/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
2
	-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
	-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
	-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
	-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
6
	-Wunsafe-loop-optimizations -Wpointer-arith \
7
	-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
8
	-Wconversion -Wlogical-op -Waggregate-return \
9
	-Wstrict-prototypes -Wold-style-definition \
10
	-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
	-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
	-Wvolatile-register-var -Woverlength-strings
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
#	echo 'int main(){}' | $(CC) --language=c $(option) \
18
#	/dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
237.7.348 by Teddy Hogeborn
Use AddressSanitizer and UndefinedBehaviorSanitizer.
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
237.7.419 by Teddy Hogeborn
Makefile: Replace "-fsanitize=address" with "-fsanitize=leak"
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
237.7.365 by Teddy Hogeborn
Only use -fsanitize=... options if they work.
21
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
22
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
        -fsanitize=return -fsanitize=signed-integer-overflow \
24
        -fsanitize=bounds -fsanitize=alignment \
25
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
26
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
237.7.665 by Teddy Hogeborn
Add another sanitizer option
28
        -fsanitize=enum -fsanitize-address-use-after-scope
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
33
LINK_FORTIFY_LD:=-z relro -z now
34
LINK_FORTIFY:=
237.2.162 by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment.
35
36
# If BROKEN_PIE is set, do not build with -pie
268 by Teddy Hogeborn
* Makefile: Don't use PIE if BROKEN_PIE is set.
37
ifndef BROKEN_PIE
38
FORTIFY += -fPIE
39
LINK_FORTIFY += -pie
40
endif
24.1.90 by Björn Påhlsson
fixed two bugs:
41
#COVERAGE=--coverage
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
42
OPTIMIZE:=-Os -fno-strict-aliasing
43
LANGUAGE:=-std=gnu11
237.7.694 by Teddy Hogeborn
Client: Always build with LFS enabled
44
FEATURES:=-D_FILE_OFFSET_BITS=64
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
45
htmldir:=man
387 by Teddy Hogeborn
* Makefile (version): Change to 1.8.6.
46
version:=1.8.6
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
47
SED:=sed
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
48
PKG_CONFIG?=pkg-config
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
49
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
50
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
51
	|| getent passwd nobody || echo 65534)))
52
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
53
	|| getent group nogroup || echo 65534)))
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
54
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
55
LINUXVERSION:=$(shell uname --kernel-release)
56
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
57
## Use these settings for a traditional /usr/local install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
58
# PREFIX:=$(DESTDIR)/usr/local
59
# CONFDIR:=$(DESTDIR)/etc/mandos
60
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
61
# MANDIR:=$(PREFIX)/man
62
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
63
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
64
# STATEDIR:=$(DESTDIR)/var/lib/mandos
65
# LIBDIR:=$(PREFIX)/lib
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
66
##
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
67
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
68
## These settings are for a package-type install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
69
PREFIX:=$(DESTDIR)/usr
70
CONFDIR:=$(DESTDIR)/etc/mandos
71
KEYDIR:=$(DESTDIR)/etc/keys/mandos
72
MANDIR:=$(PREFIX)/share/man
73
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
74
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
75
STATEDIR:=$(DESTDIR)/var/lib/mandos
76
LIBDIR:=$(shell \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
77
	for d in \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
78
	"/usr/lib/`dpkg-architecture \
79
			-qDEB_HOST_MULTIARCH 2>/dev/null`" \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
80
	"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
81
		if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
82
			echo "$(DESTDIR)$$d"; \
83
			break; \
84
		fi; \
85
	done)
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
86
##
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
87
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
88
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
89
			--variable=systemdsystemunitdir)
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
90
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
91
			--variable=tmpfilesdir)
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
92
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
93
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
94
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
95
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
96
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
97
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
98
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
237.2.80 by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags.
99
	getconf LFS_LDFLAGS)
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
100
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
101
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
102
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
103
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
104
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
105
# Do not change these two
237.7.694 by Teddy Hogeborn
Client: Always build with LFS enabled
106
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
107
	$(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
108
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
109
	) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
110
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
111
# Commands to format a DocBook <refentry> document into a manual page
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
112
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
62 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Do not generate AUTHORS section.
