/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2019-07-29 16:35:53 UTC
  • mto: This revision was merged to the branch mainline in revision 384.
  • Revision ID: teddy@recompile.se-20190729163553-1i442i2cbx64c537
Make tests and man page examples match

Make the tests test_manual_page_example[1-5] match exactly what is
written in the manual page, and add comments to manual page as
reminders to keep tests and manual page examples in sync.

* mandos-ctl (Test_commands_from_options.test_manual_page_example_1):
  Remove "--verbose" option, since the manual does not have it as the
  first example, and change assertion to match.
* mandos-ctl.xml (EXAMPLE): Add comments to all examples documenting
  which test function they correspond to.  Also remove unnecessary
  quotes from option arguments in fourth example, and clarify language
  slightly in fifth example.

Show diffs side-by-side

added added

removed removed

Lines of Context:
29
29
 
30
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
 
FORTIFY:=-fstack-protector-all -fPIC
33
 
CPPFLAGS+=-D_FORTIFY_SOURCE=3
 
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
34
33
LINK_FORTIFY_LD:=-z relro -z now
35
34
LINK_FORTIFY:=
36
35
 
42
41
#COVERAGE=--coverage
43
42
OPTIMIZE:=-Os -fno-strict-aliasing
44
43
LANGUAGE:=-std=gnu11
45
 
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
46
44
htmldir:=man
47
 
version:=1.8.17
 
45
version:=1.8.4
48
46
SED:=sed
49
 
PKG_CONFIG?=pkg-config
50
47
 
51
48
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
52
49
        || getent passwd nobody || echo 65534)))
53
50
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
54
51
        || getent group nogroup || echo 65534)))
55
52
 
56
 
LINUXVERSION:=$(shell uname --kernel-release)
57
 
 
58
53
## Use these settings for a traditional /usr/local install
59
54
# PREFIX:=$(DESTDIR)/usr/local
60
 
# BINDIR:=$(PREFIX)/sbin
61
55
# CONFDIR:=$(DESTDIR)/etc/mandos
62
56
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
63
57
# MANDIR:=$(PREFIX)/man
65
59
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
66
60
# STATEDIR:=$(DESTDIR)/var/lib/mandos
67
61
# LIBDIR:=$(PREFIX)/lib
68
 
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
69
62
##
70
63
 
71
64
## These settings are for a package-type install
72
65
PREFIX:=$(DESTDIR)/usr
73
 
BINDIR:=$(PREFIX)/sbin
74
66
CONFDIR:=$(DESTDIR)/etc/mandos
75
67
KEYDIR:=$(DESTDIR)/etc/keys/mandos
76
68
MANDIR:=$(PREFIX)/share/man
79
71
STATEDIR:=$(DESTDIR)/var/lib/mandos
80
72
LIBDIR:=$(shell \
81
73
        for d in \
82
 
        "/usr/lib/`dpkg-architecture \
83
 
                        -qDEB_HOST_MULTIARCH 2>/dev/null`" \
 
74
        "/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
84
75
        "`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
85
76
                if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
86
77
                        echo "$(DESTDIR)$$d"; \
87
78
                        break; \
88
79
                fi; \
89
80
        done)
90
 
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
91
81
##
92
82
 
93
 
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
94
 
                        --variable=systemdsystemunitdir)
95
 
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
 
                        --variable=tmpfilesdir)
97
 
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
98
 
                        --variable=sysusersdir)
 
83
SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
 
84
TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)
99
85
 
100
 
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
101
 
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
102
 
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
103
 
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
104
 
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
105
 
        || gpgme-config --cflags; getconf LFS_CFLAGS)
106
 
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
107
 
        || gpgme-config --libs; getconf LFS_LIBS; \
 
86
GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)
 
87
GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)
 
88
AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)
 
89
AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)
 
90
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
 
91
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
108
92
        getconf LFS_LDFLAGS)
109
 
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
110
 
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
111
 
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
112
 
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
 
93
LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)
 
94
LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)
 
95
GLIB_CFLAGS:=$(shell pkg-config --cflags glib-2.0)
 
96
GLIB_LIBS:=$(shell pkg-config --libs glib-2.0)
113
97
 
114
98
# Do not change these two
115
 
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
116
 
        $(LANGUAGE) -DVERSION='"$(version)"'
 
