diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/README.Debian | 41 | ||||
| -rw-r--r-- | debian/README.Debian.diet | 15 | ||||
| -rw-r--r-- | debian/README.runit | 46 | ||||
| -rw-r--r-- | debian/changelog | 225 | ||||
| -rw-r--r-- | debian/control | 20 | ||||
| -rw-r--r-- | debian/copyright.in | 11 | ||||
| -rw-r--r-- | debian/dropbear.README.Debian | 52 | ||||
| -rw-r--r-- | debian/dropbear.conffiles | 3 | ||||
| -rw-r--r-- | debian/dropbear.default | 0 | ||||
| -rw-r--r-- | debian/dropbear.docs | 4 | ||||
| -rw-r--r-- | debian/dropbear.init | 61 | ||||
| -rw-r--r-- | debian/dropbear.postinst | 67 | ||||
| -rw-r--r-- | debian/dropbear.postrm | 12 | ||||
| -rw-r--r-- | debian/dropbear.prerm | 11 | ||||
| -rw-r--r-- | debian/implicit | 93 | ||||
| -rwxr-xr-x | debian/rules | 107 | ||||
| -rw-r--r-- | debian/service/log | 2 | ||||
| -rw-r--r-- | debian/service/run | 3 |
18 files changed, 773 insertions, 0 deletions
diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..8cdac38 --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,41 @@ +Dropbear for Debian +------------------- + +This package will attempt to listen on port 22. If the OpenSSH +package ("ssh") is installed, the file /etc/default/dropbear +will be set up so that the server does not start by default. + +You can run Dropbear concurrently with OpenSSH 'sshd' by +modifying /etc/default/dropbear so that "NO_START" is set to +"0" and changing the port number that Dropbear runs on. Follow +the instructions in the file. + +This package suggests you install the "ssh" package. This package +provides the "ssh" client program, as well as the "/usr/bin/scp" +binary you will need to be able to retrieve files from a server +running Dropbear via SCP. + +Replacing OpenSSH "sshd" with Dropbear +-------------------------------------- + +You will still want to have the "ssh" package installed, as it +provides the "ssh" and "scp" binaries. When you install this +package, it checks for existing OpenSSH host keys and if found, +converts them to the Dropbear format. + +If this appears to have worked, you should be able to change over +by following these steps: + +1. Stop the OpenSSH server + % /etc/init.d/ssh stop +2. Prevent the OpenSSH server from starting in the future + % touch /etc/ssh/sshd_not_to_be_run +3. Modify the Dropbear defaults file, set NO_START to 0 and + ensure DROPBEAR_PORT is set to 22. + % editor /etc/default/dropbear +4. Restart the Dropbear server. + % /etc/init.d/dropbear restart + +See the Dropbear homepage for more information: + http://matt.ucc.asn.au/dropbear/dropbear.html + diff --git a/debian/README.Debian.diet b/debian/README.Debian.diet new file mode 100644 index 0000000..bd0cb5c --- /dev/null +++ b/debian/README.Debian.diet @@ -0,0 +1,15 @@ +Building with the diet libc +--------------------------- + +This package optionally can be built with the diet libc instead of the +glibc to provide small statically linked programs. The resulting package +has no dependency on any other package. + +To use the diet libc, make sure the latest versions of the dietlibc-dev +package is installed, and set DEB_BUILD_OPTIONS=diet in the environment +when building the package, e.g.: + + # apt-get install dietlibc-dev + $ DEB_BUILD_OPTIONS=diet fakeroot apt-get source -b dropbear + + -- Gerrit Pape <pape@smarden.org>, Sat, 17 Jul 2004 19:09:34 +0000 diff --git a/debian/README.runit b/debian/README.runit new file mode 100644 index 0000000..4ac2814 --- /dev/null +++ b/debian/README.runit @@ -0,0 +1,46 @@ +Using the dropbear SSH server with runit's services supervision +--------------------------------------------------------------- + +The dropbear SSH server is perfectly suited to