/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2008-07-20 06:33:48 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8
* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
 
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
3
 
        -Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
 
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Wunreachable-code -Winline \
8
 
        -Wvolatile-register-var
9
 
DEBUG=-ggdb3
10
 
# For info about _FORTIFY_SOURCE, see
11
 
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
 
FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all
13
 
#COVERAGE=--coverage
14
 
OPTIMIZE=-Os
15
 
LANGUAGE=-std=gnu99
16
 
# PREFIX=/usr/local
17
 
PREFIX=$(DESTDIR)/usr
18
 
# CONFDIR=/usr/local/lib/mandos
19
 
CONFDIR=$(DESTDIR)/etc/mandos
20
 
# MANDIR=/usr/local/man
21
 
MANDIR=$(DESTDIR)/usr/share/man
22
 
 
23
 
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
24
 
GNUTLS_LIBS=$(shell libgnutls-config --libs)
25
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
26
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
27
 
GPGME_CFLAGS=$(shell gpgme-config --cflags)
28
 
GPGME_LIBS=$(shell gpgme-config --libs)
29
 
 
30
 
# Do not change these two
31
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
32
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
33
 
LDFLAGS=$(COVERAGE)
34
 
 
35
 
# Commands to format a DocBook refentry document into a manual page
36
 
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
37
 
        --param man.charmap.use.subset          0 \
38
 
        --param make.year.ranges                1 \
39
 
        --param make.single.year.ranges         1 \
40
 
        --param man.output.quietly              1 \
41
 
        --param man.authors.section.enabled     0 \
42
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
43
 
        $(notdir $<); \
44
 
        $(MANPOST) $(notdir $@)
45
 
# DocBook-to-man post-processing to fix a \n escape bug
46
 
MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
47
 
 
48
 
PLUGINS=plugins.d/password-prompt plugins.d/password-request
49
 
PROGS=plugin-runner $(PLUGINS)
50
 
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
51
 
        plugins.d/password-request.8mandos \
52
 
        plugins.d/password-prompt.8mandos mandos.conf.5 \
53
 
        mandos-clients.conf.5
54
 
 
55
 
objects=$(addsuffix .o,$(PROGS))
56
 
 
57
 
all: $(PROGS)
58
 
 
59
 
doc: $(DOCS)
60
 
 
61
 
%.5: %.xml
62
 
        $(DOCBOOKTOMAN)
63
 
 
64
 
%.8: %.xml
65
 
        $(DOCBOOKTOMAN)
66
 
 
67
 
%.8mandos: %.xml
68
 
        $(DOCBOOKTOMAN)
69
 
 
70
 
mandos.8: mandos.xml mandos-options.xml
71
 
        $(DOCBOOKTOMAN)
72
 
 
73
 
mandos.conf.5: mandos.conf.xml mandos-options.xml
74
 
        $(DOCBOOKTOMAN)
75
 
 
76
 
plugins.d/password-request: plugins.d/password-request.o
77
 
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
78
 
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
79
 
 
80
 
.PHONY : all doc clean distclean run-client run-server install \
81
 
        install-server install-client uninstall uninstall-server \
82
 
        uninstall-client purge purge-server purge-client
 
1
CFLAGS=-Wall -g -std=gnu99
 
2
LDFLAGS=-lgnutls
 
3
 
 
4
all: plugbasedclient
83
5
 
84
6
clean:
85
 
        -rm --force $(PROGS) $(objects) $(DOCS) core
86
 
 
87
 
distclean: clean
88
 
mostlyclean: clean
89
 
maintainer-clean: clean
90
 
        -rm --force --recursive keydir confdir
91
 
 
92
 
check:
93
 
        ./mandos --check
94
 
 
95
 
# Run the server with a local key
96
 
run-client: all keydir/seckey.txt keydir/pubkey.txt \
97
 
        keydir/secring.gpg keydir/pubring.gpg
98
 
        ./plugin-runner --plugin-dir=plugins.d \
99
 
                --options-for=password-request:--keydir=keydir
100
 
 
101
 
# Used by run-client
102
 
keydir/secring.gpg: keydir/seckey.txt
103
 
        gpg --homedir $(dir $<) --import $^
104
 
keydir/pubring.gpg: keydir/pubkey.txt
105
 
        gpg --homedir $(dir $<) --import $^
106
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
107
 