113
	--param man.charmap.use.subset		0 \
114
	--param make.year.ranges		1 \
115
	--param make.single.year.ranges		1 \
116
	--param man.output.quietly		1 \
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
117
	--param man.authors.section.enabled	0 \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
118
	/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
119
	$(notdir $<); \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
120
	if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
237.7.670 by Teddy Hogeborn
Fix bashisms: Use "command -v" instead of "type"
121
	&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
122
	MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
123
	$(notdir $@); fi >/dev/null)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
124
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
125
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
126
	--param make.year.ranges		1 \
127
	--param make.single.year.ranges		1 \
128
	--param man.output.quietly		1 \
129
	--param man.authors.section.enabled	0 \
130
	--param citerefentry.link		1 \
131
	--output $@ \
132
	/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
133
	$<; $(HTMLPOST) $@)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
134
# Fix citerefentry links
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
135
HTMLPOST:=$(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
136
	--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
137
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
138
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
139
	plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
140
	plugins.d/plymouth
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
141
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
237.7.675 by Teddy Hogeborn
Add dracut(8) support
142
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
143
	$(PLUGIN_HELPERS)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
144
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
145
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
146
	mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
147
	dracut-module/password-agent.8mandos \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
148
	plugins.d/mandos-client.8mandos \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
149
	plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
150
	plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
151
	plugins.d/plymouth.8mandos intro.8mandos
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
152
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
153
htmldocs:=$(addsuffix .xhtml,$(DOCS))
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
154
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
155
objects:=$(addsuffix .o,$(CPROGS))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
156
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
157
all: $(PROGS) mandos.lsm
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
158
159
doc: $(DOCS)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
160
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
161
html: $(htmldocs)
162
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
163
%.5: %.xml common.ent legalnotice.xml
164
	$(DOCBOOKTOMAN)
165
%.5.xhtml: %.xml common.ent legalnotice.xml
166
	$(DOCBOOKTOHTML)
167
168
%.8: %.xml common.ent legalnotice.xml
169
	$(DOCBOOKTOMAN)
170
%.8.xhtml: %.xml common.ent legalnotice.xml
171
	$(DOCBOOKTOHTML)
172
173
%.8mandos: %.xml common.ent legalnotice.xml
174
	$(DOCBOOKTOMAN)
175
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
176
	$(DOCBOOKTOHTML)
177
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
178
intro.8mandos: intro.xml common.ent legalnotice.xml
179
	$(DOCBOOKTOMAN)
180
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
181
	$(DOCBOOKTOHTML)
182
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
183
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
184
		legalnotice.xml
185
	$(DOCBOOKTOMAN)
186
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
187
		overview.xml legalnotice.xml
188
	$(DOCBOOKTOHTML)
189
190
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
191
		legalnotice.xml
192
	$(DOCBOOKTOMAN)
193
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
194
		 legalnotice.xml
195
	$(DOCBOOKTOHTML)
196
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
197
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
198
		legalnotice.xml
199
	$(DOCBOOKTOMAN)
200
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
201
		 legalnotice.xml
202
	$(DOCBOOKTOHTML)
203
237.2.197 by teddy at bsnet
* mandos-ctl.xml: New.
204
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
205
		legalnotice.xml
206
	$(DOCBOOKTOMAN)
207
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
208
		 legalnotice.xml
209
	$(DOCBOOKTOHTML)
210
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
211
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
212
		legalnotice.xml
213
	$(DOCBOOKTOMAN)
214
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
215
		legalnotice.xml
216
	$(DOCBOOKTOHTML)
217
218
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
219
		legalnotice.xml
220
	$(DOCBOOKTOMAN)
221
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
222
		overview.xml legalnotice.xml
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
223
	$(DOCBOOKTOHTML)
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
224
237.7.675 by Teddy Hogeborn
Add dracut(8) support
225
dracut-module/password-agent.8mandos: \
226
		dracut-module/password-agent.xml common.ent \
227
		overview.xml legalnotice.xml
228
	$(DOCBOOKTOMAN)
229
dracut-module/password-agent.8mandos.xhtml: \
230
		dracut-module/password-agent.xml common.ent \
231
		overview.xml legalnotice.xml
232
	$(DOCBOOKTOHTML)
233
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
234
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
235
					common.ent \
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
236
					mandos-options.xml \
237
					overview.xml legalnotice.xml
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
238
	$(DOCBOOKTOMAN)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
239
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
240
					common.ent \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
241
					mandos-options.xml \
242
					overview.xml legalnotice.xml
243
	$(DOCBOOKTOHTML)
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
244
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
245
# Update all these files with version number $(version)
246
common.ent: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
247
	$(strip $(SED) --in-place \
237.2.81 by Teddy Hogeborn
* Makefile (common.ent): Update "version" entity correctly.