99
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \
 
100
        $(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'
117
101
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
118
102
        ) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
119
103
 
163
147
 
164
148
objects:=$(addsuffix .o,$(CPROGS))
165
149
 
166
 
.PHONY: all
167
150
all: $(PROGS) mandos.lsm
168
151
 
169
 
.PHONY: doc
170
152
doc: $(DOCS)
171
153
 
172
 
.PHONY: html
173
154
html: $(htmldocs)
174
155
 
175
156
%.5: %.xml common.ent legalnotice.xml
291
272
                --expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
292
273
                $@)
293
274
 
294
 
# Does the linker support the --no-warn-execstack option?
295
 
ifeq ($(shell echo 'int main(){}'|$(CC) --language=c /dev/stdin -o /dev/null -Xlinker --no-warn-execstack >/dev/null 2>&1 && echo yes),yes)
296
 
# These programs use nested functions, which uses an executable stack
297
 
plugin-runner: LDFLAGS += -Xlinker --no-warn-execstack
298
 
dracut-module/password-agent: LDFLAGS += -Xlinker --no-warn-execstack
299
 
plugins.d/password-prompt: LDFLAGS += -Xlinker --no-warn-execstack
300
 
plugins.d/mandos-client: LDFLAGS += -Xlinker --no-warn-execstack
301
 
plugins.d/plymouth: LDFLAGS += -Xlinker --no-warn-execstack
302
 
endif
303
 
 
304
275
# Need to add the GnuTLS, Avahi and GPGME libraries
305
 
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
306
 
        ) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
307
 
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
308
 
        ) $(AVAHI_LIBS) $(GPGME_LIBS)
 
276
plugins.d/mandos-client: plugins.d/mandos-client.c
 
277
        $(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
 
278
                ) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
 
279
                ) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
 
280
                ) $(LDLIBS) -o $@
309
281
 
310
282
# Need to add the libnl-route library
311
 
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
312
 
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
 
283
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
 
284
        $(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
 
285
                ) $(LOADLIBES) $(LDLIBS) -o $@
313
286
 
314
287
# Need to add the GLib and pthread libraries
315
 
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
316
 
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
317
 
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
318
 
 
319
 
.PHONY: clean
 
288
dracut-module/password-agent: dracut-module/password-agent.c
 
289
        $(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\
 
290
                ) $(LOADLIBES) $(LDLIBS) -o $@
 
291
 
 
292
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
 
293
        check run-client run-server install install-html \
 
294
        install-server install-client-nokey install-client uninstall \
 
295
        uninstall-server uninstall-client purge purge-server \
 
296
        purge-client
 
297
 
320
298
clean:
321
299
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
322
300
 
323
 
.PHONY: distclean
324
301
distclean: clean
325
 
.PHONY: mostlyclean
326
302
mostlyclean: clean
327
 
.PHONY: maintainer-clean
328
303
maintainer-clean: clean
329
304
        -rm --force --recursive keydir confdir statedir
330
305
 
331
 
.PHONY: check
332
306
check: all
333
307
        ./mandos --check
334
308
        ./mandos-ctl --check
338
312
        ./dracut-module/password-agent --test
339
313
 
340
314
# Run the client with a local config and key
341
 
.PHONY: run-client
342
 
run-client: all keydir/seckey.txt keydir/pubkey.txt \
343
 
                        keydir/tls-privkey.pem keydir/tls-pubkey.pem
344
 
        @echo '######################################################'
345
 
        @echo '# The following error messages are harmless and can  #'
346
 
        @echo '#  be safely ignored:                                #'
347
 
        @echo '## From plugin-runner:                               #'
348
 
        @echo '# setgid: Operation not permitted                    #'
349
 
        @echo '# setuid: Operation not permitted                    #'
350
 
        @echo '## From askpass-fifo:                                #'
351
 
        @echo '# mkfifo: Permission denied                          #'
352
 
        @echo '## From mandos-client:                               #'
353
 
        @echo '# Failed to raise privileges: Operation not permi... #'
354
 
        @echo '# Warning: network hook "*" exited with status *     #'
355
 
        @echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
356
 
        @echo '# Failed to bring up interface "*": Operation not... #'
357
 
        @echo '#                                                    #'
358
 
        @echo '# (The messages are caused by not running as root,   #'
359
 
        @echo '# but you should NOT run "make run-client" as root   #'
360
 
        @echo '# unless you also unpacked and compiled Mandos as    #'
361
 
        @echo '# root, which is also NOT recommended.)              #'
362
 
        @echo '######################################################'
 
