dropbear: debian/rules annotate

annotate debian/rules @ 1930:299f4f19ba19

Add /usr/sbin and /sbin to default root PATH When dropbear is used in a very restricted environment (such as in a initrd), the default user shell is often also very restricted and doesn't take care of setting the PATH so the user ends up with the PATH set by dropbear. Unfortunately, dropbear always sets "/usr/bin:/bin" as default PATH even for the root user which should have /usr/sbin and /sbin too. For a concrete instance of this problem, see the "Remote Unlocking" section in this tutorial: https://paxswill.com/blog/2013/11/04/encrypted-raspberry-pi/ It speaks of a bug in the initramfs script because it's written "blkid" instead of "/sbin/blkid"... this is just because the scripts from the initramfs do not expect to have a PATH without the sbin directories and because dropbear is not setting the PATH appropriately for the root user. I'm thus suggesting to use the attached patch to fix this misbehaviour (I did not test it, but it's easy enough). It might seem anecdotic but multiple Kali users have been bitten by this. From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903403

author	Raphael Hertzog <hertzog@debian.org>
date	Mon, 09 Jul 2018 16:27:53 +0200
parents	7b68e581985f
children

rev	line source
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	1 #!/usr/bin/make -f
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	2
824 7b68e581985f Fix up debian build Matt Johnston <matt@ucc.asn.au> parents: 823 diff changeset	3 export DEB_BUILD_MAINT_OPTIONS = hardening=+all
7b68e581985f Fix up debian build Matt Johnston <matt@ucc.asn.au> parents: 823 diff changeset	4 DPKG_EXPORT_BUILDFLAGS = 1
7b68e581985f Fix up debian build Matt Johnston <matt@ucc.asn.au> parents: 823 diff changeset	5 include /usr/share/dpkg/buildflags.mk
7b68e581985f Fix up debian build Matt Johnston <matt@ucc.asn.au> parents: 823 diff changeset	6
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	7 #export DH_OPTIONS
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	8 DEB_HOST_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	9 DEB_BUILD_GNU_TYPE ?=$(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	10
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	11 STRIP =strip
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	12 ifneq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	13 STRIP =: nostrip
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	14 endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	15
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	16 CONFFLAGS =
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	17 CC =gcc
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	18 ifneq (,$(findstring diet,$(DEB_BUILD_OPTIONS)))
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	19 CONFFLAGS =--disable-zlib
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	20 CC =diet -v -Os gcc -nostdinc
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	21 endif
fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	22
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	23 DIR =$(shell pwd)/debian/dropbear
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	24
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	25 patch: deb-checkdir patch-stamp
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	26 patch-stamp:
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	27 for i in `ls -1 debian/diff/*.diff \|\| :`; do \
469 8c2d2edadf2a Update to debian 0.50-4 diff Matt Johnston <matt@ucc.asn.au> parents: 220 diff changeset	28 patch -p1 <$$i \|\| exit 1; \
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	29 done
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	30 touch patch-stamp
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	31
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	32 config.status: patch-stamp configure
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	33 CC='$(CC)' \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	34 CFLAGS='$(CFLAGS)'' -DSFTPSERVER_PATH="\"/usr/lib/sftp-server\""' \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	35 ./configure --host='$(DEB_HOST_GNU_TYPE)' \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	36 --build='$(DEB_BUILD_GNU_TYPE)' --prefix=/usr \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	37 --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	38 $(CONFFLAGS)
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	39
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	40 build: deb-checkdir build-stamp
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	41 build-stamp: config.status
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	42 $(MAKE) CC='$(CC)' LD='$(CC)'
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	43 touch build-stamp
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	44
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	45 clean: deb-checkdir deb-checkuid
469 8c2d2edadf2a Update to debian 0.50-4 diff Matt Johnston <matt@ucc.asn.au> parents: 220 diff changeset	46 test ! -r Makefile \|\| $(MAKE) distclean
8c2d2edadf2a Update to debian 0.50-4 diff Matt Johnston <matt@ucc.asn.au> parents: 220 diff changeset	47 rm -f libtomcrypt/Makefile libtommath/Makefile
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	48 test ! -e patch-stamp \|\| \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	49 for i in `ls -1r debian/diff/*.diff \|\| :`; do \
