/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
2
	-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
	-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
	-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
	-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
6
	-Wunsafe-loop-optimizations -Wpointer-arith \
7
	-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
237.7.220 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
8
	-Wconversion -Wlogical-op -Waggregate-return \
9
	-Wstrict-prototypes -Wold-style-definition \
10
	-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
	-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
	-Wvolatile-register-var -Woverlength-strings
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
#	echo 'int main(){}' | $(CC) --language=c $(option) \
18
#	/dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
237.7.348 by Teddy Hogeborn
Use AddressSanitizer and UndefinedBehaviorSanitizer.
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
237.7.419 by Teddy Hogeborn
Makefile: Replace "-fsanitize=address" with "-fsanitize=leak"
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
237.7.365 by Teddy Hogeborn
Only use -fsanitize=... options if they work.
21
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
22
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
        -fsanitize=return -fsanitize=signed-integer-overflow \
24
        -fsanitize=bounds -fsanitize=alignment \
25
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
26
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
237.7.665 by Teddy Hogeborn
Add another sanitizer option
28
        -fsanitize=enum -fsanitize-address-use-after-scope
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
237.7.821 by Teddy Hogeborn
Really enable FORTIFY_SOURCE=3
32
FORTIFY:=-fstack-protector-all -fPIC
33
CPPFLAGS+=-D_FORTIFY_SOURCE=3
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
34
LINK_FORTIFY_LD:=-z relro -z now
35
LINK_FORTIFY:=
237.2.162 by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment.
36
37
# If BROKEN_PIE is set, do not build with -pie
268 by Teddy Hogeborn
* Makefile: Don't use PIE if BROKEN_PIE is set.
38
ifndef BROKEN_PIE
39
FORTIFY += -fPIE
40
LINK_FORTIFY += -pie
41
endif
24.1.90 by Björn Påhlsson
fixed two bugs:
42
#COVERAGE=--coverage
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
43
OPTIMIZE:=-Os -fno-strict-aliasing
44
LANGUAGE:=-std=gnu11
237.7.829 by Teddy Hogeborn
Fix Y2038
45
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
46
htmldir:=man
411 by Teddy Hogeborn
Version 1.8.17-1
47
version:=1.8.17
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
48
SED:=sed
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
49
PKG_CONFIG?=pkg-config
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
50
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
51
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
52
	|| getent passwd nobody || echo 65534)))
53
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
54
	|| getent group nogroup || echo 65534)))
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
55
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
56
LINUXVERSION:=$(shell uname --kernel-release)
57
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
58
## Use these settings for a traditional /usr/local install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
59
# PREFIX:=$(DESTDIR)/usr/local
237.7.855 by Teddy Hogeborn
Make binary directory configurable
60
# BINDIR:=$(PREFIX)/sbin
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
61
# CONFDIR:=$(DESTDIR)/etc/mandos
62
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
63
# MANDIR:=$(PREFIX)/man
64
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
65
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
66
# STATEDIR:=$(DESTDIR)/var/lib/mandos
67
# LIBDIR:=$(PREFIX)/lib
237.7.823 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
68
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
69
##
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
70
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
71
## These settings are for a package-type install
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
72
PREFIX:=$(DESTDIR)/usr
237.7.855 by Teddy Hogeborn
Make binary directory configurable
73
BINDIR:=$(PREFIX)/sbin
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
74
CONFDIR:=$(DESTDIR)/etc/mandos
75
KEYDIR:=$(DESTDIR)/etc/keys/mandos
76
MANDIR:=$(PREFIX)/share/man
77
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
237.7.675 by Teddy Hogeborn
Add dracut(8) support
78
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
79
STATEDIR:=$(DESTDIR)/var/lib/mandos
80
LIBDIR:=$(shell \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
81
	for d in \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
82
	"/usr/lib/`dpkg-architecture \
83
			-qDEB_HOST_MULTIARCH 2>/dev/null`" \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
84
	"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
85
		if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
86
			echo "$(DESTDIR)$$d"; \
87
			break; \
88
		fi; \
89
	done)
237.7.823 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
90
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
91
##
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
92
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
93
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
94
			--variable=systemdsystemunitdir)
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
95
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
			--variable=tmpfilesdir)
237.7.707 by Teddy Hogeborn
Use the systemd sysusers.d mechanism, if present
97
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
98
			--variable=sysusersdir)
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
99
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
100
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
101
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
102
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
103
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
237.7.810 by Teddy Hogeborn
Prefer "pkg-config" over the old "gpgme-config" command.