be run under runit's +service supervision, and this package already has prepared an adequate +service directory. Follow these steps to enable the dropbear service +using the runit package. + +If not yet installed on your system, install the runit package, and make +sure its service supervision is enabled (it's by default) + + # apt-get install runit + +Make sure the dropbear service normally handled through the sysv init +script is stopped + + # /etc/init.d/dropbear stop + +Create the system user ``dropbearlog'' which will run the logger service, +and own the logs + + # adduser --system --home /var/log/dropbear --no-create-home dropbearlog + +Create the log directory and make the newly created system user the owner +of this directory + + # mkdir -p /var/log/dropbear && chown dropbearlog /var/log/dropbear + +Optionally adjust the configuration of the dropbear service by editing the +run script + + # vi /etc/dropbear/run + +Finally enable the service by linking dropbear's service directory to +/var/service/. The service will be started within five seconds, and +automatically at boot time. The sysv init script is disabled; see the +runsvctrl(8) program for information on how to control services handled by +runit. See the svlogd(8) program on how to configure the log service. + + # ln -s /etc/dropbear /var/service/ + +Optionally check the status of the service a few seconds later + + # runsvstat -l /var/service/dropbear + + -- Gerrit Pape <pape@smarden.org>, Sun, 16 May 2004 15:52:34 +0000 diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..acebcef --- /dev/null +++ b/debian/changelog @@ -0,0 +1,225 @@ +dropbear (0.49-0.1) unstable; urgency=low + + * New upstream release. + + -- Matt Johnston <matt@ucc.asn.au> Tues, 13 June 2005 19:20:21 +0800 + +dropbear (0.48.1-1) unstable; urgency=medium + + * new upstream point release. + * Compile fix for scp + * debian/diff/dbclient.1.diff: new: document -R option to dbclient + accurately (thx Markus Schaber; closes: #351882). + * debian/dropbear.README.Debian: document a workaround for systems with + possibly blocking /dev/random device (closes: #355414).. + + -- Gerrit Pape <pape@smarden.org> Sun, 16 Apr 2006 16:16:40 +0000 + +dropbear (0.48-1) unstable; urgency=medium + + * New upstream release. + * SECURITY: Improve handling of denial of service attempts from a single + IP. + + * debian/implicit: update to revision 1.11. + * new upstream release updates to scp from OpenSSH 4.3p2 - fixes a + security issue where use of system() could cause users to execute + arbitrary code through malformed filenames; CVE-2006-0225 (see also + #349645); the scp binary is not provided by this package though. + + -- Gerrit Pape <pape@smarden.org> Fri, 10 Mar 2006 22:00:32 +0000 + +dropbear (0.47-1) unstable; urgency=high + + * New upstream release. + * SECURITY: Fix incorrect buffer sizing; CVE-2005-4178. + + -- Matt Johnston <matt@ucc.asn.au> Thu, 8 Dec 2005 19:20:21 +0800 + +dropbear (0.46-2) unstable; urgency=low + + * debian/control: Standards-Version: 3.6.2.1; update descriptions to + mention included server and client (thx Tino Keitel). + * debian/dropbear.init: allow '/etc/init.d/dropbear stop' even though + 'NO_START is not set to zero.' (closes: #336723). + + -- Gerrit Pape <pape@smarden.org> Tue, 6 Dec 2005 13:30:49 +0000 + +dropbear (0.46-1) unstable; urgency=medium + + * New upstream release, various fixes. + * debian/diff/dbclient-usage-typo.diff, debian/diff/manpages.diff: remove; + obsolete. + * debian/dbclient.1: move to ./dbclient.1. + + -- Matt Johnston <matt@ucc.asn.au> Fri, 8 July 2005 21:32:55 +0800 + +dropbear (0.45-3) unstable; urgency=low + + * debian/dropbear.init: init script prints human