/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

First version of a somewhat complete D-Bus server interface.  Also
change user/group name to "_mandos".

* debian/mandos.postinst: Rename old "mandos" user and group to
                          "_mandos"; create "_mandos" user and group
                          if none exist.
* debian/mandos-client.postinst: - '' -

* initramfs-tools-hook: Try "_mandos" before "mandos" as user and
                        group name.

* mandos (_datetime_to_dbus_struct): New; was previously local.
  (Client.started): Renamed to "last_started".  All users changed.
  (Client.started): New; boolean.
  (Client.dbus_object_path): New.
  (Client.check_command): Renamed to "checker_command".  All users
                          changed.
  (Client.__init__): Set and use "self.dbus_object_path".  Set
                     "self.started".
  (Client.start): Update "self.started".  Emit "self.PropertyChanged"
                  signals for both "started" and "last_started".
  (Client.stop): Update "self.started".  Emit "self.PropertyChanged"
                 signal for "started".
  (Client.checker_callback): Take additional "command" argument.  All
                             callers changed. Emit
                             "self.PropertyChanged" signal.
  (Client.bump_timeout): Emit "self.PropertyChanged" signal for
                         "last_checked_ok".
  (Client.start_checker): Emit "self.PropertyChanged" signal for
                          "checker_running".
  (Client.stop_checker): Emit "self.PropertyChanged" signal for
                         "checker_running".
  (Client.still_valid): Bug fix: use "getattr(self, started, False)"
                        instead of "self.started" in case this client
                        object is so new that the "started" attribute
                        has not been created yet.
  (Client.IntervalChanged, Client.CheckerIsRunning, Client.GetChecker,
  Client.GetCreated, Client.GetFingerprint, Client.GetHost,
  Client.GetInterval, Client.GetName, Client.GetStarted,
  Client.GetTimeout, Client.StateChanged, Client.TimeoutChanged):
  Removed; all callers changed.
  (Client.CheckerCompleted): Add "condition" and "command" arguments.
                             All callers changed.
  (Client.GetAllProperties, Client.PropertyChanged): New.
  (Client.StillValid): Renamed to "IsStillValid".
  (Client.StartChecker): Changed to its own function to avoid the
                         return value from "Client.start_checker()".
  (Client.Stop): Changed to its own function to avoid the return value
                 from "Client.stop()".
  (main): Try "_mandos" before "mandos" as user and group name.
          Removed inner function "remove_from_clients".  New inner
          class "MandosServer".

Show diffs side-by-side

added added

removed removed

Lines of Context:
4
4
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
5
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
6
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Wunreachable-code -Winline \
8
 
        -Wvolatile-register-var
9
 
DEBUG=-ggdb3
 
7
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
 
8
#       -Wunreachable-code 
 
9
#DEBUG=-ggdb3
10
10
# For info about _FORTIFY_SOURCE, see
11
11
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
 
FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all
 
12
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -pie
 
13
LINK_FORTIFY=-z relro -pie
13
14
#COVERAGE=--coverage
14
15
OPTIMIZE=-Os
15
16
LANGUAGE=-std=gnu99
16
 
# PREFIX=/usr/local
 
17
htmldir=man
 
18
version=1.0.2
 
19
SED=sed
 
20
 
 
21
## Use these settings for a traditional /usr/local install
 
22
# PREFIX=$(DESTDIR)/usr/local
 
23
# CONFDIR=$(DESTDIR)/etc/mandos
 
24
# KEYDIR=$(DESTDIR)/etc/mandos/keys
 
25
# MANDIR=$(PREFIX)/man
 
26
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
 
27
##
 
28
 
 
29
## These settings are for a package-type install
17
30
PREFIX=$(DESTDIR)/usr
18
 
# CONFDIR=/usr/local/lib/mandos
19
31
CONFDIR=$(DESTDIR)/etc/mandos
20
 
# KEYDIR=/usr/local/lib/mandos/keys
21
32
KEYDIR=$(DESTDIR)/etc/keys/mandos
22
 
# MANDIR=/usr/local/man
23
 
MANDIR=$(DESTDIR)/usr/share/man
 
33
MANDIR=$(PREFIX)/share/man
 
34
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
 
35
##
24
36
 
25
37
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
26
38
GNUTLS_LIBS=$(shell libgnutls-config --libs)
31
43
 
32
44
# Do not change these two
33
45
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
34
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
35
 
LDFLAGS=$(COVERAGE)
 
46
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
 
47
        -DVERSION='"$(version)"'
 
48
LDFLAGS=$(COVERAGE) $(LINK_FORTIFY)
36
49
 
37
 
# Commands to format a DocBook refentry document into a manual page
 
50
# Commands to format a DocBook <refentry> document into a manual page
38
51
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
39
52
        --param man.charmap.use.subset          0 \
40
53
        --param make.year.ranges                1 \
44
57
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
45
58
        $(notdir $<); \
46
59
        $(MANPOST) $(notdir $@)
47
 
