/mandos/release : revision 237.7.842

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2024-09-09 01:36:41 UTC
mto: This revision was merged to the branch mainline in revision 410.
Revision ID: teddy@recompile.se-20240909013641-6zu6kx2f7meu134k

Make all required directories when installing

When installing into a normal system, one can assume that target
directories, such as /usr/bin, already exists.  But when installing
into a subdirectory for the purpose of creating a package, one cannot
assume that all directories already exist.  Therefore, when
installing, we must not check if any directories exist, and must
instead always create any directories we want to install into.

* Makefile (confdir/mandos.conf, confdir/clients.conf, install-html):
  Use the "-D" option to "install" instead of creating the directory
  separately.
  (install-server): Move creation of $(CONFDIR) down to before it is
  needed.  Don't check if the $(TMPFILES) or $(SYSUSERS) directories
  exist; instead create them by using the "-D" option to "install".
  Create the $(PREFIX)/sbin directory.  Always use
  "--target-directory" if possible; i.e. if the file name is the same.
  Create the $(DBUSPOLICYDIR) and $(DESTDIR)/etc/init.d directories by
  using the "-D" option to "install".  Don't check if the $(SYSTEMD)
  directory exists; instead create it by using the "-D" option to
  "install".  Create the $(DESTDIR)/etc/default and $(MANDIR)/man8
  directories by using the "-D" option to "install".  Create the
  $(MANDIR)/man5 directories explicitly.
  (install-client-nokey): Remove unnecessary creation of the
  $(CONFDIR) directory.  Don't check if the $(SYSUSERS) directory
  exists; instead create it by using the "-D" option to "install".
  Move the "--directory" argument to be the first argument, for
  clarity.  Create the $(PREFIX)/sbin directory.  Use the "-D"
  argument to "install" when installing
  $(INITRAMFSTOOLS)/hooks/mandos,
  $(INITRAMFSTOOLS)/conf.d/mandos-conf,
  $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos,
  $(INITRAMFSTOOLS)/scripts/init-premount/mandos,
  $(INITRAMFSTOOLS)/scripts/local-premount/mandos,
  $(DRACUTMODULE)/ask-password-mandos.path, and
  $(DRACUTMODULE)/dracut-module/ask-password-mandos.service.  Create
  the $(MANDIR)/man8 directory.

Reported-By: Erich Eckner <erich@eckner.net>
Thanks: Erich Eckner <erich@eckner.net> for analysis

files added:
debian/mandos.maintscript

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

debian/po/templates.pot

debian/source/lintian-overrides

debian/upstream/metadata

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

sysusers.d-mandos.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.dirs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.templates

debian/rules

debian/tests/control

initramfs-tools-hook

initramfs-tools-script

initramfs-unpack

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-monitor

mandos-options.xml

mandos-to-cryptroot-unlock

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

Makefile

# For info about _FORTIFY_SOURCE, see feature_test_macros(7)

# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

FORTIFY:=-fstack-protector-all -fPIC

CPPFLAGS+=-D_FORTIFY_SOURCE=3

LINK_FORTIFY_LD:=-z relro -z now

LINK_FORTIFY:=

#COVERAGE=--coverage

OPTIMIZE:=-Os -fno-strict-aliasing

LANGUAGE:=-std=gnu11

CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64

htmldir:=man

version:=1.8.4

version:=1.8.16

SED:=sed

PKG_CONFIG?=pkg-config

USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \

|| getent passwd nobody || echo 65534)))

GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \

|| getent group nogroup || echo 65534)))

LINUXVERSION:=$(shell uname --kernel-release)

## Use these settings for a traditional /usr/local install

# PREFIX:=$(DESTDIR)/usr/local

# CONFDIR:=$(DESTDIR)/etc/mandos

# KEYDIR:=$(DESTDIR)/etc/mandos/keys

# MANDIR:=$(PREFIX)/man

# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools

# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

# STATEDIR:=$(DESTDIR)/var/lib/mandos

# LIBDIR:=$(PREFIX)/lib

# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d

## These settings are for a package-type install

KEYDIR:=$(DESTDIR)/etc/keys/mandos

MANDIR:=$(PREFIX)/share/man

INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools

DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

STATEDIR:=$(DESTDIR)/var/lib/mandos

LIBDIR:=$(shell \

for d in \

"/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \

"/usr/lib/`dpkg-architecture \

-qDEB_HOST_MULTIARCH 2>/dev/null`" \

"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \

if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \

echo "$(DESTDIR)$$d"; \

break; \

fi; \

done)

DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d

SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)

TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)

SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=systemdsystemunitdir)

TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=tmpfilesdir)

SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=sysusersdir)

GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)

GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)

AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \

GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)

GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)

100

AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)

101

AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)

102

GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \

103

|| gpgme-config --cflags; getconf LFS_CFLAGS)

104

GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \

105

|| gpgme-config --libs; getconf LFS_LIBS; \

106

getconf LFS_LDFLAGS)

LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)

LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)

107

LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)

108

LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)

109

GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)

110

GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)

111

112

# Do not change these two

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \

$(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'

113

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

114

$(LANGUAGE) -DVERSION='"$(version)"'

115

LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \

116

) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

117

107

125

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

108

126

$(notdir $<); \

109

127

if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \

110

&& type man 2>/dev/null; then LANG=en_US.UTF-8 MANWIDTH=80 \

111

man --warnings --encoding=UTF-8 --local-file $(notdir $@); \

112

fi >/dev/null)

128

&& command -v man >/dev/null; then LANG=en_US.UTF-8 \

129

MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \

130

$(notdir $@); fi >/dev/null)

113

131

114

132

DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \

115

133

--param make.year.ranges 1 \

128

146

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \

129

147

plugins.d/plymouth

130

148

PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel

131

CPROGS:=plugin-runner $(PLUGINS) $(PLUGIN_HELPERS)

149

CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \

150

$(PLUGIN_HELPERS)

132

151

PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)

133

152

DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \

134

153

mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \

154

dracut-module/password-agent.8mandos \

135

155

plugins.d/mandos-client.8mandos \

136

156

plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \

137

157

plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \

141

161

142

162

objects:=$(addsuffix .o,$(CPROGS))

143

163

164

.PHONY: all

144

165

all: $(PROGS) mandos.lsm

145

166

167

.PHONY: doc

146

168

doc: $(DOCS)

147

169

170

.PHONY: html

148

171

html: $(htmldocs)

149

172

150

173

%.5: %.xml common.ent legalnotice.xml

209

232

overview.xml legalnotice.xml

210

233

$(DOCBOOKTOHTML)

211

234

235

dracut-module/password-agent.8mandos: \

236

dracut-module/password-agent.xml common.ent \

237

overview.xml legalnotice.xml

238

$(DOCBOOKTOMAN)

239

dracut-module/password-agent.8mandos.xhtml: \

240

dracut-module/password-agent.xml common.ent \

241

overview.xml legalnotice.xml

242

$(DOCBOOKTOHTML)

243

212

244

plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \

213

245

common.ent \

214

246

mandos-options.xml \

258

290

$@)

259

291

260

292

# Need to add the GnuTLS, Avahi and GPGME libraries

261

plugins.d/mandos-client: plugins.d/mandos-client.c

262

$(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\

263

) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\

264

) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\

265

) $(LDLIBS) -o $@

293

plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \

294

) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)

295

plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \

296

) $(AVAHI_LIBS) $(GPGME_LIBS)

266

297

267

298

# Need to add the libnl-route library

268

plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c

269

$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\

270

) $(LOADLIBES) $(LDLIBS) -o $@

271

272

.PHONY : all doc html clean distclean mostlyclean maintainer-clean \

273

check run-client run-server install install-html \

274

install-server install-client-nokey install-client uninstall \

275

uninstall-server uninstall-client purge purge-server \

276

purge-client

277

299

plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)

300

plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)

301

302

# Need to add the GLib and pthread libraries

303

dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)

304

# Note: -lpthread is unnecessary with the GNU C library 2.34 or later

305

dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread

306

307

.PHONY: clean

278

308

clean:

279

309

-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core

280

310

311

.PHONY: distclean

281

312

distclean: clean

313

.PHONY: mostlyclean

282

314

mostlyclean: clean

315

.PHONY: maintainer-clean

283

316

maintainer-clean: clean

284

317

-rm --force --recursive keydir confdir statedir

285

318

319

.PHONY: check

286

320

check: all

287

321

./mandos --check

288

322

./mandos-ctl --check

289

323

./mandos-keygen --version

290

324

./plugin-runner --version

291

325

./plugin-helpers/mandos-client-iprouteadddel --version

326

./dracut-module/password-agent --test

292

327

293

328

# Run the client with a local config and key

294

run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem

295

@echo "###################################################################"

