[Pkg-privacy-commits] [Git][pkg-privacy-team/monkeysphere][debian/master] 44 commits: fix paths to monkeysphere-doc

Daniel Kahn Gillmor dkg at debian.org
Thu Jan 24 22:01:32 GMT 2019 

Daniel Kahn Gillmor pushed to branch debian/master at Privacy Maintainers / monkeysphere


Commits:
ac5a4d1f by Daniel Kahn Gillmor at 2018-10-16T18:02:46Z
fix paths to monkeysphere-doc

- - - - -
815038b4 by Daniel Kahn Gillmor at 2018-10-16T18:03:21Z
use DEP-14 branch naming in preparing-release documentation

- - - - -
4c8864ea by Sunil Mohan Adapa at 2018-10-30T16:04:11Z
Use runuser instead of su

On systems with restricted PAM security, it may not possible to use su.

- - - - -
31eff2a5 by Daniel Kahn Gillmor at 2018-10-30T16:06:41Z
rely on $PATH to find env, rather than embedding the explicit path

It should be more portable to rely on the $PATH to env than to invoke
it explicitly as /usr/bin/env.

- - - - -
098631d9 by Sunil Mohan Adapa at 2018-10-30T16:13:03Z
Remove shell for monkeysphere user (Closes: #901489)

As of 0.43, Monkeysphere will use 'runuser' instead of 'su' to perform
operation using the monkeysphere user. 'runuser' works when there is
no shell for the user.

When freshly installing, create a monkeysphere user without a
shell.  If the monkeysphere user is already present on the system the
shell for that user should be removed.

once debian buster is released, we should no longer need to change the
shell for the monkeysphere user.

Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>

- - - - -
82711069 by Sunil Mohan Adapa at 2019-01-20T14:25:09Z
Better sharing of temp directory across root and monkeysphere user

In a couple of cases, monkeysphere commands running as run create a temporary
directory in TMPDIR (provided by environment) and then change the
ownership/permissions on that directory for monkeysphere user to use that
directory.

This works in a normal setup but fails when libpam-tmpdir is installed. This PAM
module causes the tmp directory to be /tmp/user/0/ so that it is harder to for
users to access each other temporary files. This improves security but causes
problem for above situation as the parent directory of the directory to be
shared is not allowed access by other users.

To fix this, explicitly set the TMPDIR to a known location that can be used to
share files across users. /var/lib/monkeysphere/authentication/tmp is a
directory that is already being setup and used for such purposes. Reuse it
instead of created a new one. Apply the fix conservatively only in cases needed.

Closes: #656750.

Signed-off-by: Sunil Mohan Adapa <sunil at medhas.org>

- - - - -
b6b3c529 by Daniel Kahn Gillmor at 2019-01-20T22:17:30Z
Clean up some shell, coreutils, and mktemp loopholes

In some very unusual cases, where the system monkeysphere directory
has whitespace in the paths, or where some filenames start with a "-",
the shell, mktemp, or various components of coreutils could
misinterpret the commands given.

This cleans up some of those mistakes, many of which have been in the
monkeysphere codebase for ages.

Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>

- - - - -
48f5a134 by Daniel Kahn Gillmor at 2019-01-21T16:43:38Z
tests/basic: Expose unexpected differences

There is no good reason to pass -q to diff in the test suite.  If
there's a difference, the test suite will fail, and we want to know
what the difference is.

- - - - -
c48ffcd6 by Daniel Kahn Gillmor at 2019-01-21T17:03:07Z
README: document Monkeysphere dependencies

- - - - -
3e2b94b3 by Daniel Kahn Gillmor at 2019-01-21T20:04:24Z
Use gpg --export-ssh-key instead of openpgp2ssh

GnuPG 2.1.11 introduced gpg --export-ssh-key.  By relying on it
explicitly, we can reduce our dependency on keytrans, no longer
needing it for getting SSH-style public key information out of OpenPGP
certificates.

