/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2024-09-09 01:36:41 UTC
  • mto: This revision was merged to the branch mainline in revision 410.
  • Revision ID: teddy@recompile.se-20240909013641-6zu6kx2f7meu134k
Make all required directories when installing

When installing into a normal system, one can assume that target
directories, such as /usr/bin, already exists.  But when installing
into a subdirectory for the purpose of creating a package, one cannot
assume that all directories already exist.  Therefore, when
installing, we must not check if any directories exist, and must
instead always create any directories we want to install into.

* Makefile (confdir/mandos.conf, confdir/clients.conf, install-html):
  Use the "-D" option to "install" instead of creating the directory
  separately.
  (install-server): Move creation of $(CONFDIR) down to before it is
  needed.  Don't check if the $(TMPFILES) or $(SYSUSERS) directories
  exist; instead create them by using the "-D" option to "install".
  Create the $(PREFIX)/sbin directory.  Always use
  "--target-directory" if possible; i.e. if the file name is the same.
  Create the $(DBUSPOLICYDIR) and $(DESTDIR)/etc/init.d directories by
  using the "-D" option to "install".  Don't check if the $(SYSTEMD)
  directory exists; instead create it by using the "-D" option to
  "install".  Create the $(DESTDIR)/etc/default and $(MANDIR)/man8
  directories by using the "-D" option to "install".  Create the
  $(MANDIR)/man5 directories explicitly.
  (install-client-nokey): Remove unnecessary creation of the
  $(CONFDIR) directory.  Don't check if the $(SYSUSERS) directory
  exists; instead create it by using the "-D" option to "install".
  Move the "--directory" argument to be the first argument, for
  clarity.  Create the $(PREFIX)/sbin directory.  Use the "-D"
  argument to "install" when installing
  $(INITRAMFSTOOLS)/hooks/mandos,
  $(INITRAMFSTOOLS)/conf.d/mandos-conf,
  $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos,
  $(INITRAMFSTOOLS)/scripts/init-premount/mandos,
  $(INITRAMFSTOOLS)/scripts/local-premount/mandos,
  $(DRACUTMODULE)/ask-password-mandos.path, and
  $(DRACUTMODULE)/dracut-module/ask-password-mandos.service.  Create
  the $(MANDIR)/man8 directory.

Reported-By: Erich Eckner <erich@eckner.net>
Thanks: Erich Eckner <erich@eckner.net> for analysis

Show diffs side-by-side

added added

removed removed

Lines of Context:
29
29
 
30
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
 
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
 
32
FORTIFY:=-fstack-protector-all -fPIC
 
33
CPPFLAGS+=-D_FORTIFY_SOURCE=3
33
34
LINK_FORTIFY_LD:=-z relro -z now
34
35
LINK_FORTIFY:=
35
36
 
41
42
#COVERAGE=--coverage
42
43
OPTIMIZE:=-Os -fno-strict-aliasing
43
44
LANGUAGE:=-std=gnu11
 
45
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
44
46
htmldir:=man
45
 
version:=1.8.5
 
47
version:=1.8.16
46
48
SED:=sed
 
49
PKG_CONFIG?=pkg-config
47
50
 
48
51
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
49
52
        || getent passwd nobody || echo 65534)))
50
53
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
51
54
        || getent group nogroup || echo 65534)))
52
55
 
 
56
LINUXVERSION:=$(shell uname --kernel-release)
 
57
 
53
58
## Use these settings for a traditional /usr/local install
54
59
# PREFIX:=$(DESTDIR)/usr/local
55
60
# CONFDIR:=$(DESTDIR)/etc/mandos
59
64
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
60
65
# STATEDIR:=$(DESTDIR)/var/lib/mandos
61
66
# LIBDIR:=$(PREFIX)/lib
 
67
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
62
68
##
63
69
 
64
70
## These settings are for a package-type install
71
77
STATEDIR:=$(DESTDIR)/var/lib/mandos
72
78
LIBDIR:=$(shell \
73
79
        for d in \
74
 