296

@echo "# The following error messages are harmless and can be safely #"

297

@echo "# ignored: #"

298

@echo "# From plugin-runner: setgid: Operation not permitted #"

299

@echo "# setuid: Operation not permitted #"

300

@echo "# From askpass-fifo: mkfifo: Permission denied #"

301

@echo "# From mandos-client: #"

302

@echo "# Failed to raise privileges: Operation not permitted #"

303

@echo "# Warning: network hook \"*\" exited with status * #"

304

@echo "# #"

305

@echo "# (The messages are caused by not running as root, but you should #"

306

@echo "# NOT run \"make run-client\" as root unless you also unpacked and #"

307

@echo "# compiled Mandos as root, which is also NOT recommended.) #"

308

@echo "###################################################################"

329

.PHONY: run-client

330

run-client: all keydir/seckey.txt keydir/pubkey.txt \

331

keydir/tls-privkey.pem keydir/tls-pubkey.pem

332

@echo '######################################################'

333

@echo '# The following error messages are harmless and can #'

334

@echo '# be safely ignored: #'

335

@echo '## From plugin-runner: #'

336

@echo '# setgid: Operation not permitted #'

337

@echo '# setuid: Operation not permitted #'

338

@echo '## From askpass-fifo: #'

339

@echo '# mkfifo: Permission denied #'

340

@echo '## From mandos-client: #'

341

@echo '# Failed to raise privileges: Operation not permi... #'

342

@echo '# Warning: network hook "*" exited with status * #'

343

@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'

344

@echo '# Failed to bring up interface "*": Operation not... #'

345

@echo '# #'

346

@echo '# (The messages are caused by not running as root, #'

347

@echo '# but you should NOT run "make run-client" as root #'

348

@echo '# unless you also unpacked and compiled Mandos as #'

349

@echo '# root, which is also NOT recommended.) #'

350

@echo '######################################################'

309

351

# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring

310

352

./plugin-runner --plugin-dir=plugins.d \

311

353

--plugin-helper-dir=plugin-helpers \

318

360

keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen

319

361

install --directory keydir

320

362

./mandos-keygen --dir keydir --force

363

if ! [ -e keydir/tls-privkey.pem ]; then \

364

install --mode=u=rw /dev/null keydir/tls-privkey.pem; \

365

366

if ! [ -e keydir/tls-pubkey.pem ]; then \

367

install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \

368

321

369

322

370

# Run the server with a local config

371

.PHONY: run-server

323

372

run-server: confdir/mandos.conf confdir/clients.conf statedir

324

373

./mandos --debug --no-dbus --configdir=confdir \

325

374

--statedir=statedir $(SERVERARGS)

326

375

327

376

# Used by run-server

328

377

confdir/mandos.conf: mandos.conf

329

install --directory confdir

330

install --mode=u=rw,go=r $^ $@

378

install -D --mode=u=rw,go=r $^ $@

331

379

confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem

332

install --directory confdir

333

install --mode=u=rw $< $@

380

install -D --mode=u=rw $< $@

334

381

# Add a client password

335

382

./mandos-keygen --dir keydir --password --no-ssh >> $@

336

383

statedir:

337

384

install --directory statedir

338

385

386

.PHONY: install

339

387

install: install-server install-client-nokey

340

388

389

.PHONY: install-html

341

390

install-html: html

342

install --directory $(htmldir)

343

install --mode=u=rw,go=r --target-directory=$(htmldir) \

391

install -D --mode=u=rw,go=r --target-directory=$(htmldir) \

344

392

$(htmldocs)

345

393

394

.PHONY: install-server

346

395

install-server: doc

347

install --directory $(CONFDIR)

348

396

if install --directory --mode=u=rwx --owner=$(USER) \

349

397

--group=$(GROUP) $(STATEDIR); then \

350

398

:; \

351

399

elif install --directory --mode=u=rwx $(STATEDIR); then \

352

400

chown -- $(USER):$(GROUP) $(STATEDIR) || :; \

353

401

354

if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \

355

install --mode=u=rw,go=r tmpfiles.d-mandos.conf \

402

if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \

403

install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \

356

404

$(TMPFILES)/mandos.conf; \

357

405

358

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

406

if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \

407

install -D --mode=u=rw,go=r sysusers.d-mandos.conf \

408

$(SYSUSERS)/mandos.conf; \

409

410

install --directory $(PREFIX)/sbin

411

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

412

mandos

359

413

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

360

414

mandos-ctl

361

415

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

362

416

mandos-monitor

417

install --directory $(CONFDIR)

