/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
2
	-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
	-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
	-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
	-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
6
	-Wunsafe-loop-optimizations -Wpointer-arith \
7
	-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
8
	-Wconversion -Wlogical-op -Waggregate-return \
9
	-Wstrict-prototypes -Wold-style-definition \
10
	-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
	-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
	-Wvolatile-register-var -Woverlength-strings
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
#	echo 'int main(){}' | $(CC) --language=c $(option) \
18
#	/dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
237.7.348 by Teddy Hogeborn
Use AddressSanitizer and UndefinedBehaviorSanitizer.
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
237.7.419 by Teddy Hogeborn
Makefile: Replace "-fsanitize=address" with "-fsanitize=leak"
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
237.7.365 by Teddy Hogeborn
Only use -fsanitize=... options if they work.
21
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
22
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
        -fsanitize=return -fsanitize=signed-integer-overflow \
24
        -fsanitize=bounds -fsanitize=alignment \
25
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
26
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
237.7.665 by Teddy Hogeborn
Add another sanitizer option
28
        -fsanitize=enum -fsanitize-address-use-after-scope
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
33
LINK_FORTIFY_LD:=-z relro -z now
34
LINK_FORTIFY:=
237.2.162 by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment.
35
36
# If BROKEN_PIE is set, do not build with -pie
268 by Teddy Hogeborn
* Makefile: Don't use PIE if BROKEN_PIE is set.
37
ifndef BROKEN_PIE
38
FORTIFY += -fPIE
39
LINK_FORTIFY += -pie
40
endif
24.1.90 by Björn Påhlsson
fixed two bugs:
41
#COVERAGE=--coverage
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
42
OPTIMIZE:=-Os -fno-strict-aliasing
43
LANGUAGE:=-std=gnu11
44
htmldir:=man
385 by Teddy Hogeborn
* Makefile (version): Change to 1.8.5.
45
version:=1.8.5
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
46
SED:=sed
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
47
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
48
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
49
	|| getent passwd nobody || echo 65534)))
50
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
51
	|| getent group nogroup || echo 65534)))
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
52
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
53
LINUXVERSION:=$(shell uname --kernel-release)
54
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
55
## Use these settings for a traditional /usr/local install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
56
# PREFIX:=$(DESTDIR)/usr/local
57
# CONFDIR:=$(DESTDIR)/etc/mandos
58
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
59
# MANDIR:=$(PREFIX)/man
60
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
61
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
62
# STATEDIR:=$(DESTDIR)/var/lib/mandos
63
# LIBDIR:=$(PREFIX)/lib
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
64
##
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
65
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
66
## These settings are for a package-type install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
67
PREFIX:=$(DESTDIR)/usr
68
CONFDIR:=$(DESTDIR)/etc/mandos
69
KEYDIR:=$(DESTDIR)/etc/keys/mandos
70
MANDIR:=$(PREFIX)/share/man
71
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
72
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
73
STATEDIR:=$(DESTDIR)/var/lib/mandos
74
LIBDIR:=$(shell \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
75
	for d in \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
76
	"/usr/lib/`dpkg-architecture \
77
			-qDEB_HOST_MULTIARCH 2>/dev/null`" \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
78
	"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
79
		if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
80
			echo "$(DESTDIR)$$d"; \
81
			break; \
82
		fi; \
83
	done)
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
84
##
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
85
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
86
SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd \
87
			--variable=systemdsystemunitdir)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
88
TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
89
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
90
GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)
91
GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)
92
AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)
93
AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)
94
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
95
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
237.2.80 by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags.
96
	getconf LFS_LDFLAGS)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
97
LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)
98
LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)
237.7.675 by Teddy Hogeborn
Add dracut(8) support
99
GLIB_CFLAGS:=$(shell pkg-config --cflags glib-2.0)
100
GLIB_LIBS:=$(shell pkg-config --libs glib-2.0)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
101
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
102
# Do not change these two
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
103
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \
237.7.497 by Teddy Hogeborn
Linking flags correction
104
	$(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
105
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
106
	) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
107
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
108
# Commands to format a DocBook <refentry> document into a manual page
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
109
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
62 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Do not generate AUTHORS section.
