/mandos/release : revision 78

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2008-08-16 03:29:08 UTC
Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389

Add feature to specify custom environment variables for plugins.

* plugin-runner.c (plugin): New members "environ" and "envc" to
                            contain possible custom environment.
  (getplugin): Return NULL on failure instead of doing exit(); all
               callers changed.
  (add_to_char_array): New helper function for "add_argument" and
                       "add_environment".
  (addargument): Renamed to "add_argument".  Return bool.  Call
                 "add_to_char_array" to actually do things.
  (add_environment): New; analogous to "add_argument".
  (addcustomargument): Renamed to "add_to_argv" to avoid confusion
                       with "add_argument".
  (main): New options "--global-envs" and "--envs-for" to specify
          custom environment for plugins.  Print environment for
          plugins in debug mode.  Use asprintf instead of strcpy and
          strcat.  Use execve() for plugins with custom environments.
          Free environment for plugin when freeing plugin list.

files added:
network-protocol.txt

files removed:
.bzrignore

INSTALL

README

default-mandos

etc-plugins.d-README

init.d-mandos

legalnotice.xml

mandos-keygen.xml

mandos-options.xml

overview.xml

plugin-runner.conf

files renamed:
plugins.d/mandos-client.c => plugins.d/password-request.c

plugins.d/mandos-client.xml => plugins.d/password-request.xml

files modified:
Makefile

TODO

clients.conf

initramfs-tools-hook

initramfs-tools-script

mandos

mandos-clients.conf.xml

mandos-keygen

mandos.conf

mandos.conf.xml

mandos.xml

plugin-runner.c

plugin-runner.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

Show diffs side-by-side

added added

removed removed

Makefile

-Wunsafe-loop-optimizations -Wpointer-arith \

-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \

-Wconversion -Wstrict-prototypes -Wold-style-definition \

-Wpacked -Wnested-externs -Winline -Wvolatile-register-var

# -Wunreachable-code

#DEBUG=-ggdb3

-Wpacked -Wnested-externs -Wunreachable-code -Winline \

-Wvolatile-register-var

DEBUG=-ggdb3

# For info about _FORTIFY_SOURCE, see

# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>

FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all

#COVERAGE=--coverage

OPTIMIZE=-Os

LANGUAGE=-std=gnu99

## Use these settings for a traditional /usr/local install

# PREFIX=$(DESTDIR)/usr/local

# CONFDIR=$(DESTDIR)/etc/mandos

# KEYDIR=$(DESTDIR)/etc/mandos/keys

# MANDIR=$(PREFIX)/man

# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools

## These settings are for a package-type install

PREFIX=$(DESTDIR)/usr

CONFDIR=$(DESTDIR)/etc/mandos

KEYDIR=$(DESTDIR)/etc/keys/mandos

MANDIR=$(PREFIX)/share/man

INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools

GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)

GNUTLS_LIBS=$(shell libgnutls-config --libs)

AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS=$(shell gpgme-config --cflags)

GPGME_LIBS=$(shell gpgme-config --libs)

# PREFIX=/usr/local

PREFIX=/usr

# CONFDIR=/usr/local/lib/mandos

CONFDIR=/etc/mandos

# MANDIR=/usr/local/man

MANDIR=/usr/share/man

# Do not change these two

CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)

CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) $(LANGUAGE)

LDFLAGS=$(COVERAGE)

# Commands to format a DocBook <refentry> document into a manual page

DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \

DOCBOOKTOMAN=xsltproc --nonet \

--param man.charmap.use.subset 0 \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.output.quietly 1 \

--param man.authors.section.enabled 0 \

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

$(notdir $<); \

$(MANPOST) $(notdir $@)

# DocBook-to-man post-processing to fix a '\n' escape bug

MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'

--param man.authors.section.enabled 0

PLUGINS=plugins.d/password-prompt plugins.d/mandos-client

PLUGINS=plugins.d/password-prompt plugins.d/password-request

PROGS=plugin-runner $(PLUGINS)

DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \

plugins.d/mandos-client.8mandos \

plugins.d/password-request.8mandos \

plugins.d/password-prompt.8mandos mandos.conf.5 \

mandos-clients.conf.5

objects=$(addsuffix .o,$(PROGS))

objects=$(shell for p in $(PROGS); do echo $${p}.o; done)

all: $(PROGS)

doc: $(DOCS)

%.5: %.xml legalnotice.xml

$(DOCBOOKTOMAN)

%.8: %.xml legalnotice.xml

$(DOCBOOKTOMAN)

%.8mandos: %.xml legalnotice.xml

$(DOCBOOKTOMAN)

mandos.8: mandos.xml mandos-options.xml overview.xml legalnotice.xml

$(DOCBOOKTOMAN)

mandos-keygen.8: mandos-keygen.xml overview.xml legalnotice.xml

$(DOCBOOKTOMAN)

mandos.conf.5: mandos.conf.xml mandos-options.xml legalnotice.xml

$(DOCBOOKTOMAN)

plugin-runner.8mandos: plugin-runner.xml overview.xml legalnotice.xml

$(DOCBOOKTOMAN)

plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \

mandos-options.xml \

overview.xml legalnotice.xml

$(DOCBOOKTOMAN)

plugins.d/mandos-client: plugins.d/mandos-client.o

$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \

$(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@

100

101

.PHONY : all doc clean distclean run-client run-server install \

%.5: %.xml

cd $(dir $^); $(DOCBOOKTOMAN) $(notdir $^)