104
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
105
	|| gpgme-config --cflags; getconf LFS_CFLAGS)
106
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
107
	|| gpgme-config --libs; getconf LFS_LIBS; \
237.2.80 by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags.
108
	getconf LFS_LDFLAGS)
237.7.685 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
109
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
110
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
111
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
112
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
113
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
114
# Do not change these two
237.7.694 by Teddy Hogeborn
Client: Always build with LFS enabled
115
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
237.7.821 by Teddy Hogeborn
Really enable FORTIFY_SOURCE=3
116
	$(LANGUAGE) -DVERSION='"$(version)"'
237.7.660 by Teddy Hogeborn
Makefile: Break long lines
117
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
118
	) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
119
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
120
# Commands to format a DocBook <refentry> document into a manual page
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
121
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
62 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Do not generate AUTHORS section.
122
	--param man.charmap.use.subset		0 \
123
	--param make.year.ranges		1 \
124
	--param make.single.year.ranges		1 \
125
	--param man.output.quietly		1 \
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
126
	--param man.authors.section.enabled	0 \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
127
	/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
128
	$(notdir $<); \
237.7.143 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
129
	if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
237.7.670 by Teddy Hogeborn
Fix bashisms: Use "command -v" instead of "type"
130
	&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
131
	MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
132
	$(notdir $@); fi >/dev/null)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
133
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
134
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
135
	--param make.year.ranges		1 \
136
	--param make.single.year.ranges		1 \
137
	--param man.output.quietly		1 \
138
	--param man.authors.section.enabled	0 \
139
	--param citerefentry.link		1 \
140
	--output $@ \
141
	/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
142
	$<; $(HTMLPOST) $@)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
143
# Fix citerefentry links
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
144
HTMLPOST:=$(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
145
	--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
146
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
147
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
148
	plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
149
	plugins.d/plymouth
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
150
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
237.7.675 by Teddy Hogeborn
Add dracut(8) support
151
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
152
	$(PLUGIN_HELPERS)
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
153
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
154
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
155
	mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
156
	dracut-module/password-agent.8mandos \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
157
	plugins.d/mandos-client.8mandos \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
158
	plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
159
	plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
160
	plugins.d/plymouth.8mandos intro.8mandos
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
161
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
162
htmldocs:=$(addsuffix .xhtml,$(DOCS))
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
163
237.7.466 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
164
objects:=$(addsuffix .o,$(CPROGS))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
165
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
166
.PHONY: all
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
167
all: $(PROGS) mandos.lsm
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
168
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
169
.PHONY: doc
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
170
doc: $(DOCS)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
171
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
172
.PHONY: html
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
173
html: $(htmldocs)
174
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
175
%.5: %.xml common.ent legalnotice.xml
176
	$(DOCBOOKTOMAN)
177
%.5.xhtml: %.xml common.ent legalnotice.xml
178
	$(DOCBOOKTOHTML)
179
180
%.8: %.xml common.ent legalnotice.xml
181
	$(DOCBOOKTOMAN)
182
%.8.xhtml: %.xml common.ent legalnotice.xml
183
	$(DOCBOOKTOHTML)
184
185
%.8mandos: %.xml common.ent legalnotice.xml
186
	$(DOCBOOKTOMAN)
187
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
188
	$(DOCBOOKTOHTML)
189
237.7.41 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
190
intro.8mandos: intro.xml common.ent legalnotice.xml
191
	$(DOCBOOKTOMAN)
192
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
193
	$(DOCBOOKTOHTML)
194
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
195
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
196
		legalnotice.xml
197
	$(DOCBOOKTOMAN)
198
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
199
		overview.xml legalnotice.xml
200
	$(DOCBOOKTOHTML)
201
202
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
203
		legalnotice.xml
204
	$(DOCBOOKTOMAN)
205
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
206
		 legalnotice.xml
207
	$(DOCBOOKTOHTML)
208
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
209
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
210
		legalnotice.xml
211
	$(DOCBOOKTOMAN)
212
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
213
		 legalnotice.xml
214
	$(DOCBOOKTOHTML)
215
237.2.197 by teddy at bsnet
* mandos-ctl.xml: New.
