To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to Makefile
- browse files at revision 237.7.787
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.787
- Committer: Teddy Hogeborn
- Date: 2021-02-04 17:59:45 UTC
- mto: This revision was merged to the branch mainline in revision 406.
- Revision ID: teddy@recompile.se-20210204175945-8druo6d88ipc1z58
Fix issue with french translation
Initial white space was missing in both msgid and msgstr of the french
translation, leading to checking tools reporing an incomplete
translation. The string is a raw key id, and therefore did not need
translation, so this was never a user-visible issue.
* debian/po/fr.po: Add missing whitespace to the id and translation
for msgid " ${key_id}".
Initial white space was missing in both msgid and msgstr of the french
translation, leading to checking tools reporing an incomplete
translation. The string is a raw key id, and therefore did not need
translation, so this was never a user-visible issue.
* debian/po/fr.po: Add missing whitespace to the id and translation
for msgid " ${key_id}".
- files added:
- DBUS-API
- debian/source
- debian/tests
- debian/upstream
- dracut-module
- network-hooks.d
- plugin-helpers
- files removed:
- initramfs-tools-hook-conf
- files modified:
- .bzrignore
added
removed
Makefile
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
-Wswitch-default -Wswitch-enum -Wunused-parameter \
3
-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
4
6
-Wunsafe-loop-optimizations -Wpointer-arith \
5
7
-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
-Wconversion -Wstrict-prototypes -Wold-style-definition \
7
-Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
# -Wunreachable-code
9
#DEBUG=-ggdb3
10
# For info about _FORTIFY_SOURCE, see
11
# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>
12
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
13
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC -fPIE
14
LINK_FORTIFY_LD=-z relro -fPIE
15
LINK_FORTIFY=-pie
8
-Wconversion -Wlogical-op -Waggregate-return \
9
-Wstrict-prototypes -Wold-style-definition \
10
-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
-Wvolatile-register-var -Woverlength-strings
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
# echo 'int main(){}' | $(CC) --language=c $(option) \
18
# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
21
-fsanitize=shift -fsanitize=integer-divide-by-zero \
22
-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
-fsanitize=return -fsanitize=signed-integer-overflow \
24
-fsanitize=bounds -fsanitize=alignment \
25
-fsanitize=object-size -fsanitize=float-divide-by-zero \
26
-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
-fsanitize=returns-nonnull-attribute -fsanitize=bool \
28
-fsanitize=enum -fsanitize-address-use-after-scope
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
33
LINK_FORTIFY_LD:=-z relro -z now
34
LINK_FORTIFY:=
35
36
# If BROKEN_PIE is set, do not build with -pie
37
ifndef BROKEN_PIE
38
FORTIFY += -fPIE
39
LINK_FORTIFY += -pie
40
endif
16
41
#COVERAGE=--coverage
17
OPTIMIZE=-Os
18
LANGUAGE=-std=gnu99
19
htmldir=man
20
version=1.0.12
21
SED=sed
42
OPTIMIZE:=-Os -fno-strict-aliasing
43
LANGUAGE:=-std=gnu11
44
FEATURES:=-D_FILE_OFFSET_BITS=64
45
htmldir:=man
46
version:=1.8.14
47
SED:=sed
48
PKG_CONFIG?=pkg-config
49
50
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
51
|| getent passwd nobody || echo 65534)))
52
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
53
|| getent group nogroup || echo 65534)))
54
55
LINUXVERSION:=$(shell uname --kernel-release)
22
56
23
57
## Use these settings for a traditional /usr/local install
24
# PREFIX=$(DESTDIR)/usr/local
25
# CONFDIR=$(DESTDIR)/etc/mandos
26
# KEYDIR=$(DESTDIR)/etc/mandos/keys
27
# MANDIR=$(PREFIX)/man
28
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
58
# PREFIX:=$(DESTDIR)/usr/local
59
# CONFDIR:=$(DESTDIR)/etc/mandos
60
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
61
# MANDIR:=$(PREFIX)/man
62
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
63
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
64
# STATEDIR:=$(DESTDIR)/var/lib/mandos
65