# DocBook-to-man post-processing to fix a \n escape bug
48
 
MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
49
 
 
50
 
PLUGINS=plugins.d/password-prompt plugins.d/password-request
51
 
PROGS=plugin-runner $(PLUGINS)
 
60
# DocBook-to-man post-processing to fix a '\n' escape bug
 
61
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
 
62
 
 
63
DOCBOOKTOHTML=xsltproc --nonet --xinclude \
 
64
        --param make.year.ranges                1 \
 
65
        --param make.single.year.ranges         1 \
 
66
        --param man.output.quietly              1 \
 
67
        --param man.authors.section.enabled     0 \
 
68
        --param citerefentry.link               1 \
 
69
        --output $@ \
 
70
        /usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
 
71
        $<; $(HTMLPOST) $@
 
72
# Fix citerefentry links
 
73
HTMLPOST=$(SED) --in-place \
 
74
        --expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
 
75
 
 
76
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
 
77
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
 
78
CPROGS=plugin-runner $(PLUGINS)
 
79
PROGS=mandos mandos-keygen $(CPROGS)
52
80
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
53
 
        plugins.d/password-request.8mandos \
 
81
        plugins.d/mandos-client.8mandos \
54
82
        plugins.d/password-prompt.8mandos mandos.conf.5 \
55
 
        mandos-clients.conf.5
56
 
 
57
 
objects=$(addsuffix .o,$(PROGS))
58
 
 
59
 
all: $(PROGS)
 
83
        plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
 
84
        plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
 
85
 
 
86
htmldocs=$(addsuffix .xhtml,$(DOCS))
 
87
 
 
88
objects=$(addsuffix .o,$(CPROGS))
 
89
 
 
90
all: $(PROGS) mandos.lsm
60
91
 
61
92
doc: $(DOCS)
62
93
 
63
 
%.5: %.xml legalnotice.xml
64
 
        $(DOCBOOKTOMAN)
65
 
 
66
 
%.8: %.xml legalnotice.xml
67
 
        $(DOCBOOKTOMAN)
68
 
 
69
 
%.8mandos: %.xml legalnotice.xml
70
 
        $(DOCBOOKTOMAN)
71
 
 
72
 
mandos.8: mandos.xml mandos-options.xml overview.xml legalnotice.xml
73
 
        $(DOCBOOKTOMAN)
74
 
 
75
 
mandos-keygen.8: mandos-keygen.xml overview.xml legalnotice.xml
76
 
        $(DOCBOOKTOMAN)
77
 
 
78
 
mandos.conf.5: mandos.conf.xml mandos-options.xml legalnotice.xml
79
 
        $(DOCBOOKTOMAN)
80
 
 
81
 
plugin-runner.8mandos: plugin-runner.xml overview.xml legalnotice.xml
82
 
        $(DOCBOOKTOMAN)
83
 
 
84
 
plugins.d/password-request.8mandos: plugins.d/password-request.xml \
85
 
                                        mandos-options.xml \
86
 
                                        overview.xml legalnotice.xml
87
 
        $(DOCBOOKTOMAN)
88
 
 
89
 
plugins.d/password-request: plugins.d/password-request.o
 
94
html: $(htmldocs)
 
95
 
 
96
%.5: %.xml common.ent legalnotice.xml
 
97
        $(DOCBOOKTOMAN)
 
98
%.5.xhtml: %.xml common.ent legalnotice.xml
 
99
        $(DOCBOOKTOHTML)
 
100
 
 
101
%.8: %.xml common.ent legalnotice.xml
 
102
        $(DOCBOOKTOMAN)
 
103
%.8.xhtml: %.xml common.ent legalnotice.xml
 
104
        $(DOCBOOKTOHTML)
 
105
 
 
106
%.8mandos: %.xml common.ent legalnotice.xml
 
107
        $(DOCBOOKTOMAN)
 
108
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
 
109
        $(DOCBOOKTOHTML)
 
110
 
 
111
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
 
112
                legalnotice.xml
 
113
        $(DOCBOOKTOMAN)
 
114
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
 
115
                overview.xml legalnotice.xml
 
116
        $(DOCBOOKTOHTML)
 
117
 
 
118
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
 
119
                legalnotice.xml
 
120
        $(DOCBOOKTOMAN)
 
121
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
 
122
                 legalnotice.xml
 
123
        $(DOCBOOKTOHTML)
 
124
 
 
125
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
 
126
                legalnotice.xml
 
127
        $(DOCBOOKTOMAN)
 