        install --directory keydir
108
 
        ./mandos-keygen --dir keydir --force
109
 
 
110
 
# Run the server with a local config
111
 
run-server: confdir/mandos.conf confdir/clients.conf
112
 
        ./mandos --debug --configdir=confdir
113
 
 
114
 
# Used by run-server
115
 
confdir/mandos.conf: mandos.conf
116
 
        install --directory confdir
117
 
        install $^ $@
118
 
confdir/clients.conf: clients.conf keydir/seckey.txt
119
 
        install --directory confdir
120
 
        install clients.conf $@
121
 
# Add a client password
122
 
        ./mandos-keygen --dir keydir --password >> $@
123
 
 
124
 
install: install-server install-client
125
 
 
126
 
install-server: doc
127
 
        install --directory --parents $(CONFDIR) $(MANDIR)/man5 \
128
 
                $(MANDIR)/man8
129
 
        install --mode=0755 mandos $(PREFIX)/sbin/mandos
130
 
        install --mode=0644 --target-directory=$(CONFDIR) mandos.conf
131
 
        install --mode=0640 --target-directory=$(CONFDIR) \
132
 
                clients.conf
133
 
        gzip --best --to-stdout mandos.8 \
134
 
                > $(MANDIR)/man8/mandos.8.gz
135
 
        gzip --best --to-stdout mandos.conf.5 \
136
 
                > $(MANDIR)/man5/mandos.conf.5.gz
137
 
        gzip --best --to-stdout mandos-clients.conf.5 \
138
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
139
 
 
140
 
install-client: all doc /usr/share/initramfs-tools/hooks/.
141
 
        install --directory --parents $(PREFIX)/lib/mandos \
142
 
                $(CONFDIR) $(MANDIR)/man8
143
 
        install --directory --mode=0700 $(PREFIX)/lib/mandos/plugins.d
144
 
        chmod u=rwx,g=,o= $(PREFIX)/lib/mandos/plugins.d
145
 
        install --mode=0755 --target-directory=$(PREFIX)/lib/mandos \
146
 
                plugin-runner
147
 
        install --mode=0755 --target-directory=$(PREFIX)/sbin \
148
 
                mandos-keygen
149
 
        install --mode=0755 \
150
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
151
 
                plugins.d/password-prompt
152
 
        install --mode=4755 \
153
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
154
 
                plugins.d/password-request
155
 
        install initramfs-tools-hook \
156
 
                /usr/share/initramfs-tools/hooks/mandos
157
 
        install initramfs-tools-hook-conf \
158
 
                /usr/share/initramfs-tools/conf-hooks.d/mandos
159
 
        install initramfs-tools-script \
160
 
                /usr/share/initramfs-tools/scripts/local-top/mandos
161
 
        gzip --best --to-stdout mandos-keygen.8 \
162
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
163
 
        gzip --best --to-stdout plugin-runner.8mandos \
164
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
165
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
166
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
167
 
        gzip --best --to-stdout plugins.d/password-request.8mandos \
168
 
                > $(MANDIR)/man8/password-request.8mandos.gz
169
 
        -$(PREFIX)/sbin/mandos-keygen
170
 
        update-initramfs -k all -u
171
 
 
172
 
uninstall: uninstall-server uninstall-client
173
 
 
174
 
uninstall-server: $(PREFIX)/sbin/mandos
175
 
        -rm --force $(PREFIX)/sbin/mandos \
176
 
                $(MANDIR)/man8/mandos.8.gz \
177
 
                $(MANDIR)/man5/mandos.conf.5.gz \
178
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
179
 
        -rmdir $(CONFDIR)
180
 
 
181
 
uninstall-client:
182
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
183
 
# to use it.
184
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
185
 
                /etc/crypttab
186
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
187
 
                $(PREFIX)/lib/mandos/plugin-runner \
188
 
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
189
 
                $(PREFIX)/lib/mandos/plugins.d/password-request \
190
 
                /usr/share/initramfs-tools/hooks/mandos \
191
 
                /usr/share/initramfs-tools/conf-hooks.d/mandos \
192
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
193
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
194
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
195
 
                $(MANDIR)/man8/password-request.8mandos.gz
196
 
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
197
 
                 $(PREFIX)/lib/mandos $(CONFDIR)
198
 
        update-initramfs -k all -u
199
 
 
200
 
purge: purge-server purge-client
201
 
 
202
 
purge-server: uninstall-server
203
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf
204
 
        -rmdir $(CONFDIR)
205
 
 
206
 
purge-client: uninstall-client
207
 
        -rm --force $(CONFDIR)/seckey.txt $(CONFDIR)/pubkey.txt
208
 
        -rmdir $(CONFDIR) $(CONFDIR)/plugins.d
 
7
        rm -f plugbasedclient