/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

First version of a somewhat complete D-Bus server interface.  Also
change user/group name to "_mandos".

* debian/mandos.postinst: Rename old "mandos" user and group to
                          "_mandos"; create "_mandos" user and group
                          if none exist.
* debian/mandos-client.postinst: - '' -

* initramfs-tools-hook: Try "_mandos" before "mandos" as user and
                        group name.

* mandos (_datetime_to_dbus_struct): New; was previously local.
  (Client.started): Renamed to "last_started".  All users changed.
  (Client.started): New; boolean.
  (Client.dbus_object_path): New.
  (Client.check_command): Renamed to "checker_command".  All users
                          changed.
  (Client.__init__): Set and use "self.dbus_object_path".  Set
                     "self.started".
  (Client.start): Update "self.started".  Emit "self.PropertyChanged"
                  signals for both "started" and "last_started".
  (Client.stop): Update "self.started".  Emit "self.PropertyChanged"
                 signal for "started".
  (Client.checker_callback): Take additional "command" argument.  All
                             callers changed. Emit
                             "self.PropertyChanged" signal.
  (Client.bump_timeout): Emit "self.PropertyChanged" signal for
                         "last_checked_ok".
  (Client.start_checker): Emit "self.PropertyChanged" signal for
                          "checker_running".
  (Client.stop_checker): Emit "self.PropertyChanged" signal for
                         "checker_running".
  (Client.still_valid): Bug fix: use "getattr(self, started, False)"
                        instead of "self.started" in case this client
                        object is so new that the "started" attribute
                        has not been created yet.
  (Client.IntervalChanged, Client.CheckerIsRunning, Client.GetChecker,
  Client.GetCreated, Client.GetFingerprint, Client.GetHost,
  Client.GetInterval, Client.GetName, Client.GetStarted,
  Client.GetTimeout, Client.StateChanged, Client.TimeoutChanged):
  Removed; all callers changed.
  (Client.CheckerCompleted): Add "condition" and "command" arguments.
                             All callers changed.
  (Client.GetAllProperties, Client.PropertyChanged): New.
  (Client.StillValid): Renamed to "IsStillValid".
  (Client.StartChecker): Changed to its own function to avoid the
                         return value from "Client.start_checker()".
  (Client.Stop): Changed to its own function to avoid the return value
                 from "Client.stop()".
  (main): Try "_mandos" before "mandos" as user and group name.
          Removed inner function "remove_from_clients".  New inner
          class "MandosServer".

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
CFLAGS="-Wall -std=gnu99"
2
 
LDFLAGS=-lgnutls
3
 
 
4
 
all: plugbasedclient
 
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
 
2
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
 
3
        -Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
 
4
        -Wunsafe-loop-optimizations -Wpointer-arith \
 
5
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
 
6
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
 
7
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
 
8
#       -Wunreachable-code 
 
9
#DEBUG=-ggdb3
 
10
# For info about _FORTIFY_SOURCE, see
 
11
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
 
12
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -pie
 
13
LINK_FORTIFY=-z relro -pie
 
14
#COVERAGE=--coverage
 
15
OPTIMIZE=-Os
 
16
LANGUAGE=-std=gnu99
 
17
htmldir=man
 
18
version=1.0.2
 
19
SED=sed
 
20
 
 
21
## Use these settings for a traditional /usr/local install
 
22
# PREFIX=$(DESTDIR)/usr/local
 
23
# CONFDIR=$(DESTDIR)/etc/mandos
 
24
# KEYDIR=$(DESTDIR)/etc/mandos/keys
 
25
# MANDIR=$(PREFIX)/man
 
26
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
 
27
##
 
28
 
 
29
## These settings are for a package-type install
 
30
PREFIX=$(DESTDIR)/usr
 
31
CONFDIR=$(DESTDIR)/etc/mandos
 
32
KEYDIR=$(DESTDIR)/etc/keys/mandos
 
33
MANDIR=$(PREFIX)/share/man
 
34
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
 
35
##
 
36
 
 
37
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
 
38
GNUTLS_LIBS=$(shell libgnutls-config --libs)
 
39
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
 
40
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
 
41
GPGME_CFLAGS=$(shell gpgme-config --cflags)
 
42
GPGME_LIBS=$(shell gpgme-config --libs)
 
43
 
 
44
# Do not change these two
 
45
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
 
46
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
 
47
        -DVERSION='"$(version)"'
 