readable message in case + it's disabled (closes: #309099). + * debian/dropbear.postinst: configure: restart service through init script + instead of start. + * debian/dropbear.prerm: set -u -> set -e. + + -- Gerrit Pape <pape@smarden.org> Wed, 25 May 2005 22:38:17 +0000 + +dropbear (0.45-2) unstable; urgency=low + + * Matt Johnston: + * New upstream release, various fixes. + + -- Gerrit Pape <pape@smarden.org> Sat, 12 Mar 2005 15:17:55 +0000 + +dropbear (0.44-1) unstable; urgency=low + + * New upstream release. + * debian/rules: install /usr/bin/dbclient; handle possible patches more + gracefully; install debian/dbclient.1 man page; enable target patch; + minor. + * debian/implicit: update to revision 1.10. + * debian/dbclient.1: new; man page. + * debian/diff/dbclient-usage-typo.diff: new; fix typo. + * debian/diff/manpages.diff: new; add references to dbclient man page. + + -- Gerrit Pape <pape@smarden.org> Sat, 8 Jan 2005 22:50:43 +0000 + +dropbear (0.43-2) unstable; urgency=high + + * Matt Johnston: + * New upstream release 0.43 + * SECURITY: Don't attempt to free uninitialised buffers in DSS verification + code + * Handle portforwarding to servers which don't send any initial data + (Closes: #258426) + * debian/dropbear.postinst: remove code causing bothersome warning on + package install (closes: #256752). + * debian/README.Debian.diet: new; how to build with the diet libc. + * debian/dropbear.docs: add debian/README.Debian.diet. + * debian/rules: support "diet" in DEB_BUILD_OPTIONS; minor cleanup. + + -- Gerrit Pape <pape@smarden.org> Sat, 17 Jul 2004 19:31:19 +0000 + +dropbear (0.42-1) unstable; urgency=low + + * New upstream release 0.42. + * debian/diff/cvs-20040520.diff: remove; obsolete. + * debian/rules: disable target patch. + + -- Matt Johnston <matt@ucc.asn.au> Wed, 16 June 2004 12:44:54 +0800 + +dropbear (0.41-3) unstable; urgency=low + + * 1st upload to the Debian archive (closes: #216553). + * debian/diff/cvs-20040520.diff: new; stable cvs snapshot. + * debian/rules: new target patch: apply diffs in debian/diff/, reverse + apply in target clean; install man pages. + * debian/control: Priority: optional. + + -- Gerrit Pape <pape@smarden.org> Sun, 23 May 2004 08:32:37 +0000 + +dropbear (0.41-2) unstable; urgency=low + + * new maintainer. + * debian/control: no longer Build-Depends: debhelper; Build-Depends: + libz-dev; Standards-Version: 3.6.1.0; Suggests: runit; update + descriptions. + * debian/rules: stop using debhelper, use implicit rules; cleanup; + install dropbearconvert into /usr/lib/dropbear/. + * debian/impicit: new; implicit rules. + * debian/copyright.in: adapt. + * debian/dropbear.init: minor adaptions; test for dropbear service + directory. + * debian/README.runit: new; how to use dropbear with runit. + * debian/README.Debian, debian/docs: rename to debian/dropbear.*. + * debian/dropbear.docs: add debian/README.runit + * debian/conffiles: rename to debian/dropbear.conffiles; add init + script, and run scripts. + * debian/postinst: rename to debian/dropbear.postinst; adapt; use + invloke-rc.d dropbear start. + * debian/dropbear.prerm: new; invoke-rc.d dropbear stop. + * debian/postrm: rename to debian/dropbear.postrm; adapt; clean up + service directories. + * debian/compat, debian/dirs, dropbear.default: remove; obsolete. + + -- Gerrit Pape <pape@smarden.org> Sun, 16 May 2004 16:50:55 +0000 + +dropbear (0.41-1) unstable; urgency=low + + * Updated to 0.41 release. + * Various minor fixes + + -- Matt Johnston <matt@ucc.asn.au> Mon, 19 Jan 2004 23:20:54 +0800 + +dropbear (0.39-1) unstable; urgency=low + + * updated to 0.39 release. Some new features, some bugfixes. + + -- Matt Johnston <matt@ucc.asn.au> Tue, 