/mandos/release : revision 237.7.89

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2011-12-31 20:07:11 UTC
mfrom: (237.17.9 wireless-network-hook)
mto: (237.7.109 trunk) (299.1.1 release) (300.1.1 release) (301.1.1 release)
mto: This revision was merged to the branch mainline in revision 290.
Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r

Merge new wireless network hook. Fix bridge network hook to use
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.

files added:
DBUS-API

dbus-mandos.conf

debian/source

debian/source/format

debian/source/local-options

debian/watch

intro.xml

mandos-ctl

mandos-ctl.xml

mandos-monitor

mandos-monitor.xml

mandos.lsm

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

plugins.d/plymouth.c

plugins.d/plymouth.xml

files removed:
debian/mandos-client.config

debian/mandos-client.templates

debian/mandos.config

debian/mandos.templates

debian/po/POTFILES.in

debian/po/sv.po

files modified:
.bzrignore

INSTALL

Makefile

NEWS

README

TODO

clients.conf

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.postinst

debian/mandos.prerm

debian/rules

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos-keygen.xml

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.xml

plugin-runner.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

Makefile

WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \

-Wswitch-default -Wswitch-enum -Wunused-parameter \

-Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \

-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \

-Wunsafe-loop-optimizations -Wpointer-arith \

-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \

-Wconversion -Wstrict-prototypes -Wold-style-definition \

-Wpacked -Wnested-externs -Winline -Wvolatile-register-var

# -Wunreachable-code

#DEBUG=-ggdb3

# For info about _FORTIFY_SOURCE, see

# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>

FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -pie

LINK_FORTIFY=-z relro -pie

# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>

# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

LINK_FORTIFY_LD=-z relro -z now

LINK_FORTIFY=

# If BROKEN_PIE is set, do not build with -pie

ifndef BROKEN_PIE

FORTIFY += -fPIE

LINK_FORTIFY += -pie

endif

#COVERAGE=--coverage

OPTIMIZE=-Os

LANGUAGE=-std=gnu99

htmldir=man

version=1.0.1

version=1.4.1

SED=sed

USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))

GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))

## Use these settings for a traditional /usr/local install

# PREFIX=$(DESTDIR)/usr/local

# CONFDIR=$(DESTDIR)/etc/mandos

# KEYDIR=$(DESTDIR)/etc/mandos/keys

# MANDIR=$(PREFIX)/man

# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools

# STATEDIR=$(DESTDIR)/var/lib/mandos

## These settings are for a package-type install

KEYDIR=$(DESTDIR)/etc/keys/mandos

MANDIR=$(PREFIX)/share/man

INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools

STATEDIR=$(DESTDIR)/var/lib/mandos

GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)

GNUTLS_LIBS=$(shell libgnutls-config --libs)

GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)

GNUTLS_LIBS=$(shell pkg-config --libs gnutls)

AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS=$(shell gpgme-config --cflags)

GPGME_LIBS=$(shell gpgme-config --libs)

GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \

getconf LFS_LDFLAGS)

# Do not change these two

CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \

-DVERSION='"$(version)"'

LDFLAGS=$(COVERAGE) $(LINK_FORTIFY)

LDFLAGS=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

# Commands to format a DocBook <refentry> document into a manual page

DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \

DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \

--param man.charmap.use.subset 0 \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.authors.section.enabled 0 \

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

$(notdir $<); \

$(MANPOST) $(notdir $@)

$(MANPOST) $(notdir $@);\

LANG=en_US.UTF-8 MANWIDTH=80 man --warnings --encoding=UTF-8 \

--local-file $(notdir $@) >/dev/null)

# DocBook-to-man post-processing to fix a '\n' escape bug

MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'

DOCBOOKTOHTML=xsltproc --nonet --xinclude \

DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.output.quietly 1 \

--param citerefentry.link 1 \

--output $@ \

/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \

$<; $(HTMLPOST) $@

$<; $(HTMLPOST) $@)

# Fix citerefentry links

HTMLPOST=$(SED) --in-place --expression='s/$<a class="citerefentry" href="$$"><span class="citerefentry"><span class="refentrytitle">$$[^<]*$$<\/span>($$[^)]*$$)<\/span><\/a>$/\1\3.\5\2\3\4\5\6/g'