315
run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem
 
316
        @echo "###################################################################"
 
317
        @echo "# The following error messages are harmless and can be safely     #"
 
318
        @echo "# ignored:                                                        #"
 
319
        @echo "# From plugin-runner: setgid: Operation not permitted             #"
 
320
        @echo "#                     setuid: Operation not permitted             #"
 
321
        @echo "# From askpass-fifo:  mkfifo: Permission denied                   #"
 
322
        @echo "# From mandos-client:                                             #"
 
323
        @echo "#             Failed to raise privileges: Operation not permitted #"
 
324
        @echo "#             Warning: network hook \"*\" exited with status *      #"
 
325
        @echo "#                                                                 #"
 
326
        @echo "# (The messages are caused by not running as root, but you should #"
 
327
        @echo "# NOT run \"make run-client\" as root unless you also unpacked and  #"
 
328
        @echo "# compiled Mandos as root, which is also NOT recommended.)        #"
 
329
        @echo "###################################################################"
363
330
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
364
331
        ./plugin-runner --plugin-dir=plugins.d \
365
332
                --plugin-helper-dir=plugin-helpers \
372
339
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
373
340
        install --directory keydir
374
341
        ./mandos-keygen --dir keydir --force
375
 
        if ! [ -e keydir/tls-privkey.pem ]; then \
376
 
                install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
377
 
        fi
378
 
        if ! [ -e keydir/tls-pubkey.pem ]; then \
379
 
                install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
380
 
        fi
381
342
 
382
343
# Run the server with a local config
383
 
.PHONY: run-server
384
344
run-server: confdir/mandos.conf confdir/clients.conf statedir
385
345
        ./mandos --debug --no-dbus --configdir=confdir \
386
346
                --statedir=statedir $(SERVERARGS)
387
347
 
388
348
# Used by run-server
389
349
confdir/mandos.conf: mandos.conf
390
 
        install -D --mode=u=rw,go=r $^ $@
 
350
        install --directory confdir
 
351
        install --mode=u=rw,go=r $^ $@
391
352
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
392
 
        install -D --mode=u=rw $< $@
 
353
        install --directory confdir
 
354
        install --mode=u=rw $< $@
393
355
# Add a client password
394
356
        ./mandos-keygen --dir keydir --password --no-ssh >> $@
395
357
statedir:
396
358
        install --directory statedir
397
359
 
398
 
.PHONY: install
399
360
install: install-server install-client-nokey
400
361
 
401
 
.PHONY: install-html
402
362
install-html: html
403
 
        install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
 
363
        install --directory $(htmldir)
 
364
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
404
365
                $(htmldocs)
405
366
 
406
 
.PHONY: install-server
407
367
install-server: doc
 
368
        install --directory $(CONFDIR)
408
369
        if install --directory --mode=u=rwx --owner=$(USER) \
409
370
                --group=$(GROUP) $(STATEDIR); then \
410
371
                :; \
411
372
        elif install --directory --mode=u=rwx $(STATEDIR); then \
412
373
                chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
413
374
        fi
414
 
        if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
415
 
                install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
 
375
        if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \
 
376
                install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
416
377
                        $(TMPFILES)/mandos.conf; \
417
378
        fi
418
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
419
 
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
420
 
                        $(SYSUSERS)/mandos.conf; \
421
 
        fi
422
 
        install --directory $(BINDIR)
423
 
        install --mode=u=rwx,go=rx --target-directory=$(BINDIR) mandos
424
 
        install --mode=u=rwx,go=rx --target-directory=$(BINDIR) \
 
379
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
 
380
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
425
381
                mandos-ctl
426
 
        install --mode=u=rwx,go=rx --target-directory=$(BINDIR) \
 
382
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
427
383
                mandos-monitor
428
 
        install --directory $(CONFDIR)
429
384
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
430
385
                mandos.conf
431
386
        install --mode=u=rw --target-directory=$(CONFDIR) \
432
387
                clients.conf
433
 
