/mandos/release : revision 237.7.700

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2019-08-05 21:14:05 UTC
mto: This revision was merged to the branch mainline in revision 388.
Revision ID: teddy@recompile.se-20190805211405-9m6hecekaihpttz9

Override lintian warnings about upgrading from old versions

There are some really things which are imperative that we fix in case
someone were to upgrade from a really old version.  We want to keep
these fixes in the postinst maintainer scripts, even though lintian
complains about such old upgrades not being supported by Debian in
general.  We prefer the code being there, for the sake of the users.

* debian/mandos-client.lintian-overrides
  (maintainer-script-supports-ancient-package-version): New.
  debian/mandos.lintian-overrides
  (maintainer-script-supports-ancient-package-version): - '' -

files removed:
debian/mandos.maintscript

debian/po/de.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

sysusers.d-mandos.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.dirs

debian/mandos.postinst

debian/rules

debian/tests/control

dracut-module/ask-password-mandos.service

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-hook

initramfs-tools-script

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-monitor

mandos-to-cryptroot-unlock

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/usplash.c

Show diffs side-by-side

added added

removed removed

Makefile

# For info about _FORTIFY_SOURCE, see feature_test_macros(7)

# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY:=-fstack-protector-all -fPIC

CPPFLAGS+=-D_FORTIFY_SOURCE=3

FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

LINK_FORTIFY_LD:=-z relro -z now

LINK_FORTIFY:=

#COVERAGE=--coverage

OPTIMIZE:=-Os -fno-strict-aliasing

LANGUAGE:=-std=gnu11

CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64

FEATURES:=-D_FILE_OFFSET_BITS=64

htmldir:=man

version:=1.8.16

version:=1.8.6

SED:=sed

PKG_CONFIG?=pkg-config

# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

# STATEDIR:=$(DESTDIR)/var/lib/mandos

# LIBDIR:=$(PREFIX)/lib

# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d

## These settings are for a package-type install

break; \

fi; \

done)

DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d

SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=systemdsystemunitdir)

TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=tmpfilesdir)

SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=sysusersdir)

GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)

GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)

100

AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)

101

AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)

102

GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \

103

|| gpgme-config --cflags; getconf LFS_CFLAGS)

104

GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \

105

|| gpgme-config --libs; getconf LFS_LIBS; \

GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \

106

getconf LFS_LDFLAGS)

107

100

LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)

108

101

LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)

111

104

112

105

# Do not change these two

113

106

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

114

$(LANGUAGE) -DVERSION='"$(version)"'

107

$(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'

115

108

LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \

116

109

) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

117

110

161

154

162

155

objects:=$(addsuffix .o,$(CPROGS))

163

156

164

.PHONY: all

165

157

all: $(PROGS) mandos.lsm

166

158

167

.PHONY: doc

168

159

doc: $(DOCS)

169

160

170

.PHONY: html

171

161

html: $(htmldocs)

172

162

173

163

%.5: %.xml common.ent legalnotice.xml

290

280

$@)

291

281

292

282

# Need to add the GnuTLS, Avahi and GPGME libraries

293

plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \

294

) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)

295

plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \

296

) $(AVAHI_LIBS) $(GPGME_LIBS)

283

plugins.d/mandos-client: plugins.d/mandos-client.c

284

$(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\

285

) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\

286

) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\

287

) $(LDLIBS) -o $@

297

288

298

289

# Need to add the libnl-route library

299

plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)

300

plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)

290

plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c

291

$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\

292

) $(LOADLIBES) $(LDLIBS) -o $@

301

293

302

294

# Need to add the GLib and pthread libraries

303

dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)

304

# Note: -lpthread is unnecessary with the GNU C library 2.34 or later

305

dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread

306

307

.PHONY: clean

295

dracut-module/password-agent: dracut-module/password-agent.c

296

$(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\

297

) $(LOADLIBES) $(LDLIBS) -o $@

298

299

.PHONY : all doc html clean distclean mostlyclean maintainer-clean \

300

check run-client run-server install install-html \

301

install-server install-client-nokey install-client uninstall \

302

uninstall-server uninstall-client purge purge-server \

303

purge-client

304

308

305

clean:

309

306

-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core

310

307

311

.PHONY: distclean

312

308

distclean: clean

313

.PHONY: mostlyclean

314

309

mostlyclean: clean

315

.PHONY: maintainer-clean

316

310

maintainer-clean: clean

317

311

-rm --force --recursive keydir confdir statedir

318

312

319

.PHONY: check

320

313

check: all

321

314

./mandos --check

322

315

./mandos-ctl --check

326

319

./dracut-module/password-agent --test

327

320

328

321

# Run the client with a local config and key

329

.PHONY: run-client

330

322

run-client: all keydir/seckey.txt keydir/pubkey.txt \

331

323

keydir/tls-privkey.pem keydir/tls-pubkey.pem

332

324

@echo '######################################################'