%.8: %.xml

cd $(dir $^); $(DOCBOOKTOMAN) $(notdir $^)

%.8mandos: %.xml

cd $(dir $^); $(DOCBOOKTOMAN) $(notdir $^)

plugin-runner: plugin-runner.o

$(LINK.o) -lgnutls $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@

plugins.d/password-request: plugins.d/password-request.o

$(LINK.o) -lgnutls -lavahi-core -lgpgme $(COMMON) $^ \

$(LOADLIBES) $(LDLIBS) -o $@

plugins.d/password-prompt: plugins.d/password-prompt.o

$(LINK.o) $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@

.PHONY : all clean distclean run-client run-server install \

102

install-server install-client uninstall uninstall-server \

103

uninstall-client purge purge-server purge-client

104

108

distclean: clean

109

mostlyclean: clean

110

maintainer-clean: clean

111

-rm --force --recursive keydir confdir

-rm --force --recursive keydir

112

113

check:

114

./mandos --check

115

116

# Run the client with a local config and key

117

run-client: all keydir/seckey.txt keydir/pubkey.txt

run-client: all

-mkdir keydir

-./mandos-keygen --dir keydir

118

./plugin-runner --plugin-dir=plugins.d \

119

--config-file=plugin-runner.conf \

120

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt

121

122

# Used by run-client

123

keydir/seckey.txt keydir/pubkey.txt: mandos-keygen

124

install --directory keydir

125

./mandos-keygen --dir keydir --force

126

127

# Run the server with a local config

128

run-server: confdir/mandos.conf confdir/clients.conf

129

./mandos --debug --configdir=confdir

130

131

# Used by run-server

132

confdir/mandos.conf: mandos.conf

133

install --directory confdir

134

install --mode=u=rw,go=r $^ $@

135

confdir/clients.conf: clients.conf keydir/seckey.txt

136

install --directory confdir

137

install --mode=u=rw $< $@

138

# Add a client password

139

./mandos-keygen --dir keydir --password >> $@

--options-for=password-request:--keydir=keydir

run-server:

./mandos --debug --configdir=.

140

141

install: install-server install-client

142

143

install-server: doc

144

install --directory $(CONFDIR) $(MANDIR)/man5 \

mkdir --mode=0755 --parents $(CONFDIR) $(MANDIR)/man5 \

145

$(MANDIR)/man8

146

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

147

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

148

mandos.conf

149

install --mode=u=rw --target-directory=$(CONFDIR) \

install --mode=0755 mandos $(PREFIX)/sbin/mandos

install --mode=0644 --target-directory=$(CONFDIR) mandos.conf

install --mode=0640 --target-directory=$(CONFDIR) \

150

clients.conf

151

install --mode=u=rwx,go=rx init.d-mandos \

152

$(DESTDIR)/etc/init.d/mandos

153

install --mode=u=rw,go=r default-mandos \

154

$(DESTDIR)/etc/default/mandos

155

update-rc.d mandos defaults

156

gzip --best --to-stdout mandos.8 \

157

100

> $(MANDIR)/man8/mandos.8.gz

158

101

gzip --best --to-stdout mandos.conf.5 \

160

103

gzip --best --to-stdout mandos-clients.conf.5 \

161

104

> $(MANDIR)/man5/mandos-clients.conf.5.gz

162

105

163

install-client: all doc $(INITRAMFSTOOLS)/hooks/.

164

install --directory $(PREFIX)/lib/mandos $(CONFDIR) \

106

install-client: all doc /usr/share/initramfs-tools/hooks/.

107

mkdir --mode=0755 --parents $(PREFIX)/lib/mandos $(CONFDIR) \

165

108

$(MANDIR)/man8

166

install --directory --mode=u=rwx $(KEYDIR)

