/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
2
	-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
	-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
	-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
	-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
6
	-Wunsafe-loop-optimizations -Wpointer-arith \
7
	-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
8
	-Wconversion -Wlogical-op -Waggregate-return \
9
	-Wstrict-prototypes -Wold-style-definition \
10
	-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
	-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
	-Wvolatile-register-var -Woverlength-strings
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
#	echo 'int main(){}' | $(CC) --language=c $(option) \
18
#	/dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
237.7.348 by Teddy Hogeborn
Use AddressSanitizer and UndefinedBehaviorSanitizer.
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
237.7.419 by Teddy Hogeborn
Makefile: Replace "-fsanitize=address" with "-fsanitize=leak"
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
237.7.365 by Teddy Hogeborn
Only use -fsanitize=... options if they work.
21
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
22
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
        -fsanitize=return -fsanitize=signed-integer-overflow \
24
        -fsanitize=bounds -fsanitize=alignment \
25
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
26
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
237.7.665 by Teddy Hogeborn
Add another sanitizer option
28
        -fsanitize=enum -fsanitize-address-use-after-scope
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
237.7.821 by Teddy Hogeborn
Really enable FORTIFY_SOURCE=3
32
FORTIFY:=-fstack-protector-all -fPIC
33
CPPFLAGS+=-D_FORTIFY_SOURCE=3
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
34
LINK_FORTIFY_LD:=-z relro -z now
35
LINK_FORTIFY:=
237.2.162 by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment.
36
37
# If BROKEN_PIE is set, do not build with -pie
268 by Teddy Hogeborn
* Makefile: Don't use PIE if BROKEN_PIE is set.
38
ifndef BROKEN_PIE
39
FORTIFY += -fPIE
40
LINK_FORTIFY += -pie
41
endif
24.1.90 by Björn Påhlsson
fixed two bugs:
42
#COVERAGE=--coverage
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
43
OPTIMIZE:=-Os -fno-strict-aliasing
44
LANGUAGE:=-std=gnu11
237.7.829 by Teddy Hogeborn
Fix Y2038
45
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
46
htmldir:=man
409 by Teddy Hogeborn
Version 1.8.16-1
47
version:=1.8.16
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
48
SED:=sed
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
49
PKG_CONFIG?=pkg-config
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
50
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
51
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
52
	|| getent passwd nobody || echo 65534)))
53
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
54
	|| getent group nogroup || echo 65534)))
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
55
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
56
LINUXVERSION:=$(shell uname --kernel-release)
57
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
58
## Use these settings for a traditional /usr/local install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
59
# PREFIX:=$(DESTDIR)/usr/local
60
# CONFDIR:=$(DESTDIR)/etc/mandos
61
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
62
# MANDIR:=$(PREFIX)/man
63
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
64
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
65
# STATEDIR:=$(DESTDIR)/var/lib/mandos
66
# LIBDIR:=$(PREFIX)/lib
237.7.823 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
67
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
68
##
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
69
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
70
## These settings are for a package-type install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
71
PREFIX:=$(DESTDIR)/usr
72
CONFDIR:=$(DESTDIR)/etc/mandos
73
KEYDIR:=$(DESTDIR)/etc/keys/mandos
74
MANDIR:=$(PREFIX)/share/man
75
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
76
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
77
STATEDIR:=$(DESTDIR)/var/lib/mandos
78
LIBDIR:=$(shell \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
79
	for d in \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
80
	"/usr/lib/`dpkg-architecture \
81
			-qDEB_HOST_MULTIARCH 2>/dev/null`" \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
82
	"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
83
		if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
84
			echo "$(DESTDIR)$$d"; \
85
			break; \
86
		fi; \
87
	done)
237.7.823 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
88
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
89
##
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
90
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
91
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
92
			--variable=systemdsystemunitdir)
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
93
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
94
			--variable=tmpfilesdir)
237.7.707 by Teddy Hogeborn
Use the systemd sysusers.d mechanism, if present
95
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
			--variable=sysusersdir)
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
97
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
98
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
99
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
100
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
101
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
237.7.810 by Teddy Hogeborn
Prefer "pkg-config" over the old "gpgme-config" command.
