3 years ago · d3864fb1c9
--- a/debian/clevis-udisks2.postinst
+++ b/debian/clevis-udisks2.postinst
@@ -0,0 +1,20 @@
 
				+#!/bin/sh
			
 
				+
			
 
				+set -e
			
 
				+
			
 
				+case "$1" in
			
 
				+configure)
			
 
				+    if ! getent passwd _clevis >/dev/null; then
			
 
				+        adduser --quiet --system --group --no-create-home --home /nonexistent --force-badname _clevis
			
 
				+    fi
			
 
				+    ;;
			
 
				+abort-upgrade|abort-remove|abort-deconfigure)
			
 
				+    ;;
			
 
				+*)
			
 
				+    echo "postinst called with unknown argument '$1'" >&2
			
 
				+    exit 1
			
 
				+    ;;
			
 
				+esac
			
 
				+
			
 
				+#DEBHELPER#
			
 
				+exit 0
			
--- a/debian/clevis-udisks2.postrm
+++ b/debian/clevis-udisks2.postrm
@@ -0,0 +1,18 @@
 
				+#!/bin/sh
			
 
				+
			
 
				+set -e
			
 
				+
			
 
				+case "$1" in
			
 
				+remove)
			
 
				+    deluser --quiet _clevis >/dev/null || :
			
 
				+    ;;
			
 
				+purge|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
			
 
				+    ;;
			
 
				+*)
			
 
				+    echo "postrm called with unknown argument '$1'" >&2
			
 
				+    exit 1
			
 
				+    ;;
			
 
				+esac
			
 
				+
			
 
				+#DEBHELPER#
			
 
				+exit 0
			
--- a/debian/control
+++ b/debian/control
@@ -103,7 +103,10 @@ Description: systemd integration for clevis
 
				 Package: clevis-udisks2
			
 
				 Architecture: linux-any
			
 
				 Depends: ${misc:Depends}, ${shlibs:Depends},
			
 
				+    adduser,
			
 
				     clevis-luks (= ${binary:Version}),
			
 
				+    libblockdev-crypto2,
			
 
				+    udisks2,
			
 
				 Description: UDisks2/Storaged integration for clevis
			
 
				  Clevis is a plugable framework for automated decryption. This package
			
 
				  provides automatic unlocking LUKS encrypted block devices in desktop
			
--- a/debian/patches/debian.set-unprivileged-user.patch
+++ b/debian/patches/debian.set-unprivileged-user.patch
@@ -0,0 +1,12 @@
 
				+Subject: Change to user for unprivileged operations
			
 
				+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
			
 
				+Date: 2020-05-21
			
 
				+Forwarded: not-needed
			
 
				+
			
 
				+--- a/meson_options.txt
			
 
				++++ b/meson_options.txt
			
 
				+@@ -1,2 +1,2 @@
			
 
				+-option('user', type: 'string', value: 'clevis', description: 'Unprivileged user for secure clevis operations')
			
 
				+-option('group', type: 'string', value: 'clevis', description: 'Unprivileged group for secure clevis operations')
			
 
				++option('user', type: 'string', value: '_clevis', description: 'Unprivileged user for secure clevis operations')
			
 
				++option('group', type: 'string', value: '_clevis', description: 'Unprivileged group for secure clevis operations')
			
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,6 @@
 
				 
			
 
				 # patches for upstream
			
 
				 upstream.use-asciidoctor-to-build-manpages.patch
			
 
				+
			
 
				+# patches for Debian
			
 
				+debian.set-unprivileged-user.patch