16 Dec 2003 16:20:54 +0800 + +dropbear (0.38-1) unstable; urgency=medium + + * updated to 0.38 release - various important bugfixes + + -- Matt Johnston <matt@ucc.asn.au> Sat, 11 Oct 2003 16:28:54 +0800 + +dropbear (0.37-1) unstable; urgency=medium + + * updated to 0.37 release - various important bugfixes + + -- Matt Johnston <matt@ucc.asn.au> Wed, 24 Sept 2003 19:43:54 +0800 + +dropbear (0.36-1) unstable; urgency=high + + * updated to 0.36 release - various important bugfixes + + -- Matt Johnston <matt@ucc.asn.au> Tues, 19 Aug 2003 12:20:54 +0800 + +dropbear (0.35-1) unstable; urgency=high + + * updated to 0.35 release - contains fix for remotely exploitable + vulnerability. + + -- Matt Johnston <matt@ucc.asn.au> Sun, 17 Aug 2003 05:37:47 +0800 + +dropbear (0.34-1) unstable; urgency=medium + + * updated to 0.34 release + + -- Matt Johnston <matt@ucc.asn.au> Fri, 15 Aug 2003 15:10:00 +0800 + +dropbear (0.33-1) unstable; urgency=medium + + * updated to 0.33 release + + -- Matt Johnston <matt@ucc.asn.au> Sun, 22 Jun 2003 22:22:00 +0800 + +dropbear (0.32cvs-1) unstable; urgency=medium + + * now maintained in UCC CVS + * debian/copyright.in file added, generated from LICENSE + + -- Grahame Bowland <grahame@angrygoats.net> Tue, 21 Jun 2003 17:57:02 +0800 + +dropbear (0.32cvs-1) unstable; urgency=medium + + * sync with CVS + * fixes X crash bug + + -- Grahame Bowland <grahame@angrygoats.net> Tue, 20 Jun 2003 15:04:47 +0800 + +dropbear (0.32-2) unstable; urgency=low + + * fix creation of host keys to use correct names in /etc/dropbear + * init script "restart" function fixed + * purging this package now deletes the host keys and /etc/dropbear + * change priority in debian/control to 'standard' + + -- Grahame Bowland <grahame@angrygoats.net> Tue, 17 Jun 2003 15:04:47 +0800 + +dropbear (0.32-1) unstable; urgency=low + + * Initial Release. + + -- Grahame Bowland <grahame@angrygoats.net> Tue, 17 Jun 2003 15:04:47 +0800 + diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..81835b3 --- /dev/null +++ b/debian/control @@ -0,0 +1,20 @@ +Source: dropbear +Section: net +Priority: optional +Maintainer: Gerrit Pape <pape@smarden.org> +Build-Depends: libz-dev +Standards-Version: 3.6.2.1 + +Package: dropbear +Architecture: any +Depends: ${shlibs:Depends} +Suggests: ssh, runit +Description: lightweight SSH2 server and client + dropbear is a SSH 2 server and client designed to be small enough to + be used in small memory environments, while still being functional and + secure enough for general use. + . + It implements most required features of the SSH 2 protocol, and other + features such as X11 and authentication agent forwarding. + . + See http://matt.ucc.asn.au/dropbear/dropbear.html diff --git a/debian/copyright.in b/debian/copyright.in new file mode 100644 index 0000000..79526d3 --- /dev/null +++ b/debian/copyright.in @@ -0,0 +1,11 @@ +This package was debianized by Grahame Bowland <grahame.angrygoats.net> on +Tue, 17 Jun 2003 15:04:47 +0800, maintained temporarily by Matt Johnston +<matt@ucc.asn.au>, and was adopted by Gerrit Pape <pape@smarden.org> on +Sun, 16 May 2004 14:38:33 +0000. + +It was downloaded from http://matt.ucc.asn.au/dropbear/ + +Upstream Author: Matt Johnston <matt@ucc.asn.au> + +Copyright: + diff --git a/debian/dropbear.README.Debian b/debian/dropbear.README.Debian new file mode 100644 index 0000000..7eec3e6 --- /dev/null +++ b/debian/dropbear.README.Debian @@ -0,0 +1,52 @@ +Dropbear for Debian +------------------- + +This package will attempt to listen on port 22. If the OpenSSH +package ("ssh") is installed, the file /etc/default/dropbear +will be set up so that the server does not start by default. + +You can run Dropbear