/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2024-09-08 02:18:57 UTC
  • mto: This revision was merged to the branch mainline in revision 410.
  • Revision ID: teddy@recompile.se-20240908021857-821e09dd4mp37h9k
Be more tolerant when a client is misconfigured in clients.conf

* mandos (Client/config_parser): If a client config section in
  clients.conf lacks both a fingerprint= and a key_id= setting, show
  an error and skip that client instead of crashing.

Show diffs side-by-side

added added

removed removed

Lines of Context:
375
375
 
376
376
# Used by run-server
377
377
confdir/mandos.conf: mandos.conf
378
 
        install -D --mode=u=rw,go=r $^ $@
 
378
        install --directory confdir
 
379
        install --mode=u=rw,go=r $^ $@
379
380
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
380
 
        install -D --mode=u=rw $< $@
 
381
        install --directory confdir
 
382
        install --mode=u=rw $< $@
381
383
# Add a client password
382
384
        ./mandos-keygen --dir keydir --password --no-ssh >> $@
383
385
statedir:
388
390
 
389
391
.PHONY: install-html
390
392
install-html: html
391
 
        install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
 
393
        install --directory $(htmldir)
 
394
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
392
395
                $(htmldocs)
393
396
 
394
397
.PHONY: install-server
395
398
install-server: doc
 
399
        install --directory $(CONFDIR)
396
400
        if install --directory --mode=u=rwx --owner=$(USER) \
397
401
                --group=$(GROUP) $(STATEDIR); then \
398
402
                :; \
399
403
        elif install --directory --mode=u=rwx $(STATEDIR); then \
400
404
                chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
401
405
        fi
402
 
        if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
403
 
                install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
 
406
        if [ "$(TMPFILES)" != "$(DESTDIR)" \
 
407
                        -a -d "$(TMPFILES)" ]; then \
 
408
                install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
404
409
                        $(TMPFILES)/mandos.conf; \
405
410
        fi
406
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
407
 
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
 
411
        if [ "$(SYSUSERS)" != "$(DESTDIR)" \
 
412
                        -a -d "$(SYSUSERS)" ]; then \
 
413
                install --mode=u=rw,go=r sysusers.d-mandos.conf \
408
414
                        $(SYSUSERS)/mandos.conf; \
409
415
        fi
410
 
        install --directory $(PREFIX)/sbin
411
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
412
 
                mandos
 
416
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
413
417
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
414
418
                mandos-ctl
415
419
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
416
420
                mandos-monitor
417
 
        install --directory $(CONFDIR)
418
421
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
419
422
                mandos.conf
420
423
        install --mode=u=rw --target-directory=$(CONFDIR) \
421
424
                clients.conf
422
 
        install -D --mode=u=rw,go=r dbus-mandos.conf \
 
425
        install --mode=u=rw,go=r dbus-mandos.conf \
423
426
                $(DBUSPOLICYDIR)/mandos.conf
424
 
        install -D --mode=u=rwx,go=rx init.d-mandos \
 
427
        install --mode=u=rwx,go=rx init.d-mandos \
425
428
                $(DESTDIR)/etc/init.d/mandos
426
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
427
 
                install -D --mode=u=rw,go=r mandos.service \
428
 
                        $(SYSTEMD); \
 
429
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
 
430
                install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
429
431
        fi
430
 
        install -D --mode=u=rw,go=r default-mandos \
 
432
        install --mode=u=rw,go=r default-mandos \
431
433
                $(DESTDIR)/etc/default/mandos
432
434
        if [ -z $(DESTDIR) ]; then \
433
435
                update-rc.d mandos defaults 25 15;\
434
436
        fi
435
 
        install --directory $(MANDIR)/man8 $(MANDIR)/man5
436
437
        gzip --best --to-stdout mandos.8 \
437
438
                > $(MANDIR)/man8/mandos.8.gz
438
439
        gzip --best --to-stdout mandos-monitor.8 \
448
449
 
