/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2008-07-20 06:33:48 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8
* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
 
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
3
 
        -Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
 
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
 
#       -Wunreachable-code 
9
 
#DEBUG=-ggdb3
10
 
# For info about _FORTIFY_SOURCE, see
11
 
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
 
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -pie
13
 
LINK_FORTIFY=-z relro -pie
14
 
#COVERAGE=--coverage
15
 
OPTIMIZE=-Os
16
 
LANGUAGE=-std=gnu99
17
 
htmldir=man
18
 
version=1.0.1
19
 
SED=sed
20
 
 
21
 
## Use these settings for a traditional /usr/local install
22
 
# PREFIX=$(DESTDIR)/usr/local
23
 
# CONFDIR=$(DESTDIR)/etc/mandos
24
 
# KEYDIR=$(DESTDIR)/etc/mandos/keys
25
 
# MANDIR=$(PREFIX)/man
26
 
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
27
 
##
28
 
 
29
 
## These settings are for a package-type install
30
 
PREFIX=$(DESTDIR)/usr
31
 
CONFDIR=$(DESTDIR)/etc/mandos
32
 
KEYDIR=$(DESTDIR)/etc/keys/mandos
33
 
MANDIR=$(PREFIX)/share/man
34
 
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
35
 
##
36
 
 
37
 
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
38
 
GNUTLS_LIBS=$(shell libgnutls-config --libs)
39
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
40
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
41
 
GPGME_CFLAGS=$(shell gpgme-config --cflags)
42
 
GPGME_LIBS=$(shell gpgme-config --libs)
43
 
 
44
 
# Do not change these two
45
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
46
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
47
 
        -DVERSION='"$(version)"'
48
 
LDFLAGS=$(COVERAGE) $(LINK_FORTIFY)
49
 
 
50
 
# Commands to format a DocBook <refentry> document into a manual page
51
 
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
52
 
        --param man.charmap.use.subset          0 \
53
 
        --param make.year.ranges                1 \
54
 
        --param make.single.year.ranges         1 \
55
 
        --param man.output.quietly              1 \
56
 
        --param man.authors.section.enabled     0 \
57
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
58
 
        $(notdir $<); \
59
 
        $(MANPOST) $(notdir $@)
60
 
# DocBook-to-man post-processing to fix a '\n' escape bug
61
 
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
62
 
 
63
 
DOCBOOKTOHTML=xsltproc --nonet --xinclude \
64
 
        --param make.year.ranges                1 \
65
 
        --param make.single.year.ranges         1 \
66
 
        --param man.output.quietly              1 \
67
 
        --param man.authors.section.enabled     0 \
68
 
        --param citerefentry.link               1 \
69
 
        --output $@ \
70
 
        /usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
71
 
        $<; $(HTMLPOST) $@
72
 
# Fix citerefentry links
73
 
HTMLPOST=$(SED) --in-place --expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
74
 
