To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to Makefile
- browse files at revision 237.7.89
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.89
- Committer: Teddy Hogeborn
- Date: 2011-12-31 20:07:11 UTC
- mfrom: (237.17.9 wireless-network-hook)
- mto: (237.7.109 trunk) (299.1.1 release) (300.1.1 release) (301.1.1 release)
- mto: This revision was merged to the branch mainline in revision 290.
- Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r
Merge new wireless network hook. Fix bridge network hook to use
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.
- files added:
- initramfs-tools-hook-conf
- files removed:
- bugs.xml
- debian/tests
- debian/upstream
- dracut-module
- plugin-helpers
- files modified:
- .bzrignore
added
removed
Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
-Wswitch-default -Wswitch-enum -Wunused-parameter \
3
-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
6
4
-Wunsafe-loop-optimizations -Wpointer-arith \
7
5
-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
8
-Wconversion -Wlogical-op -Waggregate-return \
9
-Wstrict-prototypes -Wold-style-definition \
10
-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
-Wvolatile-register-var -Woverlength-strings
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
# echo 'int main(){}' | $(CC) --language=c $(option) \
18
# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
21
-fsanitize=shift -fsanitize=integer-divide-by-zero \
22
-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
-fsanitize=return -fsanitize=signed-integer-overflow \
24
-fsanitize=bounds -fsanitize=alignment \
25
-fsanitize=object-size -fsanitize=float-divide-by-zero \
26
-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
-fsanitize=returns-nonnull-attribute -fsanitize=bool \
28
-fsanitize=enum -fsanitize-address-use-after-scope
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
33
LINK_FORTIFY_LD:=-z relro -z now
34
LINK_FORTIFY:=
6
-Wconversion -Wstrict-prototypes -Wold-style-definition \
7
-Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
# -Wunreachable-code
9
#DEBUG=-ggdb3
10
# For info about _FORTIFY_SOURCE, see
11
# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>
12
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
13
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
14
LINK_FORTIFY_LD=-z relro -z now
15
LINK_FORTIFY=
35
16
36
17
# If BROKEN_PIE is set, do not build with -pie
37
18
ifndef BROKEN_PIE
39
20
LINK_FORTIFY += -pie
40
21
endif
41
22
#COVERAGE=--coverage
42
OPTIMIZE:=-Os -fno-strict-aliasing
43
LANGUAGE:=-std=gnu11
44
htmldir:=man
45
version:=1.8.4
46
SED:=sed
23
OPTIMIZE=-Os
24
LANGUAGE=-std=gnu99
25
htmldir=man
26
version=1.4.1
27
SED=sed
47
28
48
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
49
|| getent passwd nobody || echo 65534)))
50
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
51
|| getent group nogroup || echo 65534)))
29
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
30
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))
52
31
53
32
## Use these settings for a traditional /usr/local install
54
# PREFIX:=$(DESTDIR)/usr/local
55
# CONFDIR:=$(DESTDIR)/etc/mandos
56
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
57
# MANDIR:=$(PREFIX)/man
58
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
59
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
60
# STATEDIR:=$(DESTDIR)/var/lib/mandos
61
# LIBDIR:=$(PREFIX)/lib
33
# PREFIX=$(DESTDIR)/usr/local
34
# CONFDIR=$(DESTDIR)/etc/mandos
35
# KEYDIR=$(DESTDIR)/etc/mandos/keys
36
# MANDIR=$(PREFIX)/man
37
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
38
# STATEDIR=$(DESTDIR)/var/lib/mandos
62
39
##
63
40
64
41
## These settings are for a package-type install
65
PREFIX:=$(DESTDIR)/usr
66
CONFDIR:=$(DESTDIR)/etc/mandos
67
KEYDIR:=$(DESTDIR)/etc/keys/mandos
68
MANDIR:=$(PREFIX)/share/man
69
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
70
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
71
STATEDIR:=$(DESTDIR)/var/lib/mandos
72
LIBDIR:=$(shell \
73
for d in \
74
"/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
75
"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
76
if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
77
echo "$(DESTDIR)$$d"; \
78
break; \
79
fi; \
80
done)
42
PREFIX=$(DESTDIR)/usr
43
CONFDIR=$(DESTDIR)/etc/mandos
44
KEYDIR=$(DESTDIR)/etc/keys/mandos
45
MANDIR=$(PREFIX)/share/man
46
