/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2008-07-20 06:33:48 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8
* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
 
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
3
 
        -Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
 
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
 
#       -Wunreachable-code 
9
 
#DEBUG=-ggdb3
10
 
# For info about _FORTIFY_SOURCE, see
11
 
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
 
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
13
 
LINK_FORTIFY_LD=-z relro -z now
14
 
LINK_FORTIFY=
15
 
ifndef BROKEN_PIE
16
 
FORTIFY += -fPIE
17
 
LINK_FORTIFY_LD += -fPIE
18
 
LINK_FORTIFY += -pie
19
 
endif
20
 
#COVERAGE=--coverage
21
 
OPTIMIZE=-Os
22
 
LANGUAGE=-std=gnu99
23
 
htmldir=man
24
 
version=1.0.14
25
 
SED=sed
26
 
 
27
 
## Use these settings for a traditional /usr/local install
28
 
# PREFIX=$(DESTDIR)/usr/local
29
 
# CONFDIR=$(DESTDIR)/etc/mandos
30
 
# KEYDIR=$(DESTDIR)/etc/mandos/keys
31
 
# MANDIR=$(PREFIX)/man
32
 
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
33
 
##
34
 
 
35
 
## These settings are for a package-type install
36
 
PREFIX=$(DESTDIR)/usr
37
 
CONFDIR=$(DESTDIR)/etc/mandos
38
 
KEYDIR=$(DESTDIR)/etc/keys/mandos
39
 
MANDIR=$(PREFIX)/share/man
40
 
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
41
 
##
42
 
 
43
 
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
44
 
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
45
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
46
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
47
 
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
48
 
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
49
 
        getconf LFS_LDFLAGS)
50
 
 
51
 
# Do not change these two
52
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
53
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
54
 
        -DVERSION='"$(version)"'
55
 
LDFLAGS=$(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
56
 
 
57
 
# Commands to format a DocBook <refentry> document into a manual page
58
 
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
59
 
        --param man.charmap.use.subset          0 \
60
 
        --param make.year.ranges                1 \
61
 
        --param make.single.year.ranges         1 \
62
 
        --param man.output.quietly              1 \
63
 
        --param man.authors.section.enabled     0 \
64
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
65
 
