Hi,
On Fri, 09 Oct 2015 at 17:19:24 +0000, Gianfranco Costamagna wrote:
> how do you feel about merging the two above Ubuntu deltas in the Debian packaging?
Thanks for pointing that out. I didn't check the Ubuntu uploads, actually.
> https://launchpad.net/ubuntu/+source/dropbear/2014.65-1ubuntu1
> + debian/initramfs/premount-devpts, debian/rules: drop the script, this is
> handled by initramfs-tools.
Done already:
+ Delete debian/initramfs/premount-devpts, since /dev/pts in mounted by
init since initramfs-tools 0.94. (Closes: #632656, #797939.)
> + debian/initramfs/dropbear-hook: do not install dropbear in the initramfs
> if there's no uncommented line in /etc/crypttab.
IMHO this is no longer relevant. The hook now only belongs to the
‘dropbear-initramfs’ binary package, the sole purpose of which is to install
dropbear in the initramfs. For backward compatibility it's still possible to
disable the hook by setting ‘DROPBEAR=n’, but I don't think we need to make
extra checks: if someone doesn't want the hook they can simply uninstall the
package. (Furthermore, Ubuntu refuses to install the hook if the crypttab is
nonexistant or empty regardless of the value of $DROPBEAR, which is probably a
bug. A SSH server in the initrd can have uses beyond remote cryptroot
unlocking.)
> + debian/initramfs/premout-dropbear: fix so that the network configuration
> happens before dropbear takes hold of the network card.
I believe it's no longer necessary, with this changelog:
+ Run configure_networking in the foreground. (Closes: #584780, #626181,
#739519.)
> https://launchpad.net/ubuntu/+source/dropbear/2014.65-1ubuntu2
> * Enable hmac-sha2-256 and hmac-sha2-512 MAC algorithms (LP: #1409798)
Upstream took care of that in the subsequent release:
* New upstream release. (Closes: #631858, #775222.)
Cheers,
--
Guilhem.
Attachment:
signature.asc
Description: PGP signature