102
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
103
	|| gpgme-config --cflags; getconf LFS_CFLAGS)
104
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
105
	|| gpgme-config --libs; getconf LFS_LIBS; \
237.2.80 by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags.
106
	getconf LFS_LDFLAGS)
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
107
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
108
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
109
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
110
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
111
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
112
# Do not change these two
237.7.694 by Teddy Hogeborn
Client: Always build with LFS enabled
113
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
237.7.821 by Teddy Hogeborn
Really enable FORTIFY_SOURCE=3
114
	$(LANGUAGE) -DVERSION='"$(version)"'
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
115
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
116
	) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
117
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
118
# Commands to format a DocBook <refentry> document into a manual page
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
119
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
62 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Do not generate AUTHORS section.
120
	--param man.charmap.use.subset		0 \
121
	--param make.year.ranges		1 \
122
	--param make.single.year.ranges		1 \
123
	--param man.output.quietly		1 \
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
124
	--param man.authors.section.enabled	0 \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
125
	/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
126
	$(notdir $<); \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
127
	if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
237.7.670 by Teddy Hogeborn
Fix bashisms: Use "command -v" instead of "type"
128
	&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
129
	MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
130
	$(notdir $@); fi >/dev/null)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
131
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
132
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
133
	--param make.year.ranges		1 \
134
	--param make.single.year.ranges		1 \
135
	--param man.output.quietly		1 \
136
	--param man.authors.section.enabled	0 \
137
	--param citerefentry.link		1 \
138
	--output $@ \
139
	/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
140
	$<; $(HTMLPOST) $@)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
141
# Fix citerefentry links
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
142
HTMLPOST:=$(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
143
	--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
144
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
145
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
146
	plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
147
	plugins.d/plymouth
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
148
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
237.7.675 by Teddy Hogeborn
Add dracut(8) support
149
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
150
	$(PLUGIN_HELPERS)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
151
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
152
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
153
	mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
154
	dracut-module/password-agent.8mandos \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
155
	plugins.d/mandos-client.8mandos \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
156
	plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
157
	plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
158
	plugins.d/plymouth.8mandos intro.8mandos
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
159
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
160
htmldocs:=$(addsuffix .xhtml,$(DOCS))
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
161
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
162
objects:=$(addsuffix .o,$(CPROGS))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
163
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
164
.PHONY: all
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
165
all: $(PROGS) mandos.lsm
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
166
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
167
.PHONY: doc
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
168
doc: $(DOCS)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
169
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
170
.PHONY: html
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
171
html: $(htmldocs)
172
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
173
%.5: %.xml common.ent legalnotice.xml
174
	$(DOCBOOKTOMAN)
175
%.5.xhtml: %.xml common.ent legalnotice.xml
176
	$(DOCBOOKTOHTML)
177
178
%.8: %.xml common.ent legalnotice.xml
179
	$(DOCBOOKTOMAN)
180
%.8.xhtml: %.xml common.ent legalnotice.xml
181
	$(DOCBOOKTOHTML)
182
183
%.8mandos: %.xml common.ent legalnotice.xml
184
	$(DOCBOOKTOMAN)
185
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
186
	$(DOCBOOKTOHTML)
187
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
188
intro.8mandos: intro.xml common.ent legalnotice.xml
189
	$(DOCBOOKTOMAN)
190
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
191
	$(DOCBOOKTOHTML)
192
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
193
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
194
		legalnotice.xml
195
	$(DOCBOOKTOMAN)
196
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
197
		overview.xml legalnotice.xml
198
	$(DOCBOOKTOHTML)
199
200
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
201
		legalnotice.xml
202
	$(DOCBOOKTOMAN)
203
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
204
		 legalnotice.xml
205
	$(DOCBOOKTOHTML)
206
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
207
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
208
		legalnotice.xml
209
	$(DOCBOOKTOMAN)
210
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
211
		 legalnotice.xml
212
	$(DOCBOOKTOHTML)
213
237.2.197 by teddy at bsnet
* mandos-ctl.xml: New.
