/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
672 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
2
	-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
	-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
	-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
	-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
6
	-Wunsafe-loop-optimizations -Wpointer-arith \
7
	-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
672 by Teddy Hogeborn
Update GCC warning flags and function attributes to GCC 4.7.
8
	-Wconversion -Wlogical-op -Waggregate-return \
9
	-Wstrict-prototypes -Wold-style-definition \
10
	-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
	-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
	-Wvolatile-register-var -Woverlength-strings
1111 by Teddy Hogeborn
Only use sanitizing options when debugging
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
#	echo 'int main(){}' | $(CC) --language=c $(option) \
18
#	/dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
800 by Teddy Hogeborn
Use AddressSanitizer and UndefinedBehaviorSanitizer.
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
871 by Teddy Hogeborn
Makefile: Replace "-fsanitize=address" with "-fsanitize=leak"
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
817 by Teddy Hogeborn
Only use -fsanitize=... options if they work.
21
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
22
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
        -fsanitize=return -fsanitize=signed-integer-overflow \
24
        -fsanitize=bounds -fsanitize=alignment \
25
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
26
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
1117 by Teddy Hogeborn
Add another sanitizer option
28
        -fsanitize=enum -fsanitize-address-use-after-scope
1111 by Teddy Hogeborn
Only use sanitizing options when debugging
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
1273 by Teddy Hogeborn
Really enable FORTIFY_SOURCE=3
32
FORTIFY:=-fstack-protector-all -fPIC
33
CPPFLAGS+=-D_FORTIFY_SOURCE=3
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
34
LINK_FORTIFY_LD:=-z relro -z now
35
LINK_FORTIFY:=
399 by Teddy Hogeborn
* Makefile (BROKEN_PIE): Add comment.
36
37
# If BROKEN_PIE is set, do not build with -pie
237.2.31 by Teddy Hogeborn
* Makefile: Don't use PIE if BROKEN_PIE is set.
38
ifndef BROKEN_PIE
39
FORTIFY += -fPIE
40
LINK_FORTIFY += -pie
41
endif
24.1.90 by Björn Påhlsson
fixed two bugs:
42
#COVERAGE=--coverage
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
43
OPTIMIZE:=-Os -fno-strict-aliasing
44
LANGUAGE:=-std=gnu11
1281 by Teddy Hogeborn
Fix Y2038
45
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
46
htmldir:=man
237.4.142 by Teddy Hogeborn
Version 1.8.17-1
47
version:=1.8.17
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
48
SED:=sed
1137 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
49
PKG_CONFIG?=pkg-config
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
50
1112 by Teddy Hogeborn
Makefile: Break long lines
51
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
52
	|| getent passwd nobody || echo 65534)))
53
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
54
	|| getent group nogroup || echo 65534)))
518.2.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
55
1136 by Teddy Hogeborn
Break some long lines and refine documentation
56
LINUXVERSION:=$(shell uname --kernel-release)
57
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
58
## Use these settings for a traditional /usr/local install
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
59
# PREFIX:=$(DESTDIR)/usr/local
60
# CONFDIR:=$(DESTDIR)/etc/mandos
61
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
62
# MANDIR:=$(PREFIX)/man
63
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
1127 by Teddy Hogeborn
Add dracut(8) support
64
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
65
# STATEDIR:=$(DESTDIR)/var/lib/mandos
66
# LIBDIR:=$(PREFIX)/lib
1275 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
67
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
68
##
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
69
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
70
## These settings are for a package-type install
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
71
PREFIX:=$(DESTDIR)/usr
72
CONFDIR:=$(DESTDIR)/etc/mandos
73
KEYDIR:=$(DESTDIR)/etc/keys/mandos
74
MANDIR:=$(PREFIX)/share/man
75
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
1127 by Teddy Hogeborn
Add dracut(8) support
76
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
77
STATEDIR:=$(DESTDIR)/var/lib/mandos
78
LIBDIR:=$(shell \
640 by Teddy Hogeborn
Use architecture libdir.
79
	for d in \
1136 by Teddy Hogeborn
Break some long lines and refine documentation
80
	"/usr/lib/`dpkg-architecture \
81
			-qDEB_HOST_MULTIARCH 2>/dev/null`" \
640 by Teddy Hogeborn
Use architecture libdir.