        "/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
 
80
        "/usr/lib/`dpkg-architecture \
 
81
                        -qDEB_HOST_MULTIARCH 2>/dev/null`" \
75
82
        "`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
76
83
                if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
77
84
                        echo "$(DESTDIR)$$d"; \
78
85
                        break; \
79
86
                fi; \
80
87
        done)
 
88
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
81
89
##
82
90
 
83
 
SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
84
 
TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)
 
91
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
 
92
                        --variable=systemdsystemunitdir)
 
93
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
 
94
                        --variable=tmpfilesdir)
 
95
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
 
96
                        --variable=sysusersdir)
85
97
 
86
 
GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)
87
 
GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)
88
 
AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)
89
 
AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)
90
 
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
91
 
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
 
98
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
 
99
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
 
100
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
 
101
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
 
102
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
 
103
        || gpgme-config --cflags; getconf LFS_CFLAGS)
 
104
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
 
105
        || gpgme-config --libs; getconf LFS_LIBS; \
92
106
        getconf LFS_LDFLAGS)
93
 
LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)
94
 
LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)
95
 
GLIB_CFLAGS:=$(shell pkg-config --cflags glib-2.0)
96
 
GLIB_LIBS:=$(shell pkg-config --libs glib-2.0)
 
107
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
 
108
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
 
109
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
 
110
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
97
111
 
98
112
# Do not change these two
99
 
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \
100
 
        $(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'
 
113
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
 
114
        $(LANGUAGE) -DVERSION='"$(version)"'
101
115
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
102
116
        ) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
103
117
 
147
161
 
148
162
objects:=$(addsuffix .o,$(CPROGS))
149
163
 
 
164
.PHONY: all
150
165
all: $(PROGS) mandos.lsm
151
166
 
 
167
.PHONY: doc
152
168
doc: $(DOCS)
153
169
 
 
170
.PHONY: html
154
171
html: $(htmldocs)
155
172
 
156
173
%.5: %.xml common.ent legalnotice.xml
273
290
                $@)
274
291
 
275
292
# Need to add the GnuTLS, Avahi and GPGME libraries
276
 
plugins.d/mandos-client: plugins.d/mandos-client.c
277
 
        $(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
278
 
                ) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
279
 
                ) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
280
 
                ) $(LDLIBS) -o $@
 
293
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
 
294
        ) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
 
295
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
 
296
        ) $(AVAHI_LIBS) $(GPGME_LIBS)
281
297
 
282
298
# Need to add the libnl-route library
283
 
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
284
 
        $(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
285
 
                ) $(LOADLIBES) $(LDLIBS) -o $@
 
299
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
 
300
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
286
301
 
287
302
# Need to add the GLib and pthread libraries
288
 
dracut-module/password-agent: dracut-module/password-agent.c
289
 
        $(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\
290
 
                ) $(LOADLIBES) $(LDLIBS) -o $@
291
 
 
292
 
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
293
 
        check run-client run-server install install-html \
294
 
        install-server install-client-nokey install-client uninstall \
295
 
        uninstall-server uninstall-client purge purge-server \
296
 
        purge-client
297
 
 
 
303
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
 
304
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
 
305
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
 
306
 
 
307
.PHONY: clean
298
308
clean:
299
309
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
300
310
 
 
311
.PHONY: distclean
301
312
distclean: clean
 
313
.PHONY: mostlyclean
302
314
mostlyclean: clean
 
315
.PHONY: maintainer-clean
303
316
maintainer-clean: clean
304
317
        -rm --force --recursive keydir confdir statedir
305
318
 
 
319
.PHONY: check
306
320
check: all
307
321
        ./mandos --check
308
322
        ./mandos-ctl --check
312
326
        ./dracut-module/password-agent --test
313
327
 
314
328
# Run the client with a local config and key
315
 
run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem
316
 
        @echo "###################################################################"
317
 
        @echo "# The following error messages are harmless and can be safely     #"
318
 
        @echo "# ignored:                                                        #"
319
 
        @echo "# From plugin-runner: setgid: Operation not permitted             #"
320
 
        @echo "#                     setuid: Operation not permitted             #"
321
 
        @echo "# From askpass-fifo:  mkfifo: Permission denied                   #"
322
 
        @echo "# From mandos-client:                                             #"
323
 
        @echo "#             Failed to raise privileges: Operation not permitted #"
324
 
        @echo "#             Warning: network hook \"*\" exited with status *      #"
325
 