214
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
215
		legalnotice.xml
216
	$(DOCBOOKTOMAN)
217
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
218
		 legalnotice.xml
219
	$(DOCBOOKTOHTML)
220
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
221
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
222
		legalnotice.xml
223
	$(DOCBOOKTOMAN)
224
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
225
		legalnotice.xml
226
	$(DOCBOOKTOHTML)
227
228
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
229
		legalnotice.xml
230
	$(DOCBOOKTOMAN)
231
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
232
		overview.xml legalnotice.xml
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
233
	$(DOCBOOKTOHTML)
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
234
237.7.675 by Teddy Hogeborn
Add dracut(8) support
235
dracut-module/password-agent.8mandos: \
236
		dracut-module/password-agent.xml common.ent \
237
		overview.xml legalnotice.xml
238
	$(DOCBOOKTOMAN)
239
dracut-module/password-agent.8mandos.xhtml: \
240
		dracut-module/password-agent.xml common.ent \
241
		overview.xml legalnotice.xml
242
	$(DOCBOOKTOHTML)
243
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
244
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
245
					common.ent \
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
246
					mandos-options.xml \
247
					overview.xml legalnotice.xml
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
248
	$(DOCBOOKTOMAN)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
249
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
250
					common.ent \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
251
					mandos-options.xml \
252
					overview.xml legalnotice.xml
253
	$(DOCBOOKTOHTML)
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
254
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
255
# Update all these files with version number $(version)
256
common.ent: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
257
	$(strip $(SED) --in-place \
237.2.81 by Teddy Hogeborn
* Makefile (common.ent): Update "version" entity correctly.
258
		--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
259
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
260
261
mandos: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
262
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
263
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
264
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
265
266
mandos-keygen: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
267
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
268
		--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
269
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
270
24.1.121 by Björn Påhlsson
mandos-ctl: Added support for all client calls
271
mandos-ctl: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
272
	$(strip $(SED) --in-place \
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
273
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
274
		$@)
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
275
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
276
mandos-monitor: Makefile
277
	$(strip $(SED) --in-place \
278
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
279
		$@)
280
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
281
mandos.lsm: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
282
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
283
		--expression='s/^\(Version:\).*/\1\t$(version)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
284
		$@)
285
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
286
		--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
287
		$@)
288
	$(strip $(SED) --in-place \
237.2.18 by Teddy Hogeborn
* Makefile (mandos.lsm): Also update file name using version number.
289
		--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
290
		$@)
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
291
237.7.846 by Teddy Hogeborn
Eliminate compiler warnings
292
# Uses nested functions
293
plugin-runner: LDFLAGS += -Xlinker --no-warn-execstack
294
dracut-module/password-agent: LDFLAGS += -Xlinker --no-warn-execstack
295
plugins.d/password-prompt: LDFLAGS += -Xlinker --no-warn-execstack
296
plugins.d/mandos-client: LDFLAGS += -Xlinker --no-warn-execstack
297
plugins.d/plymouth: LDFLAGS += -Xlinker --no-warn-execstack
298
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
299
# Need to add the GnuTLS, Avahi and GPGME libraries
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
300
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
301
	) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
302
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
303
	) $(AVAHI_LIBS) $(GPGME_LIBS)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
304
237.7.666 by Teddy Hogeborn
Client: Document requirement of libnl-route library
305
# Need to add the libnl-route library
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
306
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
307
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
237.25.4 by Teddy Hogeborn
Add plugin for mandos-client to add and delete local routes.
308
237.7.675 by Teddy Hogeborn
Add dracut(8) support
309
# Need to add the GLib and pthread libraries
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
310
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
237.7.793 by Teddy Hogeborn
Makefile: Add comment about phase out of -lpthread
311
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
312
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
237.7.675 by Teddy Hogeborn
Add dracut(8) support
313
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
314
.PHONY: clean
1 by Björn Påhlsson
First working version with: IPv6, GnuTLS, X.509 certificates, DN
315
clean:
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
316
	-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
317
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
318
.PHONY: distclean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
319
distclean: clean
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
320
.PHONY: mostlyclean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
321
mostlyclean: clean
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
322
.PHONY: maintainer-clean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
323
maintainer-clean: clean
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
324
	-rm --force --recursive keydir confdir statedir
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
325
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
326
.PHONY: check
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
327
check: all
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
328
	./mandos --check
237.7.156 by Teddy Hogeborn
* Makefile (check): Also check mandos-ctl.