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
47
STATEDIR=$(DESTDIR)/var/lib/mandos
81
48
##
82
49
83
SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
84
TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)
85
86
GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)
87
GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)
88
AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)
89
AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)
90
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
91
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
50
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
51
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
52
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
53
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
54
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
55
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
92
56
getconf LFS_LDFLAGS)
93
LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)
94
LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)
95
GLIB_CFLAGS:=$(shell pkg-config --cflags glib-2.0)
96
GLIB_LIBS:=$(shell pkg-config --libs glib-2.0)
97
57
98
58
# Do not change these two
99
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \
100
$(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'
101
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
102
) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
59
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
60
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
61
-DVERSION='"$(version)"'
62
LDFLAGS=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
103
63
104
64
# Commands to format a DocBook <refentry> document into a manual page
105
65
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
108
68
--param make.single.year.ranges 1 \
109
69
--param man.output.quietly 1 \
110
70
--param man.authors.section.enabled 0 \
111
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
71
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
112
72
$(notdir $<); \
113
if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
114
&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
115
MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
116
$(notdir $@); fi >/dev/null)
73
$(MANPOST) $(notdir $@);\
74
LANG=en_US.UTF-8 MANWIDTH=80 man --warnings --encoding=UTF-8 \
75
--local-file $(notdir $@) >/dev/null)
76
# DocBook-to-man post-processing to fix a '\n' escape bug
77
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
117
78
118
79
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
119
80
--param make.year.ranges 1 \
125
86
/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
126
87
$<; $(HTMLPOST) $@)
127
88
# Fix citerefentry links
128
HTMLPOST:=$(SED) --in-place \
89
HTMLPOST=$(SED) --in-place \
129
90
--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
130
91
131
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
92
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
132
93
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
133
94
plugins.d/plymouth
134
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
135
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
136
$(PLUGIN_HELPERS)
137
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
138
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
95
CPROGS=plugin-runner $(PLUGINS)
96
PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
97
DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
139
98
mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
140
dracut-module/password-agent.8mandos \
141
99
plugins.d/mandos-client.8mandos \
142
100
plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
143
101
plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
144
102
plugins.d/plymouth.8mandos intro.8mandos
145
103
146
htmldocs:=$(addsuffix .xhtml,$(DOCS))
104
htmldocs=$(addsuffix .xhtml,$(DOCS))
147
105
148
objects:=$(addsuffix .o,$(CPROGS))
106
objects=$(addsuffix .o,$(CPROGS))
149
107
150
108
all: $(PROGS) mandos.lsm
151
109
215
173
overview.xml legalnotice.xml
216
174
$(DOCBOOKTOHTML)
217
175
218
dracut-module/password-agent.8mandos: \
219
dracut-module/password-agent.xml common.ent \
220
overview.xml legalnotice.xml
221
$(DOCBOOKTOMAN)
222
dracut-module/password-agent.8mandos.xhtml: \
223
dracut-module/password-agent.xml common.ent \
224
overview.xml legalnotice.xml
225
$(DOCBOOKTOHTML)
226
227
176