HTMLPOST=$(SED) --in-place \

--expression='s/$<a class="citerefentry" href="$$"><span class="citerefentry"><span class="refentrytitle">$$[^<]*$$<\/span>($$[^)]*$$)<\/span><\/a>$/\1\3.\5\2\3\4\5\6/g'

PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \

plugins.d/plymouth

CPROGS=plugin-runner $(PLUGINS)

PROGS=mandos mandos-keygen $(CPROGS)

DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \

PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)

DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \

mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \

plugins.d/mandos-client.8mandos \

plugins.d/password-prompt.8mandos mandos.conf.5 \

plugins.d/usplash.8mandos plugins.d/splashy.8mandos \

plugins.d/askpass-fifo.8mandos mandos-clients.conf.5

100

plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \

101

plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \

102

plugins.d/plymouth.8mandos intro.8mandos

103

104

htmldocs=$(addsuffix .xhtml,$(DOCS))

105

106

objects=$(addsuffix .o,$(CPROGS))

107

all: $(PROGS)

108

all: $(PROGS) mandos.lsm

109

110

doc: $(DOCS)

111

107

126

%.8mandos.xhtml: %.xml common.ent legalnotice.xml

108

127

$(DOCBOOKTOHTML)

109

128

129

intro.8mandos: intro.xml common.ent legalnotice.xml

130

$(DOCBOOKTOMAN)

131

intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml

132

$(DOCBOOKTOHTML)

133

110

134

mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \

111

135

legalnotice.xml

112

136

$(DOCBOOKTOMAN)

121

145

legalnotice.xml

122

146

$(DOCBOOKTOHTML)

123

147

148

mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \

149

legalnotice.xml

150

$(DOCBOOKTOMAN)

151

mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \

152

legalnotice.xml

153

$(DOCBOOKTOHTML)

154

155

mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \

156

legalnotice.xml

157

$(DOCBOOKTOMAN)

158

mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \

159

legalnotice.xml

160

$(DOCBOOKTOHTML)

161

124

162

mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \

125

163

legalnotice.xml

126

164

$(DOCBOOKTOMAN)

148

186

149

187

# Update all these files with version number $(version)

150

188

common.ent: Makefile

151

$(SED) --in-place --expression='s/^$<ENTITY VERSION "$[^"]*">$$/\1$(version)"/' $@

189

$(strip $(SED) --in-place \

190

--expression='s/^$<!ENTITY version "$[^"]*">$$/\1$(version)">/' \

191

$@)

152

192

153

193

mandos: Makefile

154

$(SED) --in-place --expression='s/^$version = "$[^"]*"$$/\1$(version)"/' $@

194

$(strip $(SED) --in-place \

195

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

196

$@)

155

197

156

198

mandos-keygen: Makefile

157

$(SED) --in-place --expression='s/^$VERSION="$[^"]*"$$/\1$(version)"/' $@

158

159

plugins.d/mandos-client: plugins.d/mandos-client.o

160

$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \

161

$(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@

199

$(strip $(SED) --in-place \

200

--expression='s/^$VERSION="$[^"]*"$$/\1$(version)"/' \

201

$@)

202

203

mandos-ctl: Makefile

204

$(strip $(SED) --in-place \

205

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

206

$@)

207

208

mandos-monitor: Makefile

209

$(strip $(SED) --in-place \

210

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

211

$@)

212

213

mandos.lsm: Makefile

214

$(strip $(SED) --in-place \

215

--expression='s/^$Version:$.*/\1\t$(version)/' \

216

$@)

217

$(strip $(SED) --in-place \

218

--expression='s/^$Entered-date:$.*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \

219

$@)

220

$(strip $(SED) --in-place \

221

--expression='s/$mandos_$[0-9.]\+$\.orig\.tar\.gz$/\1$(version)\2/' \

222

$@)