248
		--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
249
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
250
251
mandos: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
252
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
253
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
254
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
255
256
mandos-keygen: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
257
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
258
		--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
259
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
260
24.1.121 by Björn Påhlsson
mandos-ctl: Added support for all client calls
261
mandos-ctl: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
262
	$(strip $(SED) --in-place \
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
263
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
264
		$@)
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
265
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
266
mandos-monitor: Makefile
267
	$(strip $(SED) --in-place \
268
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
269
		$@)
270
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
271
mandos.lsm: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
272
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
273
		--expression='s/^\(Version:\).*/\1\t$(version)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
274
		$@)
275
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
276
		--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
277
		$@)
278
	$(strip $(SED) --in-place \
237.2.18 by Teddy Hogeborn
* Makefile (mandos.lsm): Also update file name using version number.
279
		--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
280
		$@)
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
281
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
282
# Need to add the GnuTLS, Avahi and GPGME libraries
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
283
plugins.d/mandos-client: plugins.d/mandos-client.c
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
284
	$(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
237.7.662 by Teddy Hogeborn
Stop linking to librt
285
		) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
286
		) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
287
		) $(LDLIBS) -o $@
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
288
237.7.666 by Teddy Hogeborn
Client: Document requirement of libnl-route library
289
# Need to add the libnl-route library
237.25.4 by Teddy Hogeborn
Add plugin for mandos-client to add and delete local routes.
290
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
291
	$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
292
		) $(LOADLIBES) $(LDLIBS) -o $@
293
237.7.675 by Teddy Hogeborn
Add dracut(8) support
294
# Need to add the GLib and pthread libraries
295
dracut-module/password-agent: dracut-module/password-agent.c
296
	$(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\
297
		) $(LOADLIBES) $(LDLIBS) -o $@
298
237.7.213 by Teddy Hogeborn
* Makefile (WARN): Re-add "-Wunreachable-code".
299
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
300
	check run-client run-server install install-html \
301
	install-server install-client-nokey install-client uninstall \
302
	uninstall-server uninstall-client purge purge-server \
303
	purge-client
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
304
1 by Björn Påhlsson
First working version with: IPv6, GnuTLS, X.509 certificates, DN
305
clean:
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
306
	-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
307
308
distclean: clean
309
mostlyclean: clean
310
maintainer-clean: clean
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
311
	-rm --force --recursive keydir confdir statedir
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
312
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
313
check: all
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
314
	./mandos --check
237.7.156 by Teddy Hogeborn
* Makefile (check): Also check mandos-ctl.
315
	./mandos-ctl --check
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
316
	./mandos-keygen --version
317
	./plugin-runner --version
318
	./plugin-helpers/mandos-client-iprouteadddel --version
237.7.675 by Teddy Hogeborn
Add dracut(8) support
319
	./dracut-module/password-agent --test
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
320
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
321
# Run the client with a local config and key
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
322
run-client: all keydir/seckey.txt keydir/pubkey.txt \
323
			keydir/tls-privkey.pem keydir/tls-pubkey.pem
324
	@echo '######################################################'
325
	@echo '# The following error messages are harmless and can  #'
326
	@echo '#  be safely ignored:                                #'
327
	@echo '## From plugin-runner:                               #'
328
	@echo '# setgid: Operation not permitted                    #'
329
	@echo '# setuid: Operation not permitted                    #'
330
	@echo '## From askpass-fifo:                                #'
331
	@echo '# mkfifo: Permission denied                          #'
332
	@echo '## From mandos-client:                               #'
333
	@echo '# Failed to raise privileges: Operation not permi... #'
334
	@echo '# Warning: network hook "*" exited with status *     #'
335
	@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
336
	@echo '# Failed to bring up interface "*": Operation not... #'
337
	@echo '#                                                    #'
338
	@echo '# (The messages are caused by not running as root,   #'
339
	@echo '# but you should NOT run "make run-client" as root   #'
340
	@echo '# unless you also unpacked and compiled Mandos as    #'
341
	@echo '# root, which is also NOT recommended.)              #'
342
	@echo '######################################################'
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
343
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
344
	./plugin-runner --plugin-dir=plugins.d \
237.25.1 by Teddy Hogeborn
Add a plugin helper directory, available to all plugins.
