/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2018-08-19 01:35:11 UTC
  • mto: (237.7.594 trunk)
  • mto: This revision was merged to the branch mainline in revision 368.
  • Revision ID: teddy@recompile.se-20180819013511-cku25q9yeub3dnr0
Adapt to changes in cryptsetup; use "cryptroot-unlock" program

* Makefile (install-client-nokey): Also install new script files
  "mandos-to-cryptroot-unlock" and "initramfs-tools-script-stop".
* debian/mandos-client.dirs: Add
  "usr/share/initramfs-tools/scripts/local-premount".
* initramfs-tools-hook: Also copy "mandos-to-cryptroot-unlock".
* initramfs-tools-script: Only modify keyscript setting in cryptroot
  file if the file exists, otherwise start
  "mandos-to-cryptroot-unlock" in background.
* initramfs-tools-script-stop: New script to make sure plugin-runner
  has stopped before continuing.
* mandos-to-cryptroot-unlock: New script to run plugin-runner and feed
  any password it gets into the "cryptroot-unlock" program.

Show diffs side-by-side

added added

removed removed

Lines of Context:
40
40
OPTIMIZE:=-Os -fno-strict-aliasing
41
41
LANGUAGE:=-std=gnu11
42
42
htmldir:=man
43
 
version:=1.7.20
 
43
version:=1.7.19
44
44
SED:=sed
45
45
 
46
46
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
284
284
        ./mandos-ctl --check
285
285
 
286
286
# Run the client with a local config and key
287
 
run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem
 
287
run-client: all keydir/seckey.txt keydir/pubkey.txt
288
288
        @echo "###################################################################"
289
289
        @echo "# The following error messages are harmless and can be safely     #"
290
290
        @echo "# ignored:                                                        #"
303
303
        ./plugin-runner --plugin-dir=plugins.d \
304
304
                --plugin-helper-dir=plugin-helpers \
305
305
                --config-file=plugin-runner.conf \
306
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
 
306
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
307
307
                --env-for=mandos-client:GNOME_KEYRING_CONTROL= \
308
308
                $(CLIENTARGS)
309
309
 
310
310
# Used by run-client
311
 
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
 
311
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
312
312
        install --directory keydir
313
313
        ./mandos-keygen --dir keydir --force
314
314
 
321
321
confdir/mandos.conf: mandos.conf
322
322
        install --directory confdir
323
323
        install --mode=u=rw,go=r $^ $@
324
 
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
 
324
confdir/clients.conf: clients.conf keydir/seckey.txt
325
325
        install --directory confdir
326
326
        install --mode=u=rw $< $@
327
327
# Add a client password
423
423
                plugin-helpers/mandos-client-iprouteadddel
424
424
        install initramfs-tools-hook \
425
425
                $(INITRAMFSTOOLS)/hooks/mandos
426
 
        install --mode=u=rw,go=r initramfs-tools-conf \
427
 
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
 
426
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
 
427
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
428
428
        install initramfs-tools-script \
429
429
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
430
430
        install initramfs-tools-script-stop \
508
508
        -rmdir $(CONFDIR)
509
509
 
510
510
purge-client: uninstall-client
511
 
        -shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
 
511
        -shred --remove $(KEYDIR)/seckey.txt
512
512
        -rm --force $(CONFDIR)/plugin-runner.conf \
513
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
514
 
                $(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
 
513
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
515
514
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)