110
	--param man.charmap.use.subset		0 \
111
	--param make.year.ranges		1 \
112
	--param make.single.year.ranges		1 \
113
	--param man.output.quietly		1 \
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
114
	--param man.authors.section.enabled	0 \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
115
	/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
116
	$(notdir $<); \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
117
	if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
237.7.670 by Teddy Hogeborn
Fix bashisms: Use "command -v" instead of "type"
118
	&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
119
	MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
120
	$(notdir $@); fi >/dev/null)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
121
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
122
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
123
	--param make.year.ranges		1 \
124
	--param make.single.year.ranges		1 \
125
	--param man.output.quietly		1 \
126
	--param man.authors.section.enabled	0 \
127
	--param citerefentry.link		1 \
128
	--output $@ \
129
	/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
130
	$<; $(HTMLPOST) $@)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
131
# Fix citerefentry links
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
132
HTMLPOST:=$(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
133
	--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
134
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
135
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
136
	plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
137
	plugins.d/plymouth
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
138
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
237.7.675 by Teddy Hogeborn
Add dracut(8) support
139
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
140
	$(PLUGIN_HELPERS)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
141
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
142
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
143
	mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
144
	dracut-module/password-agent.8mandos \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
145
	plugins.d/mandos-client.8mandos \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
146
	plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
147
	plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
148
	plugins.d/plymouth.8mandos intro.8mandos
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
149
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
150
htmldocs:=$(addsuffix .xhtml,$(DOCS))
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
151
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
152
objects:=$(addsuffix .o,$(CPROGS))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
153
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
154
all: $(PROGS) mandos.lsm
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
155
156
doc: $(DOCS)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
157
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
158
html: $(htmldocs)
159
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
160
%.5: %.xml common.ent legalnotice.xml
161
	$(DOCBOOKTOMAN)
162
%.5.xhtml: %.xml common.ent legalnotice.xml
163
	$(DOCBOOKTOHTML)
164
165
%.8: %.xml common.ent legalnotice.xml
166
	$(DOCBOOKTOMAN)
167
%.8.xhtml: %.xml common.ent legalnotice.xml
168
	$(DOCBOOKTOHTML)
169
170
%.8mandos: %.xml common.ent legalnotice.xml
171
	$(DOCBOOKTOMAN)
172
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
173
	$(DOCBOOKTOHTML)
174
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
175
intro.8mandos: intro.xml common.ent legalnotice.xml
176
	$(DOCBOOKTOMAN)
177
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
178
	$(DOCBOOKTOHTML)
179
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
180
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
181
		legalnotice.xml
182
	$(DOCBOOKTOMAN)
183
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
184
		overview.xml legalnotice.xml
185
	$(DOCBOOKTOHTML)
186
187
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
188
		legalnotice.xml
189
	$(DOCBOOKTOMAN)
190
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
191
		 legalnotice.xml
192
	$(DOCBOOKTOHTML)
193
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
194
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
195
		legalnotice.xml
196
	$(DOCBOOKTOMAN)
197
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
198
		 legalnotice.xml
199
	$(DOCBOOKTOHTML)
200
237.2.197 by teddy at bsnet
* mandos-ctl.xml: New.
201
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
202
		legalnotice.xml
203
	$(DOCBOOKTOMAN)
204
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
205
		 legalnotice.xml
206
	$(DOCBOOKTOHTML)
207
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
208
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
209
		legalnotice.xml
210
	$(DOCBOOKTOMAN)
211
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
212
		legalnotice.xml
213
	$(DOCBOOKTOHTML)
214
215
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
216
		legalnotice.xml
217
	$(DOCBOOKTOMAN)
218
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
219
		overview.xml legalnotice.xml
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
220
	$(DOCBOOKTOHTML)
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
221
237.7.675 by Teddy Hogeborn
Add dracut(8) support
222
dracut-module/password-agent.8mandos: \
223
		dracut-module/password-agent.xml common.ent \
224
		overview.xml legalnotice.xml
225
	$(DOCBOOKTOMAN)
226
dracut-module/password-agent.8mandos.xhtml: \
227
		dracut-module/password-agent.xml common.ent \
228
		overview.xml legalnotice.xml
229
	$(DOCBOOKTOHTML)
230
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
231
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
232
					common.ent \
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
233
					mandos-options.xml \
234
					overview.xml legalnotice.xml
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
235
	$(DOCBOOKTOMAN)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
236
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
237
					common.ent \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
238
					mandos-options.xml \
239
					overview.xml legalnotice.xml
240
	$(DOCBOOKTOHTML)
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
241
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
242
# Update all these files with version number $(version)
243
common.ent: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
244
	$(strip $(SED) --in-place \
237.2.81 by Teddy Hogeborn
* Makefile (common.ent): Update "version" entity correctly.