concurrently with OpenSSH 'sshd' by +modifying /etc/default/dropbear so that "NO_START" is set to +"0" and changing the port number that Dropbear runs on. Follow +the instructions in the file. + +This package suggests you install the "ssh" package. This package +provides the "ssh" client program, as well as the "/usr/bin/scp" +binary you will need to be able to retrieve files from a server +running Dropbear via SCP. + +Replacing OpenSSH "sshd" with Dropbear +-------------------------------------- + +You will still want to have the "ssh" package installed, as it +provides the "ssh" and "scp" binaries. When you install this +package, it checks for existing OpenSSH host keys and if found, +converts them to the Dropbear format. + +If this appears to have worked, you should be able to change over +by following these steps: + +1. Stop the OpenSSH server + % /etc/init.d/ssh stop +2. Prevent the OpenSSH server from starting in the future + % touch /etc/ssh/sshd_not_to_be_run +3. Modify the Dropbear defaults file, set NO_START to 0 and + ensure DROPBEAR_PORT is set to 22. + % editor /etc/default/dropbear +4. Restart the Dropbear server. + % /etc/init.d/dropbear restart + +See the Dropbear homepage for more information: + http://matt.ucc.asn.au/dropbear/dropbear.html + + +Entropy from /dev/random +------------------------ + +The dropbear binary package is configured at compile time to read +entropy from /dev/random. If /dev/random on a system blocks when +reading data from it, client logins may be delayed until the client +times out. The dropbear server writes a notice to the logs when it +sees /dev/random blocking. A workaround for such systems is to +re-compile the package with DROPBEAR_RANDOM_DEV set to /dev/urandom +in options.h. diff --git a/debian/dropbear.conffiles b/debian/dropbear.conffiles new file mode 100644 index 0000000..6919006 --- /dev/null +++ b/debian/dropbear.conffiles @@ -0,0 +1,3 @@ +/etc/init.d/dropbear +/etc/dropbear/run +/etc/dropbear/log/run diff --git a/debian/dropbear.default b/debian/dropbear.default new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/debian/dropbear.default diff --git a/debian/dropbear.docs b/debian/dropbear.docs new file mode 100644 index 0000000..94fec74 --- /dev/null +++ b/debian/dropbear.docs @@ -0,0 +1,4 @@ +README +TODO +debian/README.runit +debian/README.Debian.diet diff --git a/debian/dropbear.init b/debian/dropbear.init new file mode 100644 index 0000000..7979c8d --- /dev/null +++ b/debian/dropbear.init @@ -0,0 +1,61 @@ +#!/bin/sh +# +# Do not configure this file. Edit /etc/default/dropbear instead! +# + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/dropbear +NAME=dropbear +DESC="Dropbear SSH server" + +DROPBEAR_PORT=22 +DROPBEAR_EXTRA_ARGS= +NO_START=0 + +set -e + +cancel() { echo "$1" >&2; exit 0; }; +test ! -r /etc/default/dropbear || . /etc/default/dropbear +test -x "$DAEMON" || cancel "$DAEMON does not exist or is not executable." +test ! -h /var/service/dropbear || \ + cancel '/var/service/dropbear exists, service is controlled through runit.' + +test -z "$DROPBEAR_BANNER" || \ + DROPBEAR_EXTRA_ARGS="$DROPBEAR_EXTRA_ARGS -b $DROPBEAR_BANNER" +test -n "$DROPBEAR_RSAKEY" || \ + DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key" +test -n "$DROPBEAR_DSSKEY" || \ + DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key" + +case "$1" in + start) + test "$NO_START" = "0" || cancel 'NO_START is not set to zero.' + echo -n "Starting $DESC: " + start-stop-daemon --start --quiet --pidfile /var/run/"$NAME".pid \ + --exec "$DAEMON" -- -d "$DROPBEAR_DSSKEY" -r "$DROPBEAR_RSAKEY" \ + -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/"$NAME".pid + echo "$NAME." + ;; + restart|force-reload) + test "$NO_START" = "0" || cancel 'NO_START is not set to zero.' + echo -n "Restarting $DESC: " + start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/"$NAME".pid + sleep 1 + start-stop-daemon --start --quiet --pidfile /var/run/"$NAME".pid \ + --exec "$DAEMON" -- -d "$DROPBEAR_DSSKEY" -r "$DROPBEAR_RSAKEY" \ + -p "$DROPBEAR_PORT" $DROPBEAR_EXTRA_ARGS + echo "$NAME." + ;; + *) + N=/etc/init.d/$NAME + echo "Usage: $N {start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/debian/dropbear.postinst b/debian/dropbear.postinst new file mode 100644 index 0000000..312eb05 --- /dev/null +++ b/debian/dropbear.postinst @@ -0,0 +1,67 @@ +#!/bin/sh +set -e + +test "$1" = 'configure' || exit 0 + +if test ! -e /etc/dropbear/dropbear_rsa_host_key; then + if test -f /etc/ssh/ssh_host_rsa_key; then + echo "Converting existing OpenSSH RSA host key to Dropbear format." + /usr/lib/dropbear/dropbearconvert openssh dropbear \ + /etc/ssh/ssh_host_rsa_key /etc/dropbear/dropbear_rsa_host_key + else + echo "Generating Dropbear RSA key. Please wait." + dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key + fi +fi +if test ! -e /etc/dropbear/dropbear_dss_host_key; then + if test -f /etc/ssh/ssh_host_dsa_key; then + echo "Converting existing OpenSSH RSA host key to Dropbear format." + /usr/lib/dropbear/dropbearconvert openssh dropbear \ + /etc/ssh/ssh_host_dsa_key /etc/dropbear/dropbear_dss_host_key + else + echo "Generating Dropbear DSS key. Please wait." + dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key + fi +fi +if test ! -s /etc/default/dropbear; then + # check whether OpenSSH seems to be installed. + if test -x /usr/sbin/sshd; then + cat <<EOT +OpenSSH appears to be installed. Setting /etc/default/dropbear so that +Dropbear will not start by default. Edit this file to change this behaviour. + +EOT + cat >>/etc/default/dropbear <<EOT +# disabled because OpenSSH is installed +# change to NO_START=0 to enable Dropbear +NO_START=1 + +EOT + fi + cat >>/etc/default/dropbear <<EOT +# the TCP port that Dropbear listens on +DROPBEAR_PORT=22 + +# any additional arguments for Dropbear +DROPBEAR_EXTRA_ARGS= + +# specify an optional banner file containing a message to be +# sent to clients before they connect, such as "/etc/issue.net" +DROPBEAR_BANNER="" + +# RSA hostkey file (default: /etc/dropbear/dropbear_rsa_host_key) +#DROPBEAR_RSAKEY="/etc/dropbear/dropbear_rsa_host_key" + +# DSS hostkey file (default: /etc/dropbear/dropbear_dss_host_key) +#DROPBEAR_DSSKEY="/etc/dropbear/dropbear_dss_host_key" +EOT +fi + +if test -x /etc/init.d/dropbear; then + update-rc.d dropbear defaults >/dev/null + if test -x /usr/sbin/invoke-rc.d; then + invoke-rc.d dropbear restart + else + /etc/init.d/dropbear restart + fi +fi diff --git a/debian/dropbear.postrm b/debian/dropbear.postrm new file mode 100644 index 0000000..d09dab0 --- /dev/null +++ b/debian/dropbear.postrm @@ -0,0 +1,12 @@ +#! /bin/sh +set -e + +test "$1" = 'purge' || exit 0 +if test -e /etc/dropbear; then + rm -f /etc/dropbear/dropbear_rsa_host_key + rm -f /etc/dropbear/dropbear_dss_host_key + rmdir --ignore-fail-on-non-empty /etc/dropbear +fi +update-rc.d dropbear remove >/dev/null +rm -f /etc/default/dropbear +rm -rf /etc/dropbear/supervise /etc/dropbear/log/supervise diff --git a/debian/dropbear.prerm b/debian/dropbear.prerm new file mode 100644 index 0000000..e63cdb8 --- /dev/null +++ b/debian/dropbear.prerm @@ -0,0 +1,11 @@ +#!