        @echo "#                                                                 #"
326
 
        @echo "# (The messages are caused by not running as root, but you should #"
327
 
        @echo "# NOT run \"make run-client\" as root unless you also unpacked and  #"
328
 
        @echo "# compiled Mandos as root, which is also NOT recommended.)        #"
329
 
        @echo "###################################################################"
 
329
.PHONY: run-client
 
330
run-client: all keydir/seckey.txt keydir/pubkey.txt \
 
331
                        keydir/tls-privkey.pem keydir/tls-pubkey.pem
 
332
        @echo '######################################################'
 
333
        @echo '# The following error messages are harmless and can  #'
 
334
        @echo '#  be safely ignored:                                #'
 
335
        @echo '## From plugin-runner:                               #'
 
336
        @echo '# setgid: Operation not permitted                    #'
 
337
        @echo '# setuid: Operation not permitted                    #'
 
338
        @echo '## From askpass-fifo:                                #'
 
339
        @echo '# mkfifo: Permission denied                          #'
 
340
        @echo '## From mandos-client:                               #'
 
341
        @echo '# Failed to raise privileges: Operation not permi... #'
 
342
        @echo '# Warning: network hook "*" exited with status *     #'
 
343
        @echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
 
344
        @echo '# Failed to bring up interface "*": Operation not... #'
 
345
        @echo '#                                                    #'
 
346
        @echo '# (The messages are caused by not running as root,   #'
 
347
        @echo '# but you should NOT run "make run-client" as root   #'
 
348
        @echo '# unless you also unpacked and compiled Mandos as    #'
 
349
        @echo '# root, which is also NOT recommended.)              #'
 
350
        @echo '######################################################'
330
351
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
331
352
        ./plugin-runner --plugin-dir=plugins.d \
332
353
                --plugin-helper-dir=plugin-helpers \
339
360
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
340
361
        install --directory keydir
341
362
        ./mandos-keygen --dir keydir --force
 
363
        if ! [ -e keydir/tls-privkey.pem ]; then \
 
364
                install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
 
365
        fi
 
366
        if ! [ -e keydir/tls-pubkey.pem ]; then \
 
367
                install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
 
368
        fi
342
369
 
343
370
# Run the server with a local config
 
371
.PHONY: run-server
344
372
run-server: confdir/mandos.conf confdir/clients.conf statedir
345
373
        ./mandos --debug --no-dbus --configdir=confdir \
346
374
                --statedir=statedir $(SERVERARGS)
347
375
 
348
376
# Used by run-server
349
377
confdir/mandos.conf: mandos.conf
350
 
        install --directory confdir
351
 
        install --mode=u=rw,go=r $^ $@
 
378
        install -D --mode=u=rw,go=r $^ $@
352
379
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
353
 
        install --directory confdir
354
 
        install --mode=u=rw $< $@
 
380
        install -D --mode=u=rw $< $@
355
381
# Add a client password
356
382
        ./mandos-keygen --dir keydir --password --no-ssh >> $@
357
383
statedir:
358
384
        install --directory statedir
359
385
 
 
386
.PHONY: install
360
387
install: install-server install-client-nokey
361
388
 
 
389
.PHONY: install-html
362
390
install-html: html
363
 
        install --directory $(htmldir)
364
 
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
 
391
        install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
365
392
                $(htmldocs)
366
393
 
 
394
.PHONY: install-server
367
395
install-server: doc
368
 
        install --directory $(CONFDIR)
369
396
        if install --directory --mode=u=rwx --owner=$(USER) \
370
397
                --group=$(GROUP) $(STATEDIR); then \
371
398
                :; \
372
399
        elif install --directory --mode=u=rwx $(STATEDIR); then \
373
400
                chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
374
401
        fi
375
 
        if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \
376
 
                install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
 
402
        if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
 
403
                install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
377
404
                        $(TMPFILES)/mandos.conf; \
378
405
        fi
379
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
 