# LIBDIR:=$(PREFIX)/lib
29
66
##
30
67
31
68
## These settings are for a package-type install
32
PREFIX=$(DESTDIR)/usr
33
CONFDIR=$(DESTDIR)/etc/mandos
34
KEYDIR=$(DESTDIR)/etc/keys/mandos
35
MANDIR=$(PREFIX)/share/man
36
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
69
PREFIX:=$(DESTDIR)/usr
70
CONFDIR:=$(DESTDIR)/etc/mandos
71
KEYDIR:=$(DESTDIR)/etc/keys/mandos
72
MANDIR:=$(PREFIX)/share/man
73
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
74
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
75
STATEDIR:=$(DESTDIR)/var/lib/mandos
76
LIBDIR:=$(shell \
77
for d in \
78
"/usr/lib/`dpkg-architecture \
79
-qDEB_HOST_MULTIARCH 2>/dev/null`" \
80
"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
81
if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
82
echo "$(DESTDIR)$$d"; \
83
break; \
84
fi; \
85
done)
37
86
##
38
87
39
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
40
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
41
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
42
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
43
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
44
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
88
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
89
--variable=systemdsystemunitdir)
90
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
91
--variable=tmpfilesdir)
92
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
93
--variable=sysusersdir)
94
95
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
96
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
97
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
98
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
99
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
100
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
45
101
getconf LFS_LDFLAGS)
102
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
103
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
104
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
105
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
46
106
47
107
# Do not change these two
48
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
49
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
50
-DVERSION='"$(version)"'
51
LDFLAGS=$(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
108
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
109
$(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'
110
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
111
) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
52
112
53
113
# Commands to format a DocBook <refentry> document into a manual page
54
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
114
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
55
115
--param man.charmap.use.subset 0 \
56
116
--param make.year.ranges 1 \
57
117
--param make.single.year.ranges 1 \
58
118
--param man.output.quietly 1 \
59
119
--param man.authors.section.enabled 0 \
60
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
120
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
61
121
$(notdir $<); \
62
$(MANPOST) $(notdir $@)
63
# DocBook-to-man post-processing to fix a '\n' escape bug
64
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
122
if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
123
&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
124
MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
125
$(notdir $@); fi >/dev/null)
65
126
66
DOCBOOKTOHTML=xsltproc --nonet --xinclude \
127
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
67
128
--param make.year.ranges 1 \
68
129
--param make.single.year.ranges 1 \
69
130
--param man.output.quietly 1 \
71
132
--param citerefentry.link 1 \
72
133
--output $@ \
73
134
/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
74
$<; $(HTMLPOST) $@
135
$<; $(HTMLPOST) $@)
75
136
# Fix citerefentry links
76
HTMLPOST=$(SED) --in-place \
137
HTMLPOST:=$(SED) --in-place \
77
138
--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
78
139
79
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
80
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
81
CPROGS=plugin-runner $(PLUGINS)
82