82
	"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
83
		if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
84
			echo "$(DESTDIR)$$d"; \
85
			break; \
86
		fi; \
87
	done)
1275 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
88
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
177 by Teddy Hogeborn
* Makefile (CONFDIR): Changed to be the same ("/etc/mandos") in both a
89
##
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
90
1137 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
91
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
1136 by Teddy Hogeborn
Break some long lines and refine documentation
92
			--variable=systemdsystemunitdir)
1137 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
93
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
94
			--variable=tmpfilesdir)
1159 by Teddy Hogeborn
Use the systemd sysusers.d mechanism, if present
95
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
			--variable=sysusersdir)
638 by Teddy Hogeborn
Add systemd service support for Mandos server.
97
1137 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
98
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
99
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
100
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
101
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
1262 by Teddy Hogeborn
Prefer "pkg-config" over the old "gpgme-config" command.
102
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
103
	|| gpgme-config --cflags; getconf LFS_CFLAGS)
104
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
105
	|| gpgme-config --libs; getconf LFS_LIBS; \
317 by Teddy Hogeborn
Use "getconf" to get correct LFS compile and link flags.
106
	getconf LFS_LDFLAGS)
1137 by Teddy Hogeborn
Makefile: "pkg-config" is now overrideable by PKG_CONFIG
107
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
108
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
109
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
110
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
111
21 by Teddy Hogeborn
* Makefile (CFLAGS): Changed to use $(WARN), $(DEBUG), $(COVERAGE) and
112
# Do not change these two
1146 by Teddy Hogeborn
Client: Always build with LFS enabled
113
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
1273 by Teddy Hogeborn
Really enable FORTIFY_SOURCE=3
114
	$(LANGUAGE) -DVERSION='"$(version)"'
1112 by Teddy Hogeborn
Makefile: Break long lines
115
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
116
	) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
117
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
118
# Commands to format a DocBook <refentry> document into a manual page
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
119
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
62 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Do not generate AUTHORS section.
120
	--param man.charmap.use.subset		0 \
121
	--param make.year.ranges		1 \
122
	--param make.single.year.ranges		1 \
123
	--param man.output.quietly		1 \
84 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Use the local manpages/docbook.xsl file, do
124
	--param man.authors.section.enabled	0 \
595 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
125
	/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
126
	$(notdir $<); \
595 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Don't show errors from "locale".
127
	if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
1122 by Teddy Hogeborn
Fix bashisms: Use "command -v" instead of "type"
128
	&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
129
	MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
130
	$(notdir $@); fi >/dev/null)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
131
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
132
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
133
	--param make.year.ranges		1 \
134
	--param make.single.year.ranges		1 \
135
	--param man.output.quietly		1 \
136
	--param man.authors.section.enabled	0 \
137
	--param citerefentry.link		1 \
138
	--output $@ \
139
	/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
140
	$<; $(HTMLPOST) $@)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
141
# Fix citerefentry links
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
142
HTMLPOST:=$(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
143
	--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
144
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
145
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
425 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
146
	plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
147
	plugins.d/plymouth
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
148
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
1127 by Teddy Hogeborn
Add dracut(8) support
149
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
150
	$(PLUGIN_HELPERS)
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
151
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
152
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
153
	mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
1127 by Teddy Hogeborn
Add dracut(8) support
154
	dracut-module/password-agent.8mandos \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
155
	plugins.d/mandos-client.8mandos \
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
156
	plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
157
	plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
493 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
158
	plugins.d/plymouth.8mandos intro.8mandos
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
159
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
160
htmldocs:=$(addsuffix .xhtml,$(DOCS))
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
161
918 by Teddy Hogeborn
Use "simply expanded" variables in Makefile
162
objects:=$(addsuffix .o,$(CPROGS))
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
163
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
164
.PHONY: all
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
165
all: $(PROGS) mandos.lsm
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
166
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
167
.PHONY: doc
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
168
doc: $(DOCS)
24.1.25 by Björn Påhlsson
* clients.conf.xml: Renamed to "mandos-clients.conf.xml".
169
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
170
.PHONY: html
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
171
html: $(htmldocs)
172
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
173
%.5: %.xml common.ent legalnotice.xml
174
	$(DOCBOOKTOMAN)
175
%.5.xhtml: %.xml common.ent legalnotice.xml
176
	$(DOCBOOKTOHTML)
177
178
%.8: %.xml common.ent legalnotice.xml
179
	$(DOCBOOKTOMAN)
180
%.8.xhtml: %.xml common.ent legalnotice.xml
181
	$(DOCBOOKTOHTML)
182
183
%.8mandos: %.xml common.ent legalnotice.xml
184
	$(DOCBOOKTOMAN)
185
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
186
	$(DOCBOOKTOHTML)
187
493 by Teddy Hogeborn
* Makefile (DOCS): Added "intro.8mandos".