345
		--plugin-helper-dir=plugin-helpers \
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
346
		--config-file=plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
347
		--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
348
		--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
237.2.23 by Teddy Hogeborn
* Makefile (run-client): Pass $(CLIENTARGS) to plugin-runner.
349
		$(CLIENTARGS)
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
350
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
351
# Used by run-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
352
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
353
	install --directory keydir
354
	./mandos-keygen --dir keydir --force
355
356
# Run the server with a local config
237.7.122 by Teddy Hogeborn
* mandos: White space and other misc. format fixes only.
357
run-server: confdir/mandos.conf confdir/clients.conf statedir
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
358
	./mandos --debug --no-dbus --configdir=confdir \
359
		--statedir=statedir $(SERVERARGS)
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
360
361
# Used by run-server
362
confdir/mandos.conf: mandos.conf
363
	install --directory confdir
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
364
	install --mode=u=rw,go=r $^ $@
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
365
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
366
	install --directory confdir
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
367
	install --mode=u=rw $< $@
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
368
# Add a client password
237.7.256 by Teddy Hogeborn
mandos-keygen: Generate "checker" option to use SSH fingerprints.
369
	./mandos-keygen --dir keydir --password --no-ssh >> $@
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
370
statedir:
371
	install --directory statedir
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
372
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
373
install: install-server install-client-nokey
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
374
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
375
install-html: html
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
376
	install --directory $(htmldir)
377
	install --mode=u=rw,go=r --target-directory=$(htmldir) \
378
		$(htmldocs)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
379
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
380
install-server: doc
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
381
	install --directory $(CONFDIR)
237.7.191 by Teddy Hogeborn
Don't require /var/lib/mandos to be installed with user & group.
382
	if install --directory --mode=u=rwx --owner=$(USER) \
383
		--group=$(GROUP) $(STATEDIR); then \
384
		:; \
385
	elif install --directory --mode=u=rwx $(STATEDIR); then \
386
		chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
387
	fi
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
388
	if [ "$(TMPFILES)" != "$(DESTDIR)" \
389
			-a -d "$(TMPFILES)" ]; then \
237.7.390 by Teddy Hogeborn
Server: Do not set execute bit on tmpfiles.d/mandos.conf
390
		install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
237.7.386 by Teddy Hogeborn
Server: New tmpfiles.d file for persistent state directory
391
			$(TMPFILES)/mandos.conf; \
392
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
393
	install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
394
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
395
		mandos-ctl
396
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
397
		mandos-monitor
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
398
	install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
399
		mandos.conf
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
400
	install --mode=u=rw --target-directory=$(CONFDIR) \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
401
		clients.conf
237.6.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
402
	install --mode=u=rw,go=r dbus-mandos.conf \
403
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
404
	install --mode=u=rwx,go=rx init.d-mandos \
405
		$(DESTDIR)/etc/init.d/mandos
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
406
	if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
237.7.187 by Teddy Hogeborn
Bug fix: Make sure systemd service file is installed.
407
		install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
408
	fi
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
409
	install --mode=u=rw,go=r default-mandos \
410
		$(DESTDIR)/etc/default/mandos
200 by Teddy Hogeborn
* Makefile: Put the init script before avahi-daemon.
411
	if [ -z $(DESTDIR) ]; then \
412
		update-rc.d mandos defaults 25 15;\
413
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
414
	gzip --best --to-stdout mandos.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
415
		> $(MANDIR)/man8/mandos.8.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
416
	gzip --best --to-stdout mandos-monitor.8 \
417
		> $(MANDIR)/man8/mandos-monitor.8.gz
418
	gzip --best --to-stdout mandos-ctl.8 \
419
		> $(MANDIR)/man8/mandos-ctl.8.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
420
	gzip --best --to-stdout mandos.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
421
		> $(MANDIR)/man5/mandos.conf.5.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
422
	gzip --best --to-stdout mandos-clients.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
423
		> $(MANDIR)/man5/mandos-clients.conf.5.gz
237.7.97 by teddy at recompile
* Makefile (install-server): Add intro(8mandos) man page.
424
	gzip --best --to-stdout intro.8mandos \
425
		> $(MANDIR)/man8/intro.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
426
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
427
install-client-nokey: all doc
237.7.188 by Teddy Hogeborn
Use architecture libdir.