PROGS=mandos mandos-keygen mandos-ctl $(CPROGS)
83
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
140
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
141
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
142
plugins.d/plymouth
143
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
144
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
145
$(PLUGIN_HELPERS)
146
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
147
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
148
mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
149
dracut-module/password-agent.8mandos \
84
150
plugins.d/mandos-client.8mandos \
85
plugins.d/password-prompt.8mandos mandos.conf.5 \
86
plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
87
plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
88
89
htmldocs=$(addsuffix .xhtml,$(DOCS))
90
91
objects=$(addsuffix .o,$(CPROGS))
92
151
plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
152
plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
153
plugins.d/plymouth.8mandos intro.8mandos
154
155
htmldocs:=$(addsuffix .xhtml,$(DOCS))
156
157
objects:=$(addsuffix .o,$(CPROGS))
158
159
.PHONY: all
93
160
all: $(PROGS) mandos.lsm
94
161
162
.PHONY: doc
95
163
doc: $(DOCS)
96
164
165
.PHONY: html
97
166
html: $(htmldocs)
98
167
99
168
%.5: %.xml common.ent legalnotice.xml
111
180
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
112
181
$(DOCBOOKTOHTML)
113
182
183
intro.8mandos: intro.xml common.ent legalnotice.xml
184
$(DOCBOOKTOMAN)
185
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
186
$(DOCBOOKTOHTML)
187
114
188
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
115
189
legalnotice.xml
116
190
$(DOCBOOKTOMAN)
125
199
legalnotice.xml
126
200
$(DOCBOOKTOHTML)
127
201
202
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
203
legalnotice.xml
204
$(DOCBOOKTOMAN)
205
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
206
legalnotice.xml
207
$(DOCBOOKTOHTML)
208
209
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
210
legalnotice.xml
211
$(DOCBOOKTOMAN)
212
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
213
legalnotice.xml
214
$(DOCBOOKTOHTML)
215
128
216
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
129
217
legalnotice.xml
130
218
$(DOCBOOKTOMAN)
139
227
overview.xml legalnotice.xml
140
228
$(DOCBOOKTOHTML)
141
229
230
dracut-module/password-agent.8mandos: \
231
dracut-module/password-agent.xml common.ent \
232
overview.xml legalnotice.xml
233
$(DOCBOOKTOMAN)
234
dracut-module/password-agent.8mandos.xhtml: \
235
dracut-module/password-agent.xml common.ent \
236
overview.xml legalnotice.xml
237
$(DOCBOOKTOHTML)
238
142
239
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
143
240
common.ent \
144
241
mandos-options.xml \
152
249
153
250
# Update all these files with version number $(version)
154
251
common.ent: Makefile
155
$(SED) --in-place \
252
$(strip $(SED) --in-place \
156
253
--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
157
$@
254
$@)
158
255
159
256
mandos: Makefile
160
$(SED) --in-place \
257
$(strip $(SED) --in-place \
161
258
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
162
$@
259
$@)
163
260
164
261
mandos-keygen: Makefile
165
$(SED) --in-place \
262
$(strip $(SED) --in-place \
166
263
--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
167
$@
264
$@)
168
265
169
266
mandos-ctl: Makefile
170
$(SED) --in-place \
171
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
172
$@
267
$(strip $(SED) --in-place \
268
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
269
$@)
270
271
mandos-monitor: Makefile
272
$(strip $(SED) --in-place \
273
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
274
$@)
173
275
174
276
mandos.lsm: Makefile
175
$(SED) --in-place \
277
$(strip $(SED) --in-place \
176
278
--expression='s/^\(Version:\).*/\1\t$(version)/' \
177
$@
178
$(SED) --in-place \
279
$@)
280
$(strip $(SED) --in-place \
179
281
--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
180
$@
181
$(SED) --in-place \
282
$@)
283
$(strip $(SED) --in-place \
182
284
--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
183
$@
184
185
plugins.d/mandos-client: plugins.d/mandos-client.o