This increases our versioned dependency on GnuPG, and introduces a
requirement to have OpenSSH's ssh-keygen around for generating ssh
fingerprints.

We aren't yet handling secret transformations, though.

- - - - -
c4c2e888 by Daniel Kahn Gillmor at 2019-01-21T20:47:03Z
Simplify by using more modern GnuPG

Since we're using a modern version of GnuPG, we can remove some of the
fancier versioned checks.  If we're willing to depend on gpg >=
2.1.17, we can probably move even more, since that's when the --quick-* interface really stabilized.

- - - - -
af4bfcd3 by Daniel Kahn Gillmor at 2019-01-23T00:15:06Z
Add Ed25519 support to agent-transfer

agent-transfer used to only work for RSA keys.  With this changeset,
it grows support for ed25519 keys, so "monkeysphere
subkey-to-ssh-agent" should be able to work for ed25519
authentication-capable subkeys as well.

- - - - -
2a30561c by Daniel Kahn Gillmor at 2019-01-23T00:34:19Z
monkeysphere subkey-to-ssh-agent: consider Ed2559 subkeys as well as RSA

- - - - -
32f36299 by Daniel Kahn Gillmor at 2019-01-23T00:37:25Z
Document new agent-transfer 25519 support

- - - - -
2b298cad by Daniel Kahn Gillmor at 2019-01-23T00:39:09Z
Overwrite compressed manpages unconditionally during build

Without this, sometimes the build process is interrupted with a
prompt:

   gzip: replaced/man/man1/agent-transfer.1.gz already exists; do you wish to overwrite (y or n)?

- - - - -
c2ad1254 by Daniel Kahn Gillmor at 2019-01-23T00:52:39Z
Suggest 3072-bit as a default

There are only a few places where monkeysphere is actively creating
keys.  By default now, use 3072-bit RSA (and be explicit that it's
RSA, in preparation for being able to move to a different algorithm)

- - - - -
85f5513d by Daniel Kahn Gillmor at 2019-01-23T00:59:36Z
Update copyright years

- - - - -
f714f7e7 by Daniel Kahn Gillmor at 2019-01-23T18:50:49Z
bump standards-version to 4.3.0 (no changes needed)

- - - - -
938c0cbb by Daniel Kahn Gillmor at 2019-01-23T18:50:49Z
move to debhelper 12

- - - - -
14845bc4 by Daniel Kahn Gillmor at 2019-01-23T18:50:49Z
use https for upstream links

- - - - -
0644ee8f by Daniel Kahn Gillmor at 2019-01-23T19:00:22Z
Use https for wiki.debian.org

- - - - -
63f9eb31 by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Add test for Ed25519 authentication-capable subkeys

This new test will only work for GnuPG version 2.1.17 and later, when
--quick-add-key was added.  It's intended to pave the way for a future
version of monkeysphere that has a tighter GnuPG dependency and can
drop the dependency on perl entirely.

- - - - -
8a887e38 by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Move all outbound links from http to https

- - - - -
6ed85ae6 by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Update stale Slackware packaging info

- - - - -
84e75d72 by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Fix spelling

- - - - -
4cf70afc by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Use 3072-bit RSA keys in tests

We were using 1024-bit RSA keys in tests to avoid blocking on systems
with limited entropy.  As we move into the getrandom() era, this is a
situation that we should expect the operating system to handle
correctly, and our tools should be tested with sensible limits and
sensible key sizes.

- - - - -
1453f99b by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
pem2openpgp: clearer error messages for PEM2OPENPGP_NEWKEY

This should resolve https://bugs.debian.org/906755

- - - - -
5f2e56e6 by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Comment fix: monkeysphere-server has not existed for a long time

- - - - -
bc443de6 by Daniel Kahn Gillmor at 2019-01-23T20:00:17Z
Avoid unnecessary user lockout

See the argument here: https://bugs.debian.org/897366

I discussed this on IRC with anarcat, and did some code archaeology,
and could not find any reason for the excessive paranoia.  If the
chown/chmod/mv sequence fails, then we should report an error and
remove the temporary incoming file, not the pre-existing one.

