From 919e729b2b53f68e014f93688e4202c7928312a5 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Sun, 3 Sep 2017 14:35:30 +0200 Subject: add lintian overrides for private keys directories using 700 permissions. --- debian/changelog | 3 +++ debian/strongswan-swanctl.lintian-overrides | 6 ++++++ 2 files changed, 9 insertions(+) create mode 100644 debian/strongswan-swanctl.lintian-overrides diff --git a/debian/changelog b/debian/changelog index 523670ada..e5e71803f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -20,6 +20,9 @@ strongswan (5.6.0-1) UNRELEASED; urgency=medium closes: #866327 * debian/libcharon-extra-plugins.install: - install pt-tls-client in /u/b and also install its manpage. + * debian/strongswan-swanctl.lintian-overrides: + - add lintian overrides for private keys directories using 700 + permissions. -- Yves-Alexis Perez Fri, 01 Sep 2017 17:21:45 +0200 diff --git a/debian/strongswan-swanctl.lintian-overrides b/debian/strongswan-swanctl.lintian-overrides new file mode 100644 index 000000000..1af6f10d2 --- /dev/null +++ b/debian/strongswan-swanctl.lintian-overrides @@ -0,0 +1,6 @@ +# directories for private keys so tighten the permissions +strongswan-swanctl: non-standard-dir-perm etc/swanctl/bliss/ 0700 != 0755 +strongswan-swanctl: non-standard-dir-perm etc/swanctl/ecdsa/ 0700 != 0755 +strongswan-swanctl: non-standard-dir-perm etc/swanctl/pkcs8/ 0700 != 0755 +strongswan-swanctl: non-standard-dir-perm etc/swanctl/private/ 0700 != 0755 +strongswan-swanctl: non-standard-dir-perm etc/swanctl/rsa/ 0700 != 0755 -- cgit v1.2.3