 
75
 
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
76
 
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
77
 
CPROGS=plugin-runner $(PLUGINS)
78
 
PROGS=mandos mandos-keygen $(CPROGS)
79
 
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
80
 
        plugins.d/mandos-client.8mandos \
81
 
        plugins.d/password-prompt.8mandos mandos.conf.5 \
82
 
        plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
83
 
        plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
84
 
 
85
 
htmldocs=$(addsuffix .xhtml,$(DOCS))
86
 
 
87
 
objects=$(addsuffix .o,$(CPROGS))
88
 
 
89
 
all: $(PROGS)
90
 
 
91
 
doc: $(DOCS)
92
 
 
93
 
html: $(htmldocs)
94
 
 
95
 
%.5: %.xml common.ent legalnotice.xml
96
 
        $(DOCBOOKTOMAN)
97
 
%.5.xhtml: %.xml common.ent legalnotice.xml
98
 
        $(DOCBOOKTOHTML)
99
 
 
100
 
%.8: %.xml common.ent legalnotice.xml
101
 
        $(DOCBOOKTOMAN)
102
 
%.8.xhtml: %.xml common.ent legalnotice.xml
103
 
        $(DOCBOOKTOHTML)
104
 
 
105
 
%.8mandos: %.xml common.ent legalnotice.xml
106
 
        $(DOCBOOKTOMAN)
107
 
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
108
 
        $(DOCBOOKTOHTML)
109
 
 
110
 
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
111
 
                legalnotice.xml
112
 
        $(DOCBOOKTOMAN)
113
 
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
114
 
                overview.xml legalnotice.xml
115
 
        $(DOCBOOKTOHTML)
116
 
 
117
 
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
118
 
                legalnotice.xml
119
 
        $(DOCBOOKTOMAN)
120
 
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
121
 
                 legalnotice.xml
122
 
        $(DOCBOOKTOHTML)
123
 
 
124
 
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
125
 
                legalnotice.xml
126
 
        $(DOCBOOKTOMAN)
127
 
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
128
 
                legalnotice.xml
129
 
        $(DOCBOOKTOHTML)
130
 
 
131
 
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
132
 
                legalnotice.xml
133
 
        $(DOCBOOKTOMAN)
134
 
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
135
 
                overview.xml legalnotice.xml
136
 
        $(DOCBOOKTOHTML)
137
 
 
138
 
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
139
 
                                        common.ent \
140
 
                                        mandos-options.xml \
141
 
                                        overview.xml legalnotice.xml
142
 
        $(DOCBOOKTOMAN)
143
 
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
144
 
                                        common.ent \
145
 
                                        mandos-options.xml \
146
 
                                        overview.xml legalnotice.xml
147
 
        $(DOCBOOKTOHTML)
148
 
 
149
 
# Update all these files with version number $(version)
150
 
common.ent: Makefile
151
 
        $(SED) --in-place --expression='s/^\(<ENTITY VERSION "\)[^"]*">$$/\1$(version)"/' $@
152
 
 
153
 
mandos: Makefile
154
 
        $(SED) --in-place --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' $@
155
 
 
156
 
mandos-keygen: Makefile
157
 
        $(SED) --in-place --expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' $@
158
 
 
159
 
plugins.d/mandos-client: plugins.d/mandos-client.o
160
 
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
161
 
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
162
 
 
163
 
.PHONY : all doc html clean distclean run-client run-server install \
164
 
        install-server install-client uninstall uninstall-server \
165
 
        uninstall-client purge purge-server purge-client
 
1
CFLAGS=-Wall -g -std=gnu99
 
2
LDFLAGS=-lgnutls
 
3
 
 
4
all: plugbasedclient
166
5
 
167
6
clean:
168
 
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
169
 
 
170
 
distclean: clean
171
 
mostlyclean: clean
172
 
maintainer-clean: clean
173
 
        -rm --force --recursive keydir confdir
174
 
 
175
 
check:  all
176
 
        ./mandos --check
177
 
 
178
 
# Run the client with a local config and key
179
 
run-client: all keydir/seckey.txt keydir/pubkey.txt
180
 
        ./plugin-runner --plugin-dir=plugins.d \
181
 
                --config-file=plugin-runner.conf \
182
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
183
 
 
184
 
# Used by run-client
185
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
186
 
        install --directory keydir
187
 
        ./mandos-keygen --dir keydir --force
188
 
 
189
 
# Run the server with a local config
190
 
run-server: confdir/mandos.conf confdir/clients.conf
191
 
        ./mandos --debug --configdir=confdir
192
 
 
193
 
# Used by run-server
194
 
confdir/mandos.conf: mandos.conf
195
 
        install --directory confdir
196
 
        install --mode=u=rw,go=r $^ $@
197
 
confdir/clients.conf: clients.conf keydir/seckey.txt
198
 
        install --directory confdir
199
 
        install --mode=u=rw $< $@
200
 
# Add a client password
201
 
        ./mandos-keygen --dir keydir --password >> $@
202
 
 
203
 
install: install-server install-client-nokey
204
 
 
205
 
install-html: $(htmldocs)
206
 
        install --directory $(htmldir)
207
 
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
208
 
                $(htmldocs)
209
 
 
210
 
install-server: doc
211
 
        install --directory $(CONFDIR)
212
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
213
 
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
214
 
                mandos.conf
215
 
        install --mode=u=rw --target-directory=$(CONFDIR) \
216
 
                clients.conf
217
 
        install --mode=u=rwx,go=rx init.d-mandos \
218
 
                $(DESTDIR)/etc/init.d/mandos
219
 
        install --mode=u=rw,go=r default-mandos \
220
 
                $(DESTDIR)/etc/default/mandos
221
 
        if [ -z $(DESTDIR) ]; then \
222
 
                update-rc.d mandos defaults 25 15;\
223
 
        fi
224
 
        gzip --best --to-stdout mandos.8 \
225
 
                > $(MANDIR)/man8/mandos.8.gz
226
 
        gzip --best --to-stdout mandos.conf.5 \
227
 
                > $(MANDIR)/man5/mandos.conf.5.gz
228
 
        gzip --best --to-stdout mandos-clients.conf.5 \
229
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
230
 