216
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
217
		legalnotice.xml
218
	$(DOCBOOKTOMAN)
219
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
220
		 legalnotice.xml
221
	$(DOCBOOKTOHTML)
222
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
223
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
224
		legalnotice.xml
225
	$(DOCBOOKTOMAN)
226
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
227
		legalnotice.xml
228
	$(DOCBOOKTOHTML)
229
230
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
231
		legalnotice.xml
232
	$(DOCBOOKTOMAN)
233
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
234
		overview.xml legalnotice.xml
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
235
	$(DOCBOOKTOHTML)
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
236
237.7.675 by Teddy Hogeborn
Add dracut(8) support
237
dracut-module/password-agent.8mandos: \
238
		dracut-module/password-agent.xml common.ent \
239
		overview.xml legalnotice.xml
240
	$(DOCBOOKTOMAN)
241
dracut-module/password-agent.8mandos.xhtml: \
242
		dracut-module/password-agent.xml common.ent \
243
		overview.xml legalnotice.xml
244
	$(DOCBOOKTOHTML)
245
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
246
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
247
					common.ent \
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
248
					mandos-options.xml \
249
					overview.xml legalnotice.xml
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
250
	$(DOCBOOKTOMAN)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
251
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
252
					common.ent \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
253
					mandos-options.xml \
254
					overview.xml legalnotice.xml
255
	$(DOCBOOKTOHTML)
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
256
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
257
# Update all these files with version number $(version)
258
common.ent: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
259
	$(strip $(SED) --in-place \
237.2.81 by Teddy Hogeborn
* Makefile (common.ent): Update "version" entity correctly.
260
		--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
261
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
262
263
mandos: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
264
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
265
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
266
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
267
268
mandos-keygen: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
269
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
270
		--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
271
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
272
24.1.121 by Björn Påhlsson
mandos-ctl: Added support for all client calls
273
mandos-ctl: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
274
	$(strip $(SED) --in-place \
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
275
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
276
		$@)
237.2.3 by Teddy Hogeborn
Merge "mandos-list" from belorn.
277
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
278
mandos-monitor: Makefile
279
	$(strip $(SED) --in-place \
280
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
281
		$@)
282
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
283
mandos.lsm: Makefile
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
284
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
285
		--expression='s/^\(Version:\).*/\1\t$(version)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
286
		$@)
287
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
288
		--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
289
		$@)
290
	$(strip $(SED) --in-place \
237.2.18 by Teddy Hogeborn
* Makefile (mandos.lsm): Also update file name using version number.
291
		--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
237.2.161 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
292
		$@)