186
$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
187
$(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
188
189
.PHONY : all doc html clean distclean run-client run-server install \
190
install-server install-client uninstall uninstall-server \
191
uninstall-client purge purge-server purge-client
192
285
$@)
286
287
# Need to add the GnuTLS, Avahi and GPGME libraries
288
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
289
) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
290
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
291
) $(AVAHI_LIBS) $(GPGME_LIBS)
292
293
# Need to add the libnl-route library
294
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
295
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
296
297
# Need to add the GLib and pthread libraries
298
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
299
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
300
301
.PHONY: clean
193
302
clean:
194
303
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
195
304
305
.PHONY: distclean
196
306
distclean: clean
307
.PHONY: mostlyclean
197
308
mostlyclean: clean
309
.PHONY: maintainer-clean
198
310
maintainer-clean: clean
199
-rm --force --recursive keydir confdir
311
-rm --force --recursive keydir confdir statedir
200
312
201
check: all
313
.PHONY: check
314
check: all
202
315
./mandos --check
316
./mandos-ctl --check
317
./mandos-keygen --version
318
./plugin-runner --version
319
./plugin-helpers/mandos-client-iprouteadddel --version
320
./dracut-module/password-agent --test
203
321
204
322
# Run the client with a local config and key
205
run-client: all keydir/seckey.txt keydir/pubkey.txt
323
.PHONY: run-client
324
run-client: all keydir/seckey.txt keydir/pubkey.txt \
325
keydir/tls-privkey.pem keydir/tls-pubkey.pem
326
@echo '######################################################'
327
@echo '# The following error messages are harmless and can #'
328
@echo '# be safely ignored: #'
329
@echo '## From plugin-runner: #'
330
@echo '# setgid: Operation not permitted #'
331
@echo '# setuid: Operation not permitted #'
332
@echo '## From askpass-fifo: #'
333
@echo '# mkfifo: Permission denied #'
334
@echo '## From mandos-client: #'
335
@echo '# Failed to raise privileges: Operation not permi... #'
336
@echo '# Warning: network hook "*" exited with status * #'
337
@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
338
@echo '# Failed to bring up interface "*": Operation not... #'
339
@echo '# #'
340
@echo '# (The messages are caused by not running as root, #'
341
@echo '# but you should NOT run "make run-client" as root #'
342
@echo '# unless you also unpacked and compiled Mandos as #'
343
@echo '# root, which is also NOT recommended.) #'
344
@echo '######################################################'
345
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
206
346
./plugin-runner --plugin-dir=plugins.d \
347
--plugin-helper-dir=plugin-helpers \
207
348
--config-file=plugin-runner.conf \
208
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \
349
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
350
--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
209
351
$(CLIENTARGS)
210
352
211
353
# Used by run-client
212
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
354
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
213
355
install --directory keydir
214
356
./mandos-keygen --dir keydir --force
357
if ! [ -e keydir/tls-privkey.pem ]; then \
358
install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
359
fi
360
if ! [ -e keydir/tls-pubkey.pem ]; then \
361
install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
362
fi
215
363
216
364
# Run the server with a local config
217
run-server: confdir/mandos.conf confdir/clients.conf
218
./mandos --debug --no-dbus --configdir=confdir $(SERVERARGS)
365
.PHONY: run-server
366
run-server: confdir/mandos.conf confdir/clients.conf statedir
367
./mandos --debug --no-dbus --configdir=confdir \
368
--statedir=statedir $(SERVERARGS)
219
369
220
370
# Used by run-server
221
371
confdir/mandos.conf: mandos.conf
222
372
install --directory confdir
223
373
install --mode=u=rw,go=r $^ $@