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
228
177
common.ent \
229
178
mandos-options.xml \
272
221
--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
273
222
$@)
274
223
275
# Need to add the GnuTLS, Avahi and GPGME libraries
276
224
plugins.d/mandos-client: plugins.d/mandos-client.c
277
$(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
278
) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
279
) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
280
) $(LDLIBS) -o $@
281
282
# Need to add the libnl-route library
283
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
284
$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
285
) $(LOADLIBES) $(LDLIBS) -o $@
286
287
# Need to add the GLib and pthread libraries
288
dracut-module/password-agent: dracut-module/password-agent.c
289
$(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\
290
) $(LOADLIBES) $(LDLIBS) -o $@
291
292
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
293
check run-client run-server install install-html \
294
install-server install-client-nokey install-client uninstall \
295
uninstall-server uninstall-client purge purge-server \
296
purge-client
225
$(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\
226
) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@
227
228
.PHONY : all doc html clean distclean run-client run-server install \
229
install-server install-client uninstall uninstall-server \
230
uninstall-client purge purge-server purge-client
297
231
298
232
clean:
299
233
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
303
237
maintainer-clean: clean
304
238
-rm --force --recursive keydir confdir statedir
305
239
306
check: all
240
check: all
307
241
./mandos --check
308
./mandos-ctl --check
309
./mandos-keygen --version
310
./plugin-runner --version
311
./plugin-helpers/mandos-client-iprouteadddel --version
312
./dracut-module/password-agent --test
313
242
314
243
# Run the client with a local config and key
315
run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem
244
run-client: all keydir/seckey.txt keydir/pubkey.txt
316
245
@echo "###################################################################"
317
246
@echo "# The following error messages are harmless and can be safely #"
318
@echo "# ignored: #"
319
@echo "# From plugin-runner: setgid: Operation not permitted #"
320
@echo "# setuid: Operation not permitted #"
247
@echo "# ignored. The messages are caused by not running as root, but #"
248
@echo "# you should NOT run \"make run-client\" as root unless you also #"
249
@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"
250
@echo "# From plugin-runner: setuid: Operation not permitted #"
321
251
@echo "# From askpass-fifo: mkfifo: Permission denied #"
322
@echo "# From mandos-client: #"
323
@echo "# Failed to raise privileges: Operation not permitted #"
324
@echo "# Warning: network hook \"*\" exited with status * #"
325
@echo "# #"
326
@echo "# (The messages are caused by not running as root, but you should #"
327
@echo "# NOT run \"make run-client\" as root unless you also unpacked and #"
328
@echo "# compiled Mandos as root, which is also NOT recommended.) #"
252
@echo "# From mandos-client: setuid: Operation not permitted #"
253
@echo "# seteuid: Operation not permitted #"
254
@echo "# klogctl: Operation not permitted #"
329
255
@echo "###################################################################"
330
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
331
256
./plugin-runner --plugin-dir=plugins.d \
332
--plugin-helper-dir=plugin-helpers \
333
257
--config-file=plugin-runner.conf \
334
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
335
--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
258
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
336
259
$(CLIENTARGS)
337
260
338
261
# Used by run-client
339
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
262
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
340
263
install --directory keydir
341
264
./mandos-keygen --dir keydir --force
342
265
343
266
# Run the server with a local config
344
run-server: confdir/mandos.conf confdir/clients.conf statedir
267
run-server: confdir/mandos.conf confdir/clients.conf
345
268
./mandos --debug --no-dbus --configdir=confdir \
346
269
--statedir=statedir $(SERVERARGS)
347
270
349
272
confdir/mandos.conf: mandos.conf
350
273
install --directory confdir
351
274
install --mode=u=rw,go=r $^ $@