469 8c2d2edadf2a Update to debian 0.50-4 diff Matt Johnston <matt@ucc.asn.au> parents: 220 diff changeset	50 patch -p1 -R <$$i; \
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	51 done
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	52 rm -f patch-stamp build-stamp config.log config.status
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	53 rm -rf '$(DIR)'
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	54 rm -f debian/files debian/substvars debian/copyright changelog
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	55
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	56 install: deb-checkdir deb-checkuid build-stamp
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	57 rm -rf '$(DIR)'
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	58 install -d -m0755 '$(DIR)'/etc/dropbear
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	59 # programs
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	60 install -d -m0755 '$(DIR)'/usr/sbin
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	61 install -m0755 dropbear '$(DIR)'/usr/sbin/dropbear
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	62 install -d -m0755 '$(DIR)'/usr/bin
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	63 install -m0755 dbclient '$(DIR)'/usr/bin/dbclient
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	64 install -m0755 dropbearkey '$(DIR)'/usr/bin/dropbearkey
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	65 install -d -m0755 '$(DIR)'/usr/lib/dropbear
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	66 install -m0755 dropbearconvert \
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	67 '$(DIR)'/usr/lib/dropbear/dropbearconvert
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	68 $(STRIP) -R .comment -R .note '$(DIR)'/usr/sbin/* \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	69 '$(DIR)'/usr/bin/* '$(DIR)'/usr/lib/dropbear/*
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	70 # init and run scripts
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	71 install -d -m0755 '$(DIR)'/etc/init.d
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	72 install -m0755 debian/dropbear.init '$(DIR)'/etc/init.d/dropbear
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	73 install -m0755 debian/service/run '$(DIR)'/etc/dropbear/run
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	74 install -d -m0755 '$(DIR)'/etc/dropbear/log
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	75 install -m0755 debian/service/log '$(DIR)'/etc/dropbear/log/run
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	76 ln -s /var/log/dropbear '$(DIR)'/etc/dropbear/log/main
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	77 # man pages
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	78 install -d -m0755 '$(DIR)'/usr/share/man/man8
823 cb3cfcea1c8d Fix debian installation of manpages Matt Johnston <matt@ucc.asn.au> parents: 469 diff changeset	79 install -d -m0755 '$(DIR)'/usr/share/man/man1
cb3cfcea1c8d Fix debian installation of manpages Matt Johnston <matt@ucc.asn.au> parents: 469 diff changeset	80 install -m644 dropbear.8 '$(DIR)'/usr/share/man/man8/
cb3cfcea1c8d Fix debian installation of manpages Matt Johnston <matt@ucc.asn.au> parents: 469 diff changeset	81 for i in dbclient.1 dropbearkey.1 dropbearconvert.1; do \
cb3cfcea1c8d Fix debian installation of manpages Matt Johnston <matt@ucc.asn.au> parents: 469 diff changeset	82 install -m644 $$i '$(DIR)'/usr/share/man/man1/ \|\| exit 1; \
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	83 done
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	84 gzip -9 '$(DIR)'/usr/share/man/man8/*.8
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	85 gzip -9 '$(DIR)'/usr/share/man/man1/*.1
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	86 # copyright, changelog
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	87 cat debian/copyright.in LICENSE >debian/copyright
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	88 test -r changelog \|\| ln -s CHANGES changelog
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	89
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	90 binary-indep:
4 fe6bca95afa7 Makefile.in contains updated files required Matt Johnston <matt@ucc.asn.au> parents: diff changeset	91
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	92 binary-arch: install dropbear.deb
180 743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	93 test '$(CC)' != 'gcc' \|\| \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	94 dpkg-shlibdeps '$(DIR)'/usr/sbin/* '$(DIR)'/usr/bin/* \
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	95 '$(DIR)'/usr/lib/dropbear/*
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	96 dpkg-gencontrol -isp -pdropbear -P'$(DIR)'
743fce568f49 Merge in Debian package changes from 0.45-3, grab the dbclient manpage Matt Johnston <matt@ucc.asn.au> parents: 76 diff changeset	97 dpkg -b '$(DIR)' ..
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	98
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	99 binary: binary-arch binary-indep
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	100
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	101 .PHONY: patch build clean install binary-indep binary-arch binary
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	102
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 4 diff changeset	103 include debian/implicit

Mercurial > dropbear

annotate debian/rules @ 1930:299f4f19ba19