188
intro.8mandos: intro.xml common.ent legalnotice.xml
189
	$(DOCBOOKTOMAN)
190
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
191
	$(DOCBOOKTOHTML)
192
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
193
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
194
		legalnotice.xml
195
	$(DOCBOOKTOMAN)
196
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
197
		overview.xml legalnotice.xml
198
	$(DOCBOOKTOHTML)
199
200
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
201
		legalnotice.xml
202
	$(DOCBOOKTOMAN)
203
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
204
		 legalnotice.xml
205
	$(DOCBOOKTOHTML)
206
430 by teddy at bsnet
* mandos-monitor.xml: New.
207
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
208
		legalnotice.xml
209
	$(DOCBOOKTOMAN)
210
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
211
		 legalnotice.xml
212
	$(DOCBOOKTOHTML)
213
434 by teddy at bsnet
* mandos-ctl.xml: New.
214
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
215
		legalnotice.xml
216
	$(DOCBOOKTOMAN)
217
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
218
		 legalnotice.xml
219
	$(DOCBOOKTOHTML)
220
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
221
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
222
		legalnotice.xml
223
	$(DOCBOOKTOMAN)
224
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
225
		legalnotice.xml
226
	$(DOCBOOKTOHTML)
227
228
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
229
		legalnotice.xml
230
	$(DOCBOOKTOMAN)
231
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
232
		overview.xml legalnotice.xml
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
233
	$(DOCBOOKTOHTML)
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
234
1127 by Teddy Hogeborn
Add dracut(8) support
235
dracut-module/password-agent.8mandos: \
236
		dracut-module/password-agent.xml common.ent \
237
		overview.xml legalnotice.xml
238
	$(DOCBOOKTOMAN)
239
dracut-module/password-agent.8mandos.xhtml: \
240
		dracut-module/password-agent.xml common.ent \
241
		overview.xml legalnotice.xml
242
	$(DOCBOOKTOHTML)
243
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
244
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
245
					common.ent \
143 by Teddy Hogeborn
* Makefile (mandos.8): Add dependency on "overview.xml" and
246
					mandos-options.xml \
247
					overview.xml legalnotice.xml
91 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN): Include all DocBook-to-manpage-related
248
	$(DOCBOOKTOMAN)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
249
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
250
					common.ent \
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
251
					mandos-options.xml \
252
					overview.xml legalnotice.xml
253
	$(DOCBOOKTOHTML)
16 by Teddy Hogeborn
* Makefile: Include targets for all binaries.
254
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
255
# Update all these files with version number $(version)
256
common.ent: Makefile
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
257
	$(strip $(SED) --in-place \
318 by Teddy Hogeborn
* Makefile (common.ent): Update "version" entity correctly.
258
		--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
259
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
260
261
mandos: Makefile
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
262
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
263
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
264
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
265
266
mandos-keygen: Makefile
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
267
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
268
		--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
269
		$@)
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
270
24.1.121 by Björn Påhlsson
mandos-ctl: Added support for all client calls
271
mandos-ctl: Makefile
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
272
	$(strip $(SED) --in-place \
240 by Teddy Hogeborn
Merge "mandos-list" from belorn.
273
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
274
		$@)
240 by Teddy Hogeborn
Merge "mandos-list" from belorn.
275
430 by teddy at bsnet
* mandos-monitor.xml: New.
276
mandos-monitor: Makefile
277
	$(strip $(SED) --in-place \
278
		--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
279
		$@)
280
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
281
mandos.lsm: Makefile
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
282
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
283
		--expression='s/^\(Version:\).*/\1\t$(version)/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
284
		$@)
285
	$(strip $(SED) --in-place \
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
286
		--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
287
		$@)
288
	$(strip $(SED) --in-place \
255 by Teddy Hogeborn
* Makefile (mandos.lsm): Also update file name using version number.
289
		--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
398 by Teddy Hogeborn
* Makefile (DOCBOOKTOMAN, DOCBOOKTOHTML, common.ent, mandos,
290
		$@)
233 by Teddy Hogeborn
* Makefile (all): Also depend on "mandos.lsm".