        $(notdir $<); \
66
 
        $(MANPOST) $(notdir $@)
67
 
# DocBook-to-man post-processing to fix a '\n' escape bug
68
 
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
69
 
 
70
 
DOCBOOKTOHTML=xsltproc --nonet --xinclude \
71
 
        --param make.year.ranges                1 \
72
 
        --param make.single.year.ranges         1 \
73
 
        --param man.output.quietly              1 \
74
 
        --param man.authors.section.enabled     0 \
75
 
        --param citerefentry.link               1 \
76
 
        --output $@ \
77
 
        /usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
78
 
        $<; $(HTMLPOST) $@
79
 
# Fix citerefentry links
80
 
HTMLPOST=$(SED) --in-place \
81
 
        --expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
82
 
 
83
 
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
84
 
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
85
 
CPROGS=plugin-runner $(PLUGINS)
86
 
PROGS=mandos mandos-keygen mandos-ctl $(CPROGS)
87
 
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
88
 
        plugins.d/mandos-client.8mandos \
89
 
        plugins.d/password-prompt.8mandos mandos.conf.5 \
90
 
        plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
91
 
        plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
92
 
 
93
 
htmldocs=$(addsuffix .xhtml,$(DOCS))
94
 
 
95
 
objects=$(addsuffix .o,$(CPROGS))
96
 
 
97
 
all: $(PROGS) mandos.lsm
98
 
 
99
 
doc: $(DOCS)
100
 
 
101
 
html: $(htmldocs)
102
 
 
103
 
%.5: %.xml common.ent legalnotice.xml
104
 
        $(DOCBOOKTOMAN)
105
 
%.5.xhtml: %.xml common.ent legalnotice.xml
106
 
        $(DOCBOOKTOHTML)
107
 
 
108
 
%.8: %.xml common.ent legalnotice.xml
109
 
        $(DOCBOOKTOMAN)
110
 
%.8.xhtml: %.xml common.ent legalnotice.xml
111
 
        $(DOCBOOKTOHTML)
112
 
 
113
 
%.8mandos: %.xml common.ent legalnotice.xml
114
 
        $(DOCBOOKTOMAN)
115
 
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
116
 
        $(DOCBOOKTOHTML)
117
 
 
118
 
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
119
 
                legalnotice.xml
120
 
        $(DOCBOOKTOMAN)
121
 
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
122
 
                overview.xml legalnotice.xml
123
 
        $(DOCBOOKTOHTML)
124
 
 
125
 
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
126
 
                legalnotice.xml
127
 
        $(DOCBOOKTOMAN)
128
 
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
129
 
                 legalnotice.xml
130
 
        $(DOCBOOKTOHTML)
131
 
 
132
 
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
133
 
                legalnotice.xml
134
 
        $(DOCBOOKTOMAN)
135
 
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
136
 
                legalnotice.xml
137
 
        $(DOCBOOKTOHTML)
138
 
 
139
 
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
140
 
                legalnotice.xml
141
 
        $(DOCBOOKTOMAN)
142
 
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
143
 
                overview.xml legalnotice.xml
144
 
        $(DOCBOOKTOHTML)
145
 
 
146
 
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
147
 
                                        common.ent \
148
 
                                        mandos-options.xml \
149
 
                                        overview.xml legalnotice.xml
150
 
        $(DOCBOOKTOMAN)
151
 
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
152
 
                                        common.ent \
153
 
                                        mandos-options.xml \
154
 
                                        overview.xml legalnotice.xml
155
 
        $(DOCBOOKTOHTML)
156
 
 
157
 
# Update all these files with version number $(version)
158
 
common.ent: Makefile
159
 
        $(SED) --in-place \
160
 
                --expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
161
 
                $@
162
 
 
163
 
mandos: Makefile
164
 
        $(SED) --in-place \
165
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
166
 
                $@
167
 
 
168
 
mandos-keygen: Makefile
169
 
        $(SED) --in-place \
170
 
                --expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
171
 
                $@
172
 
 
173
 
mandos-ctl: Makefile
174
 
        $(SED) --in-place \
175
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
176
 
                $@
177
 
 
178
 
mandos.lsm: Makefile
179
 
        $(SED) --in-place \
180
 
                --expression='s/^\(Version:\).*/\1\t$(version)/' \
181
 
                $@
182
 
        $(SED) --in-place \
183
 
                --expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
184
 
                $@
185
 
        $(SED) --in-place \
186
 
                --expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
187
 
                $@
188
 
 
189
 
plugins.d/mandos-client: plugins.d/mandos-client.o
190
 
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
191
 
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
192
 
 
193
 
.PHONY : all doc html clean distclean run-client run-server install \
194
 
        install-server install-client uninstall uninstall-server \
195
 
        uninstall-client purge purge-server purge-client
 
1
CFLAGS=-Wall -g -std=gnu99
 
2
LDFLAGS=-lgnutls
 
3
 
 
4
all: plugbasedclient
196
5
 
197
6
clean:
198
 
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
199
 
 
200
 
distclean: clean
201
 
mostlyclean: clean
202
 
maintainer-clean: clean
203
 
        -rm --force --recursive keydir confdir
204
 
 
205
 
check:  all
206
 
        ./mandos --check
207
 
 
208
 
# Run the client with a local config and key
209
 
run-client: all keydir/seckey.txt keydir/pubkey.txt
210
 
        ./plugin-runner --plugin-dir=plugins.d \
211
 
                --config-file=plugin-runner.conf \
212
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \
213
 
                $(CLIENTARGS)
214
 
 
215
 
# Used by run-client
216
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
217
 
        install --directory keydir
218
 
        ./mandos-keygen --dir keydir --force
219
 
 
220
 
# Run the server with a local config
221
 
run-server: confdir/mandos.conf confdir/clients.conf
222
 
        ./mandos --debug --no-dbus --configdir=confdir $(SERVERARGS)
223
 
 
224
 
# Used by run-server
225
 
confdir/mandos.conf: mandos.conf
226
 
        install --directory confdir
227
 
        install --mode=u=rw,go=r $^ $@
228
 
confdir/clients.conf: clients.conf keydir/seckey.txt
229
 
        install --directory confdir
230
 
        install --mode=u=rw $< $@
231
 
# Add a client password
232
 
        ./mandos-keygen --dir keydir --password >> $@
233
 
 
234
 
install: install-server install-client-nokey
235
 
 
236
 
install-html: html
237
 
        install --directory $(htmldir)
238
 
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
239
 
                $(htmldocs)
240
 
 
241
 
install-server: doc
242
 
        install --directory $(CONFDIR)
243
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
244
 