/bin/sh +set -e + +test "$1" = 'remove' || test "$1" = 'deconfigure' || exit 0 +if test -x /etc/init.d/dropbear; then + if test -x /usr/sbin/invoke-rc.d; then + invoke-rc.d dropbear stop + else + /etc/init.d/dropbear stop + fi +fi diff --git a/debian/implicit b/debian/implicit new file mode 100644 index 0000000..7a7ee98 --- /dev/null +++ b/debian/implicit @@ -0,0 +1,93 @@ +# $Id: implicit,v 1.11 2005/11/29 21:57:55 pape Exp $ + +.PHONY: deb-checkdir deb-checkuid + +deb-checkdir: + @test -e debian/control || sh -cx '! : wrong directory' +deb-checkuid: + @test "`id -u`" -eq 0 || sh -cx '! : need root privileges' + +%.deb: %.deb-docs %.deb-DEBIAN + @rm -f $*.deb $*.deb-checkdir $*.deb-docs $*.deb-docs-base \ + $*.deb-docs-docs $*.deb-docs-examples $*.deb-DEBIAN \ + $*.deb-DEBIAN-dir $*.deb-DEBIAN-scripts $*.deb-DEBIAN-md5sums + +%.udeb: %.deb-DEBIAN + @rm -f $*.deb $*.deb-checkdir $*.deb-DEBIAN $*.deb-DEBIAN-dir \ + $*.deb-DEBIAN-scripts $*.deb-DEBIAN-md5sums + +%.deb-checkdir: + @test -d debian/$* || sh -cx '! : directory debian/$* missing' + @test "`id -u`" -eq 0 || sh -cx '! : need root privileges' + +%.deb-docs-base: + : implicit + @rm -f debian/$*/usr/share/doc/$*/* || : + @install -d -m0755 debian/$*/usr/share/doc/$* + : debian/$*/usr/share/doc/$*/ + @sh -cx 'install -m0644 debian/copyright debian/$*/usr/share/doc/$*/' + @sh -cx 'install -m0644 debian/changelog \ + debian/$*/usr/share/doc/$*/changelog.Debian' + @test ! -r changelog || \ + sh -cx 'install -m0644 changelog debian/$*/usr/share/doc/$*/' + @test -r debian/$*/usr/share/doc/$*/changelog || \ + sh -cx 'mv debian/$*/usr/share/doc/$*/changelog.Debian \ + debian/$*/usr/share/doc/$*/changelog' + @test -s debian/$*/usr/share/doc/$*/changelog || \ + sh -cx 'rm -f debian/$*/usr/share/doc/$*/changelog' + @gzip -9 debian/$*/usr/share/doc/$*/changelog* +%.deb-docs-docs: + @for i in `cat debian/$*.docs 2>/dev/null || :`; do \ + if test -d $$i; then \ + sh -cx "install -d -m0755 debian/$*/usr/share/doc/$*/$${i##*/}" && \ + for j in $$i/*; do \ + sh -cx "install -m0644 $$j \ + debian/$*/usr/share/doc/$*/$${i##*/}/" || exit 1; \ + done || exit 1; \ + continue; \ + fi; \ + sh -cx "install -m0644 $$i debian/$*/usr/share/doc/$*/" || exit 1; \ + done + @test ! -r debian/$*.README.Debian || \ + sh -cx 'install -m0644 debian/$*.README.Debian \ + debian/$*/usr/share/doc/$*/README.Debian' + @if test -r debian/$*.NEWS.Debian; then \ + sh -cx 'install -m0644 debian/$*.NEWS.Debian \ + debian/$*/usr/share/doc/$*/NEWS.Debian && \ + gzip -9 debian/$*/usr/share/doc/$*/NEWS.Debian'; \ + fi +%.deb-docs-examples: + @rm -rf debian/$*/usr/share/doc/$*/examples + : debian/$*/usr/share/doc/$*/examples/ + @test ! -r debian/$*.examples || \ + install -d -m0755 debian/$*/usr/share/doc/$*/examples + @for i in `cat debian/$*.examples 2>/dev/null || :`; do \ + sh -cx "install -m0644 $$i debian/$*/usr/share/doc/$*/examples/" \ + || exit 1; \ + done +%.deb-docs: %.deb-checkdir %.deb-docs-base %.deb-docs-docs %.deb-docs-examples + : debian/$*/usr/share/doc/$*/ ok + +%.deb-DEBIAN-base: + @rm -rf debian/$*/DEBIAN + : debian/$*/DEBIAN/ + @install -d -m0755 debian/$*/DEBIAN + @for i in conffiles shlibs templates; do \ + test ! -r debian/$*.$$i || \ + sh -cx "install -m0644 debian/$*.$$i debian/$*/DEBIAN/$$i" \ + || exit 1; \ + done +%.deb-DEBIAN-scripts: + @for i in preinst prerm postinst postrm config; do \ + test ! -r debian/$*.$$i || \ + sh -cx "install -m0755 debian/$*.$$i debian/$*/DEBIAN/$$i" \ + || exit 1; \ + done +%.deb-DEBIAN-md5sums: + : debian/$*/DEBIAN/md5sums + @rm -f debian/$*/DEBIAN/md5sums + @cd debian/$* && find * -path 'DEBIAN' -prune -o \ + -type f -exec md5sum {} >>DEBIAN/md5sums \; +%.deb-DEBIAN: %.deb-checkdir %.deb-DEBIAN-base %.deb-DEBIAN-scripts \ + %.deb-DEBIAN-md5sums + : debian/$*/DEBIAN/ ok diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..52c3ea8 --- /dev/null +++ b/debian/rules @@ -0,0 +1,107 @@ +#!