- - - - -
b1608b91 by Daniel Kahn Gillmor at 2019-01-23T22:41:39Z
Improve monkeysphere-authentication diagnostics

Since OpenSSH 6.0, the sshd server has supported sshd -T to dump the
config without needing to find the file.  Encourage the use of a
modern version of sshd, and improve the diagnostics as a result.

- - - - -
16361f60 by Daniel Kahn Gillmor at 2019-01-23T22:41:39Z
document versioned dependency on OpenSSH

- - - - -
56ce9502 by Daniel Kahn Gillmor at 2019-01-23T22:42:27Z
Changelog documents proposed 0.43

- - - - -
851f1026 by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
d/control: use ${perl:Depends} for monkeysphere

- - - - -
bc91894f by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
d/control: document versioned GnuPG dependency from upstream

- - - - -
6d361dde by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
d/control: explicitly depend on openssh-client for ssh-keygen

- - - - -
e0caa8e6 by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
note RSA and Ed25519 keys in agent-transfer description

- - - - -
d0242a1e by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
tell debhelper where examples come from

- - - - -
827c9af9 by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
Avoid dh_missing reporting Changelog as "not installed"

This is because it gets installed elsewhere correctly as the upstream
changelog.gz, and we do not need to ship it twice.

- - - - -
f597ba1a by Daniel Kahn Gillmor at 2019-01-23T22:44:17Z
use dh_missing --fail-missing

- - - - -
b8f6b264 by Daniel Kahn Gillmor at 2019-01-23T22:44:42Z
prepare debian release

- - - - -
881633bf by Daniel Kahn Gillmor at 2019-01-23T22:46:07Z
Merge tag 'monkeysphere_0.43' into debian/master

Tagging Monkeysphere 0.43

- - - - -
ef7d4d10 by Daniel Kahn Gillmor at 2019-01-24T20:53:55Z
Dump remaining jobs during test cleanup

See https://bugs.debian.org/920038 for more information about why this
additional debugging information might be useful.

- - - - -
579864e4 by Daniel Kahn Gillmor at 2019-01-24T22:00:20Z
Autopkgtest should cover Ed25519 as well

- - - - -
1db1eeb8 by Daniel Kahn Gillmor at 2019-01-24T22:01:06Z
cherry-pick two upstream testing patches

- - - - -


30 changed files:

- COPYING
- Changelog
- Makefile
- README
- debian/changelog
- − debian/compat
- debian/control
- debian/copyright
- debian/monkeysphere.examples
- debian/monkeysphere.postinst
- debian/monkeysphere.postrm
- + debian/not-installed
- + debian/patches/0001-Expose-sshd-logs-when-ssh-test-fails.patch
- + debian/patches/0002-Ensure-that-make-test-ed25519-works-when-no-tty-is-p.patch
- + debian/patches/series
- debian/rules
- debian/tests/control
- examples/make-x509-certreqs
- man/man1/agent-transfer.1
- man/man1/pem2openpgp.1
- man/man7/monkeysphere.7
- man/man8/monkeysphere-host.8
- packaging/macports/Portfile
- packaging/slackware/README
- src/agent-transfer/main.c
- src/agent-transfer/ssh-agent-proto.h
- src/monkeysphere
- src/monkeysphere-authentication
- src/monkeysphere-host
- src/share/common


The diff was not included because it is too large.


View it on GitLab: https://salsa.debian.org/pkg-privacy-team/monkeysphere/compare/9751518c307068a1483257b6f0e21dcb3c7c7975...1db1eeb89fd974065873a65e4fa4ec43509fc7d7

-- 
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/monkeysphere/compare/9751518c307068a1483257b6f0e21dcb3c7c7975...1db1eeb89fd974065873a65e4fa4ec43509fc7d7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-commits/attachments/20190124/f5c14e95/attachment-0001.html>

More information about the Pkg-privacy-commits mailing list