223

224

plugins.d/mandos-client: plugins.d/mandos-client.c

225

$(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\

226

) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@

162

227

163

228

.PHONY : all doc html clean distclean run-client run-server install \

164

229

install-server install-client uninstall uninstall-server \

170

235

distclean: clean

171

236

mostlyclean: clean

172

237

maintainer-clean: clean

173

-rm --force --recursive keydir confdir

238

-rm --force --recursive keydir confdir statedir

174

239

175

240

check: all

176

241

./mandos --check

177

242

178

243

# Run the client with a local config and key

179

244

run-client: all keydir/seckey.txt keydir/pubkey.txt

245

@echo "###################################################################"

246

@echo "# The following error messages are harmless and can be safely #"

247

@echo "# ignored. The messages are caused by not running as root, but #"

248

@echo "# you should NOT run \"make run-client\" as root unless you also #"

249

@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"

250

@echo "# From plugin-runner: setuid: Operation not permitted #"

251

@echo "# From askpass-fifo: mkfifo: Permission denied #"

252

@echo "# From mandos-client: setuid: Operation not permitted #"

253

@echo "# seteuid: Operation not permitted #"

254

@echo "# klogctl: Operation not permitted #"

255

@echo "###################################################################"

180

256

./plugin-runner --plugin-dir=plugins.d \

181

257

--config-file=plugin-runner.conf \

182

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt

258

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \

259

$(CLIENTARGS)

183

260

184

261

# Used by run-client

185

262

keydir/seckey.txt keydir/pubkey.txt: mandos-keygen

188

265

189

266

# Run the server with a local config

190

267

run-server: confdir/mandos.conf confdir/clients.conf

191

./mandos --debug --configdir=confdir

268

./mandos --debug --no-dbus --configdir=confdir \

269

--statedir=statedir $(SERVERARGS)

192

270

193

271

# Used by run-server

194

272

confdir/mandos.conf: mandos.conf

199

277

install --mode=u=rw $< $@

200

278

# Add a client password

201

279

./mandos-keygen --dir keydir --password >> $@

280

statedir:

281

install --directory statedir

202

282

203

283

install: install-server install-client-nokey

204

284

205

install-html: $(htmldocs)

285

install-html: html

206

286

install --directory $(htmldir)

207

287

install --mode=u=rw,go=r --target-directory=$(htmldir) \

208

288

$(htmldocs)

209

289

210

290

install-server: doc

211

291

install --directory $(CONFDIR)

292

install --directory --mode=u=rwx --owner=$(USER) \

293

--group=$(GROUP) $(STATEDIR)

212

294

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

295

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

296

mandos-ctl

297

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

298

mandos-monitor

213

299

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

214

300

mandos.conf

215

301

install --mode=u=rw --target-directory=$(CONFDIR) \

216

302

clients.conf

303

install --mode=u=rw,go=r dbus-mandos.conf \

304

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

217

305

install --mode=u=rwx,go=rx init.d-mandos \

218

306

$(DESTDIR)/etc/init.d/mandos

219

307

install --mode=u=rw,go=r default-mandos \

223

311

224

312

gzip --best --to-stdout mandos.8 \

225

313

> $(MANDIR)/man8/mandos.8.gz

314

gzip --best --to-stdout mandos-monitor.8 \

315

> $(MANDIR)/man8/mandos-monitor.8.gz

316

gzip --best --to-stdout mandos-ctl.8 \

317

> $(MANDIR)/man8/mandos-ctl.8.gz

226

318

gzip --best --to-stdout mandos.conf.5 \

227

319

> $(MANDIR)/man5/mandos.conf.5.gz

228

320

gzip --best --to-stdout mandos-clients.conf.5 \

236

328

install --mode=u=rwx \

237

329

--directory "$(CONFDIR)/plugins.d"; \

238

330

331

install --mode=u=rwx,go=rx --directory \

332

"$(CONFDIR)/network-hooks.d"

239

333

install --mode=u=rwx,go=rx \

240

334

--target-directory=$(PREFIX)/lib/mandos plugin-runner

241

335

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

255

349

install --mode=u=rwxs,go=rx \

256

350

--target-directory=$(PREFIX)/lib/mandos/plugins.d \

257

351

plugins.d/askpass-fifo

352

install --mode=u=rwxs,go=rx \

353

--target-directory=$(PREFIX)/lib/mandos/plugins.d \

354

plugins.d/plymouth

258

355

install initramfs-tools-hook \

259

356

$(INITRAMFSTOOLS)/hooks/mandos

260

357

install --mode=u=rw,go=r initramfs-tools-hook-conf \

261

358

$(INITRAMFSTOOLS)/conf-hooks.d/mandos

262

359

install initramfs-tools-script \

263

$(INITRAMFSTOOLS)/scripts/local-top/mandos

360

$(INITRAMFSTOOLS)/scripts/init-premount/mandos

264

361

install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)