291
1299 by Teddy Hogeborn
Only use linker option --no-warn-execstack if supported
292
# Does the linker support the --no-warn-execstack option?
1300 by Teddy Hogeborn
Hide warnings if --no-warn-execstack is not supported
293
ifeq ($(shell echo 'int main(){}'|$(CC) --language=c /dev/stdin -o /dev/null -Xlinker --no-warn-execstack >/dev/null 2>&1 && echo yes),yes)
1299 by Teddy Hogeborn
Only use linker option --no-warn-execstack if supported
294
# These programs use nested functions, which uses an executable stack
1298 by Teddy Hogeborn
Eliminate compiler warnings
295
plugin-runner: LDFLAGS += -Xlinker --no-warn-execstack
296
dracut-module/password-agent: LDFLAGS += -Xlinker --no-warn-execstack
297
plugins.d/password-prompt: LDFLAGS += -Xlinker --no-warn-execstack
298
plugins.d/mandos-client: LDFLAGS += -Xlinker --no-warn-execstack
299
plugins.d/plymouth: LDFLAGS += -Xlinker --no-warn-execstack
1299 by Teddy Hogeborn
Only use linker option --no-warn-execstack if supported
300
endif
1298 by Teddy Hogeborn
Eliminate compiler warnings
301
1111 by Teddy Hogeborn
Only use sanitizing options when debugging
302
# Need to add the GnuTLS, Avahi and GPGME libraries
1188 by Teddy Hogeborn
Makefile: Use target-specific variables
303
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
304
	) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
305
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
306
	) $(AVAHI_LIBS) $(GPGME_LIBS)
81 by Teddy Hogeborn
* Makefile (GNUTLS_CFLAGS, GNUTLS_LIBS, AVAHI_CFLAGS, AVAHI_LIBS,
307
1118 by Teddy Hogeborn
Client: Document requirement of libnl-route library
308
# Need to add the libnl-route library
1188 by Teddy Hogeborn
Makefile: Use target-specific variables
309
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
310
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
738.1.4 by Teddy Hogeborn
Add plugin for mandos-client to add and delete local routes.
311
1127 by Teddy Hogeborn
Add dracut(8) support
312
# Need to add the GLib and pthread libraries
1188 by Teddy Hogeborn
Makefile: Use target-specific variables
313
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
1245 by Teddy Hogeborn
Makefile: Add comment about phase out of -lpthread
314
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
1188 by Teddy Hogeborn
Makefile: Use target-specific variables
315
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
1127 by Teddy Hogeborn
Add dracut(8) support
316
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
317
.PHONY: clean
1 by Björn Påhlsson
First working version with: IPv6, GnuTLS, X.509 certificates, DN
318
clean:
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
319
	-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
320
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
321
.PHONY: distclean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
322
distclean: clean
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
323
.PHONY: mostlyclean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
324
mostlyclean: clean
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
325
.PHONY: maintainer-clean
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
326
maintainer-clean: clean
518.2.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
327
	-rm --force --recursive keydir confdir statedir
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
328
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
329
.PHONY: check
1116 by Teddy Hogeborn
Debian package change: Add autopkgtest support
330
check: all
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
331
	./mandos --check
608 by Teddy Hogeborn
* Makefile (check): Also check mandos-ctl.
332
	./mandos-ctl --check
1116 by Teddy Hogeborn
Debian package change: Add autopkgtest support
333
	./mandos-keygen --version
334
	./plugin-runner --version
335
	./plugin-helpers/mandos-client-iprouteadddel --version
1127 by Teddy Hogeborn
Add dracut(8) support
336
	./dracut-module/password-agent --test
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
337
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
338
# Run the client with a local config and key
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
339
.PHONY: run-client
1136 by Teddy Hogeborn
Break some long lines and refine documentation
340
run-client: all keydir/seckey.txt keydir/pubkey.txt \
341
			keydir/tls-privkey.pem keydir/tls-pubkey.pem
342
	@echo '######################################################'
343
	@echo '# The following error messages are harmless and can  #'
344
	@echo '#  be safely ignored:                                #'
345
	@echo '## From plugin-runner:                               #'
346
	@echo '# setgid: Operation not permitted                    #'
347
	@echo '# setuid: Operation not permitted                    #'
348
	@echo '## From askpass-fifo:                                #'
349
	@echo '# mkfifo: Permission denied                          #'
350
	@echo '## From mandos-client:                               #'
351
	@echo '# Failed to raise privileges: Operation not permi... #'
352
	@echo '# Warning: network hook "*" exited with status *     #'
353
	@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
354
	@echo '# Failed to bring up interface "*": Operation not... #'
355
	@echo '#                                                    #'
356
	@echo '# (The messages are caused by not running as root,   #'
357
	@echo '# but you should NOT run "make run-client" as root   #'
358
	@echo '# unless you also unpacked and compiled Mandos as    #'
359
	@echo '# root, which is also NOT recommended.)              #'
360
	@echo '######################################################'
706 by Teddy Hogeborn
mandos-client: Better error messages.