363

418

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

364

419

mandos.conf

365

420

install --mode=u=rw --target-directory=$(CONFDIR) \

366

421

clients.conf

367

install --mode=u=rw,go=r dbus-mandos.conf \

368

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

369

install --mode=u=rwx,go=rx init.d-mandos \

422

install -D --mode=u=rw,go=r dbus-mandos.conf \

423

$(DBUSPOLICYDIR)/mandos.conf

424

install -D --mode=u=rwx,go=rx init.d-mandos \

370

425

$(DESTDIR)/etc/init.d/mandos

371

if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \

372

install --mode=u=rw,go=r mandos.service $(SYSTEMD); \

426

if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \

427

install -D --mode=u=rw,go=r mandos.service \

428

$(SYSTEMD); \

373

429

374

install --mode=u=rw,go=r default-mandos \

430

install -D --mode=u=rw,go=r default-mandos \

375

431

$(DESTDIR)/etc/default/mandos

376

432

if [ -z $(DESTDIR) ]; then \

377

433

update-rc.d mandos defaults 25 15;\

378

434

435

install --directory $(MANDIR)/man8 $(MANDIR)/man5

379

436

gzip --best --to-stdout mandos.8 \

380

437

> $(MANDIR)/man8/mandos.8.gz

381

438

gzip --best --to-stdout mandos-monitor.8 \

389

446

gzip --best --to-stdout intro.8mandos \

390

447

> $(MANDIR)/man8/intro.8mandos.gz

391

448

449

.PHONY: install-client-nokey

392

450

install-client-nokey: all doc

393

install --directory $(LIBDIR)/mandos $(CONFDIR)

394

451

install --directory --mode=u=rwx $(KEYDIR) \

395

452

$(LIBDIR)/mandos/plugins.d \

396

453

$(LIBDIR)/mandos/plugin-helpers

454

if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \

455

install -D --mode=u=rw,go=r sysusers.d-mandos.conf \

456

$(SYSUSERS)/mandos-client.conf; \

457

397

458

if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \

398

install --mode=u=rwx \

399

--directory "$(CONFDIR)/plugins.d" \

459

install --directory \

460

--mode=u=rwx "$(CONFDIR)/plugins.d" \

400

461

"$(CONFDIR)/plugin-helpers"; \

401

462

402

install --mode=u=rwx,go=rx --directory \

463

install --directory --mode=u=rwx,go=rx \

403

464

"$(CONFDIR)/network-hooks.d"

404

465

install --mode=u=rwx,go=rx \

405

466

--target-directory=$(LIBDIR)/mandos plugin-runner

406

467

install --mode=u=rwx,go=rx \

407

--target-directory=$(LIBDIR)/mandos mandos-to-cryptroot-unlock

468

--target-directory=$(LIBDIR)/mandos \

469

mandos-to-cryptroot-unlock

470

install --directory $(PREFIX)/sbin

408

471

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

409

472

mandos-keygen

410

473

install --mode=u=rwx,go=rx \

428

491

install --mode=u=rwx,go=rx \

429

492

--target-directory=$(LIBDIR)/mandos/plugin-helpers \

430

493

plugin-helpers/mandos-client-iprouteadddel

431

install initramfs-tools-hook \

494

install -D initramfs-tools-hook \

432

495

$(INITRAMFSTOOLS)/hooks/mandos

433

install --mode=u=rw,go=r initramfs-tools-conf \

496

install -D --mode=u=rw,go=r initramfs-tools-conf \

434

497

$(INITRAMFSTOOLS)/conf.d/mandos-conf

435

install --mode=u=rw,go=r initramfs-tools-conf-hook \

498

install -D --mode=u=rw,go=r initramfs-tools-conf-hook \

436

499

$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos

437

install initramfs-tools-script \

500

install -D initramfs-tools-script \

438

501

$(INITRAMFSTOOLS)/scripts/init-premount/mandos

439

install initramfs-tools-script-stop \

502

install -D initramfs-tools-script-stop \

440

503

$(INITRAMFSTOOLS)/scripts/local-premount/mandos

504

install -D --mode=u=rw,go=r \

505

--target-directory=$(DRACUTMODULE) \

506

dracut-module/ask-password-mandos.path \

507

dracut-module/ask-password-mandos.service

508

install --mode=u=rwxs,go=rx \

509

--target-directory=$(DRACUTMODULE) \

510

dracut-module/module-setup.sh \

511

dracut-module/cmdline-mandos.sh \

512

dracut-module/password-agent

441

513

install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)

