install man/man8/* $(DESTDIR)$(PREFIX)/share/man/man8
install -m 0644 etc/* $(DESTDIR)$(ETCPREFIX)/etc/monkeysphere
-.PHONY: all clean tarball debian-package install
+releasenote:
+ ./utils/build-releasenote
+
+.PHONY: all clean tarball debian-package install releasenote
-monkeysphere (0.15~pre-1) UNRELEASED; urgency=low
+monkeysphere (0.15-1) experimental; urgency=low
* porting work and packaging simplification: clarifying makefiles,
pruning dependencies, etc.
Package: monkeysphere
Architecture: any
-Depends: openssh-client, gnupg | gnupg2, coreutils (>= 6), lockfile-progs, adduser, ${shlibs:Depends}
+Depends: openssh-client, gnupg, coreutils (>= 6) | base64, lockfile-progs | procfile, adduser, ${shlibs:Depends}
Recommends: netcat | socat, ssh-askpass
Enhances: openssh-client, openssh-server
Description: use the OpenPGP web of trust to verify ssh connections
head --line="$1" "$2" | tail -1
}
+# this is a wrapper for doing lock functions.
+#
+# it lets us depend on either lockfile-progs (preferred) or procmail's
+# lockfile, and should
+lock() {
+ local use_lockfileprogs=true
+ local action="$1"
+ local file="$file"
+
+ if ! ( which lockfile-create >/dev/null 2>/dev/null ) ; then
+ if ! ( which lockfile >/dev/null ); then
+ failure "Neither lockfile-create nor lockfile are in the path!"
+ fi
+ use_lockfileprogs=
+ fi
+
+ case "$action" in
+ create)
+ if [ -n "$use_lockfileprogs" ] ; then
+ lockfile-create "$file" || failure "unable to lock '$file'"
+ else
+ lockfile -r 20 "${file}.lock" || failure "unable to lock '$file'"
+ fi
+ ;;
+ touch)
+ if [ -n "$use_lockfileprogs" ] ; then
+ lockfile-touch --oneshot "$file"
+ else
+ : Nothing to do here
+ fi
+ ;;
+ remove)
+ if [ -n "$use_lockfileprogs" ] ; then
+ lockfile-remove "$file"
+ else
+ rm -f "${file}.lock"
+ fi
+ ;;
+ *)
+ failure "bad argument for lock subfunction '$action'"
+ esac
+}
+
# check that characters are in a string (in an AND fashion).
# used for checking key capability
# check_capability capability a [b...]
nHostsOK=0
nHostsBAD=0
- # set the trap to remove any lockfiles on exit
- trap "lockfile-remove $KNOWN_HOSTS" EXIT
-
- # create a lockfile on known_hosts
- lockfile-create "$KNOWN_HOSTS"
+ # create a lockfile on known_hosts:
+ lock create "$KNOWN_HOSTS"
+ # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
+ trap "lock remove $KNOWN_HOSTS" EXIT
# note pre update file checksum
fileCheck="$(file_hash "$KNOWN_HOSTS")"
esac
# touch the lockfile, for good measure.
- lockfile-touch --oneshot "$KNOWN_HOSTS"
+ lock touch "$KNOWN_HOSTS"
done
- # remove the lockfile
- lockfile-remove "$KNOWN_HOSTS"
+ # remove the lockfile and the trap
+ lock remove "$KNOWN_HOSTS"
+ trap - EXIT
# note if the known_hosts file was updated
if [ "$(file_hash "$KNOWN_HOSTS")" != "$fileCheck" ] ; then
nIDsOK=0
nIDsBAD=0
- # set the trap to remove any lockfiles on exit
- trap "lockfile-remove $AUTHORIZED_KEYS" EXIT
-
# create a lockfile on authorized_keys
- lockfile-create "$AUTHORIZED_KEYS"
+ lock create "$AUTHORIZED_KEYS"
+ # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
+ trap "lock remove $AUTHORIZED_KEYS" EXIT
# note pre update file checksum
fileCheck="$(file_hash "$AUTHORIZED_KEYS")"