352
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
275
confdir/clients.conf: clients.conf keydir/seckey.txt
353
276
install --directory confdir
354
277
install --mode=u=rw $< $@
355
278
# Add a client password
356
./mandos-keygen --dir keydir --password --no-ssh >> $@
279
./mandos-keygen --dir keydir --password >> $@
357
280
statedir:
358
281
install --directory statedir
359
282
366
289
367
290
install-server: doc
368
291
install --directory $(CONFDIR)
369
if install --directory --mode=u=rwx --owner=$(USER) \
370
--group=$(GROUP) $(STATEDIR); then \
371
:; \
372
elif install --directory --mode=u=rwx $(STATEDIR); then \
373
chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
374
fi
375
if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \
376
install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
377
$(TMPFILES)/mandos.conf; \
378
fi
292
install --directory --mode=u=rwx --owner=$(USER) \
293
--group=$(GROUP) $(STATEDIR)
379
294
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
380
295
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
381
296
mandos-ctl
389
304
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
390
305
install --mode=u=rwx,go=rx init.d-mandos \
391
306
$(DESTDIR)/etc/init.d/mandos
392
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
393
install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
394
fi
395
307
install --mode=u=rw,go=r default-mandos \
396
308
$(DESTDIR)/etc/default/mandos
397
309
if [ -z $(DESTDIR) ]; then \
407
319
> $(MANDIR)/man5/mandos.conf.5.gz
408
320
gzip --best --to-stdout mandos-clients.conf.5 \
409
321
> $(MANDIR)/man5/mandos-clients.conf.5.gz
410
gzip --best --to-stdout intro.8mandos \
411
> $(MANDIR)/man8/intro.8mandos.gz
412
322
413
323
install-client-nokey: all doc
414
install --directory $(LIBDIR)/mandos $(CONFDIR)
324
install --directory $(PREFIX)/lib/mandos $(CONFDIR)
415
325
install --directory --mode=u=rwx $(KEYDIR) \
416
$(LIBDIR)/mandos/plugins.d \
417
$(LIBDIR)/mandos/plugin-helpers
418
if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
326
$(PREFIX)/lib/mandos/plugins.d
327
if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
419
328
install --mode=u=rwx \
420
--directory "$(CONFDIR)/plugins.d" \
421
"$(CONFDIR)/plugin-helpers"; \
329
--directory "$(CONFDIR)/plugins.d"; \
422
330
fi
423
331
install --mode=u=rwx,go=rx --directory \
424
332
"$(CONFDIR)/network-hooks.d"
425
333
install --mode=u=rwx,go=rx \
426
--target-directory=$(LIBDIR)/mandos plugin-runner
427
install --mode=u=rwx,go=rx \
428
--target-directory=$(LIBDIR)/mandos mandos-to-cryptroot-unlock
334
--target-directory=$(PREFIX)/lib/mandos plugin-runner
429
335
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
430
336
mandos-keygen
431
337
install --mode=u=rwx,go=rx \
432
--target-directory=$(LIBDIR)/mandos/plugins.d \
338
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
433
339
plugins.d/password-prompt
434
340
install --mode=u=rwxs,go=rx \
435
--target-directory=$(LIBDIR)/mandos/plugins.d \
341
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
436
342
plugins.d/mandos-client
437
343
install --mode=u=rwxs,go=rx \
438
--target-directory=$(LIBDIR)/mandos/plugins.d \
344
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
439
345
plugins.d/usplash
440
346
install --mode=u=rwxs,go=rx \
441
--target-directory=$(LIBDIR)/mandos/plugins.d \
347
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
442
348
plugins.d/splashy
443
349
install --mode=u=rwxs,go=rx \
444
--target-directory=$(LIBDIR)/mandos/plugins.d \
350
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
445
351
plugins.d/askpass-fifo
446
352
install --mode=u=rwxs,go=rx \
447
--target-directory=$(LIBDIR)/mandos/plugins.d \
353
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
448
354
plugins.d/plymouth
449
install --mode=u=rwx,go=rx \
450
--target-directory=$(LIBDIR)/mandos/plugin-helpers \
451
plugin-helpers/mandos-client-iprouteadddel
452
355
install initramfs-tools-hook \
453
356
$(INITRAMFSTOOLS)/hooks/mandos
454
install --mode=u=rw,go=r initramfs-tools-conf \
455
$(INITRAMFSTOOLS)/conf.d/mandos-conf
456
install --mode=u=rw,go=r initramfs-tools-conf-hook \
457
$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
357
install --mode=u=rw,go=r initramfs-tools-hook-conf \
358
$(INITRAMFSTOOLS)/conf-hooks.d/mandos
458
359
install initramfs-tools-script \
459
360
$(INITRAMFSTOOLS)/scripts/init-premount/mandos
