.6-1) unstable; urgency=low + + * New upstream version. + - Safer handling of file creation with -f in the client. + - The client can get configuration from krb5.conf. + - Support get in the client without -f. + - Client support for merging keys into an existing keytab. + - New client -u option to obtain new Kerberos credentials. + - New wallet-admin command-line utility for the server. + - The server supports enforcing a local object naming policy. + - New wallet-report script (currently Stanford-specific). + * Change hard-coded wallet server to wallet.stanford.edu. + * Add --enable-reduced-depends to configure to eliminate unnecessary + shared library dependencies. + + -- Russ Allbery <rra@debian.org> Mon, 28 Jan 2008 15:17:25 -0800 + +wallet (0.5-2) unstable; urgency=low + + * Hard-code lsdb-new.stanford.edu as the wallet server name for the time + being. + + -- Russ Allbery <rra@debian.org> Mon, 17 Dec 2007 21:17:08 -0800 + +wallet (0.5-1) unstable; urgency=low + + * New upstream release. + - Allow more valid arguments to wallet-backend. + - Load Perl modules for object types and ACL verifiers properly. + - Correctly implement clearing attribute values. + - Fix keytab principal validation to allow periods. + - When writing files from the client, remove old backup files. + - Check default creation ACLs before the ADMIN ACL. + + -- Russ Allbery <rra@debian.org> Thu, 06 Dec 2007 22:26:55 -0800 + +wallet (0.4-1) unstable; urgency=low + + * New upstream release. + - Globally cache ACL verifiers. + - Add the netdb-root ACL verifier, which requires root instances. + - Determine object and ACL scheme classes from the database. + - Coding style fixes and cleanup. + * Update debian/copyright using the information from LICENSE. + * Update standards version to 3.7.3 (no changes required). + + -- Russ Allbery <rra@debian.org> Wed, 05 Dec 2007 17:01:20 -0800 + +wallet (0.3-1) unstable; urgency=low + + * New upstream release. + * Initial packaging of all components of wallet. + + -- Russ Allbery <rra@debian.org> Fri, 30 Nov 2007 20:30:30 -0800 + +wallet (0.1-1) unstable; urgency=low + + * Initial release building only kasetkey. + + -- Russ Allbery <rra@debian.org> Thu, 8 Mar 2007 16:07:05 -0800 + diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..ec63514 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +9 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..486dd76 --- /dev/null +++ b/debian/control @@ -0,0 +1,119 @@ +Source: wallet +Section: net +Priority: extra +Maintainer: Russ Allbery <rra@debian.org> +Bugs: mailto:rra@debian.org +Build-Depends: + debhelper (>= 9), + dh-autoreconf, + libauthen-sasl-perl, + libcrypt-generatepassword-perl, + libdatetime-format-sqlite-perl, + libdatetime-perl, + libdbd-sqlite3-perl, + libdbi-perl, + libdbix-class-perl, + libheimdal-kadm5-perl, + libipc-run-perl, + libjson-perl, + libkrb5-dev, + libmodule-build-perl, + libnet-dns-perl, + libnet-duo-perl, + libnet-ldap-perl, + libnet-remctl-perl, + libperl6-slurp-perl, + libremctl-dev, + libsql-translator-perl, + libtest-minimumversion-perl, + libtest-pod-perl, + libtest-strict-perl, + libtimedate-perl, + libwebauth-perl, + perl, + sqlite3, +Standards-Version: 3.9.6 +Homepage: http://www.eyrie.org/~eagle/software/wallet/ +Vcs-Git: git://git.eyrie.org/kerberos/wallet.git -b debian/master +Vcs-Browser: http://git.eyrie.org/?p=kerberos/wallet.git + +Package: keytab-backend +Architecture: all +Multi-Arch: foreign +Depends: + krb5-admin-server, + perl, + remctl-server, + ${misc:Depends}, + ${perl:Depends}, +Description: Provide existing MIT Kerberos keytabs via remctl + keytab-backend is a service that runs under remctld and allows + authenticated clients to download Kerberos keytabs from an MIT Kerberos + KDC without changing the key stored in the Kerberos KDC. It must run on + the same host as the Kerberos KDC and uses kadmin.local to extract the + existing key. It applies additional ACLs to limit which keys may be + extracted in this way. This interface is not needed for Heimdal. + +Package: wallet-client +Architecture: any +Multi-Arch: foreign +Depends: + ${misc:Depends}, + ${shlibs:Depends}, +Description: Kerberos-authenticated secure data management client + The wallet is a system for managing secure data, authorization rules to + retrieve or change that data, and audit rules for documenting actions + taken on that data. Objects of various types may be stored in the + wallet or generated on request and retrieved by authorized users. The + wallet tracks ACLs, metadata, and trace information. It uses Kerberos + authentication. One of the object types it supports is Kerberos keytabs, + making it suitable as a user-accessible front-end to Kerberos kadmind + with richer ACL and metadata operations. + . + This package contains the wallet client, which talks to a remote wallet + server to store, download, and manage objects. + +Package: wallet-server +Architecture: all +Multi-Arch: foreign +Depends: + libdatetime-format-sqlite-perl | libdatetime-format-mysql-perl | libdatetime-format-pg-perl, + libdatetime-perl, + libdbd-sqlite3-perl | libdbd-mysql-perl | libdbd-pg-perl, + libdbi-perl, + libdbix-class-perl, + libsql-translator-perl, + libtimedate-perl, + remctl-server, + ${misc:Depends}, + ${perl:Depends}, +Recommends: + krb5-user | libheimdal-kadm5-perl, + remctl-server (>= 2.14), +Suggests: + libauthen-sasl-perl, + libcrypt-generatepassword-perl, + libipc-run-perl, + libjson-perl, + libnet-duo-perl, + libnet-ldap-perl, + libnet-remctl-perl, + libperl6-slurp-perl, + libwebauth-perl (>= 4.4.0), +Description: Kerberos-authenticated secure data management server + The wallet is a system for managing secure data, authorization rules to + retrieve or change that data, and audit rules for documenting actions + taken on that data. Objects of various types may be stored in the + wallet or generated on request and retrieved by authorized users. The + wallet tracks ACLs, metadata, and trace information. It uses Kerberos + authentication. One of the object types it supports is Kerberos keytabs, + making it suitable as a user-accessible front-end to Kerberos kadmind + with richer ACL and metadata operations. + . + This package contains the wallet server, which runs under remctl, + maintains the database of object metadata and secure objects, and + responds to requests from the wallet client. + . + This package requires a DBD::* module (libdbd-*-perl) and corresponding + DateTime::Format::* module (libdatetime-format-*-perl) for the same + underlying database driver. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..faa5cc6 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,182 @@ +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Contact: Russ Allbery <eagle@eyrie.org> +Source: http://www.eyrie.org/~eagle/software/wallet/ +Copyright: 2014, 2016 Russ Allbery <eagle@eyrie.org> + 2006-2010, 2012-2015 + The Board of Trustees of the Leland Stanford Junior University +License: Expat + +Files: * +Copyright: 2000-2002, 2004-2016 Russ Allbery <eagle@eyrie.org> + 2001-2015 The Board of Trustees of the Leland