406
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
 
407
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
 
408
                        $(SYSUSERS)/mandos.conf; \
 
409
        fi
 
410
        install --directory $(PREFIX)/sbin
 
411
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
 
412
                mandos
380
413
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
381
414
                mandos-ctl
382
415
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
383
416
                mandos-monitor
 
417
        install --directory $(CONFDIR)
384
418
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
385
419
                mandos.conf
386
420
        install --mode=u=rw --target-directory=$(CONFDIR) \
387
421
                clients.conf
388
 
        install --mode=u=rw,go=r dbus-mandos.conf \
389
 
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
390
 
        install --mode=u=rwx,go=rx init.d-mandos \
 
422
        install -D --mode=u=rw,go=r dbus-mandos.conf \
 
423
                $(DBUSPOLICYDIR)/mandos.conf
 
424
        install -D --mode=u=rwx,go=rx init.d-mandos \
391
425
                $(DESTDIR)/etc/init.d/mandos
392
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
393
 
                install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
 
426
        if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
 
427
                install -D --mode=u=rw,go=r mandos.service \
 
428
                        $(SYSTEMD); \
394
429
        fi
395
 
        install --mode=u=rw,go=r default-mandos \
 
430
        install -D --mode=u=rw,go=r default-mandos \
396
431
                $(DESTDIR)/etc/default/mandos
397
432
        if [ -z $(DESTDIR) ]; then \
398
433
                update-rc.d mandos defaults 25 15;\
399
434
        fi
 
435
        install --directory $(MANDIR)/man8 $(MANDIR)/man5
400
436
        gzip --best --to-stdout mandos.8 \
401
437
                > $(MANDIR)/man8/mandos.8.gz
402
438
        gzip --best --to-stdout mandos-monitor.8 \
410
446
        gzip --best --to-stdout intro.8mandos \
411
447
                > $(MANDIR)/man8/intro.8mandos.gz
412
448
 
 
449
.PHONY: install-client-nokey
413
450
install-client-nokey: all doc
414
 
        install --directory $(LIBDIR)/mandos $(CONFDIR)
415
451
        install --directory --mode=u=rwx $(KEYDIR) \
416
452
                $(LIBDIR)/mandos/plugins.d \
417
453
                $(LIBDIR)/mandos/plugin-helpers
 
454
        if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
 
455
                install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
 
456
                        $(SYSUSERS)/mandos-client.conf; \
 
457
        fi
418
458
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
419
 
                install --mode=u=rwx \
420
 
                        --directory "$(CONFDIR)/plugins.d" \
 
459
                install --directory \
 
460
                        --mode=u=rwx "$(CONFDIR)/plugins.d" \
421
461
                        "$(CONFDIR)/plugin-helpers"; \
422
462
        fi
423
 
        install --mode=u=rwx,go=rx --directory \
 
463
        install --directory --mode=u=rwx,go=rx \
424
464
                "$(CONFDIR)/network-hooks.d"
425
465
        install --mode=u=rwx,go=rx \
426
466
                --target-directory=$(LIBDIR)/mandos plugin-runner
427
467
        install --mode=u=rwx,go=rx \
428
 
                --target-directory=$(LIBDIR)/mandos mandos-to-cryptroot-unlock
 
468
                --target-directory=$(LIBDIR)/mandos \
 
469
                mandos-to-cryptroot-unlock
 
470
        install --directory $(PREFIX)/sbin
429
471
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
430
472
                mandos-keygen
431
473
        install --mode=u=rwx,go=rx \
449
491
        install --mode=u=rwx,go=rx \
450
492
                --target-directory=$(LIBDIR)/mandos/plugin-helpers \
451
493
                plugin-helpers/mandos-client-iprouteadddel
452
 
        install initramfs-tools-hook \
 
494
        install -D initramfs-tools-hook \
453
495
                $(INITRAMFSTOOLS)/hooks/mandos
454
 