460
install initramfs-tools-script-stop \
461
$(INITRAMFSTOOLS)/scripts/local-premount/mandos
462
install --directory $(DRACUTMODULE)
463
install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
464
dracut-module/ask-password-mandos.path \
465
dracut-module/ask-password-mandos.service
466
install --mode=u=rwxs,go=rx \
467
--target-directory=$(DRACUTMODULE) \
468
dracut-module/module-setup.sh \
469
dracut-module/cmdline-mandos.sh \
470
dracut-module/password-agent
471
361
install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
472
362
gzip --best --to-stdout mandos-keygen.8 \
473
363
> $(MANDIR)/man8/mandos-keygen.8.gz
485
375
> $(MANDIR)/man8/askpass-fifo.8mandos.gz
486
376
gzip --best --to-stdout plugins.d/plymouth.8mandos \
487
377
> $(MANDIR)/man8/plymouth.8mandos.gz
488
gzip --best --to-stdout dracut-module/password-agent.8mandos \
489
> $(MANDIR)/man8/password-agent.8mandos.gz
490
378
491
379
install-client: install-client-nokey
492
380
# Post-installation stuff
493
381
-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
494
if command -v update-initramfs >/dev/null; then \
495
update-initramfs -k all -u; \
496
elif command -v dracut >/dev/null; then \
497
for initrd in $(DESTDIR)/boot/initr*-$(shell uname --kernel-release); do \
498
if [ -w "$$initrd" ]; then \
499
chmod go-r "$$initrd"; \
500
dracut --force "$$initrd"; \
501
fi; \
502
done; \
503
fi
382
update-initramfs -k all -u
504
383
echo "Now run mandos-keygen --password --dir $(KEYDIR)"
505
384
506
385
uninstall: uninstall-server uninstall-client
523
402
! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
524
403
$(DESTDIR)/etc/crypttab
525
404
-rm --force $(PREFIX)/sbin/mandos-keygen \
526
$(LIBDIR)/mandos/plugin-runner \
527
$(LIBDIR)/mandos/plugins.d/password-prompt \
528
$(LIBDIR)/mandos/plugins.d/mandos-client \
529
$(LIBDIR)/mandos/plugins.d/usplash \
530
$(LIBDIR)/mandos/plugins.d/splashy \
531
$(LIBDIR)/mandos/plugins.d/askpass-fifo \
532
$(LIBDIR)/mandos/plugins.d/plymouth \
405
$(PREFIX)/lib/mandos/plugin-runner \
406
$(PREFIX)/lib/mandos/plugins.d/password-prompt \
407
$(PREFIX)/lib/mandos/plugins.d/mandos-client \
408
$(PREFIX)/lib/mandos/plugins.d/usplash \
409
$(PREFIX)/lib/mandos/plugins.d/splashy \
410
$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
411
$(PREFIX)/lib/mandos/plugins.d/plymouth \
533
412
$(INITRAMFSTOOLS)/hooks/mandos \
534
413
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
535
414
$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
536
$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
537
$(DRACUTMODULE)/ask-password-mandos.path \
538
$(DRACUTMODULE)/ask-password-mandos.service \
539
$(DRACUTMODULE)/module-setup.sh \
540
$(DRACUTMODULE)/cmdline-mandos.sh \
541
$(DRACUTMODULE)/password-agent \
542
415
$(MANDIR)/man8/mandos-keygen.8.gz \
543
416
$(MANDIR)/man8/plugin-runner.8mandos.gz \
544
417
$(MANDIR)/man8/mandos-client.8mandos.gz
547
420
$(MANDIR)/man8/splashy.8mandos.gz \
548
421
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
549
422
$(MANDIR)/man8/plymouth.8mandos.gz \
550
$(MANDIR)/man8/password-agent.8mandos.gz \
551
-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
552
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
553
if command -v update-initramfs >/dev/null; then \
554
update-initramfs -k all -u; \
555
elif command -v dracut >/dev/null; then \
556
for initrd in $(DESTDIR)/boot/initr*-$(shell uname --kernel-release); do \
557
test -w "$$initrd" && dracut --force "$$initrd"; \
558
done; \
559
fi
423
-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
424
$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
425
update-initramfs -k all -u
560
426
561
427
purge: purge-server purge-client
562
428
565
431
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
566
432
$(DESTDIR)/etc/default/mandos \
567
433
$(DESTDIR)/etc/init.d/mandos \
568
$(SYSTEMD)/mandos.service \
569
$(DESTDIR)/run/mandos.pid \
570
434
$(DESTDIR)/var/run/mandos.pid
571
435
-rmdir $(CONFDIR)
572
436
573
437
purge-client: uninstall-client
574
-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
438
-shred --remove $(KEYDIR)/seckey.txt
575
439
-rm --force $(CONFDIR)/plugin-runner.conf \
576
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
577
$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
440
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
578
441
-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0