        install -D --mode=u=rw,go=r dbus-mandos.conf \
434
 
                $(DBUSPOLICYDIR)/mandos.conf
435
 
        install -D --mode=u=rwx,go=rx init.d-mandos \
 
388
        install --mode=u=rw,go=r dbus-mandos.conf \
 
389
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
 
390
        install --mode=u=rwx,go=rx init.d-mandos \
436
391
                $(DESTDIR)/etc/init.d/mandos
437
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
438
 
                install -D --mode=u=rw,go=r mandos.service \
439
 
                        $(SYSTEMD); \
 
392
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
 
393
                install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
440
394
        fi
441
 
        install -D --mode=u=rw,go=r default-mandos \
 
395
        install --mode=u=rw,go=r default-mandos \
442
396
                $(DESTDIR)/etc/default/mandos
443
397
        if [ -z $(DESTDIR) ]; then \
444
398
                update-rc.d mandos defaults 25 15;\
445
399
        fi
446
 
        install --directory $(MANDIR)/man8 $(MANDIR)/man5
447
400
        gzip --best --to-stdout mandos.8 \
448
401
                > $(MANDIR)/man8/mandos.8.gz
449
402
        gzip --best --to-stdout mandos-monitor.8 \
457
410
        gzip --best --to-stdout intro.8mandos \
458
411
                > $(MANDIR)/man8/intro.8mandos.gz
459
412
 
460
 
.PHONY: install-client-nokey
461
413
install-client-nokey: all doc
 
414
        install --directory $(LIBDIR)/mandos $(CONFDIR)
462
415
        install --directory --mode=u=rwx $(KEYDIR) \
463
416
                $(LIBDIR)/mandos/plugins.d \
464
417
                $(LIBDIR)/mandos/plugin-helpers
465
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
466
 
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
467
 
                        $(SYSUSERS)/mandos-client.conf; \
468
 
        fi
469
418
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
470
 
                install --directory \
471
 
                        --mode=u=rwx "$(CONFDIR)/plugins.d" \
 
419
                install --mode=u=rwx \
 
420
                        --directory "$(CONFDIR)/plugins.d" \
472
421
                        "$(CONFDIR)/plugin-helpers"; \
473
422
        fi
474
 
        install --directory --mode=u=rwx,go=rx \
 
423
        install --mode=u=rwx,go=rx --directory \
475
424
                "$(CONFDIR)/network-hooks.d"
476
425
        install --mode=u=rwx,go=rx \
477
426
                --target-directory=$(LIBDIR)/mandos plugin-runner
478
427
        install --mode=u=rwx,go=rx \
479
 
                --target-directory=$(LIBDIR)/mandos \
480
 
                mandos-to-cryptroot-unlock
481
 
        install --directory $(BINDIR)
482
 
        install --mode=u=rwx,go=rx --target-directory=$(BINDIR) \
 
428
                --target-directory=$(LIBDIR)/mandos mandos-to-cryptroot-unlock
 
429
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
483
430
                mandos-keygen
484
431
        install --mode=u=rwx,go=rx \
485
432
                --target-directory=$(LIBDIR)/mandos/plugins.d \
502
449
        install --mode=u=rwx,go=rx \
503
450
                --target-directory=$(LIBDIR)/mandos/plugin-helpers \
504
451
                plugin-helpers/mandos-client-iprouteadddel
505
 
        install -D initramfs-tools-hook \
 
452
        install initramfs-tools-hook \
506
453
                $(INITRAMFSTOOLS)/hooks/mandos
507
 
        install -D --mode=u=rw,go=r initramfs-tools-conf \
 
454
        install --mode=u=rw,go=r initramfs-tools-conf \
508
455
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
509
 
        install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
 
456
        install --mode=u=rw,go=r initramfs-tools-conf-hook \
510
457
                $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
511
 
        install -D initramfs-tools-script \
 
458
        install initramfs-tools-script \
512
459
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
513
 
        install -D initramfs-tools-script-stop \
 
460
        install initramfs-tools-script-stop \
514
461
                $(INITRAMFSTOOLS)/scripts/local-premount/mandos
515
 
        install -D --mode=u=rw,go=r \
516
 
                --target-directory=$(DRACUTMODULE) \
 
462
        install --directory $(DRACUTMODULE)
 