360

352

keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen

361

353

install --directory keydir

362

354

./mandos-keygen --dir keydir --force

363

if ! [ -e keydir/tls-privkey.pem ]; then \

364

install --mode=u=rw /dev/null keydir/tls-privkey.pem; \

365

366

if ! [ -e keydir/tls-pubkey.pem ]; then \

367

install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \

368

369

355

370

356

# Run the server with a local config

371

.PHONY: run-server

372

357

run-server: confdir/mandos.conf confdir/clients.conf statedir

373

358

./mandos --debug --no-dbus --configdir=confdir \

374

359

--statedir=statedir $(SERVERARGS)

375

360

376

361

# Used by run-server

377

362

confdir/mandos.conf: mandos.conf

378

install -D --mode=u=rw,go=r $^ $@

363

install --directory confdir

364

install --mode=u=rw,go=r $^ $@

379

365

confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem

380

install -D --mode=u=rw $< $@

366

install --directory confdir

367

install --mode=u=rw $< $@

381

368

# Add a client password

382

369

./mandos-keygen --dir keydir --password --no-ssh >> $@

383

370

statedir:

384

371

install --directory statedir

385

372

386

.PHONY: install

387

373

install: install-server install-client-nokey

388

374

389

.PHONY: install-html

390

375

install-html: html

391

install -D --mode=u=rw,go=r --target-directory=$(htmldir) \

376

install --directory $(htmldir)

377

install --mode=u=rw,go=r --target-directory=$(htmldir) \

392

378

$(htmldocs)

393

379

394

.PHONY: install-server

395

380

install-server: doc

381

install --directory $(CONFDIR)

396

382

if install --directory --mode=u=rwx --owner=$(USER) \

397

383

--group=$(GROUP) $(STATEDIR); then \

398

384

:; \

399

385

elif install --directory --mode=u=rwx $(STATEDIR); then \

400

386

chown -- $(USER):$(GROUP) $(STATEDIR) || :; \

401

387

402

if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \

403

install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \

388

if [ "$(TMPFILES)" != "$(DESTDIR)" \

389

-a -d "$(TMPFILES)" ]; then \

390

install --mode=u=rw,go=r tmpfiles.d-mandos.conf \

404

391

$(TMPFILES)/mandos.conf; \

405

392

406

if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \

407

install -D --mode=u=rw,go=r sysusers.d-mandos.conf \

408

$(SYSUSERS)/mandos.conf; \

409

410

install --directory $(PREFIX)/sbin

411

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

412

mandos

393

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

413

394

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

414

395

mandos-ctl

415

396

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

416

397

mandos-monitor

417

install --directory $(CONFDIR)

418

398

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

419

399

mandos.conf

420

400

install --mode=u=rw --target-directory=$(CONFDIR) \

421

401

clients.conf

422

install -D --mode=u=rw,go=r dbus-mandos.conf \

423

$(DBUSPOLICYDIR)/mandos.conf

424

install -D --mode=u=rwx,go=rx init.d-mandos \

402

install --mode=u=rw,go=r dbus-mandos.conf \

403

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

404

install --mode=u=rwx,go=rx init.d-mandos \

425

405

$(DESTDIR)/etc/init.d/mandos

426

if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \

427

install -D --mode=u=rw,go=r mandos.service \

428

$(SYSTEMD); \

406

if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \

407

install --mode=u=rw,go=r mandos.service $(SYSTEMD); \

429

408

430

install -D --mode=u=rw,go=r default-mandos \

409

install --mode=u=rw,go=r default-mandos \

431

410

$(DESTDIR)/etc/default/mandos

432

411

if [ -z $(DESTDIR) ]; then \

433

412

update-rc.d mandos defaults 25 15;\

434

413

435

install --directory $(MANDIR)/man8 $(MANDIR)/man5

436

414

gzip --best --to-stdout mandos.8 \

437

415

> $(MANDIR)/man8/mandos.8.gz

438

416

gzip --best --to-stdout mandos-monitor.8 \

446

424

gzip --best --to-stdout intro.8mandos \

447

425

> $(MANDIR)/man8/intro.8mandos.gz

448

426

449

.PHONY: install-client-nokey

450

427

install-client-nokey: all doc

428

install --directory $(LIBDIR)/mandos $(CONFDIR)