514

install --directory $(MANDIR)/man8

442

515

gzip --best --to-stdout mandos-keygen.8 \

443

516

> $(MANDIR)/man8/mandos-keygen.8.gz

444

517

gzip --best --to-stdout plugin-runner.8mandos \

455

528

> $(MANDIR)/man8/askpass-fifo.8mandos.gz

456

529

gzip --best --to-stdout plugins.d/plymouth.8mandos \

457

530

> $(MANDIR)/man8/plymouth.8mandos.gz

531

gzip --best --to-stdout dracut-module/password-agent.8mandos \

532

> $(MANDIR)/man8/password-agent.8mandos.gz

458

533

534

.PHONY: install-client

459

535

install-client: install-client-nokey

460

536

# Post-installation stuff

461

537

-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"

462

update-initramfs -k all -u

538

if command -v update-initramfs >/dev/null; then \

539

update-initramfs -k all -u; \

540

elif command -v dracut >/dev/null; then \

541

for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \

542

if [ -w "$$initrd" ]; then \

543

chmod go-r "$$initrd"; \

544

dracut --force "$$initrd"; \

545

fi; \

546

done; \

547

463

548

echo "Now run mandos-keygen --password --dir $(KEYDIR)"

464

549

550

.PHONY: uninstall

465

551

uninstall: uninstall-server uninstall-client

466

552

553

.PHONY: uninstall-server

467

554

uninstall-server:

468

555

-rm --force $(PREFIX)/sbin/mandos \

469

556

$(PREFIX)/sbin/mandos-ctl \

476

563

update-rc.d -f mandos remove

477

564

-rmdir $(CONFDIR)

478

565

566

.PHONY: uninstall-client

479

567

uninstall-client:

480

568

# Refuse to uninstall client if /etc/crypttab is explicitly configured

481

569

# to use it.

492

580

$(INITRAMFSTOOLS)/hooks/mandos \

493

581

$(INITRAMFSTOOLS)/conf-hooks.d/mandos \

494

582

$(INITRAMFSTOOLS)/scripts/init-premount/mandos \

583

$(INITRAMFSTOOLS)/scripts/local-premount/mandos \

584

$(DRACUTMODULE)/ask-password-mandos.path \

585

$(DRACUTMODULE)/ask-password-mandos.service \

586

$(DRACUTMODULE)/module-setup.sh \

587

$(DRACUTMODULE)/cmdline-mandos.sh \

588

$(DRACUTMODULE)/password-agent \

495

589

$(MANDIR)/man8/mandos-keygen.8.gz \

496

590

$(MANDIR)/man8/plugin-runner.8mandos.gz \

497

591

$(MANDIR)/man8/mandos-client.8mandos.gz

500

594

$(MANDIR)/man8/splashy.8mandos.gz \

501

595

$(MANDIR)/man8/askpass-fifo.8mandos.gz \

502

596

$(MANDIR)/man8/plymouth.8mandos.gz \

597

$(MANDIR)/man8/password-agent.8mandos.gz \

503

598

-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \

504

$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR)

505

update-initramfs -k all -u

599

$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)

600

if command -v update-initramfs >/dev/null; then \

601

update-initramfs -k all -u; \

602

elif command -v dracut >/dev/null; then \

603

for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \

604

test -w "$$initrd" && dracut --force "$$initrd"; \

605

done; \

606

506

607

608

.PHONY: purge

507

609

purge: purge-server purge-client

508

610

611

.PHONY: purge-server

509

612

purge-server: uninstall-server

510

613

-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \

511

614

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

512

615

$(DESTDIR)/etc/default/mandos \

513

616

$(DESTDIR)/etc/init.d/mandos \

514

$(SYSTEMD)/mandos.service \

515

617

$(DESTDIR)/run/mandos.pid \

516

618

$(DESTDIR)/var/run/mandos.pid

619

if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \

620

-rm --force -- $(SYSTEMD)/mandos.service; \

621

517

622

-rmdir $(CONFDIR)

518

623

624

.PHONY: purge-client

519

625

purge-client: uninstall-client

520

626

-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem

521

627

-rm --force $(CONFDIR)/plugin-runner.conf \

Older »