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
293
237.7.847 by Teddy Hogeborn
Only use linker option --no-warn-execstack if supported
294
# Does the linker support the --no-warn-execstack option?
237.7.848 by Teddy Hogeborn
Hide warnings if --no-warn-execstack is not supported
295
ifeq ($(shell echo 'int main(){}'|$(CC) --language=c /dev/stdin -o /dev/null -Xlinker --no-warn-execstack >/dev/null 2>&1 && echo yes),yes)
237.7.847 by Teddy Hogeborn
Only use linker option --no-warn-execstack if supported
296
# These programs use nested functions, which uses an executable stack
237.7.846 by Teddy Hogeborn
Eliminate compiler warnings
297
plugin-runner: LDFLAGS += -Xlinker --no-warn-execstack
298
dracut-module/password-agent: LDFLAGS += -Xlinker --no-warn-execstack
299
plugins.d/password-prompt: LDFLAGS += -Xlinker --no-warn-execstack
300
plugins.d/mandos-client: LDFLAGS += -Xlinker --no-warn-execstack
301
plugins.d/plymouth: LDFLAGS += -Xlinker --no-warn-execstack
237.7.847 by Teddy Hogeborn
Only use linker option --no-warn-execstack if supported
302
endif
237.7.846 by Teddy Hogeborn
Eliminate compiler warnings
303
237.7.659 by Teddy Hogeborn
Only use sanitizing options when debugging
304
# Need to add the GnuTLS, Avahi and GPGME libraries
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
305
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
306
	) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
307
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
308
	) $(AVAHI_LIBS) $(GPGME_LIBS)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
309
237.7.666 by Teddy Hogeborn
Client: Document requirement of libnl-route library
310
# Need to add the libnl-route library
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
311
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
312
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
237.25.4 by Teddy Hogeborn
Add plugin for mandos-client to add and delete local routes.
313
237.7.675 by Teddy Hogeborn
Add dracut(8) support
314
# Need to add the GLib and pthread libraries
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
315
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
237.7.793 by Teddy Hogeborn
Makefile: Add comment about phase out of -lpthread
316
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
237.7.736 by Teddy Hogeborn
Makefile: Use target-specific variables
317
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
237.7.675 by Teddy Hogeborn
Add dracut(8) support
318
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
319
.PHONY: clean
1 by Björn Påhlsson
First working version with: IPv6, GnuTLS, X.509 certificates, DN
320
clean:
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
321
	-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
322
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
323
.PHONY: distclean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
324
distclean: clean
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
325
.PHONY: mostlyclean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
326
mostlyclean: clean
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
327
.PHONY: maintainer-clean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
328
maintainer-clean: clean
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
329
	-rm --force --recursive keydir confdir statedir
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
330
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
331
.PHONY: check
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
332
check: all
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
333
	./mandos --check
237.7.156 by Teddy Hogeborn
* Makefile (check): Also check mandos-ctl.
334
	./mandos-ctl --check
237.7.664 by Teddy Hogeborn
Debian package change: Add autopkgtest support
335
	./mandos-keygen --version
336
	./plugin-runner --version
337
	./plugin-helpers/mandos-client-iprouteadddel --version
237.7.675 by Teddy Hogeborn
Add dracut(8) support
338
	./dracut-module/password-agent --test
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
339
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
340
# Run the client with a local config and key
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
341
.PHONY: run-client
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
342
run-client: all keydir/seckey.txt keydir/pubkey.txt \
343
			keydir/tls-privkey.pem keydir/tls-pubkey.pem
344
	@echo '######################################################'
345
	@echo '# The following error messages are harmless and can  #'
346
	@echo '#  be safely ignored:                                #'
347
	@echo '## From plugin-runner:                               #'
348
	@echo '# setgid: Operation not permitted                    #'
349
	@echo '# setuid: Operation not permitted                    #'
350
	@echo '## From askpass-fifo:                                #'
351
	@echo '# mkfifo: Permission denied                          #'
352
	@echo '## From mandos-client:                               #'
353
	@echo '# Failed to raise privileges: Operation not permi... #'
354
	@echo '# Warning: network hook "*" exited with status *     #'
355
	@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
356
	@echo '# Failed to bring up interface "*": Operation not... #'
357
	@echo '#                                                    #'
358
	@echo '# (The messages are caused by not running as root,   #'
359
	@echo '# but you should NOT run "make run-client" as root   #'
360
	@echo '# unless you also unpacked and compiled Mandos as    #'
361
	@echo '# root, which is also NOT recommended.)              #'
362
	@echo '######################################################'
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
363
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
364
	./plugin-runner --plugin-dir=plugins.d \
237.25.1 by Teddy Hogeborn
Add a plugin helper directory, available to all plugins.
365
		--plugin-helper-dir=plugin-helpers \
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
366
		--config-file=plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
367
		--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
237.7.254 by Teddy Hogeborn
mandos-client: Better error messages.