329
	./mandos-ctl --check
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
330
	./mandos-keygen --version
331
	./plugin-runner --version
332
	./plugin-helpers/mandos-client-iprouteadddel --version
237.7.675 by Teddy Hogeborn
Add dracut(8) support
333
	./dracut-module/password-agent --test
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
334
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
335
# Run the client with a local config and key
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
336
.PHONY: run-client
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
337
run-client: all keydir/seckey.txt keydir/pubkey.txt \
338
			keydir/tls-privkey.pem keydir/tls-pubkey.pem
339
	@echo '######################################################'
340
	@echo '# The following error messages are harmless and can  #'
341
	@echo '#  be safely ignored:                                #'
342
	@echo '## From plugin-runner:                               #'
343
	@echo '# setgid: Operation not permitted                    #'
344
	@echo '# setuid: Operation not permitted                    #'
345
	@echo '## From askpass-fifo:                                #'
346
	@echo '# mkfifo: Permission denied                          #'
347
	@echo '## From mandos-client:                               #'
348
	@echo '# Failed to raise privileges: Operation not permi... #'
349
	@echo '# Warning: network hook "*" exited with status *     #'
350
	@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
351
	@echo '# Failed to bring up interface "*": Operation not... #'
352
	@echo '#                                                    #'
353
	@echo '# (The messages are caused by not running as root,   #'
354
	@echo '# but you should NOT run "make run-client" as root   #'
355
	@echo '# unless you also unpacked and compiled Mandos as    #'
356
	@echo '# root, which is also NOT recommended.)              #'
357
	@echo '######################################################'
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
358
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
359
	./plugin-runner --plugin-dir=plugins.d \
237.25.1 by Teddy Hogeborn
Add a plugin helper directory, available to all plugins.
360
		--plugin-helper-dir=plugin-helpers \
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
361
		--config-file=plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
362
		--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
363
		--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
237.2.23 by Teddy Hogeborn
* Makefile (run-client): Pass $(CLIENTARGS) to plugin-runner.
364
		$(CLIENTARGS)
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
365
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
366
# Used by run-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
367
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
368
	install --directory keydir
369
	./mandos-keygen --dir keydir --force
237.7.755 by teddy at recompile
Makefile: fix targets run-server & run-client with GnuTLS 3.5.9
370
	if ! [ -e keydir/tls-privkey.pem ]; then \
371
		install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
372
	fi
373
	if ! [ -e keydir/tls-pubkey.pem ]; then \
374
		install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
375
	fi
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
376
377
# Run the server with a local config
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
378
.PHONY: run-server
237.7.122 by Teddy Hogeborn
* mandos: White space and other misc. format fixes only.
379
run-server: confdir/mandos.conf confdir/clients.conf statedir
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
380
	./mandos --debug --no-dbus --configdir=confdir \
381
		--statedir=statedir $(SERVERARGS)
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
382
383
# Used by run-server
384
confdir/mandos.conf: mandos.conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
385
	install -D --mode=u=rw,go=r $^ $@
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
386
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
237.7.842 by Teddy Hogeborn
Make all required directories when installing
387
	install -D --mode=u=rw $< $@
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
388
# Add a client password
237.7.256 by Teddy Hogeborn
mandos-keygen: Generate "checker" option to use SSH fingerprints.
389
	./mandos-keygen --dir keydir --password --no-ssh >> $@
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
390
statedir:
391
	install --directory statedir
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
392
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
393
.PHONY: install
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
394
install: install-server install-client-nokey
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
395
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
396
.PHONY: install-html
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
397
install-html: html
237.7.842 by Teddy Hogeborn
Make all required directories when installing
398
	install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
399
		$(htmldocs)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
400
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
401
.PHONY: install-server
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
402
install-server: doc
237.7.191 by Teddy Hogeborn
Don't require /var/lib/mandos to be installed with user & group.