463
        install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
517
464
                dracut-module/ask-password-mandos.path \
518
465
                dracut-module/ask-password-mandos.service
519
466
        install --mode=u=rwxs,go=rx \
522
469
                dracut-module/cmdline-mandos.sh \
523
470
                dracut-module/password-agent
524
471
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
525
 
        install --directory $(MANDIR)/man8
526
472
        gzip --best --to-stdout mandos-keygen.8 \
527
473
                > $(MANDIR)/man8/mandos-keygen.8.gz
528
474
        gzip --best --to-stdout plugin-runner.8mandos \
542
488
        gzip --best --to-stdout dracut-module/password-agent.8mandos \
543
489
                > $(MANDIR)/man8/password-agent.8mandos.gz
544
490
 
545
 
.PHONY: install-client
546
491
install-client: install-client-nokey
547
492
# Post-installation stuff
548
 
        -$(BINDIR)/mandos-keygen --dir "$(KEYDIR)"
 
493
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
549
494
        if command -v update-initramfs >/dev/null; then \
550
495
            update-initramfs -k all -u; \
551
496
        elif command -v dracut >/dev/null; then \
552
 
            for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
 
497
            for initrd in $(DESTDIR)/boot/initr*-$(shell uname --kernel-release); do \
553
498
                if [ -w "$$initrd" ]; then \
554
499
                    chmod go-r "$$initrd"; \
555
500
                    dracut --force "$$initrd"; \
558
503
        fi
559
504
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
560
505
 
561
 
.PHONY: uninstall
562
506
uninstall: uninstall-server uninstall-client
563
507
 
564
 
.PHONY: uninstall-server
565
508
uninstall-server:
566
 
        -rm --force $(BINDIR)/mandos \
567
 
                $(BINDIR)/mandos-ctl \
568
 
                $(BINDIR)/mandos-monitor \
 
509
        -rm --force $(PREFIX)/sbin/mandos \
 
510
                $(PREFIX)/sbin/mandos-ctl \
 
511
                $(PREFIX)/sbin/mandos-monitor \
569
512
                $(MANDIR)/man8/mandos.8.gz \
570
513
                $(MANDIR)/man8/mandos-monitor.8.gz \
571
514
                $(MANDIR)/man8/mandos-ctl.8.gz \
574
517
        update-rc.d -f mandos remove
575
518
        -rmdir $(CONFDIR)
576
519
 
577
 
.PHONY: uninstall-client
578
520
uninstall-client:
579
521
# Refuse to uninstall client if /etc/crypttab is explicitly configured
580
522
# to use it.
581
523
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
582
524
                $(DESTDIR)/etc/crypttab
583
 
        -rm --force $(BINDIR)/mandos-keygen \
 
525
        -rm --force $(PREFIX)/sbin/mandos-keygen \
584
526
                $(LIBDIR)/mandos/plugin-runner \
585
527
                $(LIBDIR)/mandos/plugins.d/password-prompt \
586
528
                $(LIBDIR)/mandos/plugins.d/mandos-client \
611
553
        if command -v update-initramfs >/dev/null; then \
612
554
            update-initramfs -k all -u; \
613
555
        elif command -v dracut >/dev/null; then \
614
 
            for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
 
556
            for initrd in $(DESTDIR)/boot/initr*-$(shell uname --kernel-release); do \
615
557
                test -w "$$initrd" && dracut --force "$$initrd"; \
616
558
            done; \
617
559
        fi
618
560
 
619
 
.PHONY: purge
620
561
purge: purge-server purge-client
621
562
 
622
 
.PHONY: purge-server
623
563
purge-server: uninstall-server
624
564
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
625
565
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
626
566
                $(DESTDIR)/etc/default/mandos \
627
567
                $(DESTDIR)/etc/init.d/mandos \
 
568
                $(SYSTEMD)/mandos.service \
628
569
                $(DESTDIR)/run/mandos.pid \
629
570
                $(DESTDIR)/var/run/mandos.pid
630
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
631
 
                -rm --force -- $(SYSTEMD)/mandos.service; \
632
 
        fi
633
571
        -rmdir $(CONFDIR)
634
572
 
635
 
.PHONY: purge-client
636
573
purge-client: uninstall-client
637
574
        -shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
638
575
        -rm --force $(CONFDIR)/plugin-runner.conf \