/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2019-08-05 21:14:05 UTC
  • mto: This revision was merged to the branch mainline in revision 388.
  • Revision ID: teddy@recompile.se-20190805211405-9m6hecekaihpttz9
Override lintian warnings about upgrading from old versions

There are some really things which are imperative that we fix in case
someone were to upgrade from a really old version.  We want to keep
these fixes in the postinst maintainer scripts, even though lintian
complains about such old upgrades not being supported by Debian in
general.  We prefer the code being there, for the sake of the users.

* debian/mandos-client.lintian-overrides
  (maintainer-script-supports-ancient-package-version): New.
  debian/mandos.lintian-overrides
  (maintainer-script-supports-ancient-package-version): - '' -

Show diffs side-by-side

added added

removed removed

Lines of Context:
29
29
 
30
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
 
FORTIFY:=-fstack-protector-all -fPIC
33
 
CPPFLAGS+=-D_FORTIFY_SOURCE=3
 
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
34
33
LINK_FORTIFY_LD:=-z relro -z now
35
34
LINK_FORTIFY:=
36
35
 
42
41
#COVERAGE=--coverage
43
42
OPTIMIZE:=-Os -fno-strict-aliasing
44
43
LANGUAGE:=-std=gnu11
45
 
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
 
44
FEATURES:=-D_FILE_OFFSET_BITS=64
46
45
htmldir:=man
47
 
version:=1.8.16
 
46
version:=1.8.6
48
47
SED:=sed
49
48
PKG_CONFIG?=pkg-config
50
49
 
64
63
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
65
64
# STATEDIR:=$(DESTDIR)/var/lib/mandos
66
65
# LIBDIR:=$(PREFIX)/lib
67
 
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
68
66
##
69
67
 
70
68
## These settings are for a package-type install
85
83
                        break; \
86
84
                fi; \
87
85
        done)
88
 
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
89
86
##
90
87
 
91
88
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
92
89
                        --variable=systemdsystemunitdir)
93
90
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
94
91
                        --variable=tmpfilesdir)
95
 
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
 
                        --variable=sysusersdir)
97
92
 
98
93
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
99
94
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
100
95
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
101
96
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
102
 
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
103
 
        || gpgme-config --cflags; getconf LFS_CFLAGS)
104
 
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
105
 
        || gpgme-config --libs; getconf LFS_LIBS; \
 
97
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
 
98
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
106
99
        getconf LFS_LDFLAGS)
107
100
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
108
101
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
111
104
 
112
105
# Do not change these two
113
106
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
114
 
        $(LANGUAGE) -DVERSION='"$(version)"'
 
107
        $(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'
115
108
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
116
109
        ) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
117
110
 
161
154
 
162
155
objects:=$(addsuffix .o,$(CPROGS))
163
156
 
164
 
.PHONY: all
165
157
all: $(PROGS) mandos.lsm
166
158
 
167
 
.PHONY: doc
168
159
doc: $(DOCS)
169
160
 
170
 
.PHONY: html
171
161
html: $(htmldocs)
172
162
 
173
163
%.5: %.xml common.ent legalnotice.xml
290
280
                $@)
291
281
 
292
282
# Need to add the GnuTLS, Avahi and GPGME libraries
293
 
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
294
 
        ) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
295
 
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
296
 
        ) $(AVAHI_LIBS) $(GPGME_LIBS)
 
283
plugins.d/mandos-client: plugins.d/mandos-client.c
 
284
        $(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
 
285
                ) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
 
286
                ) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
 
287
                ) $(LDLIBS) -o $@
297
288
 
298
289
# Need to add the libnl-route library
299
 
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
300
 
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
 
290
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
 
291
        $(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
 
292
                ) $(LOADLIBES) $(LDLIBS) -o $@
301
293
 
302
294
# Need to add the GLib and pthread libraries
303
 
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
304
 
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
305
 
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
306
 
 
307
 
.PHONY: clean
 
295
dracut-module/password-agent: dracut-module/password-agent.c
 
296
        $(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\
 
297
                ) $(LOADLIBES) $(LDLIBS) -o $@
 
298
 
 
299
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
 
300
        check run-client run-server install install-html \
 
301
        install-server install-client-nokey install-client uninstall \
 
302
        uninstall-server uninstall-client purge purge-server \
 
303
        purge-client
 
304
 
308
305
clean:
309
306
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
310
307
 
311
 
.PHONY: distclean
312
308
distclean: clean
313
 
.PHONY: mostlyclean
314
309
mostlyclean: clean
315
 
.PHONY: maintainer-clean
316
310
maintainer-clean: clean
317
311
        -rm --force --recursive keydir confdir statedir
318
312
 
319
 
.PHONY: check
320
313
check: all
321
314
        ./mandos --check
322
315
        ./mandos-ctl --check
326
319
        ./dracut-module/password-agent --test
327
320
 