/usr/bin/make -f + +#export DH_OPTIONS +DEB_HOST_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +STRIP =strip +ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + STRIP =: nostrip +endif + +CFLAGS =-Wall -g +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS +=-O0 +else + CFLAGS +=-O2 +endif + +CONFFLAGS = +CC =gcc +ifneq (,$(findstring diet,$(DEB_BUILD_OPTIONS))) + CONFFLAGS =--disable-zlib + CC =diet -v -Os gcc -nostdinc +endif + +DIR =$(shell pwd)/debian/dropbear + +patch: deb-checkdir patch-stamp +patch-stamp: + for i in `ls -1 debian/diff/*.diff || :`; do \ + patch -p0 <$$i || exit 1; \ + done + touch patch-stamp + +config.status: patch-stamp configure + CC='$(CC)' \ + CFLAGS='$(CFLAGS)'' -DSFTPSERVER_PATH="\"/usr/lib/sftp-server\""' \ + ./configure --host='$(DEB_HOST_GNU_TYPE)' \ + --build='$(DEB_BUILD_GNU_TYPE)' --prefix=/usr \ + --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info \ + $(CONFFLAGS) + +build: deb-checkdir build-stamp +build-stamp: config.status + $(MAKE) CC='$(CC)' LD='$(CC)' + touch build-stamp + +clean: deb-checkdir deb-checkuid + -$(MAKE) distclean + test ! -e patch-stamp || \ + for i in `ls -1r debian/diff/*.diff || :`; do \ + patch -p0 -R <$$i; \ + done + rm -f patch-stamp build-stamp config.log config.status + rm -rf '$(DIR)' + rm -f debian/files debian/substvars debian/copyright changelog + +install: deb-checkdir deb-checkuid build-stamp + rm -rf '$(DIR)' + install -d -m0755 '$(DIR)'/etc/dropbear + # programs + install -d -m0755 '$(DIR)'/usr/sbin + install -m0755 dropbear '$(DIR)'/usr/sbin/dropbear + install -d -m0755 '$(DIR)'/usr/bin + install -m0755 dbclient '$(DIR)'/usr/bin/dbclient + install -m0755 dropbearkey '$(DIR)'/usr/bin/dropbearkey + install -d -m0755 '$(DIR)'/usr/lib/dropbear + install -m0755 dropbearconvert \ + '$(DIR)'/usr/lib/dropbear/dropbearconvert + $(STRIP) -R .comment -R .note '$(DIR)'/usr/sbin/* \ + '$(DIR)'/usr/bin/* '$(DIR)'/usr/lib/dropbear/* + # init and run scripts + install -d -m0755 '$(DIR)'/etc/init.d + install -m0755 debian/dropbear.init '$(DIR)'/etc/init.d/dropbear + install -m0755 debian/service/run '$(DIR)'/etc/dropbear/run + install -d -m0755 '$(DIR)'/etc/dropbear/log + install -m0755 debian/service/log '$(DIR)'/etc/dropbear/log/run + ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main + ln -s /var/run/dropbear '$(DIR)'/etc/dropbear/supervise + ln -s /var/run/dropbear.log '$(DIR)'/etc/dropbear/log/supervise + # man pages + install -d -m0755 '$(DIR)'/usr/share/man/man8 + for i in dropbear.8 dropbearkey.8; do \ + install -m644 $$i '$(DIR)'/usr/share/man/man8/ || exit 1; \ + done + gzip -9 '$(DIR)'/usr/share/man/man8/*.8 + install -d -m0755 '$(DIR)'/usr/share/man/man1 + install -m644 dbclient.1 '$(DIR)'/usr/share/man/man1/ + gzip -9 '$(DIR)'/usr/share/man/man1/*.1 + # copyright, changelog + cat debian/copyright.in LICENSE >debian/copyright + test -r changelog || ln -s CHANGES changelog + +binary-indep: + +binary-arch: install dropbear.deb + test '$(CC)' != 'gcc' || \ + dpkg-shlibdeps '$(DIR)'/usr/sbin/* '$(DIR)'/usr/bin/* \ + '$(DIR)'/usr/lib/dropbear/* + dpkg-gencontrol -isp -pdropbear -P'$(DIR)' + dpkg -b '$(DIR)' .. + +binary: binary-arch binary-indep + +.PHONY: patch build clean install binary-indep binary-arch binary + +include debian/implicit diff --git a/debian/service/log b/debian/service/log new file mode 100644 index 0000000..2ffb13d --- /dev/null +++ b/debian/service/log @@ -0,0 +1,2 @@ +#!/bin/sh +exec chpst -udropbearlog svlogd -tt ./main diff --git a/debian/service/run b/debian/service/run new file mode 100644 index 0000000..f208085 --- /dev/null +++ b/debian/service/run @@ -0,0 +1,3 @@ +#!/bin/sh +exec 2>&1 +exec dropbear -d ./dropbear_dss_host_key -r ./dropbear_rsa_host_key -F -E -p 22 |