428
	install --directory $(LIBDIR)/mandos $(CONFDIR)
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
429
	install --directory --mode=u=rwx $(KEYDIR) \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
430
		$(LIBDIR)/mandos/plugins.d \
431
		$(LIBDIR)/mandos/plugin-helpers
237.7.188 by Teddy Hogeborn
Use architecture libdir.
432
	if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
433
		install --mode=u=rwx \
237.7.387 by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go=
434
			--directory "$(CONFDIR)/plugins.d" \
435
			"$(CONFDIR)/plugin-helpers"; \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
436
	fi
237.16.17 by Teddy Hogeborn
* Makefile (install-client-nokey): Create network hook directory.
437
	install --mode=u=rwx,go=rx --directory \
438
		"$(CONFDIR)/network-hooks.d"
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
439
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
440
		--target-directory=$(LIBDIR)/mandos plugin-runner
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
441
	install --mode=u=rwx,go=rx \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
442
		--target-directory=$(LIBDIR)/mandos \
443
		mandos-to-cryptroot-unlock
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
444
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
445
		mandos-keygen
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
446
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
447
		--target-directory=$(LIBDIR)/mandos/plugins.d \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
448
		plugins.d/password-prompt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
449
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
450
		--target-directory=$(LIBDIR)/mandos/plugins.d \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
451
		plugins.d/mandos-client
208 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/usplash".
452
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
453
		--target-directory=$(LIBDIR)/mandos/plugins.d \
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
454
		plugins.d/usplash
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
455
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
456
		--target-directory=$(LIBDIR)/mandos/plugins.d \
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
457
		plugins.d/splashy
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
458
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
459
		--target-directory=$(LIBDIR)/mandos/plugins.d \
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
460
		plugins.d/askpass-fifo
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
461
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
462
		--target-directory=$(LIBDIR)/mandos/plugins.d \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
463
		plugins.d/plymouth
237.7.384 by Teddy Hogeborn
Client: Fix permissions on plugin helper directory.
464
	install --mode=u=rwx,go=rx \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
465
		--target-directory=$(LIBDIR)/mandos/plugin-helpers \
466
		plugin-helpers/mandos-client-iprouteadddel
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
467
	install initramfs-tools-hook \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
468
		$(INITRAMFSTOOLS)/hooks/mandos
237.7.502 by Teddy Hogeborn
Move UMASK setting to more proper place
469
	install --mode=u=rw,go=r initramfs-tools-conf \
470
		$(INITRAMFSTOOLS)/conf.d/mandos-conf
237.7.647 by Teddy Hogeborn
Installation: Fix UMASK even if set by some other initramfs hook
471
	install --mode=u=rw,go=r initramfs-tools-conf-hook \
472
		$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
473
	install initramfs-tools-script \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
474
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
475
	install initramfs-tools-script-stop \
476
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos
237.7.675 by Teddy Hogeborn
Add dracut(8) support
477
	install --directory $(DRACUTMODULE)
478
	install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
479
		dracut-module/ask-password-mandos.path \
480
		dracut-module/ask-password-mandos.service
481
	install --mode=u=rwxs,go=rx \
482
		--target-directory=$(DRACUTMODULE) \
483
		dracut-module/module-setup.sh \
484
		dracut-module/cmdline-mandos.sh \
485
		dracut-module/password-agent
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
486
	install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
487
	gzip --best --to-stdout mandos-keygen.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
488
		> $(MANDIR)/man8/mandos-keygen.8.gz
489
	gzip --best --to-stdout plugin-runner.8mandos \
490
		> $(MANDIR)/man8/plugin-runner.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
491
	gzip --best --to-stdout plugins.d/mandos-client.8mandos \
492
		> $(MANDIR)/man8/mandos-client.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
493
	gzip --best --to-stdout plugins.d/password-prompt.8mandos \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
494
		> $(MANDIR)/man8/password-prompt.8mandos.gz
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
495
	gzip --best --to-stdout plugins.d/usplash.8mandos \
496
		> $(MANDIR)/man8/usplash.8mandos.gz
497
	gzip --best --to-stdout plugins.d/splashy.8mandos \
498
		> $(MANDIR)/man8/splashy.8mandos.gz
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
499
	gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
500
		> $(MANDIR)/man8/askpass-fifo.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
501
	gzip --best --to-stdout plugins.d/plymouth.8mandos \
502
		> $(MANDIR)/man8/plymouth.8mandos.gz
237.7.675 by Teddy Hogeborn
Add dracut(8) support
503