48
LDFLAGS=$(COVERAGE) $(LINK_FORTIFY)
 
49
 
 
50
# Commands to format a DocBook <refentry> document into a manual page
 
51
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
 
52
        --param man.charmap.use.subset          0 \
 
53
        --param make.year.ranges                1 \
 
54
        --param make.single.year.ranges         1 \
 
55
        --param man.output.quietly              1 \
 
56
        --param man.authors.section.enabled     0 \
 
57
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
 
58
        $(notdir $<); \
 
59
        $(MANPOST) $(notdir $@)
 
60
# DocBook-to-man post-processing to fix a '\n' escape bug
 
61
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
 
62
 
 
63
DOCBOOKTOHTML=xsltproc --nonet --xinclude \
 
64
        --param make.year.ranges                1 \
 
65
        --param make.single.year.ranges         1 \
 
66
        --param man.output.quietly              1 \
 
67
        --param man.authors.section.enabled     0 \
 
68
        --param citerefentry.link               1 \
 
69
        --output $@ \
 
70
        /usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
 
71
        $<; $(HTMLPOST) $@
 
72
# Fix citerefentry links
 
73
HTMLPOST=$(SED) --in-place \
 
74
        --expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
 
75
 
 
76
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
 
77
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
 
78
CPROGS=plugin-runner $(PLUGINS)
 
79
PROGS=mandos mandos-keygen $(CPROGS)
 
80
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
 
81
        plugins.d/mandos-client.8mandos \
 
82
        plugins.d/password-prompt.8mandos mandos.conf.5 \
 
83
        plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
 
84
        plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
 
85
 
 
86
htmldocs=$(addsuffix .xhtml,$(DOCS))
 
87
 
 
88
objects=$(addsuffix .o,$(CPROGS))
 
89
 
 
90
all: $(PROGS) mandos.lsm
 
91
 
 
92
doc: $(DOCS)
 
93
 
 
94
html: $(htmldocs)
 
95
 
 
96
%.5: %.xml common.ent legalnotice.xml
 
97
        $(DOCBOOKTOMAN)
 
98
%.5.xhtml: %.xml common.ent legalnotice.xml
 
99
        $(DOCBOOKTOHTML)
 
100
 
 
101
%.8: %.xml common.ent legalnotice.xml
 
102
        $(DOCBOOKTOMAN)
 
103
%.8.xhtml: %.xml common.ent legalnotice.xml
 
104
        $(DOCBOOKTOHTML)
 
105
 
 
106
%.8mandos: %.xml common.ent legalnotice.xml
 
107
        $(DOCBOOKTOMAN)
 
108
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
 
109
        $(DOCBOOKTOHTML)
 
110
 
 
111
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
 
112
                legalnotice.xml
 
113
        $(DOCBOOKTOMAN)
 
114
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
 
115
                overview.xml legalnotice.xml
 
116
        $(DOCBOOKTOHTML)
 
117
 
 
118
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
 
119
                legalnotice.xml
 
120
        $(DOCBOOKTOMAN)
 
121
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
 
122
                 legalnotice.xml
 
123
        $(DOCBOOKTOHTML)
 
124
 
 
125
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
 
126
                legalnotice.xml
 
127
        $(DOCBOOKTOMAN)
 
128
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
 
129
                legalnotice.xml
 
130
        $(DOCBOOKTOHTML)
 
131
 
 
132
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
 
133
                legalnotice.xml
 
134
        $(DOCBOOKTOMAN)
 
135
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
 
136
                overview.xml legalnotice.xml
 
137
        $(DOCBOOKTOHTML)
 
138
 
 
139
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
 
140
                                        common.ent \
 
141
                                        mandos-options.xml \
 
142
                                        overview.xml legalnotice.xml
 
143
        $(DOCBOOKTOMAN)
 
144
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
 
145
                                        common.ent \
 
146
                                        mandos-options.xml \
 
147
                                        overview.xml legalnotice.xml
 
148
        $(DOCBOOKTOHTML)
 
149
 
 
150
# Update all these files with version number $(version)
 
151
common.ent: Makefile
 
152
        $(SED) --in-place \
 
153
                --expression='s/^\(<ENTITY VERSION "\)[^"]*">$$/\1$(version)"/' \
 