Stanford Junior University + 2015 Dropbox, Inc. +License: Expat + +Files: Makefile.in +Copyright: 1994-2014 Free Software Foundation, Inc. + 2006-2008, 2010, 2013-2014 + The Board of Trustees of the Leland Stanford Junior University + 2016 Russ Allbery <eagle@eyrie.org> +License: FSF-unlimited and Expat + +Files: aclocal.m4 +Copyright: 1996-2015 Free Software Foundation, Inc. +License: FSF-unlimited + +Files: build-aux/ar-lib build-aux/compile build-aux/depcomp + build-aux/missing +Copyright: 1996-2014 Free Software Foundation, Inc. +License: GPL-2+ with Autoconf exception or Expat + +Files: build-aux/install-sh +Copyright: 1994 X Consortium +License: X11 + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to permit + persons to whom the Software is furnished to do so, subject to the + following conditions: + . + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR + OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, + ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR + OTHER DEALINGS IN THE SOFTWARE. + . + Except as contained in this notice, the name of the X Consortium shall + not be used in advertising or otherwise to promote the sale, use or other + dealings in this Software without prior written authorization from the X + Consortium. + +Files: client/wallet-rekey.1 client/wallet-rekey.pod client/wallet.1 + client/wallet.pod docs/design docs/design-acl docs/design-api + docs/netdb-role-api docs/notes docs/objects-and-schemes docs/setup + docs/stanford-naming perl/t/data/README tests/HOWTO tests/config/README +Copyright: 2006-2014 + The Board of Trustees of the Leland Stanford Junior University + 2010, 2016 Russ Allbery <eagle@eyrie.org> +License: all-permissive + Copying and distribution of this file, with or without modification, are + permitted in any medium without royalty provided the copyright notice and + this notice are preserved. This file is offered as-is, without any + warranty. + +Files: configure +Copyright: 1992-1996, 1998-2012 Free Software Foundation, Inc. +License: FSF-configure + This script is free software; the Free Software Foundation gives unlimited + permission to copy, distribute and modify it. + +Files: m4/clang.m4 m4/gssapi.m4 m4/krb5-config.m4 m4/krb5.m4 + m4/lib-depends.m4 m4/lib-pathname.m4 m4/remctl.m4 m4/snprintf.m4 + m4/vamacros.m4 +Copyright: 2005-2014 + The Board of Trustees of the Leland Stanford Junior University + 2015 Russ Allbery <eagle@eyrie.org> +License: unlimited + This file is free software; the authors give unlimited permission to copy + and/or distribute it, with or without modifications, as long as this + notice is preserved. + +Files: portable/asprintf.c portable/dummy.c portable/krb5-extra.c + portable/krb5.h portable/macros.h portable/mkstemp.c + portable/reallocarray.c portable/setenv.c portable/stdbool.h + portable/system.h portable/uio.h tests/portable/asprintf-t.c + tests/portable/mkstemp-t.c tests/portable/setenv-t.c util/macros.h +Copyright: no copyright notice, see License +License: rra-public-domain + The authors hereby relinquish any claim to any copyright that they may + have in this work, whether granted under contract or by operation of law + or international treaty, and hereby commit to the public, at large, that + they shall not, at any time in the future, seek to enforce any copyright + in this work against any person or entity, or prevent any person or + entity from copying, publishing, distributing or creating derivative + works of this work. + +Files: portable/snprintf.c tests/portable/snprintf-t.c +Copyright: 