224
confdir/clients.conf: clients.conf keydir/seckey.txt
374
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
225
375
install --directory confdir
226
376
install --mode=u=rw $< $@
227
377
# Add a client password
228
./mandos-keygen --dir keydir --password >> $@
378
./mandos-keygen --dir keydir --password --no-ssh >> $@
379
statedir:
380
install --directory statedir
229
381
382
.PHONY: install
230
383
install: install-server install-client-nokey
231
384
385
.PHONY: install-html
232
386
install-html: html
233
387
install --directory $(htmldir)
234
388
install --mode=u=rw,go=r --target-directory=$(htmldir) \
235
389
$(htmldocs)
236
390
391
.PHONY: install-server
237
392
install-server: doc
238
393
install --directory $(CONFDIR)
394
if install --directory --mode=u=rwx --owner=$(USER) \
395
--group=$(GROUP) $(STATEDIR); then \
396
:; \
397
elif install --directory --mode=u=rwx $(STATEDIR); then \
398
chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
399
fi
400
if [ "$(TMPFILES)" != "$(DESTDIR)" \
401
-a -d "$(TMPFILES)" ]; then \
402
install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
403
$(TMPFILES)/mandos.conf; \
404
fi
405
if [ "$(SYSUSERS)" != "$(DESTDIR)" \
406
-a -d "$(SYSUSERS)" ]; then \
407
install --mode=u=rw,go=r sysusers.d-mandos.conf \
408
$(SYSUSERS)/mandos.conf; \
409
fi
239
410
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
411
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
412
mandos-ctl
413
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
414
mandos-monitor
240
415
install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
241
416
mandos.conf
242
417
install --mode=u=rw --target-directory=$(CONFDIR) \
243
418
clients.conf
419
install --mode=u=rw,go=r dbus-mandos.conf \
420
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
244
421
install --mode=u=rwx,go=rx init.d-mandos \
245
422
$(DESTDIR)/etc/init.d/mandos
423
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
424
install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
425
fi
246
426
install --mode=u=rw,go=r default-mandos \
247
427
$(DESTDIR)/etc/default/mandos
248
428
if [ -z $(DESTDIR) ]; then \
250
430
fi
251
431
gzip --best --to-stdout mandos.8 \
252
432
> $(MANDIR)/man8/mandos.8.gz
433
gzip --best --to-stdout mandos-monitor.8 \
434
> $(MANDIR)/man8/mandos-monitor.8.gz
435
gzip --best --to-stdout mandos-ctl.8 \
436
> $(MANDIR)/man8/mandos-ctl.8.gz
253
437
gzip --best --to-stdout mandos.conf.5 \
254
438
> $(MANDIR)/man5/mandos.conf.5.gz
255
439
gzip --best --to-stdout mandos-clients.conf.5 \
256
440
> $(MANDIR)/man5/mandos-clients.conf.5.gz
441
gzip --best --to-stdout intro.8mandos \
442
> $(MANDIR)/man8/intro.8mandos.gz
257
443
444
.PHONY: install-client-nokey
258
445
install-client-nokey: all doc
259
install --directory $(PREFIX)/lib/mandos $(CONFDIR)
446
install --directory $(LIBDIR)/mandos $(CONFDIR)
260
447
install --directory --mode=u=rwx $(KEYDIR) \
261
$(PREFIX)/lib/mandos/plugins.d
262
if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
448
$(LIBDIR)/mandos/plugins.d \
449
$(LIBDIR)/mandos/plugin-helpers
450
if [ "$(SYSUSERS)" != "$(DESTDIR)" \
451
-a -d "$(SYSUSERS)" ]; then \
452
install --mode=u=rw,go=r sysusers.d-mandos.conf \
453
$(SYSUSERS)/mandos-client.conf; \
454
fi
455
if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
263
456
install --mode=u=rwx \
264
--directory "$(CONFDIR)/plugins.d"; \
457
--directory "$(CONFDIR)/plugins.d" \
458
"$(CONFDIR)/plugin-helpers"; \
265
459
fi
266
install --mode=u=rwx,go=rx \
267
--target-directory=$(PREFIX)/lib/mandos plugin-runner
460
install --mode=u=rwx,go=rx --directory \
461
"$(CONFDIR)/network-hooks.d"
462
install --mode=u=rwx,go=rx \
463
--target-directory=$(LIBDIR)/mandos plugin-runner
464
install --mode=u=rwx,go=rx \
465
--target-directory=$(LIBDIR)/mandos \
466
mandos-to-cryptroot-unlock
268
467
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
269
468
mandos-keygen
270
469
install --mode=u=rwx,go=rx \
271
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
470
--target-directory=$(LIBDIR)/mandos/plugins.d \
272
471
plugins.d/password-prompt
273
472
install --mode=u=rwxs,go=rx \
274