328
321
# Run the client with a local config and key
329
 
.PHONY: run-client
330
322
run-client: all keydir/seckey.txt keydir/pubkey.txt \
331
323
                        keydir/tls-privkey.pem keydir/tls-pubkey.pem
332
324
        @echo '######################################################'
360
352
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
361
353
        install --directory keydir
362
354
        ./mandos-keygen --dir keydir --force
363
 
        if ! [ -e keydir/tls-privkey.pem ]; then \
364
 
                install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
365
 
        fi
366
 
        if ! [ -e keydir/tls-pubkey.pem ]; then \
367
 
                install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
368
 
        fi
369
355
 
370
356
# Run the server with a local config
371
 
.PHONY: run-server
372
357
run-server: confdir/mandos.conf confdir/clients.conf statedir
373
358
        ./mandos --debug --no-dbus --configdir=confdir \
374
359
                --statedir=statedir $(SERVERARGS)
385
370
statedir:
386
371
        install --directory statedir
387
372
 
388
 
.PHONY: install
389
373
install: install-server install-client-nokey
390
374
 
391
 
.PHONY: install-html
392
375
install-html: html
393
376
        install --directory $(htmldir)
394
377
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
395
378
                $(htmldocs)
396
379
 
397
 
.PHONY: install-server
398
380
install-server: doc
399
381
        install --directory $(CONFDIR)
400
382
        if install --directory --mode=u=rwx --owner=$(USER) \
408
390
                install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
409
391
                        $(TMPFILES)/mandos.conf; \
410
392
        fi
411
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" \
412
 
                        -a -d "$(SYSUSERS)" ]; then \
413
 
                install --mode=u=rw,go=r sysusers.d-mandos.conf \
414
 
                        $(SYSUSERS)/mandos.conf; \
415
 
        fi
416
393
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
417
394
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
418
395
                mandos-ctl
423
400
        install --mode=u=rw --target-directory=$(CONFDIR) \
424
401
                clients.conf
425
402
        install --mode=u=rw,go=r dbus-mandos.conf \
426
 
                $(DBUSPOLICYDIR)/mandos.conf
 
403
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
427
404
        install --mode=u=rwx,go=rx init.d-mandos \
428
405
                $(DESTDIR)/etc/init.d/mandos
429
406
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
447
424
        gzip --best --to-stdout intro.8mandos \
448
425
                > $(MANDIR)/man8/intro.8mandos.gz
449
426
 
450
 
.PHONY: install-client-nokey
451
427
install-client-nokey: all doc
452
428
        install --directory $(LIBDIR)/mandos $(CONFDIR)
453
429
        install --directory --mode=u=rwx $(KEYDIR) \
454
430
                $(LIBDIR)/mandos/plugins.d \
455
431
                $(LIBDIR)/mandos/plugin-helpers
456
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" \
457
 
                        -a -d "$(SYSUSERS)" ]; then \
458
 
                install --mode=u=rw,go=r sysusers.d-mandos.conf \
459
 
                        $(SYSUSERS)/mandos-client.conf; \
460
 
        fi
461
432
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
462
433
                install --mode=u=rwx \
463
434
                        --directory "$(CONFDIR)/plugins.d" \
532
503
        gzip --best --to-stdout dracut-module/password-agent.8mandos \
533
504
                > $(MANDIR)/man8/password-agent.8mandos.gz
534
505
 
535
 
.PHONY: install-client
536
506
install-client: install-client-nokey
537
507
# Post-installation stuff
538
508
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
548
518
        fi
549
519
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
550
520
 
551
 
.PHONY: uninstall
552
521
uninstall: uninstall-server uninstall-client
553
522
 
554
 
.PHONY: uninstall-server
555
523
uninstall-server:
556
524
        -rm --force $(PREFIX)/sbin/mandos \
557
525
                $(PREFIX)/sbin/mandos-ctl \
564
532
        update-rc.d -f mandos remove
565
533
        -rmdir $(CONFDIR)
566
534
 
567
 
.PHONY: uninstall-client
568
535
uninstall-client:
569
536
# Refuse to uninstall client if /etc/crypttab is explicitly configured
570
537
# to use it.
606
573
            done; \
607
574
        fi
608
575
 
609
 
.PHONY: purge
610
576
purge: purge-server purge-client
611
577
 
612
 
.PHONY: purge-server
613
578
purge-server: uninstall-server
614
579
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
615
580
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
620
585
                $(DESTDIR)/var/run/mandos.pid
621
586
        -rmdir $(CONFDIR)
622
587
 
623
 
.PHONY: purge-client
624
588
purge-client: uninstall-client
625
589
        -shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
626
590
        -rm --force $(CONFDIR)/plugin-runner.conf \