154
                $@
 
155
 
 
156
mandos: Makefile
 
157
        $(SED) --in-place \
 
158
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
 
159
                $@
 
160
 
 
161
mandos-keygen: Makefile
 
162
        $(SED) --in-place \
 
163
                --expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
 
164
                $@
 
165
 
 
166
mandos.lsm: Makefile
 
167
        $(SED) --in-place \
 
168
                --expression='s/^\(Version:\).*/\1\t$(version)/' \
 
169
                $@
 
170
        $(SED) --in-place \
 
171
                --expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
 
172
                $@
 
173
 
 
174
plugins.d/mandos-client: plugins.d/mandos-client.o
 
175
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
 
176
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
 
177
 
 
178
.PHONY : all doc html clean distclean run-client run-server install \
 
179
        install-server install-client uninstall uninstall-server \
 
180
        uninstall-client purge purge-server purge-client
5
181
 
6
182
clean:
7
 
        rm -f plugbasedclient
8
 
 
9
 
client_debug: client
10
 
        mv -f client client.tmp
11
 
        $(MAKE) client CXXFLAGS="$(CXXFLAGS) -DDEBUG -DCERT_ROOT=\\\"./\\\""
12
 
        mv client client_debug
13
 
        mv client.tmp client
 
183
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
 
184
 
 
185
distclean: clean
 
186
mostlyclean: clean
 
187
maintainer-clean: clean
 
188
        -rm --force --recursive keydir confdir
 
189
 
 
190
check:  all
 
191
        ./mandos --check
 
192
 
 
193
# Run the client with a local config and key
 
194
run-client: all keydir/seckey.txt keydir/pubkey.txt
 
195
        ./plugin-runner --plugin-dir=plugins.d \
 
196
                --config-file=plugin-runner.conf \
 
197
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
 
198
 
 
199
# Used by run-client
 
200
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
 
201
        install --directory keydir
 
202
        ./mandos-keygen --dir keydir --force
 
203
 
 
204
# Run the server with a local config
 
205
run-server: confdir/mandos.conf confdir/clients.conf
 
206
        ./mandos --debug --configdir=confdir
 
207
 
 
208
# Used by run-server
 
209
confdir/mandos.conf: mandos.conf
 
210
        install --directory confdir
 
211
        install --mode=u=rw,go=r $^ $@
 
212
confdir/clients.conf: clients.conf keydir/seckey.txt
 
213
        install --directory confdir
 
214
        install --mode=u=rw $< $@
 
215
# Add a client password
 
216
        ./mandos-keygen --dir keydir --password >> $@
 
217
 
 
218
install: install-server install-client-nokey
 
219
 
 
220
install-html: html
 
221
        install --directory $(htmldir)
 
222
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
 
223
                $(htmldocs)
 
224
 
 
225
install-server: doc
 
226
        install --directory $(CONFDIR)
 
227
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
 
228
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
 
229
                mandos.conf
 
230
        install --mode=u=rw --target-directory=$(CONFDIR) \
 
231
                clients.conf
 
232
        install --mode=u=rwx,go=rx init.d-mandos \
 
233
                $(DESTDIR)/etc/init.d/mandos
 
234
        install --mode=u=rw,go=r default-mandos \
 
235
                $(DESTDIR)/etc/default/mandos
 
236
        if [ -z $(DESTDIR) ]; then \
 
237
                update-rc.d mandos defaults 25 15;\
 
238
        fi
 
239
        gzip --best --to-stdout mandos.8 \
 
240
                > $(MANDIR)/man8/mandos.8.gz
 
241
        gzip --best --to-stdout mandos.conf.5 \
 
242
                > $(MANDIR)/man5/mandos.conf.5.gz
 
243
        gzip --best --to-stdout mandos-clients.conf.5 \
 
244
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
 
245
 
 
246
install-client-nokey: all doc
 
247
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
 
248
        install --directory --mode=u=rwx $(KEYDIR) \
 
249
                $(PREFIX)/lib/mandos/plugins.d
 
250
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
 
251
                install --mode=u=rwx \
 
252
                        --directory "$(CONFDIR)/plugins.d"; \
 
253
        fi
 
254
        install --mode=u=rwx,go=rx \
 
255
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
 
256
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
 
257
                mandos-keygen
 
258
        install --mode=u=rwx,go=rx \
 
259
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
260
                plugins.d/password-prompt
 