245
		--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
246
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
247
248
mandos: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
249
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
250
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
251
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
252
253
mandos-keygen: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
254
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
255
		--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
256
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
257
24.1.121 by Björn Påhlsson
mandos-ctl: Added support for all client calls
258
mandos-ctl: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
259
	$(strip $(SED) --in-place \
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
260
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
261
		$@)
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
262
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
263
mandos-monitor: Makefile
264
	$(strip $(SED) --in-place \
265
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
266
		$@)
267
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
268
mandos.lsm: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
269
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
270
		--expression='s/^\(Version:\).*/\1\t$(version)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
271
		$@)
272
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
273
		--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
274
		$@)
275
	$(strip $(SED) --in-place \
237.2.18 by Teddy Hogeborn
* Makefile (mandos.lsm): Also update file name using version number.
276
		--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
277
		$@)
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
278
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
279
# Need to add the GnuTLS, Avahi and GPGME libraries
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
280
plugins.d/mandos-client: plugins.d/mandos-client.c
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
281
	$(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
237.7.662 by Teddy Hogeborn
Stop linking to librt
282
		) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
283
		) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
284
		) $(LDLIBS) -o $@
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
285
237.7.666 by Teddy Hogeborn
Client: Document requirement of libnl-route library
286
# Need to add the libnl-route library
237.25.4 by Teddy Hogeborn
Add plugin for mandos-client to add and delete local routes.
287
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
288
	$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
289
		) $(LOADLIBES) $(LDLIBS) -o $@
290
237.7.675 by Teddy Hogeborn
Add dracut(8) support
291
# Need to add the GLib and pthread libraries
292
dracut-module/password-agent: dracut-module/password-agent.c
293
	$(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\
294
		) $(LOADLIBES) $(LDLIBS) -o $@
295
237.7.213 by Teddy Hogeborn
* Makefile (WARN): Re-add "-Wunreachable-code".
296
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
297
	check run-client run-server install install-html \
298
	install-server install-client-nokey install-client uninstall \
299
	uninstall-server uninstall-client purge purge-server \
300
	purge-client
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
301
1 by Björn Påhlsson
First working version with: IPv6, GnuTLS, X.509 certificates, DN
302
clean:
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
303
	-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
304
305
distclean: clean
306
mostlyclean: clean
307
maintainer-clean: clean
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
308
	-rm --force --recursive keydir confdir statedir
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
309
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
310
check: all
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
311
	./mandos --check
237.7.156 by Teddy Hogeborn
* Makefile (check): Also check mandos-ctl.
312
	./mandos-ctl --check
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
313
	./mandos-keygen --version
314
	./plugin-runner --version
315
	./plugin-helpers/mandos-client-iprouteadddel --version
237.7.675 by Teddy Hogeborn
Add dracut(8) support
316
	./dracut-module/password-agent --test
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
317
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
318
# Run the client with a local config and key
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
319
run-client: all keydir/seckey.txt keydir/pubkey.txt \
320
			keydir/tls-privkey.pem keydir/tls-pubkey.pem
321
	@echo '######################################################'
322
	@echo '# The following error messages are harmless and can  #'
323
	@echo '#  be safely ignored:                                #'
324
	@echo '## From plugin-runner:                               #'
325
	@echo '# setgid: Operation not permitted                    #'
326
	@echo '# setuid: Operation not permitted                    #'
327
	@echo '## From askpass-fifo:                                #'
328
	@echo '# mkfifo: Permission denied                          #'
329
	@echo '## From mandos-client:                               #'
330
	@echo '# Failed to raise privileges: Operation not permi... #'
331
	@echo '# Warning: network hook "*" exited with status *     #'
332
	@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
333
	@echo '# Failed to bring up interface "*": Operation not... #'
334
	@echo '#                                                    #'
335
	@echo '# (The messages are caused by not running as root,   #'
336
	@echo '# but you should NOT run "make run-client" as root   #'
337
	@echo '# unless you also unpacked and compiled Mandos as    #'
338
	@echo '# root, which is also NOT recommended.)              #'
339
	@echo '######################################################'
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
340
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
341
	./plugin-runner --plugin-dir=plugins.d \
237.25.1 by Teddy Hogeborn
Add a plugin helper directory, available to all plugins.