128
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
 
129
                legalnotice.xml
 
130
        $(DOCBOOKTOHTML)
 
131
 
 
132
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
 
133
                legalnotice.xml
 
134
        $(DOCBOOKTOMAN)
 
135
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
 
136
                overview.xml legalnotice.xml
 
137
        $(DOCBOOKTOHTML)
 
138
 
 
139
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
 
140
                                        common.ent \
 
141
                                        mandos-options.xml \
 
142
                                        overview.xml legalnotice.xml
 
143
        $(DOCBOOKTOMAN)
 
144
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
 
145
                                        common.ent \
 
146
                                        mandos-options.xml \
 
147
                                        overview.xml legalnotice.xml
 
148
        $(DOCBOOKTOHTML)
 
149
 
 
150
# Update all these files with version number $(version)
 
151
common.ent: Makefile
 
152
        $(SED) --in-place \
 
153
                --expression='s/^\(<ENTITY VERSION "\)[^"]*">$$/\1$(version)"/' \
 
154
                $@
 
155
 
 
156
mandos: Makefile
 
157
        $(SED) --in-place \
 
158
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
 
159
                $@
 
160
 
 
161
mandos-keygen: Makefile
 
162
        $(SED) --in-place \
 
163
                --expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
 
164
                $@
 
165
 
 
166
mandos.lsm: Makefile
 
167
        $(SED) --in-place \
 
168
                --expression='s/^\(Version:\).*/\1\t$(version)/' \
 
169
                $@
 
170
        $(SED) --in-place \
 
171
                --expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
 
172
                $@
 
173
 
 
174
plugins.d/mandos-client: plugins.d/mandos-client.o
90
175
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
91
176
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
92
177
 
93
 
.PHONY : all doc clean distclean run-client run-server install \
 
178
.PHONY : all doc html clean distclean run-client run-server install \
94
179
        install-server install-client uninstall uninstall-server \
95
180
        uninstall-client purge purge-server purge-client
96
181
 
97
182
clean:
98
 
        -rm --force $(PROGS) $(objects) $(DOCS) core
 
183
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
99
184
 
100
185
distclean: clean
101
186
mostlyclean: clean
102
187
maintainer-clean: clean
103
188
        -rm --force --recursive keydir confdir
104
189
 
105
 
check:
 
190
check:  all
106
191
        ./mandos --check
107
192
 
108
193
# Run the client with a local config and key
109
194
run-client: all keydir/seckey.txt keydir/pubkey.txt
110
195
        ./plugin-runner --plugin-dir=plugins.d \
111
196
                --config-file=plugin-runner.conf \
112
 
                --options-for=password-request:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
 
197
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
113
198
 
114
199
# Used by run-client
115
200
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
130
215
# Add a client password
131
216
        ./mandos-keygen --dir keydir --password >> $@
132
217
 
133
 
install: install-server install-client
 
218
install: install-server install-client-nokey
 
219
 
 
220
install-html: html
 
221
        install --directory $(htmldir)
 
222
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
 
223
                $(htmldocs)
134
224
 
135
225
install-server: doc
136
 
        install --directory $(CONFDIR) $(MANDIR)/man5 \
137
 
                $(MANDIR)/man8
 
226
        install --directory $(CONFDIR)
138
227
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
139
228
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
140
229
                mandos.conf
141
230
        install --mode=u=rw --target-directory=$(CONFDIR) \
142
231
                clients.conf
143
 
        install --mode=u=rwx,go=rx init.d-mandos /etc/init.d/mandos
144
 
        install --mode=u=rw,go=r default-mandos /etc/default/mandos
145
 
        update-rc.d mandos defaults
 
232
        install --mode=u=rwx,go=rx init.d-mandos \
 
233
                $(DESTDIR)/etc/init.d/mandos
 
234
        install --mode=u=rw,go=r default-mandos \
 
235
                $(DESTDIR)/etc/default/mandos
 
236
        if [ -z $(DESTDIR) ]; then \
 
237
                update-rc.d mandos defaults 25 15;\
 
238
        fi
146
239
        gzip --best --to-stdout mandos.8 \
147
240
                > $(MANDIR)/man8/mandos.8.gz
148
241
        gzip --best --to-stdout mandos.conf.5 \
150
243
        gzip --best --to-stdout mandos-clients.conf.5 \
151
244
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
152
245
 