403
	if install --directory --mode=u=rwx --owner=$(USER) \
404
		--group=$(GROUP) $(STATEDIR); then \
405
		:; \
406
	elif install --directory --mode=u=rwx $(STATEDIR); then \
407
		chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
408
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
409
	if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
410
		install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
237.7.386 by Teddy Hogeborn
Server: New tmpfiles.d file for persistent state directory
411
			$(TMPFILES)/mandos.conf; \
412
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
413
	if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
414
		install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
237.7.707 by Teddy Hogeborn
Use the systemd sysusers.d mechanism, if present
415
			$(SYSUSERS)/mandos.conf; \
416
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
417
	install --directory $(PREFIX)/sbin
418
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
419
		mandos
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
420
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
421
		mandos-ctl
422
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
423
		mandos-monitor
237.7.842 by Teddy Hogeborn
Make all required directories when installing
424
	install --directory $(CONFDIR)
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
425
	install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
426
		mandos.conf
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
427
	install --mode=u=rw --target-directory=$(CONFDIR) \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
428
		clients.conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
429
	install -D --mode=u=rw,go=r dbus-mandos.conf \
237.7.823 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
430
		$(DBUSPOLICYDIR)/mandos.conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
431
	install -D --mode=u=rwx,go=rx init.d-mandos \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
432
		$(DESTDIR)/etc/init.d/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
433
	if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
434
		install -D --mode=u=rw,go=r mandos.service \
435
			$(SYSTEMD); \
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
436
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
437
	install -D --mode=u=rw,go=r default-mandos \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
438
		$(DESTDIR)/etc/default/mandos
200 by Teddy Hogeborn
* Makefile: Put the init script before avahi-daemon.
439
	if [ -z $(DESTDIR) ]; then \
440
		update-rc.d mandos defaults 25 15;\
441
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
442
	install --directory $(MANDIR)/man8 $(MANDIR)/man5
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
443
	gzip --best --to-stdout mandos.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
444
		> $(MANDIR)/man8/mandos.8.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
445
	gzip --best --to-stdout mandos-monitor.8 \
446
		> $(MANDIR)/man8/mandos-monitor.8.gz
447
	gzip --best --to-stdout mandos-ctl.8 \
448
		> $(MANDIR)/man8/mandos-ctl.8.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
449
	gzip --best --to-stdout mandos.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
450
		> $(MANDIR)/man5/mandos.conf.5.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
451
	gzip --best --to-stdout mandos-clients.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
452
		> $(MANDIR)/man5/mandos-clients.conf.5.gz
237.7.97 by teddy at recompile
* Makefile (install-server): Add intro(8mandos) man page.
453
	gzip --best --to-stdout intro.8mandos \
454
		> $(MANDIR)/man8/intro.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
455
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
456
.PHONY: install-client-nokey
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
457
install-client-nokey: all doc
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
458
	install --directory --mode=u=rwx $(KEYDIR) \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
459
		$(LIBDIR)/mandos/plugins.d \
460
		$(LIBDIR)/mandos/plugin-helpers
237.7.842 by Teddy Hogeborn
Make all required directories when installing
461
	if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
462
		install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
237.7.708 by Teddy Hogeborn
Client: Use the systemd sysusers.d mechanism, if present
463
			$(SYSUSERS)/mandos-client.conf; \
464
	fi
237.7.188 by Teddy Hogeborn
Use architecture libdir.
465
	if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
237.7.842 by Teddy Hogeborn
Make all required directories when installing
466
		install --directory \
467
			--mode=u=rwx "$(CONFDIR)/plugins.d" \
237.7.387 by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go=
468
			"$(CONFDIR)/plugin-helpers"; \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
469
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
470
	install --directory --mode=u=rwx,go=rx \
237.16.17 by Teddy Hogeborn
* Makefile (install-client-nokey): Create network hook directory.
471
		"$(CONFDIR)/network-hooks.d"
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
472
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
473
		--target-directory=$(LIBDIR)/mandos plugin-runner
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
474
	install --mode=u=rwx,go=rx \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
475
		--target-directory=$(LIBDIR)/mandos \
476
		mandos-to-cryptroot-unlock
237.7.842 by Teddy Hogeborn
Make all required directories when installing
477
	install --directory $(PREFIX)/sbin
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
478
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
479
		mandos-keygen
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
480
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
481
		--target-directory=$(LIBDIR)/mandos/plugins.d \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
482
		plugins.d/password-prompt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
483
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
484
		--target-directory=$(LIBDIR)/mandos/plugins.d \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
485
		plugins.d/mandos-client
208 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/usplash".