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
245
 
                mandos.conf
246
 
        install --mode=u=rw --target-directory=$(CONFDIR) \
247
 
                clients.conf
248
 
        install --mode=u=rwx,go=rx init.d-mandos \
249
 
                $(DESTDIR)/etc/init.d/mandos
250
 
        install --mode=u=rw,go=r default-mandos \
251
 
                $(DESTDIR)/etc/default/mandos
252
 
        if [ -z $(DESTDIR) ]; then \
253
 
                update-rc.d mandos defaults 25 15;\
254
 
        fi
255
 
        gzip --best --to-stdout mandos.8 \
256
 
                > $(MANDIR)/man8/mandos.8.gz
257
 
        gzip --best --to-stdout mandos.conf.5 \
258
 
                > $(MANDIR)/man5/mandos.conf.5.gz
259
 
        gzip --best --to-stdout mandos-clients.conf.5 \
260
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
261
 
 
262
 
install-client-nokey: all doc
263
 
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
264
 
        install --directory --mode=u=rwx $(KEYDIR) \
265
 
                $(PREFIX)/lib/mandos/plugins.d
266
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
267
 
                install --mode=u=rwx \
268
 
                        --directory "$(CONFDIR)/plugins.d"; \
269
 
        fi
270
 
        install --mode=u=rwx,go=rx \
271
 
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
272
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
273
 
                mandos-keygen
274
 
        install --mode=u=rwx,go=rx \
275
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
276
 
                plugins.d/password-prompt
277
 
        install --mode=u=rwxs,go=rx \
278
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
279
 
                plugins.d/mandos-client
280
 
        install --mode=u=rwxs,go=rx \
281
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
282
 
                plugins.d/usplash
283
 
        install --mode=u=rwxs,go=rx \
284
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
285
 
                plugins.d/splashy
286
 
        install --mode=u=rwxs,go=rx \
287
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
288
 
                plugins.d/askpass-fifo
289
 
        install initramfs-tools-hook \
290
 
                $(INITRAMFSTOOLS)/hooks/mandos
291
 
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
292
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
293
 
        install initramfs-tools-script \
294
 
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
295
 
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
296
 
        gzip --best --to-stdout mandos-keygen.8 \
297
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
298
 
        gzip --best --to-stdout plugin-runner.8mandos \
299
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
300
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
301
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
302
 
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
303
 
                > $(MANDIR)/man8/mandos-client.8mandos.gz
304
 
        gzip --best --to-stdout plugins.d/usplash.8mandos \
305
 
                > $(MANDIR)/man8/usplash.8mandos.gz
306
 
        gzip --best --to-stdout plugins.d/splashy.8mandos \
307
 
                > $(MANDIR)/man8/splashy.8mandos.gz
308
 
        gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
309
 
                > $(MANDIR)/man8/askpass-fifo.8mandos.gz
310
 
 
311
 
install-client: install-client-nokey
312
 
# Post-installation stuff
313
 
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
314
 
        update-initramfs -k all -u
315
 
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
316
 
 
317
 
uninstall: uninstall-server uninstall-client
318
 
 
319
 
uninstall-server:
320
 
        -rm --force $(PREFIX)/sbin/mandos \
321
 
                $(MANDIR)/man8/mandos.8.gz \
322
 
                $(MANDIR)/man5/mandos.conf.5.gz \
323
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
324
 
        update-rc.d -f mandos remove
325
 
        -rmdir $(CONFDIR)
326
 
 
327
 
uninstall-client:
328
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
329
 
# to use it.
330
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
331
 
                $(DESTDIR)/etc/crypttab
332
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
333
 
                $(PREFIX)/lib/mandos/plugin-runner \
334
 
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
335
 
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
336
 
                $(PREFIX)/lib/mandos/plugins.d/usplash \
337
 
                $(PREFIX)/lib/mandos/plugins.d/splashy \
338
 
                $(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
339
 
                $(INITRAMFSTOOLS)/hooks/mandos \
340
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
341
 
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos \
342
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
343
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
344
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
345
 
                $(MANDIR)/man8/usplash.8mandos.gz \
346
 
                $(MANDIR)/man8/splashy.8mandos.gz \
347
 
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
348
 
                $(MANDIR)/man8/mandos-client.8mandos.gz
349
 
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
350
 
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
351
 
        update-initramfs -k all -u
352
 
 
353
 
purge: purge-server purge-client
354
 
 
355
 
purge-server: uninstall-server
356
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
357
 
                $(DESTDIR)/etc/default/mandos \
358
 
                $(DESTDIR)/etc/init.d/mandos \
359
 
                $(DESTDIR)/var/run/mandos.pid
360
 
        -rmdir $(CONFDIR)
361
 
 
362
 
purge-client: uninstall-client
363
 
        -shred --remove $(KEYDIR)/seckey.txt
364
 
        -rm --force $(CONFDIR)/plugin-runner.conf \
365
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
366
 
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
 
7
        rm -f plugbasedclient