/mandos/release : revision 237.2.1

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2008-12-10 01:26:02 UTC
mfrom: (237.1.2 mandos)
mto: (24.1.114 mandos) (237.4.2 mandos-pipe-ipc) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 238.
Revision ID: teddy@fukt.bsnet.se-20081210012602-vhz3h75xkj24t340

First version of a somewhat complete D-Bus server interface.  Also
change user/group name to "_mandos".

* debian/mandos.postinst: Rename old "mandos" user and group to
                          "_mandos"; create "_mandos" user and group
                          if none exist.
* debian/mandos-client.postinst: - '' -

* initramfs-tools-hook: Try "_mandos" before "mandos" as user and
                        group name.

* mandos (_datetime_to_dbus_struct): New; was previously local.
  (Client.started): Renamed to "last_started".  All users changed.
  (Client.started): New; boolean.
  (Client.dbus_object_path): New.
  (Client.check_command): Renamed to "checker_command".  All users
                          changed.
  (Client.__init__): Set and use "self.dbus_object_path".  Set
                     "self.started".
  (Client.start): Update "self.started".  Emit "self.PropertyChanged"
                  signals for both "started" and "last_started".
  (Client.stop): Update "self.started".  Emit "self.PropertyChanged"
                 signal for "started".
  (Client.checker_callback): Take additional "command" argument.  All
                             callers changed. Emit
                             "self.PropertyChanged" signal.
  (Client.bump_timeout): Emit "self.PropertyChanged" signal for
                         "last_checked_ok".
  (Client.start_checker): Emit "self.PropertyChanged" signal for
                          "checker_running".
  (Client.stop_checker): Emit "self.PropertyChanged" signal for
                         "checker_running".
  (Client.still_valid): Bug fix: use "getattr(self, started, False)"
                        instead of "self.started" in case this client
                        object is so new that the "started" attribute
                        has not been created yet.
  (Client.IntervalChanged, Client.CheckerIsRunning, Client.GetChecker,
  Client.GetCreated, Client.GetFingerprint, Client.GetHost,
  Client.GetInterval, Client.GetName, Client.GetStarted,
  Client.GetTimeout, Client.StateChanged, Client.TimeoutChanged):
  Removed; all callers changed.
  (Client.CheckerCompleted): Add "condition" and "command" arguments.
                             All callers changed.
  (Client.GetAllProperties, Client.PropertyChanged): New.
  (Client.StillValid): Renamed to "IsStillValid".
  (Client.StartChecker): Changed to its own function to avoid the
                         return value from "Client.start_checker()".
  (Client.Stop): Changed to its own function to avoid the return value
                 from "Client.stop()".
  (main): Try "_mandos" before "mandos" as user and group name.
          Removed inner function "remove_from_clients".  New inner
          class "MandosServer".

files added:
debian/mandos-client.config

debian/mandos-client.templates

debian/mandos.config

debian/mandos.templates

debian/po/POTFILES.in

debian/po/sv.po

files removed:
debian/watch

mandos-ctl

files modified:
INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.postinst

debian/mandos.prerm

debian/rules

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

Makefile

WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \

-Wswitch-default -Wswitch-enum -Wunused-parameter \

-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \

-Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \

-Wunsafe-loop-optimizations -Wpointer-arith \

-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \

-Wconversion -Wstrict-prototypes -Wold-style-definition \

#DEBUG=-ggdb3

# For info about _FORTIFY_SOURCE, see

# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>

FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

LINK_FORTIFY_LD=-z relro -z now

LINK_FORTIFY=

ifndef BROKEN_PIE

FORTIFY += -fPIE

LINK_FORTIFY_LD += -fPIE

LINK_FORTIFY += -pie

endif

FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -pie

LINK_FORTIFY=-z relro -pie

#COVERAGE=--coverage

OPTIMIZE=-Os

LANGUAGE=-std=gnu99

htmldir=man

version=1.0.14

version=1.0.2

SED=sed

## Use these settings for a traditional /usr/local install

INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools

GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)

GNUTLS_LIBS=$(shell pkg-config --libs gnutls)

GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)

GNUTLS_LIBS=$(shell libgnutls-config --libs)

AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \

getconf LFS_LDFLAGS)

GPGME_CFLAGS=$(shell gpgme-config --cflags)

GPGME_LIBS=$(shell gpgme-config --libs)

# Do not change these two

CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \

-DVERSION='"$(version)"'

LDFLAGS=$(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

LDFLAGS=$(COVERAGE) $(LINK_FORTIFY)