167

install --directory --mode=u=rwx \

168

$(PREFIX)/lib/mandos/plugins.d

169

if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \

170

install --mode=u=rwx \

171

--directory "$(CONFDIR)/plugins.d"; \

172

install --mode=u=rw,go=r etc-plugins.d-README \

173

$(CONFDIR)/plugins.d/README ; \

174

175

install --mode=u=rwx,go=rx \

176

--target-directory=$(PREFIX)/lib/mandos plugin-runner

177

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

109

-mkdir --mode=0700 $(PREFIX)/lib/mandos/plugins.d

110

chmod u=rwx,g=,o= $(PREFIX)/lib/mandos/plugins.d

111

install --mode=0755 --target-directory=$(PREFIX)/lib/mandos \

112

plugin-runner

113

install --mode=0755 --target-directory=$(PREFIX)/sbin \

178

114

mandos-keygen

179

install --mode=u=rwx,go=rx \

115

install --mode=0755 \

180

116

--target-directory=$(PREFIX)/lib/mandos/plugins.d \

181

117

plugins.d/password-prompt

182

install --mode=u=rwxs,go=rx \

183

--target-directory=$(PREFIX)/lib/mandos/plugins.d \

184

plugins.d/mandos-client

185

install --mode=u=rwx,go=rx \

186

--target-directory=$(PREFIX)/lib/mandos/plugins.d \

187

plugins.d/usplash

118

install --mode=4755 \

119

--target-directory=$(PREFIX)/lib/mandos/plugins.d \

120

plugins.d/password-request

188

121

install initramfs-tools-hook \

189

$(INITRAMFSTOOLS)/hooks/mandos

122

/usr/share/initramfs-tools/hooks/mandos

190

123

install initramfs-tools-hook-conf \

191

$(INITRAMFSTOOLS)/conf-hooks.d/mandos

124

/usr/share/initramfs-tools/conf-hooks.d/mandos

192

125

install initramfs-tools-script \

193

$(INITRAMFSTOOLS)/scripts/local-top/mandos

194

install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)

126

/usr/share/initramfs-tools/scripts/local-top/mandos

195

127

gzip --best --to-stdout mandos-keygen.8 \

196

128

> $(MANDIR)/man8/mandos-keygen.8.gz

197

129

gzip --best --to-stdout plugin-runner.8mandos \

198

130

> $(MANDIR)/man8/plugin-runner.8mandos.gz

199

131

gzip --best --to-stdout plugins.d/password-prompt.8mandos \

200

132

> $(MANDIR)/man8/password-prompt.8mandos.gz

201

gzip --best --to-stdout plugins.d/mandos-client.8mandos \

202

> $(MANDIR)/man8/mandos-client.8mandos.gz

203

# Post-installation stuff

204

-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"

133

gzip --best --to-stdout plugins.d/password-request.8mandos \

134

> $(MANDIR)/man8/password-request.8mandos.gz

135

-$(PREFIX)/sbin/mandos-keygen

205

136

update-initramfs -k all -u

206

echo "Now run mandos-keygen --password --dir $(KEYDIR)"

207

137

208

138

uninstall: uninstall-server uninstall-client

209

139

210

uninstall-server:

140

uninstall-server: $(PREFIX)/sbin/mandos

211

141

-rm --force $(PREFIX)/sbin/mandos \

212

142

$(MANDIR)/man8/mandos.8.gz \

213

143

$(MANDIR)/man5/mandos.conf.5.gz \

214

144

$(MANDIR)/man5/mandos-clients.conf.5.gz

215

update-rc.d -f mandos remove

216

145

-rmdir $(CONFDIR)

217

146

218

147

uninstall-client:

219

148

# Refuse to uninstall client if /etc/crypttab is explicitly configured

220

149

# to use it.

221

150

! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \

222

$(DESTDIR)/etc/crypttab

151

/etc/crypttab

223

152

-rm --force $(PREFIX)/sbin/mandos-keygen \

224

153

$(PREFIX)/lib/mandos/plugin-runner \

225

154

$(PREFIX)/lib/mandos/plugins.d/password-prompt \

226

$(PREFIX)/lib/mandos/plugins.d/mandos-client \

227

$(PREFIX)/lib/mandos/plugins.d/usplash \

228

$(INITRAMFSTOOLS)/hooks/mandos \

229

$(INITRAMFSTOOLS)/conf-hooks.d/mandos \

230

$(INITRAMFSTOOLS)/scripts/local-top/mandos \

155

$(PREFIX)/lib/mandos/plugins.d/password-request \

156

/usr/share/initramfs-tools/hooks/mandos \

157

/usr/share/initramfs-tools/conf-hooks.d/mandos \

231

158

$(MANDIR)/man8/plugin-runner.8mandos.gz \

232

159

$(MANDIR)/man8/mandos-keygen.8.gz \

233

160

$(MANDIR)/man8/password-prompt.8mandos.gz \

234

$(MANDIR)/man8/mandos-client.8mandos.gz

235

if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \

236

rm --force $(CONFDIR)/plugins.d/README; \

237

161

$(MANDIR)/man8/password-request.8mandos.gz

238

162

-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \

239

$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)

163

$(PREFIX)/lib/mandos $(CONFDIR)

240

164

update-initramfs -k all -u

241

165

242

166

purge: purge-server purge-client

243

167

244

168

purge-server: uninstall-server

245

-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \

246

$(DESTDIR)/etc/default/mandos \

247

$(DESTDIR)/etc/init.d/mandos \

248

$(DESTDIR)/var/run/mandos.pid

169

-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf

249

170

-rmdir $(CONFDIR)

250

171

251

172

purge-client: uninstall-client

252

-shred --remove $(KEYDIR)/seckey.txt

253

-rm --force $(CONFDIR)/plugin-runner.conf \

254

$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt

255

-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)

173

-rm --force $(CONFDIR)/seckey.txt $(CONFDIR)/pubkey.txt

174

-rmdir $(CONFDIR) $(CONFDIR)/plugins.d

Older »