 
231
 
install-client-nokey: all doc
232
 
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
233
 
        install --directory --mode=u=rwx $(KEYDIR) \
234
 
                $(PREFIX)/lib/mandos/plugins.d
235
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
236
 
                install --mode=u=rwx \
237
 
                        --directory "$(CONFDIR)/plugins.d"; \
238
 
        fi
239
 
        install --mode=u=rwx,go=rx \
240
 
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
241
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
242
 
                mandos-keygen
243
 
        install --mode=u=rwx,go=rx \
244
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
245
 
                plugins.d/password-prompt
246
 
        install --mode=u=rwxs,go=rx \
247
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
248
 
                plugins.d/mandos-client
249
 
        install --mode=u=rwxs,go=rx \
250
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
251
 
                plugins.d/usplash
252
 
        install --mode=u=rwxs,go=rx \
253
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
254
 
                plugins.d/splashy
255
 
        install --mode=u=rwxs,go=rx \
256
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
257
 
                plugins.d/askpass-fifo
258
 
        install initramfs-tools-hook \
259
 
                $(INITRAMFSTOOLS)/hooks/mandos
260
 
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
261
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
262
 
        install initramfs-tools-script \
263
 
                $(INITRAMFSTOOLS)/scripts/local-top/mandos
264
 
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
265
 
        gzip --best --to-stdout mandos-keygen.8 \
266
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
267
 
        gzip --best --to-stdout plugin-runner.8mandos \
268
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
269
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
270
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
271
 
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
272
 
                > $(MANDIR)/man8/mandos-client.8mandos.gz
273
 
        gzip --best --to-stdout plugins.d/usplash.8mandos \
274
 
                > $(MANDIR)/man8/usplash.8mandos.gz
275
 
        gzip --best --to-stdout plugins.d/splashy.8mandos \
276
 
                > $(MANDIR)/man8/splashy.8mandos.gz
277
 
        gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
278
 
                > $(MANDIR)/man8/askpass-fifo.8mandos.gz
279
 
 
280
 
install-client: install-client-nokey
281
 
# Post-installation stuff
282
 
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
283
 
        update-initramfs -k all -u
284
 
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
285
 
 
286
 
uninstall: uninstall-server uninstall-client
287
 
 
288
 
uninstall-server:
289
 
        -rm --force $(PREFIX)/sbin/mandos \
290
 
                $(MANDIR)/man8/mandos.8.gz \
291
 
                $(MANDIR)/man5/mandos.conf.5.gz \
292
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
293
 
        update-rc.d -f mandos remove
294
 
        -rmdir $(CONFDIR)
295
 
 
296
 
uninstall-client:
297
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
298
 
# to use it.
299
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
300
 
                $(DESTDIR)/etc/crypttab
301
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
302
 
                $(PREFIX)/lib/mandos/plugin-runner \
303
 
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
304
 
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
305
 
                $(PREFIX)/lib/mandos/plugins.d/usplash \
306
 
                $(PREFIX)/lib/mandos/plugins.d/splashy \
307
 
                $(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
308
 
                $(INITRAMFSTOOLS)/hooks/mandos \
309
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
310
 
                $(INITRAMFSTOOLS)/scripts/local-top/mandos \
311
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
312
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
313
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
314
 
                $(MANDIR)/man8/usplash.8mandos.gz \
315
 
                $(MANDIR)/man8/splashy.8mandos.gz \
316
 
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
317
 
                $(MANDIR)/man8/mandos-client.8mandos.gz
318
 
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
319
 
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
320
 
        update-initramfs -k all -u
321
 
 
322
 
purge: purge-server purge-client
323
 
 
324
 
purge-server: uninstall-server
325
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
326
 
                $(DESTDIR)/etc/default/mandos \
327
 
                $(DESTDIR)/etc/init.d/mandos \
328
 
                $(DESTDIR)/var/run/mandos.pid
329
 
        -rmdir $(CONFDIR)
330
 
 
331
 
purge-client: uninstall-client
332
 
        -shred --remove $(KEYDIR)/seckey.txt
333
 
        -rm --force $(CONFDIR)/plugin-runner.conf \
334
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
335
 
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
 
7
        rm -f plugbasedclient