342
		--plugin-helper-dir=plugin-helpers \
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
343
		--config-file=plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
344
		--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
345
		--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
237.2.23 by Teddy Hogeborn
* Makefile (run-client): Pass $(CLIENTARGS) to plugin-runner.
346
		$(CLIENTARGS)
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
347
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
348
# Used by run-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
349
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
350
	install --directory keydir
351
	./mandos-keygen --dir keydir --force
352
353
# Run the server with a local config
237.7.122 by Teddy Hogeborn
* mandos: White space and other misc. format fixes only.
354
run-server: confdir/mandos.conf confdir/clients.conf statedir
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
355
	./mandos --debug --no-dbus --configdir=confdir \
356
		--statedir=statedir $(SERVERARGS)
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
357
358
# Used by run-server
359
confdir/mandos.conf: mandos.conf
360
	install --directory confdir
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
361
	install --mode=u=rw,go=r $^ $@
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
362
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
363
	install --directory confdir
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
364
	install --mode=u=rw $< $@
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
365
# Add a client password
237.7.256 by Teddy Hogeborn
mandos-keygen: Generate "checker" option to use SSH fingerprints.
366
	./mandos-keygen --dir keydir --password --no-ssh >> $@
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
367
statedir:
368
	install --directory statedir
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
369
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
370
install: install-server install-client-nokey
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
371
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
372
install-html: html
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
373
	install --directory $(htmldir)
374
	install --mode=u=rw,go=r --target-directory=$(htmldir) \
375
		$(htmldocs)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
376
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
377
install-server: doc
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
378
	install --directory $(CONFDIR)
237.7.191 by Teddy Hogeborn
Don't require /var/lib/mandos to be installed with user & group.
379
	if install --directory --mode=u=rwx --owner=$(USER) \
380
		--group=$(GROUP) $(STATEDIR); then \
381
		:; \
382
	elif install --directory --mode=u=rwx $(STATEDIR); then \
383
		chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
384
	fi
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
385
	if [ "$(TMPFILES)" != "$(DESTDIR)" \
386
			-a -d "$(TMPFILES)" ]; then \
237.7.390 by Teddy Hogeborn
Server: Do not set execute bit on tmpfiles.d/mandos.conf
387
		install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
237.7.386 by Teddy Hogeborn
Server: New tmpfiles.d file for persistent state directory
388
			$(TMPFILES)/mandos.conf; \
389
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
390
	install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
391
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
392
		mandos-ctl
393
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
394
		mandos-monitor
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
395
	install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
396
		mandos.conf
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
397
	install --mode=u=rw --target-directory=$(CONFDIR) \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
398
		clients.conf
237.6.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
399
	install --mode=u=rw,go=r dbus-mandos.conf \
400
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
401
	install --mode=u=rwx,go=rx init.d-mandos \
402
		$(DESTDIR)/etc/init.d/mandos
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
403
	if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
237.7.187 by Teddy Hogeborn
Bug fix: Make sure systemd service file is installed.
404
		install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
405
	fi
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
406
	install --mode=u=rw,go=r default-mandos \
407
		$(DESTDIR)/etc/default/mandos
200 by Teddy Hogeborn
* Makefile: Put the init script before avahi-daemon.
408
	if [ -z $(DESTDIR) ]; then \
409
		update-rc.d mandos defaults 25 15;\
410
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
411
	gzip --best --to-stdout mandos.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
412
		> $(MANDIR)/man8/mandos.8.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
413
	gzip --best --to-stdout mandos-monitor.8 \
414
		> $(MANDIR)/man8/mandos-monitor.8.gz
415
	gzip --best --to-stdout mandos-ctl.8 \
416
		> $(MANDIR)/man8/mandos-ctl.8.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
417
	gzip --best --to-stdout mandos.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
418
		> $(MANDIR)/man5/mandos.conf.5.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
419
	gzip --best --to-stdout mandos-clients.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
420
		> $(MANDIR)/man5/mandos-clients.conf.5.gz
237.7.97 by teddy at recompile
* Makefile (install-server): Add intro(8mandos) man page.
421
	gzip --best --to-stdout intro.8mandos \
422
		> $(MANDIR)/man8/intro.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
423
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
424
install-client-nokey: all doc
237.7.188 by Teddy Hogeborn
Use architecture libdir.