368
		--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
237.2.23 by Teddy Hogeborn
* Makefile (run-client): Pass $(CLIENTARGS) to plugin-runner.
369
		$(CLIENTARGS)
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
370
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
371
# Used by run-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
372
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
373
	install --directory keydir
374
	./mandos-keygen --dir keydir --force
237.7.755 by teddy at recompile
Makefile: fix targets run-server & run-client with GnuTLS 3.5.9
375
	if ! [ -e keydir/tls-privkey.pem ]; then \
376
		install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
377
	fi
378
	if ! [ -e keydir/tls-pubkey.pem ]; then \
379
		install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
380
	fi
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
381
382
# Run the server with a local config
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
383
.PHONY: run-server
237.7.122 by Teddy Hogeborn
* mandos: White space and other misc. format fixes only.
384
run-server: confdir/mandos.conf confdir/clients.conf statedir
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
385
	./mandos --debug --no-dbus --configdir=confdir \
386
		--statedir=statedir $(SERVERARGS)
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
387
388
# Used by run-server
389
confdir/mandos.conf: mandos.conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
390
	install -D --mode=u=rw,go=r $^ $@
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
391
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
237.7.842 by Teddy Hogeborn
Make all required directories when installing
392
	install -D --mode=u=rw $< $@
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
393
# Add a client password
237.7.256 by Teddy Hogeborn
mandos-keygen: Generate "checker" option to use SSH fingerprints.
394
	./mandos-keygen --dir keydir --password --no-ssh >> $@
237.14.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
395
statedir:
396
	install --directory statedir
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
397
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
398
.PHONY: install
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
399
install: install-server install-client-nokey
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
400
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
401
.PHONY: install-html
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
402
install-html: html
237.7.842 by Teddy Hogeborn
Make all required directories when installing
403
	install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
404
		$(htmldocs)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
405
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
406
.PHONY: install-server
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
407
install-server: doc
237.7.191 by Teddy Hogeborn
Don't require /var/lib/mandos to be installed with user & group.
408
	if install --directory --mode=u=rwx --owner=$(USER) \
409
		--group=$(GROUP) $(STATEDIR); then \
410
		:; \
411
	elif install --directory --mode=u=rwx $(STATEDIR); then \
412
		chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
413
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
414
	if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
415
		install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
237.7.386 by Teddy Hogeborn
Server: New tmpfiles.d file for persistent state directory
416
			$(TMPFILES)/mandos.conf; \
417
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
418
	if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
419
		install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
237.7.707 by Teddy Hogeborn
Use the systemd sysusers.d mechanism, if present
420
			$(SYSUSERS)/mandos.conf; \
421
	fi
237.7.855 by Teddy Hogeborn
Make binary directory configurable
422
	install --directory $(BINDIR)
423
	install --mode=u=rwx,go=rx --target-directory=$(BINDIR) mandos
424
	install --mode=u=rwx,go=rx --target-directory=$(BINDIR) \
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
425
		mandos-ctl
237.7.855 by Teddy Hogeborn
Make binary directory configurable
426
	install --mode=u=rwx,go=rx --target-directory=$(BINDIR) \
237.2.193 by teddy at bsnet
* mandos-monitor.xml: New.
427
		mandos-monitor
237.7.842 by Teddy Hogeborn
Make all required directories when installing
428
	install --directory $(CONFDIR)
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
429
	install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
430
		mandos.conf
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
431
	install --mode=u=rw --target-directory=$(CONFDIR) \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
432
		clients.conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
433
	install -D --mode=u=rw,go=r dbus-mandos.conf \
237.7.823 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
434
		$(DBUSPOLICYDIR)/mandos.conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
435
	install -D --mode=u=rwx,go=rx init.d-mandos \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
436
		$(DESTDIR)/etc/init.d/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
437
	if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
438
		install -D --mode=u=rw,go=r mandos.service \
439
			$(SYSTEMD); \
237.7.186 by Teddy Hogeborn
Add systemd service support for Mandos server.