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
473
--target-directory=$(LIBDIR)/mandos/plugins.d \
275
474
plugins.d/mandos-client
276
475
install --mode=u=rwxs,go=rx \
277
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
476
--target-directory=$(LIBDIR)/mandos/plugins.d \
278
477
plugins.d/usplash
279
478
install --mode=u=rwxs,go=rx \
280
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
479
--target-directory=$(LIBDIR)/mandos/plugins.d \
281
480
plugins.d/splashy
282
481
install --mode=u=rwxs,go=rx \
283
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
482
--target-directory=$(LIBDIR)/mandos/plugins.d \
284
483
plugins.d/askpass-fifo
484
install --mode=u=rwxs,go=rx \
485
--target-directory=$(LIBDIR)/mandos/plugins.d \
486
plugins.d/plymouth
487
install --mode=u=rwx,go=rx \
488
--target-directory=$(LIBDIR)/mandos/plugin-helpers \
489
plugin-helpers/mandos-client-iprouteadddel
285
490
install initramfs-tools-hook \
286
491
$(INITRAMFSTOOLS)/hooks/mandos
287
install --mode=u=rw,go=r initramfs-tools-hook-conf \
288
$(INITRAMFSTOOLS)/conf-hooks.d/mandos
492
install --mode=u=rw,go=r initramfs-tools-conf \
493
$(INITRAMFSTOOLS)/conf.d/mandos-conf
494
install --mode=u=rw,go=r initramfs-tools-conf-hook \
495
$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
289
496
install initramfs-tools-script \
290
497
$(INITRAMFSTOOLS)/scripts/init-premount/mandos
498
install initramfs-tools-script-stop \
499
$(INITRAMFSTOOLS)/scripts/local-premount/mandos
500
install --directory $(DRACUTMODULE)
501
install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
502
dracut-module/ask-password-mandos.path \
503
dracut-module/ask-password-mandos.service
504
install --mode=u=rwxs,go=rx \
505
--target-directory=$(DRACUTMODULE) \
506
dracut-module/module-setup.sh \
507
dracut-module/cmdline-mandos.sh \
508
dracut-module/password-agent
291
509
install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
292
510
gzip --best --to-stdout mandos-keygen.8 \
293
511
> $(MANDIR)/man8/mandos-keygen.8.gz
294
512
gzip --best --to-stdout plugin-runner.8mandos \
295
513
> $(MANDIR)/man8/plugin-runner.8mandos.gz
514
gzip --best --to-stdout plugins.d/mandos-client.8mandos \
515
> $(MANDIR)/man8/mandos-client.8mandos.gz
296
516
gzip --best --to-stdout plugins.d/password-prompt.8mandos \
297
517
> $(MANDIR)/man8/password-prompt.8mandos.gz
298
gzip --best --to-stdout plugins.d/mandos-client.8mandos \
299
> $(MANDIR)/man8/mandos-client.8mandos.gz
300
518
gzip --best --to-stdout plugins.d/usplash.8mandos \
301
519
> $(MANDIR)/man8/usplash.8mandos.gz
302
520
gzip --best --to-stdout plugins.d/splashy.8mandos \
303
521
> $(MANDIR)/man8/splashy.8mandos.gz
304
522
gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
305
523
> $(MANDIR)/man8/askpass-fifo.8mandos.gz
524
gzip --best --to-stdout plugins.d/plymouth.8mandos \
525
> $(MANDIR)/man8/plymouth.8mandos.gz
526
gzip --best --to-stdout dracut-module/password-agent.8mandos \
527
> $(MANDIR)/man8/password-agent.8mandos.gz
306
528
529
.PHONY: install-client
307
530
install-client: install-client-nokey
308
531
# Post-installation stuff
309
532
-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
310
update-initramfs -k all -u
533
if command -v update-initramfs >/dev/null; then \
534
update-initramfs -k all -u; \
535
elif command -v dracut >/dev/null; then \
536
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
537
if [ -w "$$initrd" ]; then \
538
chmod go-r "$$initrd"; \
539
dracut --force "$$initrd"; \
540
fi; \
541
done; \
542
fi
311
543
echo "Now run mandos-keygen --password --dir $(KEYDIR)"
312
544
545
.PHONY: uninstall
313
546
uninstall: uninstall-server uninstall-client
314
547
548
.PHONY: uninstall-server
315
549
uninstall-server:
316
550
-rm --force $(PREFIX)/sbin/mandos \
551
$(PREFIX)/sbin/mandos-ctl \
552
$(PREFIX)/sbin/mandos-monitor \
317
553
$(MANDIR)/man8/mandos.8.gz \
554
$(MANDIR)/man8/mandos-monitor.8.gz \
555
$(MANDIR)/man8/mandos-ctl.8.gz \
318
556
$(MANDIR)/man5/mandos.conf.5.gz \
319
557
$(MANDIR)/man5/mandos-clients.conf.5.gz
320
558
update-rc.d -f mandos remove
321
559
-rmdir $(CONFDIR)
322
560
561
.PHONY: uninstall-client
323
562
uninstall-client:
324
563
# Refuse to uninstall client if /etc/crypttab is explicitly configured
325
564
# to use it.
326
565
! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
327
566
$(DESTDIR)/etc/crypttab
328
567
-rm --force $(PREFIX)/sbin/mandos-keygen \
329
$(PREFIX)/lib/mandos/plugin-runner \
330
$(PREFIX)/lib/mandos/plugins.d/password-prompt \
331
$(PREFIX)/lib/mandos/plugins.d/mandos-client \
332
$(PREFIX)/lib/mandos/plugins.d/usplash \
333
$(PREFIX)/lib/mandos/plugins.d/splashy \
334
$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
568
$(LIBDIR)/mandos/plugin-runner \
569
$(LIBDIR)/mandos/plugins.d/password-prompt \
570
$(LIBDIR)/mandos/plugins.d/mandos-client \
571
$(LIBDIR)/mandos/plugins.d/usplash \
572
$(LIBDIR)/mandos/plugins.d/splashy \
573
$(LIBDIR)/mandos/plugins.d/askpass-fifo \
574
$(LIBDIR)/mandos/plugins.d/plymouth \
335
575
$(INITRAMFSTOOLS)/hooks/mandos \
336
576
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
337
577
$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
578
$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
579
$(DRACUTMODULE)/ask-password-mandos.path \
580
$(DRACUTMODULE)/ask-password-mandos.service \
581
$(DRACUTMODULE)/module-setup.sh \
582
$(DRACUTMODULE)/cmdline-mandos.sh \
583
$(DRACUTMODULE)/password-agent \
584
$(MANDIR)/man8/mandos-keygen.8.gz \
338
585
$(MANDIR)/man8/plugin-runner.8mandos.gz \
339
$(MANDIR)/man8/mandos-keygen.8.gz \
586
$(MANDIR)/man8/mandos-client.8mandos.gz
340
587
$(MANDIR)/man8/password-prompt.8mandos.gz \
341
588
$(MANDIR)/man8/usplash.8mandos.gz \
342
589
$(MANDIR)/man8/splashy.8mandos.gz \
343
590
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
344
$(MANDIR)/man8/mandos-client.8mandos.gz
345
-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
346
$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
347
update-initramfs -k all -u
591
$(MANDIR)/man8/plymouth.8mandos.gz \
592
$(MANDIR)/man8/password-agent.8mandos.gz \
593
-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
594
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
595
if command -v update-initramfs >/dev/null; then \
596
update-initramfs -k all -u; \
597
elif command -v dracut >/dev/null; then \
598
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
599
test -w "$$initrd" && dracut --force "$$initrd"; \
600
done; \
601
fi
348
602
603
.PHONY: purge
349
604
purge: purge-server purge-client
350
605
606
.PHONY: purge-server
351
607
purge-server: uninstall-server
352
608
-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
609
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
353
610
$(DESTDIR)/etc/default/mandos \
354
611
$(DESTDIR)/etc/init.d/mandos \
612
$(SYSTEMD)/mandos.service \
613
$(DESTDIR)/run/mandos.pid \
355
614
$(DESTDIR)/var/run/mandos.pid
356
615
-rmdir $(CONFDIR)
357
616
617
.PHONY: purge-client
358
618
purge-client: uninstall-client
359
-shred --remove $(KEYDIR)/seckey.txt
619
-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
360
620
-rm --force $(CONFDIR)/plugin-runner.conf \
361
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
621
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
622
$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
362
623
-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0