1995 Patrick Powell + 2000-2006 Russ Allbery <eagle@eyrie.org> + 2001 Hrvoje Niksic + 2009-2010 The Board of Trustees of the Leland Stanford Junior University +License: Powell-snprintf + This code is based on code written by Patrick Powell (papowell@astart.com) + It may be used for any purpose as long as this notice remains intact + on all source code distributions + +Files: util/messages.c util/messages.h util/xmalloc.c util/xmalloc.h +Copyright: 1991, 1994-2003 The Internet Software Consortium and Rich Salz + 2004-2006 Internet Systems Consortium, Inc. + 2008-2010, 2012-2014 + The Board of Trustees of the Leland Stanford Junior University + 2015 Russ Allbery <eagle@eyrie.org> +License: ISC + Permission to use, copy, modify, and distribute this software for any + purpose with or without fee is hereby granted, provided that the above + copyright notice and this permission notice appear in all copies. + . + THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY + SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +License: Expat + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to permit + persons to whom the Software is furnished to do so, subject to the + following conditions: + . + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT + OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR + THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +License: FSF-unlimited + This file is free software; the Free Software Foundation gives unlimited + permission to copy and/or distribute it, with or without modifications, as + long as this notice is preserved. + . + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY, to the extent permitted by law; without even the + implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + +License: GPL-2+ with Autoconf exception + This file is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; either version 2 of the License, or (at your + option) any later version. + . + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General + Public License for more details. + . + You should have received a copy of the GNU General Public License along + with this program. If not, see <http://www.gnu.org/licenses/>. + . + As a special exception to the GNU General Public License, if you + distribute this file as part of a program that contains a configuration + script generated by Autoconf, you may include it under the same + distribution terms that you use for the rest of that program. +Comment: The option described in the license has been accepted and these + files are distributed under the same terms as the package as a whole, as + described at the top of this file. You can find the GPL version 2 in + /usr/share/common-licenses/GPL-2 on Debian systems. diff --git a/debian/gbp.conf b/debian/gbp.conf new file mode 100644 index 0000000..224e797 --- /dev/null +++ b/debian/gbp.conf @@ -0,0 +1,10 @@ +# The standard packaging repository for wallet shares the repository with +# upstream development using the DEP-14 layout. + +[DEFAULT] +debian-branch = debian/master +upstream-branch = upstream/latest +pristine-tar = True + +[import-orig] +upstream-vcs-tag = release/%(version)s diff --git a/debian/keytab-backend.dirs b/debian/keytab-backend.dirs new file mode 100644 index 0000000..c601e1a --- /dev/null +++ b/debian/keytab-backend.dirs @@ -0,0 +1,2 @@ +/etc/remctl/acl +/var/lib/keytabs diff --git a/debian/keytab-backend.docs b/debian/keytab-backend.docs new file mode 100644 index 0000000..724e084 --- /dev/null +++ b/debian/keytab-backend.docs @@ -0,0 +1,2 @@ +README +TODO diff --git a/debian/keytab-backend.install b/debian/keytab-backend.install new file mode 100644 index 0000000..52a736e --- /dev/null +++ b/debian/keytab-backend.install @@ -0,0 +1,5 @@ +config/allow-extract etc/krb5kdc +config/keytab etc/remctl/conf.d +debian/tmp/etc/remctl/acl/keytab +debian/tmp/usr/sbin/keytab-backend +debian/tmp/usr/share/man/man8/keytab-backend.8 diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..1d2f446 --- /dev/null +++ b/debian/rules @@ -0,0 +1,35 @@ +#!