[Pkg-privacy-commits] [flashproxy] 48/65: import patch from upstream, generate key in initscript

Ximin Luo infinity0 at moszumanska.debian.org
Fri Aug 21 13:49:45 UTC 2015 

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch _volatile-rc
in repository flashproxy.

commit a6fae510ce21b2f0c25037d9765a217449a4e9ad
Author: Ximin Luo <infinity0 at pwned.gg>
Date:   Wed Aug 6 00:05:49 2014 +0100

    import patch from upstream, generate key in initscript
---
 debian/flashproxy-facilitator.postinst          | 10 ----
 debian/patches/generate-key-in-initscript.patch | 80 +++++++++++++++++++++++++
 debian/patches/series                           |  1 +
 3 files changed, 81 insertions(+), 10 deletions(-)

diff --git a/debian/flashproxy-facilitator.postinst b/debian/flashproxy-facilitator.postinst
index 21b0bf8..e9f8680 100644
--- a/debian/flashproxy-facilitator.postinst
+++ b/debian/flashproxy-facilitator.postinst
@@ -19,10 +19,6 @@ set -e
 
 fpfacilitatoruser=fp-facilitator
 pkgconfdir=/etc/flashproxy
-# workaround #689490 to stop piuparts complaining
-if ! test -e /root/.rnd; then
-    export RANDFILE=/dev/urandom
-fi
 
 case "$1" in
     configure)
@@ -35,12 +31,6 @@ case "$1" in
           --no-create-home \
           --shell /bin/false \
           "${fpfacilitatoruser}"
-        # install secrets
-        if [ ! -f "${pkgconfdir}/reg-daemon.key" ]; then
-          install -m 600 /dev/null "${pkgconfdir}"/reg-daemon.key
-          openssl genrsa 2048 | tee "${pkgconfdir}"/reg-daemon.key | \
-          openssl rsa -pubout > "${pkgconfdir}"/reg-daemon.pub
-        fi
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure)
diff --git a/debian/patches/generate-key-in-initscript.patch b/debian/patches/generate-key-in-initscript.patch
new file mode 100644
index 0000000..1a79c2e
--- /dev/null
+++ b/debian/patches/generate-key-in-initscript.patch
@@ -0,0 +1,80 @@
+Description: generate key in the initscript instead of post-install
+  - this allows things to work easily even on pre-installed system images,
+    such as liveCDs, c.f. debian bug #594175
+Author: Ximin Luo <infinity0 at torproject.org>
+Applied-Upstream: commit:7ba80db17d0fe53dfc0eff9ed4dec46312e853e7
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/facilitator/Makefile.am
++++ b/facilitator/Makefile.am
+@@ -73,10 +73,10 @@
+ # non-standard directories to ./configure or DESTDIR to make.
+ 
+ pre-install: meta-install-sanity install-user
+-post-install: meta-install-sanity install-secrets install-symlinks install-daemon
++post-install: meta-install-sanity install-symlinks install-daemon
+ pre-remove: meta-install-sanity remove-daemon remove-symlinks
+ post-remove: meta-install-sanity
+-pre-purge: pre-remove remove-secrets remove-daemon-data
++pre-purge: pre-remove remove-daemon-data
+ post-purge: post-remove remove-user
+ 
+ meta-install-sanity:
+@@ -111,17 +111,6 @@
+ 	  userdel \
+ 	    ${fpfacilitatoruser} ; } || true
+ 
+-install-secrets:
+-	test -f ${pkgconfdir}/reg-daemon.key || { \
+-	  install -m 600 /dev/null ${pkgconfdir}/reg-daemon.key && \
+-	  openssl genrsa 2048 | tee ${pkgconfdir}/reg-daemon.key | \
+-	  openssl rsa -pubout > ${pkgconfdir}/reg-daemon.pub; }
+-
+-remove-secrets:
+-	for i in reg-daemon.key reg-daemon.pub; do \
+-	  rm -f ${pkgconfdir}/$$i; \
+-	done
+-
+ install-symlinks:
+ 	for i in fp-reg.go app.yaml; do \
+ 	  $(LN_S) -f ${appenginedir}/$$i ${appengineconfdir}/$$i; \
+@@ -159,14 +148,17 @@
+ endif
+ 
+ remove-daemon-data:
++	for i in reg-daemon.key reg-daemon.pub; do \
++	  rm -f ${pkgconfdir}/$$i; \
++	done
+ if DO_INITSCRIPTS
+ 	for i in ${initscript_names}; do \
+ 	  rm -f ${localstatedir}/log/$$i.log* \
+-	  rm -f ${localstatedir}/run/$$i.pid \
++	  rm -f ${localstatedir}/run/$$i.pid; \
+ 	done
+ endif
+ 
+ .PHONY: pre-install post-install pre-remove post-remove pre-purge post-purge
+-.PHONY: install-user install-secrets install-symlinks install-daemon
+-.PHONY: remove-user remove-secrets remove-symlinks remove-daemon
++.PHONY: install-user install-symlinks install-daemon
++.PHONY: remove-user remove-symlinks remove-daemon
+ .PHONY: pylint
+--- a/facilitator/init.d/fp-reg-decryptd.in
++++ b/facilitator/init.d/fp-reg-decryptd.in
+@@ -49,6 +49,16 @@
+ 	#   0 if daemon has been started
+ 	#   1 if daemon was already running
+ 	#   2 if daemon could not be started
++
++	# Automatically generate a key if one doesn't exist
++	if [ ! -f "$CONFDIR/reg-daemon.key" ]; then
++		echo >&2 "$CONFDIR/reg-daemon.key does not exist; generating it"
++		# prevent race for non-root to open read file handle
++		install -m 600 /dev/null "$CONFDIR/reg-daemon.key"
++		openssl genrsa 2048 | tee "$CONFDIR/reg-daemon.key" | \
++		  openssl rsa -pubout > "$CONFDIR/reg-daemon.pub"
++	fi
++
+ 	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ 		|| return 1
+ 	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
diff --git a/debian/patches/series b/debian/patches/series
index f84b774..cb6f223 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 rm-prebuilt-manpages.patch
 nodejs-shebang.patch
 disable-flaky-test.patch
+generate-key-in-initscript.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/flashproxy.git

More information about the Pkg-privacy-commits mailing list