261
        install --mode=u=rwxs,go=rx \
 
262
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
263
                plugins.d/mandos-client
 
264
        install --mode=u=rwxs,go=rx \
 
265
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
266
                plugins.d/usplash
 
267
        install --mode=u=rwxs,go=rx \
 
268
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
269
                plugins.d/splashy
 
270
        install --mode=u=rwxs,go=rx \
 
271
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
272
                plugins.d/askpass-fifo
 
273
        install initramfs-tools-hook \
 
274
                $(INITRAMFSTOOLS)/hooks/mandos
 
275
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
 
276
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
 
277
        install initramfs-tools-script \
 
278
                $(INITRAMFSTOOLS)/scripts/local-top/mandos
 
279
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
 
280
        gzip --best --to-stdout mandos-keygen.8 \
 
281
                > $(MANDIR)/man8/mandos-keygen.8.gz
 
282
        gzip --best --to-stdout plugin-runner.8mandos \
 
283
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
 
284
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
 
285
                > $(MANDIR)/man8/password-prompt.8mandos.gz
 
286
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
 
287
                > $(MANDIR)/man8/mandos-client.8mandos.gz
 
288
        gzip --best --to-stdout plugins.d/usplash.8mandos \
 
289
                > $(MANDIR)/man8/usplash.8mandos.gz
 
290
        gzip --best --to-stdout plugins.d/splashy.8mandos \
 
291
                > $(MANDIR)/man8/splashy.8mandos.gz
 
292
        gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
 
293
                > $(MANDIR)/man8/askpass-fifo.8mandos.gz
 
294
 
 
295
install-client: install-client-nokey
 
296
# Post-installation stuff
 
297
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
 
298
        update-initramfs -k all -u
 
299
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
 
300
 
 
301
uninstall: uninstall-server uninstall-client
 
302
 
 
303
uninstall-server:
 
304
        -rm --force $(PREFIX)/sbin/mandos \
 
305
                $(MANDIR)/man8/mandos.8.gz \
 
306
                $(MANDIR)/man5/mandos.conf.5.gz \
 
307
                $(MANDIR)/man5/mandos-clients.conf.5.gz
 
308
        update-rc.d -f mandos remove
 
309
        -rmdir $(CONFDIR)
 
310
 
 
311
uninstall-client:
 
312
# Refuse to uninstall client if /etc/crypttab is explicitly configured
 
313
# to use it.
 
314
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
 
315
                $(DESTDIR)/etc/crypttab
 
316
        -rm --force $(PREFIX)/sbin/mandos-keygen \
 
317
                $(PREFIX)/lib/mandos/plugin-runner \
 
318
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
 
319
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
 
320
                $(PREFIX)/lib/mandos/plugins.d/usplash \
 
321
                $(PREFIX)/lib/mandos/plugins.d/splashy \
 
322
                $(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
 
323
                $(INITRAMFSTOOLS)/hooks/mandos \
 
324
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
 
325
                $(INITRAMFSTOOLS)/scripts/local-top/mandos \
 
326
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
 
327
                $(MANDIR)/man8/mandos-keygen.8.gz \
 
328
                $(MANDIR)/man8/password-prompt.8mandos.gz \
 
329
                $(MANDIR)/man8/usplash.8mandos.gz \
 
330
                $(MANDIR)/man8/splashy.8mandos.gz \
 
331
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
 
332
                $(MANDIR)/man8/mandos-client.8mandos.gz
 
333
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
 
334
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
 
335
        update-initramfs -k all -u
 
336
 
 
337
purge: purge-server purge-client
 
338
 
 
339
purge-server: uninstall-server
 
340
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
 
341
                $(DESTDIR)/etc/default/mandos \
 
342
                $(DESTDIR)/etc/init.d/mandos \
 
343
                $(DESTDIR)/var/run/mandos.pid
 
344
        -rmdir $(CONFDIR)
 
345
 
 
346
purge-client: uninstall-client
 
347
        -shred --remove $(KEYDIR)/seckey.txt
 
348
        -rm --force $(CONFDIR)/plugin-runner.conf \
 
349
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
 
350
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)