486
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
487
		--target-directory=$(LIBDIR)/mandos/plugins.d \
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
488
		plugins.d/usplash
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
489
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
490
		--target-directory=$(LIBDIR)/mandos/plugins.d \
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
491
		plugins.d/splashy
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
492
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
493
		--target-directory=$(LIBDIR)/mandos/plugins.d \
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
494
		plugins.d/askpass-fifo
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
495
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
496
		--target-directory=$(LIBDIR)/mandos/plugins.d \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
497
		plugins.d/plymouth
237.7.384 by Teddy Hogeborn
Client: Fix permissions on plugin helper directory.
498
	install --mode=u=rwx,go=rx \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
499
		--target-directory=$(LIBDIR)/mandos/plugin-helpers \
500
		plugin-helpers/mandos-client-iprouteadddel
237.7.842 by Teddy Hogeborn
Make all required directories when installing
501
	install -D initramfs-tools-hook \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
502
		$(INITRAMFSTOOLS)/hooks/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
503
	install -D --mode=u=rw,go=r initramfs-tools-conf \
237.7.502 by Teddy Hogeborn
Move UMASK setting to more proper place
504
		$(INITRAMFSTOOLS)/conf.d/mandos-conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
505
	install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
237.7.647 by Teddy Hogeborn
Installation: Fix UMASK even if set by some other initramfs hook
506
		$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
507
	install -D initramfs-tools-script \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
508
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
509
	install -D initramfs-tools-script-stop \
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
510
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
511
	install -D --mode=u=rw,go=r \
512
		--target-directory=$(DRACUTMODULE) \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
513
		dracut-module/ask-password-mandos.path \
514
		dracut-module/ask-password-mandos.service
515
	install --mode=u=rwxs,go=rx \
516
		--target-directory=$(DRACUTMODULE) \
517
		dracut-module/module-setup.sh \
518
		dracut-module/cmdline-mandos.sh \
519
		dracut-module/password-agent
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
520
	install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
237.7.842 by Teddy Hogeborn
Make all required directories when installing
521
	install --directory $(MANDIR)/man8
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
522
	gzip --best --to-stdout mandos-keygen.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
523
		> $(MANDIR)/man8/mandos-keygen.8.gz
524
	gzip --best --to-stdout plugin-runner.8mandos \
525
		> $(MANDIR)/man8/plugin-runner.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
526
	gzip --best --to-stdout plugins.d/mandos-client.8mandos \
527
		> $(MANDIR)/man8/mandos-client.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
528
	gzip --best --to-stdout plugins.d/password-prompt.8mandos \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
529
		> $(MANDIR)/man8/password-prompt.8mandos.gz
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
530
	gzip --best --to-stdout plugins.d/usplash.8mandos \
531
		> $(MANDIR)/man8/usplash.8mandos.gz
532
	gzip --best --to-stdout plugins.d/splashy.8mandos \
533
		> $(MANDIR)/man8/splashy.8mandos.gz
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
534
	gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
535
		> $(MANDIR)/man8/askpass-fifo.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
536
	gzip --best --to-stdout plugins.d/plymouth.8mandos \
537
		> $(MANDIR)/man8/plymouth.8mandos.gz
237.7.675 by Teddy Hogeborn
Add dracut(8) support
538
	gzip --best --to-stdout dracut-module/password-agent.8mandos \
539
		> $(MANDIR)/man8/password-agent.8mandos.gz
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
540
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
541
.PHONY: install-client
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
542
install-client: install-client-nokey
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
543
# Post-installation stuff
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
544
	-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
237.7.675 by Teddy Hogeborn
Add dracut(8) support
545
	if command -v update-initramfs >/dev/null; then \
546
	    update-initramfs -k all -u; \
547
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
548
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
549
		if [ -w "$$initrd" ]; then \
550
		    chmod go-r "$$initrd"; \
551
		    dracut --force "$$initrd"; \
552
		fi; \
553
	    done; \
554
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
555
	echo "Now run mandos-keygen --password --dir $(KEYDIR)"
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
556
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
557
.PHONY: uninstall
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
558
uninstall: uninstall-server uninstall-client
559
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
560
.PHONY: uninstall-server
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
561
uninstall-server:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
562
	-rm --force $(PREFIX)/sbin/mandos \
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
563
		$(PREFIX)/sbin/mandos-ctl \
564
		$(PREFIX)/sbin/mandos-monitor \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
565
		$(MANDIR)/man8/mandos.8.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
566
		$(MANDIR)/man8/mandos-monitor.8.gz \
567
		$(MANDIR)/man8/mandos-ctl.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
568
		$(MANDIR)/man5/mandos.conf.5.gz \
569
		$(MANDIR)/man5/mandos-clients.conf.5.gz
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
570
	update-rc.d -f mandos remove
163 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): Removed.