# Commands to format a DocBook <refentry> document into a manual page

DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \

PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo

CPROGS=plugin-runner $(PLUGINS)

PROGS=mandos mandos-keygen mandos-ctl $(CPROGS)

PROGS=mandos mandos-keygen $(CPROGS)

DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \

plugins.d/mandos-client.8mandos \

plugins.d/password-prompt.8mandos mandos.conf.5 \

157

150

# Update all these files with version number $(version)

158

151

common.ent: Makefile

159

152

$(SED) --in-place \

160

--expression='s/^$<!ENTITY version "$[^"]*">$$/\1$(version)">/' \

153

--expression='s/^$<ENTITY VERSION "$[^"]*">$$/\1$(version)"/' \

161

154

162

155

163

156

mandos: Makefile

170

163

--expression='s/^$VERSION="$[^"]*"$$/\1$(version)"/' \

171

164

172

165

173

mandos-ctl: Makefile

174

$(SED) --in-place \

175

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

176

177

178

166

mandos.lsm: Makefile

179

167

$(SED) --in-place \

180

168

--expression='s/^$Version:$.*/\1\t$(version)/' \

182

170

$(SED) --in-place \

183

171

--expression='s/^$Entered-date:$.*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \

184

172

185

$(SED) --in-place \

186

--expression='s/$mandos_$[0-9.]\+$\.orig\.tar\.gz$/\1$(version)\2/' \

187

188

173

189

174

plugins.d/mandos-client: plugins.d/mandos-client.o

190

175

$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \

207

192

208

193

# Run the client with a local config and key

209

194

run-client: all keydir/seckey.txt keydir/pubkey.txt

210

@echo "###################################################################"

211

@echo "# The following error messages are harmless and can be safely #"

212

@echo "# ignored. The messages are caused by not running as root, but #"

213

@echo "# you should NOT run \"make run-client\" as root unless you also #"

214

@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"

215

@echo "# From plugin-runner: setuid: Operation not permitted #"

216

@echo "# From askpass-fifo: mkfifo: Permission denied #"

217

@echo "# From mandos-client: setuid: Operation not permitted #"

218

@echo "# seteuid: Operation not permitted #"

219

@echo "# klogctl: Operation not permitted #"

220

@echo "###################################################################"

221

195

./plugin-runner --plugin-dir=plugins.d \

222

196

--config-file=plugin-runner.conf \

223

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \

224

$(CLIENTARGS)

197

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt

225

198

226

199

# Used by run-client

227

200

keydir/seckey.txt keydir/pubkey.txt: mandos-keygen

230

203

231

204

# Run the server with a local config

232

205

run-server: confdir/mandos.conf confdir/clients.conf

233

@echo "#################################################################"

234

@echo "# NOTE: Please IGNORE errors about \"No permission to bind to #"

235

@echo "# interface\" or \"Could not open file u'/var/run/mandos.pid'\" - #"

236

@echo "# they are harmless and are caused by the server not running as #"

237

@echo "# root. Do NOT run \"make run-server\" server as root if you did #"

238

@echo "# not also unpack and compile it as root. #"

239

@echo "#################################################################"

240

./mandos --debug --no-dbus --configdir=confdir $(SERVERARGS)

206

./mandos --debug --configdir=confdir

241

207

242

208

# Used by run-server

243

209

confdir/mandos.conf: mandos.conf

309

275

install --mode=u=rw,go=r initramfs-tools-hook-conf \

310

276

$(INITRAMFSTOOLS)/conf-hooks.d/mandos

311

277

install initramfs-tools-script \

312

$(INITRAMFSTOOLS)/scripts/init-premount/mandos

278

$(INITRAMFSTOOLS)/scripts/local-top/mandos

313

279

install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)

314

280

gzip --best --to-stdout mandos-keygen.8 \

315

281

> $(MANDIR)/man8/mandos-keygen.8.gz

356

322

$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \

357

323

$(INITRAMFSTOOLS)/hooks/mandos \

358

324

$(INITRAMFSTOOLS)/conf-hooks.d/mandos \

359

$(INITRAMFSTOOLS)/scripts/init-premount/mandos \

325

$(INITRAMFSTOOLS)/scripts/local-top/mandos \

360

326

$(MANDIR)/man8/plugin-runner.8mandos.gz \

361

327

$(MANDIR)/man8/mandos-keygen.8.gz \

362

328

$(MANDIR)/man8/password-prompt.8mandos.gz \

Older »