/usr/bin/make -f + +# Add hardening build flags. +export DEB_BUILD_MAINT_OPTIONS = hardening=+bindnow,+pie + +# The additional flags to pass to Build.PL, picked up by the upstream build +# system. +export WALLET_PERL_FLAGS := --installdirs vendor --create_packlist 0 + +# Enable some additional Perl tests. +export AUTOMATED_TESTING = 1 + +%: + dh $@ --parallel --with autoreconf + +override_dh_auto_configure: + dh_auto_configure --parallel -- --enable-reduced-depends + +# Install the remctl configuration as part of the build. +override_dh_auto_install: + dh_auto_install + install -d debian/tmp/etc/remctl/acl + install -m 0644 config/keytab.acl debian/tmp/etc/remctl/acl/keytab + install -m 0644 config/wallet-report.acl \ + debian/tmp/etc/remctl/acl/wallet-report + +# Override install to check for missing installed files. +override_dh_install: + dh_install --fail-missing + +override_dh_installchangelogs: + dh_installchangelogs NEWS + +override_dh_compress: + dh_compress -X examples diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/upstream/signing-key.asc b/debian/upstream/signing-key.asc new file mode 100644 index 0000000..9d4aaa9 --- /dev/null +++ b/debian/upstream/signing-key.asc @@ -0,0 +1,161 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1 + +mQINBEofRrIBEADCOmbclGLGH2uSCQSM3xkvEwdB52ps8bMnrzujnsgjfw7crs8l +DUjfcOxOVsLlgClntMxaVx764j1IXYF9smAheFfbWD/06gS+lkeuOjYSa1GEfmZG +aqZbhfs5EZRKu1BynfrTRlj2L0XPcYcHM8tUTJsr7t4f7CWw1hmnZpm/vshj3xOG +MfEXe1t3nJAEIQi3AcCPrT2QP/PvkT0oglIpw6l0+gQnPwLZoc3OCnP7io0TPY96 +ZPpSlsPVgYpEvQSkygoNTjTOtuLJYyv7EpHBF0SU3xRs/73t5F5a28gQPIMMACw6 +CxhOvqqfFfKfOmm4xInwL7jmDz6UxSONzUNLh7T8OAGcGQx9rRDdssuw5krN3jhy +0VfHpeXij0H5nVdxTbfNusflxPBMFfqV9z1aiY/bklqbcA+GfOBSXoXkGvixi1qk +k3ZaddDQIBl5yv951EkVAelNwzABVKMeIi8RkpVdBVONj3+2Yg5+6oF9KfZc++KM +eUXmPIESNaz2YEmN5VEnHBhqHs4v+rUzAZXJo0g3lv5hMEsoqCxu+w4uVR7e+AbT +dIHnydQxCNkG31ywslUZPR9QP92NleIqgXY/nL1eDXBb9EGoxBSHD99KgavFB+xp ++dgmzpo8UzOpVM+1xvTAOLHZ+jwW9hGCx1ALpKvWI2qYeW3j+N3LsyGI5wARAQAB +tB5SdXNzIEFsbGJlcnkgPGVhZ2xlQGV5cmllLm9yZz6JAkAEEwEIACoCGwMFCwkI +BwMFFQoJCAsFFgIDAQACHgECF4ACGQEFAlQaMXsFCQ+ehToACgkQ0V0xOIIAQXPG +uQ//Q9rBZSp4wbbA/ETs/kZ6HViYMSY8uYL8lhiCwnOS9npAWBXjqi+vnS16GlmA +aa9Ee+UImpN0ORV1i6Kh+LGYLo2skc/oTOG/IDvMSPWfsmgk3OWzSvupl6IzY8SU +qaUgu0pmOKnw0BgcB52wUMh9ahP5VKtkDtDpgfCL05k/HR8boBq/6nW2Zpt0xvWU +aNH+LXInTYcshjfQV50aK4d9/qru3zF/JDE9sKE9JDyNn/nrwSoL1erZKjD5lL+/ +kX8YVasERw9ZvHvfkky10oZD/891zcuArveUOu8eedLfkLT/qrEHeHxR2OOyqTXw +VV4RfTfLO8Rzrd8tntfZIiXVF0blA6S3tKoEWRhfa2MVJbuUxSeRpdlwjQ/qTFFq +4Jc/sjjPEfcoRc/nL5aGHkvWPJ7XsxLigVfLxYUCvcyoSG1ZWjbqxM9LKFHN9IUo +9jnSusHEvA2BxLFOdlwTHHf33hsKnezeVc7qhlcb/ETvrimHwiK4QpRNMHpgfii+ +JfId5BiQc+I+XHqdVJDPu++MQ9Vri3cQ9CipGYJl7Gb2Wy2hgr62vRRRGAk9G5MT +sLTqNzbTehshm1JptHsBhWrenCrz3lqIMO1etcFkfN7eBr/bkAb0qjcelF7jCMJ7 +6sYaUGxNc1Kk66W55wYJCtdhdS9XKVBzvSiUXJryD9QnoKK0H1J1c3MgQWxsYmVy +eSA8cnJhQHN0YW5mb3JkLmVkdT6JAj0EEwEIACcCGwMCHgECF4AFCwkIBwMFFQoJ +CAsFFgIDAQAFAlQaMYYFCQ+ehToACgkQ0V0xOIIAQXO25hAApMoksEMLtOfJgVu2 +jcwZeEcRh7iyn8GjY1oq6mMZRqMIkPwTnU45iSN5y65qIYUV6HIzTViWGExdxw+v +NrKimfr1m1lSAczkbyJ7FxEbq2s9evWTxAfMNs9xuhSyG/XT1boLswT++QPqoaLw ++hlpF4ZAXJSzOjTft5/cC0TeGy2moGSVfzqr21G+YKaj8RQohtPCTl4wOOu6HAXu +VzuVovBvONhzil4mVn+ZYXX1zBFtEonQSjUXYOlbkl1/Umo6AeEZ+h/UDpqh4HAR +iQuNVaDc5BgiQw411r8ukHnT8tNi3FyJDdigntMqbwZ9HD57EsDzPokGYFMrEUgv +basQdacAt1IwLQ/9XbmnjczpQBlRZkmCEBK9uHIb11bWcaT6tlE7uE8Jn5CXpRTM +Yuot9DJGZhPHBumVzeh2u3difTySzWl1fV+NedUA9Hs9MrZiX2QDfDPmXOyoM7RI +EhO0Tn+DiQnOXDk8pC5m5ujoAyxbkyEr05bRAJSN//DjmJx6ILPy3on8MO1e2Mhn +U7bafKXEbQXXx/+sO3S8oXuP7gONaT0heSqYTRkt01AzaknyY59ZdkOCkaRML8Zk +193NO5wysepk9zQsj3iQAuYbiVMbMjFDczRoxWOuwhoKzefIsuAPT/viPRUzhWUn +WMrOIHWuFwhEWw+gtu5CD4WjR2u0HVJ1c3MgQWxsYmVyeSA8cnJhQGRlYmlhbi5v +cmc+iQI9BBMBCAAnAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheABQJUGjGGBQkP +noU6AAoJENFdMTiCAEFzRj8P/Aq7E7ZdlsWMMShB43X72rEZhJlZj7ydBTD0/Vl2 +6AZIOh6+1v4b66C5Ky267ig1+PFbGBUs7qkUhGgsqfaijp9MkFbgvE9YnfpZ3Su0 +jUrZnSqa7UR3SSATldxehK6x/B+Khy/uTp74EjXoo0QcWDNZUM69R0MWQbfG0CpT +gcAnOwvDi4FKqmMgA7cN2yC1HvtNMSWTQM0PciVK+hJHbEKfJY/UZQtgVGnjSp4U +nNzdfmE5kpDbxQzSVd3gANmuyyqGQ4B+aPEIC1yoCCfk8SoTGUMwIL7kcf0QaNbo +x885ZQE2W/8xvy4NnrwedtUitEihExjXB55Nhe0R3nSJV2T+P6imljrmwxIlbl89 +IdWT4pnUvR5cCUmnroCmBqGMOGBptrtyqjHFeeJbbMUWm+NUaVI9apts/J7OB3+H +qp3fGMmLen4hOnALpVRTMFfb7EebKTH0jRSVpxXH6LEjOUSSqsvY/LY0Zsl/TdtR +/iQkLs9MRvsWaksINHfu07cg0/CMe/Pa492OaAw5IQiWqBVVYP0pqMouR01rd3jD +1cf+pek6bwwjBBZHVPMRXlKzSsBtXBOoAGiy4nzIsSxrOEJVtkYZz6qqZ9EcJj/X +mjrGeEAnvlqHZHZW1AnBpOBFMRUeGvS123diLE35kIdQVLwSQXGxTDHoBfanuZda +zLtvtCpSdXNzIEFsbGJlcnkgPGVhZ2xlQHdpbmRsb3JkLnN0YW5mb3JkLmVkdT6J +AkEEMAEIACsFAlPu130kHSBTeXN0ZW0gYW5kIGFkZHJlc3Mgbm8gbG9uZ2VyIGV4 +aXN0AAoJENFdMTiCAEFz6+cP/0LpJNgtaFQTc6EASrZJepp0qR4jSEj0rAxwuQtK +iFPRM0t9mBrGRLCwWDGssGpUmH5s2xbrg+f80gMPL85CFO2NzRdAX9vak+J53Di6 +dn4f1MrAQouQPt/53R8txN6cyerp3Fyk66j8KVLZSu17crpLxJ7GHTN8UPjHHhmj +EFxSI7VifM9/9RlKeGY1Tj6+fn8SKRPDJwEE2HwoSDhmmvFbqDJQe/fk7TaaG/G6 +F+iTASFsiqdwK5ffDT1Yi18K3eaCHcuIbgXb0qXHH7hYxIgXQuAOL6t6LQmRz5HC +upCjUBx9W25AJLTogenj2hgNbBe8LDbbELI5Foxn4Dhb+6dpepvCEAfUirxYiKHc +RsZB0E8D6qObQUgXmUZ45Z43jJf9Wk8LPVxnN6Lny3DVrGgE5r7sr/QyzDjRuDQg +Rsa9uXpv7rX2KYKpyZStvgA5SM+XdYTyaIlDgGiTIVjNWkb+3LAzrHXV8CvDSn7F +CuvpOax+z1+cJXnFFDFOrHN/tC/8w2U29L+fmJRCeJhj7MKjT/IobkdyuS2juBDg +r7QDmsHcI07ElbZGp4zjKnZYx42hkgVyjJBIcUdU3UGazTsnmF9t7Ek8JrZNannR +u1KC6rgOc8tP/FsVJmllgnr57CXazF++kLy7qwqgw2T9EA89WMtkakKLyMoit86C +E40TtCJSdXNzIEFsbGJlcnkgPHJyYUBjcy5zdGFuZm9yZC5lZHU+iQI9BBMBCAAn +AhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheABQJUGjGGBQkPnoU6AAoJENFdMTiC +AEFzrhsP/3sityoNG18CNtmTU7GGvLufi8Yy56GZ3AQ4Gc5uvRntl80iIz5WG9rN +3un34YlOanm8+Zy8Gijc9Q1bmy1DcqOjicnHJUHk0rbBGIev+FEZlprhM0vH5Pq4 +SolfFOL9S+POZFU/5ZaciqwmvAYY2ztURfCcfQDBCYYiFN44aT1rChHuheDpML+V +IRsXYU2/YXqGS9hRlAti2ItjrF1+apCk4dzHoQSgzpECF1X1+zYGMXfd/cVeZZ6h +rW3Ti07zW6cb2+j4X6HCPCj3UBUbUa+sWC3SYhylRgUuoHZFK1+G0capnmg3IUG1 +LLYMMKcxiPyXGugmC4ucuoCo2R21yLYuf+C350cQdHfkcMY1H3Tzu2va8mohkrLO +DtV+Tv4deT0riHLNXgGbWLzwQIorHJ6WXwkd1QCKuD1IjkI+SqKfbysbm/iUIN6O +Qcx8v07sDGI2LiVU7IdalZfCAlAEQ8/2GCfpV94J2oFDoQKMuS1dk7b6hwa6OqFm +hd3MsshK3GUE6zJ2hWVEE1mrzRrfKD69ipcEHcT31FpSM7Zg+g+tAi9BgNr7zEgL +4oeEqThl5v8tjrkRuNbWaa1HZuMopQ8YfOf1rD873rleWFBaIoO4eNGS6WR/pYFz +psVrHuR/F+ETiq/9x2EIoDFZXIm2wmZrwPeR97hkAHliHez8UDqxuQINBEofSuoB +EAC2bgxethdNvHU/fwoRR7iTfrx+0MG+D0BvetIF8XvZ+xUOJ31bgUfed4rJriZX +JAzeUSeoLtIlwwIuZV8RLMMp5PmBs/DHiH1kRbjXDsxxBWtmelxW1ZN/i1VT1R07 +8dgg/Lf+GY3kiYA6eFFm+vo1T7R21D2gvYSrGdUimzkSQP3l8kXi8AzypQrssbvh +GzKizjgpdPNjTo8yLbtVpSoZYpMuHkicV2d2nfAvwa6MTI/t/kLDLKP82n5qURXh +i3P+7fEmvrlL3u/pOYH7m3JRzRvSdaWhixxlSoirj+sd6ow6lfC0845XJWzxtJ1H +wKkbSz2z0eQHqlYmNSQR7/l7m/920llLTDmp/e0HZH3mpFpiG5lRIFtJ+N4J5JRy +KiV+vXFIBdB2XVSoiacjJd60BdjW2AzM8881Y2dJTqjLpA4fgLJeVuOmsjPTA5XZ ++q0GWIs0472OUKb/TeW1mycSN3Z69mLMwqXgr4DUu33goPWCIGuSUpzF+Cp59zJO +ia4rSipvZtudoyq6CacCRWE48esPKtdulGja9Ih/uv2XFWKtXlz9wqww6Ycu3dfQ +uH6Fom9Cp40IPc/VTG1Q95m9a7+D6u7TfJhRoBrdzECK5sYoGwsIBK54izsfCe4v +4KMxcmIQDpDPM6gYCEAmlmHov0pGIa/nijLu+VVpyT67BwARAQABiQIlBBgBCAAP +AhsMBQJUGjGdBQkPnoEuAAoJENFdMTiCAEFzDygP/0Iwj+eHVGKTv0Eqjt6M8hIX +mSFaF6VCVKhDLtkUuKzhzPvWHH8nT6DFf2S8x9y7te7bFgmKp/FAoS6Hc9ZaHg7Q +bdt12EUyBXUyXZLAlGwerj/4z5g72/Bj/1iirU7C/VjnivhwehWBG74H6eIVUtEG +wm6KMyEuTgyvqqn3iMdfIxWtRGUuI8SxsTMXVpBq+gJcXXhyvoz3rp3L+HBBb57X +bZh66GXYKHj+MnV/+QXTYcTL50MJQp1EeArxRDfX6RjMK/6ieRSVp/rFLKcbz3bW +Qk3ruCmuYY5R6WwtWS40nZPtF0SpEQDWQdR7xofUdhgsvfU0WVnV5qWNd0nK70az +axOtX4HLse99y2UQ2nhhrUevystbYRBeO+48W2P9+hCkub11NMof9S7bwgkQXugJ +QkHDQYSKwvs3eISgalManaThbgD2M3fsdPX9i54wgy3iMa5HSQjyMVthFs+Y2zcm +KT1AV+cprbWetIUrsQFRYc6qn5kUtZfve9xN241SmdDD3oTuffrTynb2f6Q9sqmo +clP/Z+uIRVfppY/fkrbWC6PgW/oLYhcH/k96GGRmVdmR/WIrra3fIZi7MzklhjUh +X++y4+onOkCbKY2mHY4YiGMCCltgtC+5MH+uOZkhdpKrfFwMCbQsJGp7KUsPvmiL +SBNqOi64O1SZUv3b0ZFuuQENBEyT+CQBCADAF/t1iKQMw8Dawaz+GSr1Z8Vh854+ +AHZw45wwWjpaL1lFEE4VqoDXc6Z4HDPGpZpSXf5KeoFjR0P5SOD66NWPl8CUIjY7 +fyDAFXNc1n+/3lHc7Vt/uIu2TDBGA64Il0z1r4oyhTjs5djZp7QUoWiT7UFyLWpn +pvIeSsgg+MrfMN5ISxk6XFRFKShpB2v/bmpwl4hlnV5wprN+3o8ua5NpeOoNfKY+ +3QB2yXxDKkiZI0trh7zT2XVUahrogKKXaM39RVTANKZLoikSP+43u8/NuUNcUZBP +I0VAXT42d/yOsHatsP7wdSwa98FepYrLYXnW14cJjQ/fGwkrOY7qEvatABEBAAGJ +A0QEGAEIAA8CGwIFAlFE6UkFCQaSJH0BKcBdIAQZAQgABgUCTJP4JAAKCRB9gDFc +VzbedSoBCAC/0quTFPncM+oeSUEOyIDfnln/GXvz1t3ahQQUWyQB7JcagiK12zZL +qJNsJMGLPNO7yXVWjjVT0Ai4cY2O9QdHCsWUBvxppeJECJr8gl4G8j2S5a4CtfnL +rdC39M3V0lVdWbvazYupthZJ4BhLAPSVsn6d94f0AtP9x6ViTtkJKJAHSDx1EUkE +2wFWRFOcztFJxQuvdD1Fceskr11w8Jt9CMK4DGEj133cXWJKfcn/5XeuBlFdlR0i +1S5aLHDCLQUTP6BiP885pnga1NsakX0PWVHU7NY1tsMTSyWwU8F0Qv+o1XQsP9d9 +F1mHZwRbN/Hlig7M/54PxJgL3SEeQvaTCRDRXTE4ggBBc6CaEACDmPa4HLu2zhph +86RaOOi+Yl8Gncf34rZWC3ya7YiNCTuTYtXzAEmfscHKJQCrbCo+n4o3Y7z1MTDq +UmybaEGgtZ2USyg7MdpAaEtiaMN8eQGolfChOXAKaifvsrahCT3lS+rH1bHKXJ8T +TznePUQbiaQb355sMWwsuBFBR4Wqe83fI25zSbODnmrd/eunGO6Add2dJNzMd5yV +2YtklXghadPRsoxst7GjO3UwNN6vUc1WQfCvmh8PtALVYQ1Wn83/mDylnYguuQbU +fJLaLxYEVRbmdO//6RdYiCdTi+mQYyM+4omi60hnpE91vdZzJEH7SPPX3wjWry9o +RdBRFhwhoDk5nFGuBnCvEr07d86ETkRVK27PJwN9z0T/1uK7uQ9LcqvfNXbQg3O/ +rMKf9+MjVMGOKJII8sRgbRCg/IRPsRWyVQKmtMIOi4jYdn6ORHEyyHrPuRzL/hD8 +/1DKFmcZP8csjym6ZhVkPewx9VtiF6uiCFOiCG6wf1sSZMM+VoNPLwEjywvAspRU +7hYXfgRHxYXQIc5A1UDzuMip2sM8oOntRnWgrGz5Xcn2RLjxAD+fN6Osr3P7KRYE +NsE7jd0XxRk1ijuQkz3GYY0iC6qMZwIutva40dtrHANE9HY7nCodEgw4t+swEbru +2KPRa2E2CnC5QrjUxm14h0ngLqaR14kDRAQYAQgADwIbAgUCUjdJ1gUJB4SFKAEp +wF0gBBkBCAAGBQJMk/gkAAoJEH2AMVxXNt51KgEIAL/Sq5MU+dwz6h5JQQ7IgN+e +Wf8Ze/PW3dqFBBRbJAHslxqCIrXbNkuok2wkwYs807vJdVaONVPQCLhxjY71B0cK +xZQG/Gml4kQImvyCXgbyPZLlrgK1+cut0Lf0zdXSVV1Zu9rNi6m2FkngGEsA9JWy +fp33h/QC0/3HpWJO2QkokAdIPHURSQTbAVZEU5zO0UnFC690PUVx6ySvXXDwm30I +wrgMYSPXfdxdYkp9yf/ld64GUV2VHSLVLloscMItBRM/oGI/zzmmeBrU2xqRfQ9Z +UdTs1jW2wxNLJbBTwXRC/6jVdCw/130XWYdnBFs38eWKDsz/ng/EmAvdIR5C9pMJ +ENFdMTiCAEFzAUwQAJ2yg5nEQyOBEFKU+Ku4Wxs5TeFgUvcD+Z/tqzfX+i9lXxVF +b4wUbGGBrO9762KfpINgAgPwJQcOO1kPoipNTsFBXUMei8U13TQDOvQ22gC8wSdh +Qttwv9MXMrBfXJkmYL8EJlsBhxAikguUsIFyg2GiHY7jIODnfi3KLwYflnz0iTgu +G2d0/kygUcX7MvlskjxvSizESAo1nf+ohC1i57vM6grKVt5nqdrTefZGPUzbF3lR +jmXWr/R4GrhJLVqAUoTctWRX00nLfDkTcmirVz4AAdRxKEe8fcU7138b27bkiCwm +LDFB2PiN/ww6S/lK1tydLvvbjgm3BjIGMZN3UESN5jpeL4oTN5HKUk69CX3sUKx4 +I52h4BzdNcRl2lp+e6/f5emLaO5WEeg/L7Ob5SmgDZnamusBoT2LxJpCT3cPkutw +GfkmFIjrS85QcXxaLc5m/BmDcjo7sGJ7Q2pzPu/N8qCRlPmNf4YnQnjZXLVio35G +7gVCHx5+Si8VkORbHDdFnVeFzKnt6cvCTHJ2OroosJWBDYLrlj/fi+XTaubBEgp/ +eP8YjOxoSvrNhWb0MZvwFR80wC9gtO5TKfaH68U2bYjC+PwFDaGQ4OuanXi0jhYy +6nWE0OnXJWKYLnPtdJGxyH1VEQ5feTYgY2jG+XDcQWmoPemXd8Pmpc1UVjR3iQNE +BBgBCAAPAhsCBQJVDba2BQkKWvH7ASnAXSAEGQEIAAYFAkyT+CQACgkQfYAxXFc2 +3nUqAQgAv9KrkxT53DPqHklBDsiA355Z/xl789bd2oUEFFskAeyXGoIitds2S6iT +bCTBizzTu8l1Vo41U9AIuHGNjvUHRwrFlAb8aaXiRAia/IJeBvI9kuWuArX5y63Q +t/TN1dJVXVm72s2LqbYWSeAYSwD0lbJ+nfeH9ALT/celYk7ZCSiQB0g8dRFJBNsB +VkRTnM7RScULr3Q9RXHrJK9dcPCbfQjCuAxhI9d93F1iSn3J/+V3rgZRXZUdItUu +Wixwwi0FEz+gYj/POaZ4GtTbGpF9D1lR1OzWNbbDE0slsFPBdEL/qNV0LD/XfRdZ +h2cEWzfx5YoOzP+eD8SYC90hHkL2kwkQ0V0xOIIAQXN/JA//SOespn47zDPSX86r +CiecNgrQ5DXU6xELhNsVxEkKCPsAYyo1P784DAp3Ol5OeYyXqL98R9kAqiSl3k9q +2vzxlaxdVpu2QEyVsPjByFpQ1Rp+k94fyyJ1b+pLk7FJmImkqyBUWUkekFIEFpgG +LcCwiYrj6Crygpssc1VeM+9fOERstzlaxqkIGE+kuY7JWQdHSXQ7ye3KC5+kGpB5 +siioMe6EsDIPlgawgxFfR7/v3NzTX4TToYzOvl9qgAzezBNMMp5USXZMb8/Qs+zF +5D7GoY1eI0PpSOYYGHowQqeA8Dd0TMvGQkS3fZfFpV07ignpP4DWeZLfmpdnpLeF +rE9SFoRyMpGVciBn2G0l7JEGgL+RozzONvA4iNifNME9V0WyVE4yqF/AKuTyX5oV +n7in0XVmACPtjDHkgGb2S0/mTCLGgxwSJHypXes1L8IB1f2u0AdjqUDr8DBS0Kbu +daCBDhoxgPsop0x5aCz1gXDkIAo5aCLDP44snVaeDHGb/WxKbLu5dZGRnKCqaBNy +qHkHhJS4ZlNajeIqY44oJw0HCV2UYBwt7rarTC7LEeFMAXhb2Pbsy2u4kcvY8tKB +NklvdJLM7W1//wX8Bbw73mEqhg82aZRNdT8WKzq2CNOFkvVFLyVFxD346pscJlpI +J4LnLBh355g24XeE9amrEpBS+T0= +=qQS1 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/debian/wallet-client.docs b/debian/wallet-client.docs new file mode 100644 index 0000000..724e084 --- /dev/null +++ b/debian/wallet-client.docs @@ -0,0 +1,2 @@ +README +TODO diff --git a/debian/wallet-client.install b/debian/wallet-client.install new file mode 100644 index 0000000..1807636 --- /dev/null +++ b/debian/wallet-client.install @@ -0,0 +1,4 @@ +debian/tmp/usr/bin/wallet +debian/tmp/usr/bin/wallet-rekey +debian/tmp/usr/share/man/man1/wallet-rekey.1 +debian/tmp/usr/share/man/man1/wallet.1 diff --git a/debian/wallet-server.dirs b/debian/wallet-server.dirs new file mode 100644 index 0000000..0e856f2 --- /dev/null +++ b/debian/wallet-server.dirs @@ -0,0 +1 @@ +/etc/wallet diff --git a/debian/wallet-server.docs b/debian/wallet-server.docs new file mode 100644 index 0000000..ceecb82 --- /dev/null +++ b/debian/wallet-server.docs @@ -0,0 +1,8 @@ +README +TODO +docs/design +docs/design-acl +docs/design-api +docs/netdb-role-api +docs/notes +docs/setup diff --git a/debian/wallet-server.examples b/debian/wallet-server.examples new file mode 100644 index 0000000..bb13c59 --- /dev/null +++ b/debian/wallet-server.examples @@ -0,0 +1,4 @@ +contrib/used-principals +contrib/wallet-contacts +contrib/wallet-summary +contrib/wallet-unknown-hosts diff --git a/debian/wallet-server.install b/debian/wallet-server.install new file mode 100644 index 0000000..f4f5bdc --- /dev/null +++ b/debian/wallet-server.install @@ -0,0 +1,11 @@ +config/wallet etc/remctl/conf.d +debian/tmp/etc/remctl/acl/wallet-report +debian/tmp/usr/sbin/wallet-admin +debian/tmp/usr/sbin/wallet-backend +debian/tmp/usr/sbin/wallet-report +debian/tmp/usr/share/man/man3/*.3pm +debian/tmp/usr/share/man/man8/wallet-admin.8 +debian/tmp/usr/share/man/man8/wallet-backend.8 +debian/tmp/usr/share/man/man8/wallet-report.8 +debian/tmp/usr/share/perl5 +debian/tmp/usr/share/wallet diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..ec0f630 --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +version=3 +opts=pgpsigurlmangle=s/$/.asc/ \ + http://archives.eyrie.org/software/kerberos/wallet-(.*)\.tar\.gz |