265

362

gzip --best --to-stdout mandos-keygen.8 \

266

363

> $(MANDIR)/man8/mandos-keygen.8.gz

267

364

gzip --best --to-stdout plugin-runner.8mandos \

268

365

> $(MANDIR)/man8/plugin-runner.8mandos.gz

366

gzip --best --to-stdout plugins.d/mandos-client.8mandos \

367

> $(MANDIR)/man8/mandos-client.8mandos.gz

269

368

gzip --best --to-stdout plugins.d/password-prompt.8mandos \

270

369

> $(MANDIR)/man8/password-prompt.8mandos.gz

271

gzip --best --to-stdout plugins.d/mandos-client.8mandos \

272

> $(MANDIR)/man8/mandos-client.8mandos.gz

273

370

gzip --best --to-stdout plugins.d/usplash.8mandos \

274

371

> $(MANDIR)/man8/usplash.8mandos.gz

275

372

gzip --best --to-stdout plugins.d/splashy.8mandos \

276

373

> $(MANDIR)/man8/splashy.8mandos.gz

277

374

gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \

278

375

> $(MANDIR)/man8/askpass-fifo.8mandos.gz

376

gzip --best --to-stdout plugins.d/plymouth.8mandos \

377

> $(MANDIR)/man8/plymouth.8mandos.gz

279

378

280

379

install-client: install-client-nokey

281

380

# Post-installation stuff

287

386

288

387

uninstall-server:

289

388

-rm --force $(PREFIX)/sbin/mandos \

389

$(PREFIX)/sbin/mandos-ctl \

390

$(PREFIX)/sbin/mandos-monitor \

290

391

$(MANDIR)/man8/mandos.8.gz \

392

$(MANDIR)/man8/mandos-monitor.8.gz \

393

$(MANDIR)/man8/mandos-ctl.8.gz \

291

394

$(MANDIR)/man5/mandos.conf.5.gz \

292

395

$(MANDIR)/man5/mandos-clients.conf.5.gz

293

396

update-rc.d -f mandos remove

305

408

$(PREFIX)/lib/mandos/plugins.d/usplash \

306

409

$(PREFIX)/lib/mandos/plugins.d/splashy \

307

410

$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \

411

$(PREFIX)/lib/mandos/plugins.d/plymouth \

308

412

$(INITRAMFSTOOLS)/hooks/mandos \

309

413

$(INITRAMFSTOOLS)/conf-hooks.d/mandos \

310

$(INITRAMFSTOOLS)/scripts/local-top/mandos \

414

$(INITRAMFSTOOLS)/scripts/init-premount/mandos \

415

$(MANDIR)/man8/mandos-keygen.8.gz \

311

416

$(MANDIR)/man8/plugin-runner.8mandos.gz \

312

$(MANDIR)/man8/mandos-keygen.8.gz \

417

$(MANDIR)/man8/mandos-client.8mandos.gz

313

418

$(MANDIR)/man8/password-prompt.8mandos.gz \

314

419

$(MANDIR)/man8/usplash.8mandos.gz \

315

420

$(MANDIR)/man8/splashy.8mandos.gz \

316

421

$(MANDIR)/man8/askpass-fifo.8mandos.gz \

317

$(MANDIR)/man8/mandos-client.8mandos.gz

422

$(MANDIR)/man8/plymouth.8mandos.gz \

318

423

-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \

319

424

$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)

320

425

update-initramfs -k all -u

323

428

324

429

purge-server: uninstall-server

325

430

-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \

431

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

326

432

$(DESTDIR)/etc/default/mandos \

327

433

$(DESTDIR)/etc/init.d/mandos \

328

434

$(DESTDIR)/var/run/mandos.pid

Older »