425
	install --directory $(LIBDIR)/mandos $(CONFDIR)
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
426
	install --directory --mode=u=rwx $(KEYDIR) \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
427
		$(LIBDIR)/mandos/plugins.d \
428
		$(LIBDIR)/mandos/plugin-helpers
237.7.188 by Teddy Hogeborn
Use architecture libdir.
429
	if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
430
		install --mode=u=rwx \
237.7.387 by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go=
431
			--directory "$(CONFDIR)/plugins.d" \
432
			"$(CONFDIR)/plugin-helpers"; \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
433
	fi
237.16.17 by Teddy Hogeborn
* Makefile (install-client-nokey): Create network hook directory.
434
	install --mode=u=rwx,go=rx --directory \
435
		"$(CONFDIR)/network-hooks.d"
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
436
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
437
		--target-directory=$(LIBDIR)/mandos plugin-runner
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
438
	install --mode=u=rwx,go=rx \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
439
		--target-directory=$(LIBDIR)/mandos \
440
		mandos-to-cryptroot-unlock
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
441
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
442
		mandos-keygen
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
443
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
444
		--target-directory=$(LIBDIR)/mandos/plugins.d \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
445
		plugins.d/password-prompt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
446
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
447
		--target-directory=$(LIBDIR)/mandos/plugins.d \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
448
		plugins.d/mandos-client
208 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/usplash".
449
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
450
		--target-directory=$(LIBDIR)/mandos/plugins.d \
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
451
		plugins.d/usplash
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
452
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
453
		--target-directory=$(LIBDIR)/mandos/plugins.d \
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
454
		plugins.d/splashy
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
455
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
456
		--target-directory=$(LIBDIR)/mandos/plugins.d \
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
457
		plugins.d/askpass-fifo
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
458
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
459
		--target-directory=$(LIBDIR)/mandos/plugins.d \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
460
		plugins.d/plymouth
237.7.384 by Teddy Hogeborn
Client: Fix permissions on plugin helper directory.
461
	install --mode=u=rwx,go=rx \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
462
		--target-directory=$(LIBDIR)/mandos/plugin-helpers \
463
		plugin-helpers/mandos-client-iprouteadddel
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
464
	install initramfs-tools-hook \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
465
		$(INITRAMFSTOOLS)/hooks/mandos
237.7.502 by Teddy Hogeborn
Move UMASK setting to more proper place
466
	install --mode=u=rw,go=r initramfs-tools-conf \
467
		$(INITRAMFSTOOLS)/conf.d/mandos-conf
237.7.647 by Teddy Hogeborn
Installation: Fix UMASK even if set by some other initramfs hook
468
	install --mode=u=rw,go=r initramfs-tools-conf-hook \
469
		$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
470
	install initramfs-tools-script \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
471
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
472
	install initramfs-tools-script-stop \
473
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos
237.7.675 by Teddy Hogeborn
Add dracut(8) support
474
	install --directory $(DRACUTMODULE)
475
	install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
476
		dracut-module/ask-password-mandos.path \
477
		dracut-module/ask-password-mandos.service
478
	install --mode=u=rwxs,go=rx \
479
		--target-directory=$(DRACUTMODULE) \
480
		dracut-module/module-setup.sh \
481
		dracut-module/cmdline-mandos.sh \
482
		dracut-module/password-agent
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
483
	install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
484
	gzip --best --to-stdout mandos-keygen.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
485
		> $(MANDIR)/man8/mandos-keygen.8.gz
486
	gzip --best --to-stdout plugin-runner.8mandos \
487
		> $(MANDIR)/man8/plugin-runner.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
488
	gzip --best --to-stdout plugins.d/mandos-client.8mandos \
489
		> $(MANDIR)/man8/mandos-client.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
490
	gzip --best --to-stdout plugins.d/password-prompt.8mandos \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
491
		> $(MANDIR)/man8/password-prompt.8mandos.gz
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
492
	gzip --best --to-stdout plugins.d/usplash.8mandos \
493
		> $(MANDIR)/man8/usplash.8mandos.gz
494
	gzip --best --to-stdout plugins.d/splashy.8mandos \
495
		> $(MANDIR)/man8/splashy.8mandos.gz
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
496
	gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
497
		> $(MANDIR)/man8/askpass-fifo.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
498
	gzip --best --to-stdout plugins.d/plymouth.8mandos \
499
		> $(MANDIR)/man8/plymouth.8mandos.gz
237.7.675 by Teddy Hogeborn
Add dracut(8) support
500