451

429

install --directory --mode=u=rwx $(KEYDIR) \

452

430

$(LIBDIR)/mandos/plugins.d \

453

431

$(LIBDIR)/mandos/plugin-helpers

454

if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \

455

install -D --mode=u=rw,go=r sysusers.d-mandos.conf \

456

$(SYSUSERS)/mandos-client.conf; \

457

458

432

if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \

459

install --directory \

460

--mode=u=rwx "$(CONFDIR)/plugins.d" \

433

install --mode=u=rwx \

434

--directory "$(CONFDIR)/plugins.d" \

461

435

"$(CONFDIR)/plugin-helpers"; \

462

436

463

install --directory --mode=u=rwx,go=rx \

437

install --mode=u=rwx,go=rx --directory \

464

438

"$(CONFDIR)/network-hooks.d"

465

439

install --mode=u=rwx,go=rx \

466

440

--target-directory=$(LIBDIR)/mandos plugin-runner

467

441

install --mode=u=rwx,go=rx \

468

442

--target-directory=$(LIBDIR)/mandos \

469

443

mandos-to-cryptroot-unlock

470

install --directory $(PREFIX)/sbin

471

444

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

472

445

mandos-keygen

473

446

install --mode=u=rwx,go=rx \

491

464

install --mode=u=rwx,go=rx \

492

465

--target-directory=$(LIBDIR)/mandos/plugin-helpers \

493

466

plugin-helpers/mandos-client-iprouteadddel

494

install -D initramfs-tools-hook \

467

install initramfs-tools-hook \

495

468

$(INITRAMFSTOOLS)/hooks/mandos

496

install -D --mode=u=rw,go=r initramfs-tools-conf \

469

install --mode=u=rw,go=r initramfs-tools-conf \

497

470

$(INITRAMFSTOOLS)/conf.d/mandos-conf

498

install -D --mode=u=rw,go=r initramfs-tools-conf-hook \

471

install --mode=u=rw,go=r initramfs-tools-conf-hook \

499

472

$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos

500

install -D initramfs-tools-script \

473

install initramfs-tools-script \

501

474

$(INITRAMFSTOOLS)/scripts/init-premount/mandos

502

install -D initramfs-tools-script-stop \

475

install initramfs-tools-script-stop \

503

476

$(INITRAMFSTOOLS)/scripts/local-premount/mandos

504

install -D --mode=u=rw,go=r \

505

--target-directory=$(DRACUTMODULE) \

477

install --directory $(DRACUTMODULE)

478

install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \

506

479

dracut-module/ask-password-mandos.path \

507

480

dracut-module/ask-password-mandos.service

508

481

install --mode=u=rwxs,go=rx \

511

484

dracut-module/cmdline-mandos.sh \

512

485

dracut-module/password-agent

513

486

install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)

514

install --directory $(MANDIR)/man8

515

487

gzip --best --to-stdout mandos-keygen.8 \

516

488

> $(MANDIR)/man8/mandos-keygen.8.gz

517

489

gzip --best --to-stdout plugin-runner.8mandos \

531

503

gzip --best --to-stdout dracut-module/password-agent.8mandos \

532

504

> $(MANDIR)/man8/password-agent.8mandos.gz

533

505

534

.PHONY: install-client

535

506

install-client: install-client-nokey

536

507

# Post-installation stuff

537

508

-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"

547

518

548

519

echo "Now run mandos-keygen --password --dir $(KEYDIR)"

549

520

550

.PHONY: uninstall

551

521

uninstall: uninstall-server uninstall-client

552

522

553

.PHONY: uninstall-server

554

523

uninstall-server:

555

524

-rm --force $(PREFIX)/sbin/mandos \

556

525

$(PREFIX)/sbin/mandos-ctl \

563

532

update-rc.d -f mandos remove

564

533

-rmdir $(CONFDIR)

565

534

566

.PHONY: uninstall-client

567

535

uninstall-client:

568

536

# Refuse to uninstall client if /etc/crypttab is explicitly configured

569

537

# to use it.

605

573

done; \

606

574

607

575

608

.PHONY: purge

609

576

purge: purge-server purge-client

610

577

611

.PHONY: purge-server

612

578

purge-server: uninstall-server

613

579

-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \

614

580

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

615

581

$(DESTDIR)/etc/default/mandos \

616

582

$(DESTDIR)/etc/init.d/mandos \

583

$(SYSTEMD)/mandos.service \

617

584

$(DESTDIR)/run/mandos.pid \

618

585

$(DESTDIR)/var/run/mandos.pid

619

if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \

620

-rm --force -- $(SYSTEMD)/mandos.service; \

621

622

586

-rmdir $(CONFDIR)

623

587

624

.PHONY: purge-client

625

588

purge-client: uninstall-client

626

589

-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem

627

590

-rm --force $(CONFDIR)/plugin-runner.conf \

Older »