440
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
441
	install -D --mode=u=rw,go=r default-mandos \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
442
		$(DESTDIR)/etc/default/mandos
200 by Teddy Hogeborn
* Makefile: Put the init script before avahi-daemon.
443
	if [ -z $(DESTDIR) ]; then \
444
		update-rc.d mandos defaults 25 15;\
445
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
446
	install --directory $(MANDIR)/man8 $(MANDIR)/man5
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
447
	gzip --best --to-stdout mandos.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
448
		> $(MANDIR)/man8/mandos.8.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
449
	gzip --best --to-stdout mandos-monitor.8 \
450
		> $(MANDIR)/man8/mandos-monitor.8.gz
451
	gzip --best --to-stdout mandos-ctl.8 \
452
		> $(MANDIR)/man8/mandos-ctl.8.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
453
	gzip --best --to-stdout mandos.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
454
		> $(MANDIR)/man5/mandos.conf.5.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
455
	gzip --best --to-stdout mandos-clients.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
456
		> $(MANDIR)/man5/mandos-clients.conf.5.gz
237.7.97 by teddy at recompile
* Makefile (install-server): Add intro(8mandos) man page.
457
	gzip --best --to-stdout intro.8mandos \
458
		> $(MANDIR)/man8/intro.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
459
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
460
.PHONY: install-client-nokey
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
461
install-client-nokey: all doc
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
462
	install --directory --mode=u=rwx $(KEYDIR) \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
463
		$(LIBDIR)/mandos/plugins.d \
464
		$(LIBDIR)/mandos/plugin-helpers
237.7.842 by Teddy Hogeborn
Make all required directories when installing
465
	if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
466
		install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
237.7.708 by Teddy Hogeborn
Client: Use the systemd sysusers.d mechanism, if present
467
			$(SYSUSERS)/mandos-client.conf; \
468
	fi
237.7.188 by Teddy Hogeborn
Use architecture libdir.
469
	if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
237.7.842 by Teddy Hogeborn
Make all required directories when installing
470
		install --directory \
471
			--mode=u=rwx "$(CONFDIR)/plugins.d" \
237.7.387 by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go=
472
			"$(CONFDIR)/plugin-helpers"; \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
473
	fi
237.7.842 by Teddy Hogeborn
Make all required directories when installing
474
	install --directory --mode=u=rwx,go=rx \
237.16.17 by Teddy Hogeborn
* Makefile (install-client-nokey): Create network hook directory.
475
		"$(CONFDIR)/network-hooks.d"
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
476
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
477
		--target-directory=$(LIBDIR)/mandos plugin-runner
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
478
	install --mode=u=rwx,go=rx \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
479
		--target-directory=$(LIBDIR)/mandos \
480
		mandos-to-cryptroot-unlock
237.7.855 by Teddy Hogeborn
Make binary directory configurable
481
	install --directory $(BINDIR)
482
	install --mode=u=rwx,go=rx --target-directory=$(BINDIR) \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
483
		mandos-keygen
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
484
	install --mode=u=rwx,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
485
		--target-directory=$(LIBDIR)/mandos/plugins.d \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
486
		plugins.d/password-prompt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
487
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
488
		--target-directory=$(LIBDIR)/mandos/plugins.d \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
489
		plugins.d/mandos-client
208 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/usplash".
490
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
491
		--target-directory=$(LIBDIR)/mandos/plugins.d \
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
492
		plugins.d/usplash
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
493
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
494
		--target-directory=$(LIBDIR)/mandos/plugins.d \
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
495
		plugins.d/splashy
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
496
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
497
		--target-directory=$(LIBDIR)/mandos/plugins.d \
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
498
		plugins.d/askpass-fifo
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
499
	install --mode=u=rwxs,go=rx \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
500
		--target-directory=$(LIBDIR)/mandos/plugins.d \
237.2.188 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
501
		plugins.d/plymouth
237.7.384 by Teddy Hogeborn
Client: Fix permissions on plugin helper directory.