esac
# touch the lockfile, for good measure.
- lockfile-touch --oneshot "$AUTHORIZED_KEYS"
+ lock touch "$AUTHORIZED_KEYS"
done
- # remove the lockfile
- lockfile-remove "$AUTHORIZED_KEYS"
+ # remove the lockfile and the trap
+ lock remove "$AUTHORIZED_KEYS"
+ trap - EXIT
# note if the authorized_keys file was updated
if [ "$(file_hash "$AUTHORIZED_KEYS")" != "$fileCheck" ] ; then
--- /dev/null
+#!/bin/bash
+
+VERSION=`head -n1 debian/changelog | sed 's/.*(\([^)]*\)).*/\1/'`
+
+{
+ sed "s/__VERSION__/$VERSION/g" < utils/releasenote.header
+ head -n$(( $(grep -n '^ --' debian/changelog | head -n1 | cut -f1 -d:) - 2 )) debian/changelog | tail -n+3
+ sed "s/__VERSION__/$VERSION/g" < utils/releasenote.footer
+} > "website/news/release-$VERSION.mdwn"
+
+git add "website/news/release-$VERSION.mdwn"
+
+checksums() {
+ echo "checksums for the monkeysphere ${VERSION%%-*} release:"
+ echo
+ echo "MD5:"
+ md5sum "monkeysphere_${VERSION%%-*}.orig.tar.gz"
+ echo
+ echo "SHA1:"
+ sha1sum "monkeysphere_${VERSION%%-*}.orig.tar.gz"
+ echo
+ echo "SHA256:"
+ sha256sum "monkeysphere_${VERSION%%-*}.orig.tar.gz"
+}
+
+checksums
+
+temprelease=$(mktemp)
+trap "rm -f $temprelease" EXIT
+set -e
+head -n$(( $(grep -n '^-----BEGIN PGP SIGNED MESSAGE-----$' website/download.mdwn | head -n1 | cut -f1 -d:) - 1 )) website/download.mdwn >$temprelease
+checksums | gpg --no-tty --clearsign --default-key EB8AF314 >>$temprelease
+cat utils/download.mdwn.footer >>$temprelease
+mv "$temprelease" website/download.mdwn
+trap - EXIT
+set +e
+
+git add website/download.mdwn
+
+gpg --verify website/download.mdwn
--- /dev/null
+</pre>
+
+[[Download]] it now!
--- /dev/null
+[[meta title="Monkeysphere __VERSION__ released!"]]
+
+# Monkeysphere __VERSION__ released! #
+
+Monkeysphere __VERSION__ has been released.
+
+Notes from the changelog:
+
+<pre>
But if you want a tarball of the most recent release, we publish those
too. The [latest
tarball](http://archive.monkeysphere.info/debian/pool/monkeysphere/m/monkeysphere/monkeysphere_0.14.orig.tar.gz)
-has this sha1sum:
+has these checksums:
<pre>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
-sha1sum for the monkeysphere 0.14 release:
+checksums for the monkeysphere 0.15 release:
-8b05fec041cec7f86ddde92fa72c8aabf8af0b3b monkeysphere_0.14.orig.tar.gz
+MD5:
+8be275e5b5119921a536d8a67d3bfe24 monkeysphere_0.15.orig.tar.gz
+
+SHA1:
+65da0a047d935e856e2a0d7032dbbb339a3ce20a monkeysphere_0.15.orig.tar.gz
+
+SHA256:
+44f3feb6e9f6921d2ed0406af4e3862f67da9261c8f00c7ea37cfea5031cbc77 monkeysphere_0.15.orig.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
-iQIVAwUBSMBhXhjmZ/HrivMUAQJTmw//XB8y7UXAg2GD4A1wHS/lczQLlzN3fVmT
-MGzLVdlRtATQgnL1Zd2CbKEEswSDpok9h+meZxMUvBXnpGV3iUouNo7q6vkt9Dp6
-Y5B+mgSe1vlxtkHPRCpLFvnLch2+x9zk+OhfHK+85zu6yPd2KqN0uFMpx6xLDWNq
-iIx3KzEOqLNe5WjJoKbGDvBohxgPePDLkAQtz+6Bnvor+H5gR4Mg3enPCRUtndKs
-sxyfw40ZCCZQV8Hma1YzP8jRrTNhXy3jY57cJ966FgWANPxDWzQh3k0W9ZTp4KP7
-3xcxSxKGMCFtfkNFhC6vcry4TRh/f33snGhwvPX2sAfWTsDP3PPeY4bK2rtVynZm
-bHl6IT1ZEdFVtS9IwWz51SAW5nDjffQnjSUM6TWtviRAc+acCHBCWVaGCRea7PLt
-7BJ/chJUf48gSIYStH/rFVcGJGOQD8CYQeUrKPBZu/CHowJziYfYcBQ0zydPEz9A
-5Lvs7pUhBVB+YYRqx62LqOMxX+qbUGCNRa3xJHRbOq8j+qqwTTh2W/fAlT1ziez+
-VqmKwX5Fnxd9q0wEEn3NGNbV8SrhHtN0LxmVHwxPrk5uo5d9mfuLBFnA93vWacDd
-M0bZHHnV7w6CuR4ReGPh1HJFAPRf42S3HM9JooFV6hWlEci2iomInba691PMQOJv
-nd+N0oSL47A=
-=uAHY
+iQIVAwUBSMG2fxjmZ/HrivMUAQJ40RAAjb4Rh9qJQztp+tAOxpvXKmItRTFyBTeB
+QQWjl/gNSWbAOvZX9t+F63P8Dp/ET9XoE2iXUnClvCtkkKvwbKISHyM4C9tgu0z9
+Yggb6lFPt/Qz2fD/HTMxkeN+n0p/FVjLW9WlLPyKF++u/o8JelyuiXocHORzjtc/
+9HyQfdbZuUPA16ZsAb9D66aIC2pWR21EiXHj95EvUkm6AO53Sy9G5gzzveflRrLm
+UdrcwCnbXiZklbs9wXxeZTa4qLAhv31RmkCzbE3/lNwFSBfzFFfi2HXZqQdRmIgu
+xuV/wmi8xgxUbv7dbB7yhhqwFmRnzeuV3rvuvSdjqGjFu6R0fqorIOtLtBkG1m0Q
+RP5gs5mU+DreYkdeLWpFFFVjaJkz0cNUcnT22EJ5JgfeH3fkoAPpjlUMvgh8apGq
+CbtqmBfYVOLyifiwptCSwlQvfY2guBVmsW+C60g78vMlCa0Tezp79I5H1KdsXKlY
+cw1eLt3HhEy39yojmcD5EI293tfWTIYvULXvMIZjqEFnkFvoAogtinfd8fDoH15j
+8yqXOUfkuuSeGmPReyiZZkbBTMXOdM6JsXmjEMI5T9dnZcC0CClnDGfcxE2UfPQZ
+v9tneWXZzFmnWaAqH+T+SJJ4gpMhD+i0vXgQ7xOhUUCF+tiY8Qh1eltR2Kf+VeYW
+d+MRglTs/Z4=
+=AmW6
-----END PGP SIGNATURE-----
</pre>
-
--- /dev/null
+[[meta title="MonkeySphere 0.15-1 released!"]]
+
+# MonkeySphere 0.15-1 released! #
+
+MonkeySphere 0.15-1 has been released.
+
+From the changelog:
+
+<pre>
+ * porting work and packaging simplification: clarifying makefiles,
+ pruning dependencies, etc.
+ * added tests to monkeysphere-server diagnostics
+ * moved monkeysphere(5) to section 7 of the manual
+ * now shipping TODO in /usr/share/doc/monkeysphere
+</pre>
+
+[[Download]] it now!
# Why should you be interested in the Monkeysphere? #
+[[!toc levels=2]]
+
## As an `ssh` user ##
Do you use `ssh` to connect to remote machines? Are you tired of
projects / monkeysphere.git / commitdiff