153
 
install-client: all doc /usr/share/initramfs-tools/hooks/.
154
 
        install --directory $(PREFIX)/lib/mandos $(CONFDIR) \
155
 
                $(MANDIR)/man8
156
 
        install --directory --mode=u=rwx $(KEYDIR)
157
 
        install --directory --mode=u=rwx \
 
246
install-client-nokey: all doc
 
247
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
 
248
        install --directory --mode=u=rwx $(KEYDIR) \
158
249
                $(PREFIX)/lib/mandos/plugins.d
159
 
        if [ "$(CONFDIR)/plugins.d" \
160
 
                        != "$(PREFIX)/lib/mandos/plugins.d" ]; then \
 
250
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
161
251
                install --mode=u=rwx \
162
252
                        --directory "$(CONFDIR)/plugins.d"; \
163
253
        fi
170
260
                plugins.d/password-prompt
171
261
        install --mode=u=rwxs,go=rx \
172
262
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
173
 
                plugins.d/password-request
174
 
        install --mode=u=rwx,go=rx \
 
263
                plugins.d/mandos-client
 
264
        install --mode=u=rwxs,go=rx \
175
265
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
176
266
                plugins.d/usplash
 
267
        install --mode=u=rwxs,go=rx \
 
268
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
269
                plugins.d/splashy
 
270
        install --mode=u=rwxs,go=rx \
 
271
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
272
                plugins.d/askpass-fifo
177
273
        install initramfs-tools-hook \
178
 
                /usr/share/initramfs-tools/hooks/mandos
179
 
        install initramfs-tools-hook-conf \
180
 
                /usr/share/initramfs-tools/conf-hooks.d/mandos
 
274
                $(INITRAMFSTOOLS)/hooks/mandos
 
275
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
 
276
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
181
277
        install initramfs-tools-script \
182
 
                /usr/share/initramfs-tools/scripts/local-top/mandos
 
278
                $(INITRAMFSTOOLS)/scripts/local-top/mandos
183
279
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
184
280
        gzip --best --to-stdout mandos-keygen.8 \
185
281
                > $(MANDIR)/man8/mandos-keygen.8.gz
187
283
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
188
284
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
189
285
                > $(MANDIR)/man8/password-prompt.8mandos.gz
190
 
        gzip --best --to-stdout plugins.d/password-request.8mandos \
191
 
                > $(MANDIR)/man8/password-request.8mandos.gz
 
286
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
 
287
                > $(MANDIR)/man8/mandos-client.8mandos.gz
 
288
        gzip --best --to-stdout plugins.d/usplash.8mandos \
 
289
                > $(MANDIR)/man8/usplash.8mandos.gz
 
290
        gzip --best --to-stdout plugins.d/splashy.8mandos \
 
291
                > $(MANDIR)/man8/splashy.8mandos.gz
 
292
        gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
 
293
                > $(MANDIR)/man8/askpass-fifo.8mandos.gz
 
294
 
 
295
install-client: install-client-nokey
192
296
# Post-installation stuff
193
297
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
194
298
        update-initramfs -k all -u
208
312
# Refuse to uninstall client if /etc/crypttab is explicitly configured
209
313
# to use it.
210
314
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
211
 
                /etc/crypttab
 
315
                $(DESTDIR)/etc/crypttab
212
316
        -rm --force $(PREFIX)/sbin/mandos-keygen \
213
317
                $(PREFIX)/lib/mandos/plugin-runner \
214
318
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
215
 
                $(PREFIX)/lib/mandos/plugins.d/password-request \
 
319
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
216
320
                $(PREFIX)/lib/mandos/plugins.d/usplash \
217
 
                /usr/share/initramfs-tools/hooks/mandos \
218
 
                /usr/share/initramfs-tools/conf-hooks.d/mandos \
219
 
                /usr/share/initramfs-tools/scripts/local-top/mandos \
 
321
                $(PREFIX)/lib/mandos/plugins.d/splashy \
 
322
                $(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
 
323
                $(INITRAMFSTOOLS)/hooks/mandos \
 
324
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
 
325
                $(INITRAMFSTOOLS)/scripts/local-top/mandos \
220
326
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
221
327
                $(MANDIR)/man8/mandos-keygen.8.gz \
222
328
                $(MANDIR)/man8/password-prompt.8mandos.gz \
223
 
                $(MANDIR)/man8/password-request.8mandos.gz
 
329
                $(MANDIR)/man8/usplash.8mandos.gz \
 
330
                $(MANDIR)/man8/splashy.8mandos.gz \
 
331
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
 
332
                $(MANDIR)/man8/mandos-client.8mandos.gz
224
333
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
225
334
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
226
335
        update-initramfs -k all -u
229
338
 
230
339
purge-server: uninstall-server
231
340
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
232
 
                /etc/default/mandos /etc/init.d/mandos \
233
 
                /var/run/mandos.pid
 
341
                $(DESTDIR)/etc/default/mandos \
 
342
                $(DESTDIR)/etc/init.d/mandos \
 
343
                $(DESTDIR)/var/run/mandos.pid
234
344
        -rmdir $(CONFDIR)
235
345
 
236
346
purge-client: uninstall-client