502
	install --mode=u=rwx,go=rx \
237.25.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
503
		--target-directory=$(LIBDIR)/mandos/plugin-helpers \
504
		plugin-helpers/mandos-client-iprouteadddel
237.7.842 by Teddy Hogeborn
Make all required directories when installing
505
	install -D initramfs-tools-hook \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
506
		$(INITRAMFSTOOLS)/hooks/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
507
	install -D --mode=u=rw,go=r initramfs-tools-conf \
237.7.502 by Teddy Hogeborn
Move UMASK setting to more proper place
508
		$(INITRAMFSTOOLS)/conf.d/mandos-conf
237.7.842 by Teddy Hogeborn
Make all required directories when installing
509
	install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
237.7.647 by Teddy Hogeborn
Installation: Fix UMASK even if set by some other initramfs hook
510
		$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
511
	install -D initramfs-tools-script \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
512
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
513
	install -D initramfs-tools-script-stop \
237.7.501 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
514
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos
237.7.842 by Teddy Hogeborn
Make all required directories when installing
515
	install -D --mode=u=rw,go=r \
516
		--target-directory=$(DRACUTMODULE) \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
517
		dracut-module/ask-password-mandos.path \
518
		dracut-module/ask-password-mandos.service
519
	install --mode=u=rwxs,go=rx \
520
		--target-directory=$(DRACUTMODULE) \
521
		dracut-module/module-setup.sh \
522
		dracut-module/cmdline-mandos.sh \
523
		dracut-module/password-agent
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
524
	install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
237.7.842 by Teddy Hogeborn
Make all required directories when installing
525
	install --directory $(MANDIR)/man8
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
526
	gzip --best --to-stdout mandos-keygen.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
527
		> $(MANDIR)/man8/mandos-keygen.8.gz
528
	gzip --best --to-stdout plugin-runner.8mandos \
529
		> $(MANDIR)/man8/plugin-runner.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
530
	gzip --best --to-stdout plugins.d/mandos-client.8mandos \
531
		> $(MANDIR)/man8/mandos-client.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
532
	gzip --best --to-stdout plugins.d/password-prompt.8mandos \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
533
		> $(MANDIR)/man8/password-prompt.8mandos.gz
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
534
	gzip --best --to-stdout plugins.d/usplash.8mandos \
535
		> $(MANDIR)/man8/usplash.8mandos.gz
536
	gzip --best --to-stdout plugins.d/splashy.8mandos \
537
		> $(MANDIR)/man8/splashy.8mandos.gz
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
538
	gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
539
		> $(MANDIR)/man8/askpass-fifo.8mandos.gz
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
540
	gzip --best --to-stdout plugins.d/plymouth.8mandos \
541
		> $(MANDIR)/man8/plymouth.8mandos.gz
237.7.675 by Teddy Hogeborn
Add dracut(8) support
542
	gzip --best --to-stdout dracut-module/password-agent.8mandos \
543
		> $(MANDIR)/man8/password-agent.8mandos.gz
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
544
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
545
.PHONY: install-client
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
546
install-client: install-client-nokey
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
547
# Post-installation stuff
237.7.855 by Teddy Hogeborn
Make binary directory configurable
548
	-$(BINDIR)/mandos-keygen --dir "$(KEYDIR)"
237.7.675 by Teddy Hogeborn
Add dracut(8) support
549
	if command -v update-initramfs >/dev/null; then \
550
	    update-initramfs -k all -u; \
551
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
552
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
553
		if [ -w "$$initrd" ]; then \
554
		    chmod go-r "$$initrd"; \
555
		    dracut --force "$$initrd"; \
556
		fi; \
557
	    done; \
558
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
559
	echo "Now run mandos-keygen --password --dir $(KEYDIR)"
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
560
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
561
.PHONY: uninstall
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
562
uninstall: uninstall-server uninstall-client
563
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
564
.PHONY: uninstall-server
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
565
uninstall-server:
237.7.855 by Teddy Hogeborn
Make binary directory configurable
566
	-rm --force $(BINDIR)/mandos \
567
		$(BINDIR)/mandos-ctl \
568
		$(BINDIR)/mandos-monitor \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
569
		$(MANDIR)/man8/mandos.8.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
570
		$(MANDIR)/man8/mandos-monitor.8.gz \
571
		$(MANDIR)/man8/mandos-ctl.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
572
		$(MANDIR)/man5/mandos.conf.5.gz \
573
		$(MANDIR)/man5/mandos-clients.conf.5.gz
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
574
	update-rc.d -f mandos remove
163 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): Removed.