571
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
572
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
573
.PHONY: uninstall-client
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
574
uninstall-client:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
575
# Refuse to uninstall client if /etc/crypttab is explicitly configured
576
# to use it.
577
	! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
578
		$(DESTDIR)/etc/crypttab
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
579
	-rm --force $(PREFIX)/sbin/mandos-keygen \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
580
		$(LIBDIR)/mandos/plugin-runner \
581
		$(LIBDIR)/mandos/plugins.d/password-prompt \
582
		$(LIBDIR)/mandos/plugins.d/mandos-client \
583
		$(LIBDIR)/mandos/plugins.d/usplash \
584
		$(LIBDIR)/mandos/plugins.d/splashy \
585
		$(LIBDIR)/mandos/plugins.d/askpass-fifo \
586
		$(LIBDIR)/mandos/plugins.d/plymouth \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
587
		$(INITRAMFSTOOLS)/hooks/mandos \
588
		$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
589
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
590
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
591
		$(DRACUTMODULE)/ask-password-mandos.path \
592
		$(DRACUTMODULE)/ask-password-mandos.service \
593
		$(DRACUTMODULE)/module-setup.sh \
594
		$(DRACUTMODULE)/cmdline-mandos.sh \
595
		$(DRACUTMODULE)/password-agent \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
596
		$(MANDIR)/man8/mandos-keygen.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
597
		$(MANDIR)/man8/plugin-runner.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
598
		$(MANDIR)/man8/mandos-client.8mandos.gz
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
599
		$(MANDIR)/man8/password-prompt.8mandos.gz \
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
600
		$(MANDIR)/man8/usplash.8mandos.gz \
601
		$(MANDIR)/man8/splashy.8mandos.gz \
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
602
		$(MANDIR)/man8/askpass-fifo.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
603
		$(MANDIR)/man8/plymouth.8mandos.gz \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
604
		$(MANDIR)/man8/password-agent.8mandos.gz \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
605
	-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
606
		 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
607
	if command -v update-initramfs >/dev/null; then \
608
	    update-initramfs -k all -u; \
609
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
610
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
611
		test -w "$$initrd" && dracut --force "$$initrd"; \
612
	    done; \
613
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
614
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
615
.PHONY: purge
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
616
purge: purge-server purge-client
617
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
618
.PHONY: purge-server
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
619
purge-server: uninstall-server
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
620
	-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
237.6.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
621
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
622
		$(DESTDIR)/etc/default/mandos \
623
		$(DESTDIR)/etc/init.d/mandos \
237.7.185 by Teddy Hogeborn
Fix fallback to /var/run if /run does not exist for Makefile.
624
		$(DESTDIR)/run/mandos.pid \
625
		$(DESTDIR)/var/run/mandos.pid
237.7.838 by Teddy Hogeborn
Minor fix for manual Makefile uninstallations
626
	if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
627
		-rm --force -- $(SYSTEMD)/mandos.service; \
628
	fi
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
629
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
630
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
631
.PHONY: purge-client
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
632
purge-client: uninstall-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
633
	-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
161 by Teddy Hogeborn
* Makefile (purge-client): Also remove "plugin-runner.conf".
634
	-rm --force $(CONFDIR)/plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
635
		$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
636
		$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
637
	-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)