449
450
.PHONY: install-client-nokey
450
451
install-client-nokey: all doc
 
452
        install --directory $(LIBDIR)/mandos $(CONFDIR)
451
453
        install --directory --mode=u=rwx $(KEYDIR) \
452
454
                $(LIBDIR)/mandos/plugins.d \
453
455
                $(LIBDIR)/mandos/plugin-helpers
454
 
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
455
 
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
 
456
        if [ "$(SYSUSERS)" != "$(DESTDIR)" \
 
457
                        -a -d "$(SYSUSERS)" ]; then \
 
458
                install --mode=u=rw,go=r sysusers.d-mandos.conf \
456
459
                        $(SYSUSERS)/mandos-client.conf; \
457
460
        fi
458
461
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
459
 
                install --directory \
460
 
                        --mode=u=rwx "$(CONFDIR)/plugins.d" \
 
462
                install --mode=u=rwx \
 
463
                        --directory "$(CONFDIR)/plugins.d" \
461
464
                        "$(CONFDIR)/plugin-helpers"; \
462
465
        fi
463
 
        install --directory --mode=u=rwx,go=rx \
 
466
        install --mode=u=rwx,go=rx --directory \
464
467
                "$(CONFDIR)/network-hooks.d"
465
468
        install --mode=u=rwx,go=rx \
466
469
                --target-directory=$(LIBDIR)/mandos plugin-runner
467
470
        install --mode=u=rwx,go=rx \
468
471
                --target-directory=$(LIBDIR)/mandos \
469
472
                mandos-to-cryptroot-unlock
470
 
        install --directory $(PREFIX)/sbin
471
473
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
472
474
                mandos-keygen
473
475
        install --mode=u=rwx,go=rx \
491
493
        install --mode=u=rwx,go=rx \
492
494
                --target-directory=$(LIBDIR)/mandos/plugin-helpers \
493
495
                plugin-helpers/mandos-client-iprouteadddel
494
 
        install -D initramfs-tools-hook \
 
496
        install initramfs-tools-hook \
495
497
                $(INITRAMFSTOOLS)/hooks/mandos
496
 
        install -D --mode=u=rw,go=r initramfs-tools-conf \
 
498
        install --mode=u=rw,go=r initramfs-tools-conf \
497
499
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
498
 
        install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
 
500
        install --mode=u=rw,go=r initramfs-tools-conf-hook \
499
501
                $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
500
 
        install -D initramfs-tools-script \
 
502
        install initramfs-tools-script \
501
503
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
502
 
        install -D initramfs-tools-script-stop \
 
504
        install initramfs-tools-script-stop \
503
505
                $(INITRAMFSTOOLS)/scripts/local-premount/mandos
504
 
        install -D --mode=u=rw,go=r \
505
 
                --target-directory=$(DRACUTMODULE) \
 
506
        install --directory $(DRACUTMODULE)
 
507
        install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
506
508
                dracut-module/ask-password-mandos.path \
507
509
                dracut-module/ask-password-mandos.service
508
510
        install --mode=u=rwxs,go=rx \
511
513
                dracut-module/cmdline-mandos.sh \
512
514
                dracut-module/password-agent
513
515
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
514
 
        install --directory $(MANDIR)/man8
515
516
        gzip --best --to-stdout mandos-keygen.8 \
516
517
                > $(MANDIR)/man8/mandos-keygen.8.gz
517
518
        gzip --best --to-stdout plugin-runner.8mandos \
614
615
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
615
616
                $(DESTDIR)/etc/default/mandos \
616
617
                $(DESTDIR)/etc/init.d/mandos \
 
618
                $(SYSTEMD)/mandos.service \
617
619
                $(DESTDIR)/run/mandos.pid \
618
620
                $(DESTDIR)/var/run/mandos.pid
619
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
620
 
                -rm --force -- $(SYSTEMD)/mandos.service; \
621
 
        fi
622
621
        -rmdir $(CONFDIR)
623
622
 
624
623
.PHONY: purge-client