X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=userv-utils.git;a=blobdiff_plain;f=debian%2Fcontrol;h=7272e6c428473807f12ede4cbe8151600b1db1fa;hp=4f11db81dfbcc32346de077f47d42eb30ec2e405;hb=HEAD;hpb=8acaed657eb4db47c448c8a582810bf301ff47ef

diff --git a/debian/control b/debian/control
index 4f11db8..7272e6c 100644
--- a/debian/control
+++ b/debian/control
@@ -1,29 +1,34 @@
 Source: userv-utils
 Section: admin
-Priority: extra
-Maintainer: Ian Jackson <ian@chiark.greenend.org.uk>
-Standards-Version: 2.1.1.0
+Priority: optional
+Maintainer: Sean Whitton <spwhitton@spwhitton.name>
+Uploaders: Ian Jackson <ijackson@chiark.greenend.org.uk>
+Build-Depends: debhelper-compat (= 12), rename
+Standards-Version: 4.5.1
+Rules-Requires-Root: binary-targets
+Homepage: https://www.chiark.greenend.org.uk/ucgi/~ian/git?p=userv-utils.git;a=summary
+Vcs-Git: https://git.spwhitton.name/userv-utils/
+Vcs-Browser: https://git.spwhitton.name/userv-utils/
 
-Package: userv-ipif
+Package: userv-utils
 Architecture: any
-Depends: userv
-Recommends: ssh
-Description: VPN system (and user-mode network interface)
- userv-ipif is a userv service to allow non-root users to create
- network interfaces implemented in user space.  No kernel patches are
- required (the kernel's built-in SLIP driver is used).
- .
- Based on this, udptunnel is a a simple but flexible VPN program which
- uses ssh for authentication and key exchange but sends the packets
- over UDP.  (Other VPN-over-ssh programs typically do PPP-over-TCP,
- which yields poor perfoormance.)  Note that udptunnel is not IPSEC.
- .
- The default configuration does set up any users with permission to
- create network interfaces such as VPN endpoints.
+Depends: userv, ${shlibs:Depends}, ${misc:Depends}
+Recommends: ${perl:Depends}
+Description: privsep utilities collection
+ Several small userv services, which allow certain system configuration
+ actions to be delegated.  In each case the service is disabled unless
+ enabled by symlink /etc/userv/services.d/* -> ../services-available/*.
+ .
+ ipif - allow non-root users to create network interfaces
+ ucgi - run CGI programs in providing user's account
+ mailq - allow users to view the mail queue
+ ndc-reload  - allow certain users to reload the nameserver
+ checkpasswd-* - allow users to run a UNIX password check
+ groupmanage - allow users to create and manage a few groups each
 
 Package: userv-dyndns
 Architecture: all
-Depends: userv, chiark-utils-bin
+Depends: userv, chiark-utils-bin, adduser, ${perl:Depends}, ${misc:Depends}
 Recommends: bind
 Description: dynamic DNS for shell account users
  userv-dyndns is a userv service which allows non-root users to
@@ -32,42 +37,12 @@ Description: dynamic DNS for shell account users
  Typically, this can be used to provide a `dyndns.org'-like service
  which is modifiable by shell account users.
  .
- The default configuration does not set up any users with permission
- to modify the DNS.
-
-Package: userv-cgi
-Architecture: any
-Depends: userv
-Recommends: httpd
-Description: user-provided CGI scripts invoked by userv
- This package contains ucgi, a userv service which allows CGI programs
- to be provided which do not run as the webserver user, but instead
- are owned by a particular other account.
- .
- Similar effects can be achieved with Apache's suexec; this package is
- for administrators who do not trust suexec and wish to defend the
- webserver from the CGI script providers, and vice versa, as much as
- possible.  This is achieved by using userv to do the cross-account
- call, rather than a custom setuid helper.
- .
- The default configuration allows the webserver user to invoke users'
- CGI programs from each user's ~/public-GI, but to allow external
- callers to do this, the webserver will also need to be configured.
-
-Package: userv-groupmanage
-Architecture: all
-Depends: userv
-Description: user-controlled group membership
- groupmanage is a userv service which allows individual shell users to
- create UN*X groups, and/or to change the membership of existing
- groups of which they are recorded as the manager.
- .
- The default configuration allows users to create and manage a few
- groups, but is reasonably conservative.
+ The default configuration creates the infrastructure (including a
+ service user) but does not allow any users to modify the DNS.
 
 Package: userv-git-daemon
 Architecture: all
-Depends: userv, git-core
+Depends: userv, git-core, adduser, ${perl:Depends}, ${misc:Depends}
 Description: per-user git daemon service
  userv-git-daemon allows users to publish git repositories which will
  be published via the git protocol on 9418.  This is a bit like
@@ -78,14 +53,3 @@ Description: per-user git daemon service
  the line from /usr/share/doc/examples/userv-git-daemon.inetd into
  /etc/inetd.conf and (b) specifically list hostnames and target
  directories in /etc/userv/git-urlmap.
-
-Package: userv-misc
-Architecture: all
-Depends: userv
-Description: miscellaneous small userv scripts
- This package a few small userv services.  Since you must choose
- whether to install this package or not as one lump, the default
- configuration for each script does not give users any new abilities.
- .
- mailq - allow users to view the mail queue
- ndc-reload  - allow certain users to reload the nameserver