        install --mode=u=rw,go=r initramfs-tools-conf \
 
496
        install -D --mode=u=rw,go=r initramfs-tools-conf \
455
497
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
456
 
        install --mode=u=rw,go=r initramfs-tools-conf-hook \
 
498
        install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
457
499
                $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
458
 
        install initramfs-tools-script \
 
500
        install -D initramfs-tools-script \
459
501
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
460
 
        install initramfs-tools-script-stop \
 
502
        install -D initramfs-tools-script-stop \
461
503
                $(INITRAMFSTOOLS)/scripts/local-premount/mandos
462
 
        install --directory $(DRACUTMODULE)
463
 
        install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
 
504
        install -D --mode=u=rw,go=r \
 
505
                --target-directory=$(DRACUTMODULE) \
464
506
                dracut-module/ask-password-mandos.path \
465
507
                dracut-module/ask-password-mandos.service
466
508
        install --mode=u=rwxs,go=rx \
469
511
                dracut-module/cmdline-mandos.sh \
470
512
                dracut-module/password-agent
471
513
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
 
514
        install --directory $(MANDIR)/man8
472
515
        gzip --best --to-stdout mandos-keygen.8 \
473
516
                > $(MANDIR)/man8/mandos-keygen.8.gz
474
517
        gzip --best --to-stdout plugin-runner.8mandos \
488
531
        gzip --best --to-stdout dracut-module/password-agent.8mandos \
489
532
                > $(MANDIR)/man8/password-agent.8mandos.gz
490
533
 
 
534
.PHONY: install-client
491
535
install-client: install-client-nokey
492
536
# Post-installation stuff
493
537
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
494
538
        if command -v update-initramfs >/dev/null; then \
495
539
            update-initramfs -k all -u; \
496
540
        elif command -v dracut >/dev/null; then \
497
 
            for initrd in $(DESTDIR)/boot/initr*-$(shell uname --kernel-release); do \
 
541
            for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
498
542
                if [ -w "$$initrd" ]; then \
499
543
                    chmod go-r "$$initrd"; \
500
544
                    dracut --force "$$initrd"; \
503
547
        fi
504
548
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
505
549
 
 
550
.PHONY: uninstall
506
551
uninstall: uninstall-server uninstall-client
507
552
 
 
553
.PHONY: uninstall-server
508
554
uninstall-server:
509
555
        -rm --force $(PREFIX)/sbin/mandos \
510
556
                $(PREFIX)/sbin/mandos-ctl \
517
563
        update-rc.d -f mandos remove
518
564
        -rmdir $(CONFDIR)
519
565
 
 
566
.PHONY: uninstall-client
520
567
uninstall-client:
521
568
# Refuse to uninstall client if /etc/crypttab is explicitly configured
522
569
# to use it.
553
600
        if command -v update-initramfs >/dev/null; then \
554
601
            update-initramfs -k all -u; \
555
602
        elif command -v dracut >/dev/null; then \
556
 
            for initrd in $(DESTDIR)/boot/initr*-$(shell uname --kernel-release); do \
 
603
            for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
557
604
                test -w "$$initrd" && dracut --force "$$initrd"; \
558
605
            done; \
559
606
        fi
560
607
 
 
608
.PHONY: purge
561
609
purge: purge-server purge-client
562
610
 
 
611
.PHONY: purge-server
563
612
purge-server: uninstall-server
564
613
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
565
614
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
566
615
                $(DESTDIR)/etc/default/mandos \
567
616
                $(DESTDIR)/etc/init.d/mandos \
568
 
                $(SYSTEMD)/mandos.service \
569
617
                $(DESTDIR)/run/mandos.pid \
570
618
                $(DESTDIR)/var/run/mandos.pid
 
619
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
 
620
                -rm --force -- $(SYSTEMD)/mandos.service; \
 
621
        fi
571
622
        -rmdir $(CONFDIR)
572
623
 
 
624
.PHONY: purge-client
573
625
purge-client: uninstall-client
574
626
        -shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
575
627
        -rm --force $(CONFDIR)/plugin-runner.conf \