575
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
576
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
577
.PHONY: uninstall-client
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
578
uninstall-client:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
579
# Refuse to uninstall client if /etc/crypttab is explicitly configured
580
# to use it.
581
	! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
582
		$(DESTDIR)/etc/crypttab
237.7.855 by Teddy Hogeborn
Make binary directory configurable
583
	-rm --force $(BINDIR)/mandos-keygen \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
584
		$(LIBDIR)/mandos/plugin-runner \
585
		$(LIBDIR)/mandos/plugins.d/password-prompt \
586
		$(LIBDIR)/mandos/plugins.d/mandos-client \
587
		$(LIBDIR)/mandos/plugins.d/usplash \
588
		$(LIBDIR)/mandos/plugins.d/splashy \
589
		$(LIBDIR)/mandos/plugins.d/askpass-fifo \
590
		$(LIBDIR)/mandos/plugins.d/plymouth \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
591
		$(INITRAMFSTOOLS)/hooks/mandos \
592
		$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
237.2.65 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
593
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
594
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
595
		$(DRACUTMODULE)/ask-password-mandos.path \
596
		$(DRACUTMODULE)/ask-password-mandos.service \
597
		$(DRACUTMODULE)/module-setup.sh \
598
		$(DRACUTMODULE)/cmdline-mandos.sh \
599
		$(DRACUTMODULE)/password-agent \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
600
		$(MANDIR)/man8/mandos-keygen.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
601
		$(MANDIR)/man8/plugin-runner.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
602
		$(MANDIR)/man8/mandos-client.8mandos.gz
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
603
		$(MANDIR)/man8/password-prompt.8mandos.gz \
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
604
		$(MANDIR)/man8/usplash.8mandos.gz \
605
		$(MANDIR)/man8/splashy.8mandos.gz \
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
606
		$(MANDIR)/man8/askpass-fifo.8mandos.gz \
237.2.198 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
607
		$(MANDIR)/man8/plymouth.8mandos.gz \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
608
		$(MANDIR)/man8/password-agent.8mandos.gz \
237.7.188 by Teddy Hogeborn
Use architecture libdir.
609
	-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
610
		 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
611
	if command -v update-initramfs >/dev/null; then \
612
	    update-initramfs -k all -u; \
613
	elif command -v dracut >/dev/null; then \
237.7.684 by Teddy Hogeborn
Break some long lines and refine documentation
614
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
237.7.675 by Teddy Hogeborn
Add dracut(8) support
615
		test -w "$$initrd" && dracut --force "$$initrd"; \
616
	    done; \
617
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
618
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
619
.PHONY: purge
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
620
purge: purge-server purge-client
621
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
622
.PHONY: purge-server
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
623
purge-server: uninstall-server
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
624
	-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
237.6.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
625
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
626
		$(DESTDIR)/etc/default/mandos \
627
		$(DESTDIR)/etc/init.d/mandos \
237.7.185 by Teddy Hogeborn
Fix fallback to /var/run if /run does not exist for Makefile.
628
		$(DESTDIR)/run/mandos.pid \
629
		$(DESTDIR)/var/run/mandos.pid
237.7.838 by Teddy Hogeborn
Minor fix for manual Makefile uninstallations
630
	if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
631
		-rm --force -- $(SYSTEMD)/mandos.service; \
632
	fi
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
633
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
634
237.7.737 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
635
.PHONY: purge-client
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
636
purge-client: uninstall-client
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
637
	-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
161 by Teddy Hogeborn
* Makefile (purge-client): Also remove "plugin-runner.conf".
638
	-rm --force $(CONFDIR)/plugin-runner.conf \
237.7.510 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
639
		$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
640
		$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
641
	-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)