	gzip --best --to-stdout dracut-module/password-agent.8mandos \
504
		> $(MANDIR)/man8/password-agent.8mandos.gz
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
505
506
install-client: install-client-nokey
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
507
# Post-installation stuff
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
508
	-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
237.7.675 by Teddy Hogeborn
Add dracut(8) support
509
	if command -v update-initramfs >/dev/null; then \
510
	    update-initramfs -k all -u; \
511
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
512
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
513
		if [ -w "$$initrd" ]; then \
514
		    chmod go-r "$$initrd"; \
515
		    dracut --force "$$initrd"; \
516
		fi; \
517
	    done; \
518
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
519
	echo "Now run mandos-keygen --password --dir $(KEYDIR)"
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
520
521
uninstall: uninstall-server uninstall-client
522
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
523
uninstall-server:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
524
	-rm --force $(PREFIX)/sbin/mandos \
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
525
		$(PREFIX)/sbin/mandos-ctl \
526
		$(PREFIX)/sbin/mandos-monitor \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
527
		$(MANDIR)/man8/mandos.8.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
528
		$(MANDIR)/man8/mandos-monitor.8.gz \
529
		$(MANDIR)/man8/mandos-ctl.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
530
		$(MANDIR)/man5/mandos.conf.5.gz \
531
		$(MANDIR)/man5/mandos-clients.conf.5.gz
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
532
	update-rc.d -f mandos remove
163 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): Removed.
533
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
534
535
uninstall-client:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
536
# Refuse to uninstall client if /etc/crypttab is explicitly configured
537
# to use it.
538
	! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
539
		$(DESTDIR)/etc/crypttab
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
540
	-rm --force $(PREFIX)/sbin/mandos-keygen \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
541
		$(LIBDIR)/mandos/plugin-runner \
542
		$(LIBDIR)/mandos/plugins.d/password-prompt \
543
		$(LIBDIR)/mandos/plugins.d/mandos-client \
544
		$(LIBDIR)/mandos/plugins.d/usplash \
545
		$(LIBDIR)/mandos/plugins.d/splashy \
546
		$(LIBDIR)/mandos/plugins.d/askpass-fifo \
547
		$(LIBDIR)/mandos/plugins.d/plymouth \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
548
		$(INITRAMFSTOOLS)/hooks/mandos \
549
		$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
550
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
551
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
552
		$(DRACUTMODULE)/ask-password-mandos.path \
553
		$(DRACUTMODULE)/ask-password-mandos.service \
554
		$(DRACUTMODULE)/module-setup.sh \
555
		$(DRACUTMODULE)/cmdline-mandos.sh \
556
		$(DRACUTMODULE)/password-agent \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
557
		$(MANDIR)/man8/mandos-keygen.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
558
		$(MANDIR)/man8/plugin-runner.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
559
		$(MANDIR)/man8/mandos-client.8mandos.gz
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
560
		$(MANDIR)/man8/password-prompt.8mandos.gz \
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
561
		$(MANDIR)/man8/usplash.8mandos.gz \
562
		$(MANDIR)/man8/splashy.8mandos.gz \
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
563
		$(MANDIR)/man8/askpass-fifo.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
564
		$(MANDIR)/man8/plymouth.8mandos.gz \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
565
		$(MANDIR)/man8/password-agent.8mandos.gz \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
566
	-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
567
		 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
568
	if command -v update-initramfs >/dev/null; then \
569
	    update-initramfs -k all -u; \
570
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
571
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
572
		test -w "$$initrd" && dracut --force "$$initrd"; \
573
	    done; \
574
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
575
576
purge: purge-server purge-client
577
578
purge-server: uninstall-server
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
579
	-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
237.6.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
580
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
581
		$(DESTDIR)/etc/default/mandos \
582
		$(DESTDIR)/etc/init.d/mandos \
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
583
		$(SYSTEMD)/mandos.service \
237.7.185 by Teddy Hogeborn
Fix fallback to /var/run if /run does not exist for Makefile.
584
		$(DESTDIR)/run/mandos.pid \
585
		$(DESTDIR)/var/run/mandos.pid
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
586
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
587
588
purge-client: uninstall-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
589
	-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
161 by Teddy Hogeborn
* Makefile (purge-client): Also remove "plugin-runner.conf".
590
	-rm --force $(CONFDIR)/plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
591
		$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
592
		$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
593
	-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)