	gzip --best --to-stdout dracut-module/password-agent.8mandos \
501
		> $(MANDIR)/man8/password-agent.8mandos.gz
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
502
503
install-client: install-client-nokey
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
504
# Post-installation stuff
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
505
	-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
237.7.675 by Teddy Hogeborn
Add dracut(8) support
506
	if command -v update-initramfs >/dev/null; then \
507
	    update-initramfs -k all -u; \
508
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
509
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
510
		if [ -w "$$initrd" ]; then \
511
		    chmod go-r "$$initrd"; \
512
		    dracut --force "$$initrd"; \
513
		fi; \
514
	    done; \
515
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
516
	echo "Now run mandos-keygen --password --dir $(KEYDIR)"
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
517
518
uninstall: uninstall-server uninstall-client
519
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
520
uninstall-server:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
521
	-rm --force $(PREFIX)/sbin/mandos \
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
522
		$(PREFIX)/sbin/mandos-ctl \
523
		$(PREFIX)/sbin/mandos-monitor \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
524
		$(MANDIR)/man8/mandos.8.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
525
		$(MANDIR)/man8/mandos-monitor.8.gz \
526
		$(MANDIR)/man8/mandos-ctl.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
527
		$(MANDIR)/man5/mandos.conf.5.gz \
528
		$(MANDIR)/man5/mandos-clients.conf.5.gz
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
529
	update-rc.d -f mandos remove
163 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): Removed.
530
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
531
532
uninstall-client:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
533
# Refuse to uninstall client if /etc/crypttab is explicitly configured
534
# to use it.
535
	! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
536
		$(DESTDIR)/etc/crypttab
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
537
	-rm --force $(PREFIX)/sbin/mandos-keygen \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
538
		$(LIBDIR)/mandos/plugin-runner \
539
		$(LIBDIR)/mandos/plugins.d/password-prompt \
540
		$(LIBDIR)/mandos/plugins.d/mandos-client \
541
		$(LIBDIR)/mandos/plugins.d/usplash \
542
		$(LIBDIR)/mandos/plugins.d/splashy \
543
		$(LIBDIR)/mandos/plugins.d/askpass-fifo \
544
		$(LIBDIR)/mandos/plugins.d/plymouth \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
545
		$(INITRAMFSTOOLS)/hooks/mandos \
546
		$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
547
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
548
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
549
		$(DRACUTMODULE)/ask-password-mandos.path \
550
		$(DRACUTMODULE)/ask-password-mandos.service \
551
		$(DRACUTMODULE)/module-setup.sh \
552
		$(DRACUTMODULE)/cmdline-mandos.sh \
553
		$(DRACUTMODULE)/password-agent \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
554
		$(MANDIR)/man8/mandos-keygen.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
555
		$(MANDIR)/man8/plugin-runner.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
556
		$(MANDIR)/man8/mandos-client.8mandos.gz
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
557
		$(MANDIR)/man8/password-prompt.8mandos.gz \
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
558
		$(MANDIR)/man8/usplash.8mandos.gz \
559
		$(MANDIR)/man8/splashy.8mandos.gz \
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
560
		$(MANDIR)/man8/askpass-fifo.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
561
		$(MANDIR)/man8/plymouth.8mandos.gz \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
562
		$(MANDIR)/man8/password-agent.8mandos.gz \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
563
	-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
564
		 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
565
	if command -v update-initramfs >/dev/null; then \
566
	    update-initramfs -k all -u; \
567
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
568
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
569
		test -w "$$initrd" && dracut --force "$$initrd"; \
570
	    done; \
571
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
572
573
purge: purge-server purge-client
574
575
purge-server: uninstall-server
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
576
	-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
237.6.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
577
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
578
		$(DESTDIR)/etc/default/mandos \
579
		$(DESTDIR)/etc/init.d/mandos \
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
580
		$(SYSTEMD)/mandos.service \
237.7.185 by Teddy Hogeborn
Fix fallback to /var/run if /run does not exist for Makefile.
581
		$(DESTDIR)/run/mandos.pid \
582
		$(DESTDIR)/var/run/mandos.pid
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
583
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
584
585
purge-client: uninstall-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
586
	-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
161 by Teddy Hogeborn
* Makefile (purge-client): Also remove "plugin-runner.conf".
587
	-rm --force $(CONFDIR)/plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
588
		$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
589
		$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
590
	-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)