361
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
362
	./plugin-runner --plugin-dir=plugins.d \
738.1.1 by Teddy Hogeborn
Add a plugin helper directory, available to all plugins.
363
		--plugin-helper-dir=plugin-helpers \
141 by Teddy Hogeborn
* Makefile (run-client): Add "--config-file=plugin-runner.conf".
364
		--config-file=plugin-runner.conf \
962 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
365
		--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
706 by Teddy Hogeborn
mandos-client: Better error messages.
366
		--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
260 by Teddy Hogeborn
* Makefile (run-client): Pass $(CLIENTARGS) to plugin-runner.
367
		$(CLIENTARGS)
47 by Teddy Hogeborn
* plugbasedclient.c: Renamed to "mandos-client.c". All users changed.
368
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
369
# Used by run-client
962 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
370
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
371
	install --directory keydir
372
	./mandos-keygen --dir keydir --force
1207 by teddy at recompile
Makefile: fix targets run-server & run-client with GnuTLS 3.5.9
373
	if ! [ -e keydir/tls-privkey.pem ]; then \
374
		install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
375
	fi
376
	if ! [ -e keydir/tls-pubkey.pem ]; then \
377
		install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
378
	fi
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
379
380
# Run the server with a local config
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
381
.PHONY: run-server
574 by Teddy Hogeborn
* mandos: White space and other misc. format fixes only.
382
run-server: confdir/mandos.conf confdir/clients.conf statedir
518.2.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
383
	./mandos --debug --no-dbus --configdir=confdir \
384
		--statedir=statedir $(SERVERARGS)
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
385
386
# Used by run-server
387
confdir/mandos.conf: mandos.conf
1294 by Teddy Hogeborn
Make all required directories when installing
388
	install -D --mode=u=rw,go=r $^ $@
962 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
389
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
1294 by Teddy Hogeborn
Make all required directories when installing
390
	install -D --mode=u=rw $< $@
104 by Teddy Hogeborn
* Makefile (maintainer-clean): Also remove "confdir".
391
# Add a client password
708 by Teddy Hogeborn
mandos-keygen: Generate "checker" option to use SSH fingerprints.
392
	./mandos-keygen --dir keydir --password --no-ssh >> $@
518.2.2 by Teddy Hogeborn
Directory with persistent state can now be changed with the "statedir"
393
statedir:
394
	install --directory statedir
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
395
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
396
.PHONY: install
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
397
install: install-server install-client-nokey
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
398
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
399
.PHONY: install-html
235 by Teddy Hogeborn
* INSTALL: Fixed typo.
400
install-html: html
1294 by Teddy Hogeborn
Make all required directories when installing
401
	install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
217 by Teddy Hogeborn
* .bzrignore: Added "man" directory (created by "make install-html").
402
		$(htmldocs)
216 by Teddy Hogeborn
* Makefile: Add HTML rules for manual pages.
403
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
404
.PHONY: install-server
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
405
install-server: doc
643 by Teddy Hogeborn
Don't require /var/lib/mandos to be installed with user & group.
406
	if install --directory --mode=u=rwx --owner=$(USER) \
407
		--group=$(GROUP) $(STATEDIR); then \
408
		:; \
409
	elif install --directory --mode=u=rwx $(STATEDIR); then \
410
		chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
411
	fi
1294 by Teddy Hogeborn
Make all required directories when installing
412
	if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
413
		install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
838 by Teddy Hogeborn
Server: New tmpfiles.d file for persistent state directory
414
			$(TMPFILES)/mandos.conf; \
415
	fi
1294 by Teddy Hogeborn
Make all required directories when installing
416
	if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
417
		install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
1159 by Teddy Hogeborn
Use the systemd sysusers.d mechanism, if present
418
			$(SYSUSERS)/mandos.conf; \
419
	fi
1294 by Teddy Hogeborn
Make all required directories when installing
420
	install --directory $(PREFIX)/sbin
421
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
422
		mandos
430 by teddy at bsnet
* mandos-monitor.xml: New.
423
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
424
		mandos-ctl
425
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
426
		mandos-monitor
1294 by Teddy Hogeborn
Make all required directories when installing
427
	install --directory $(CONFDIR)
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
428
	install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
429
		mandos.conf
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
430
	install --mode=u=rw --target-directory=$(CONFDIR) \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
431
		clients.conf
1294 by Teddy Hogeborn
Make all required directories when installing
432
	install -D --mode=u=rw,go=r dbus-mandos.conf \
1275 by Teddy Hogeborn
Move D-Bus policy file to /usr/share/dbus-1/session.d
433
		$(DBUSPOLICYDIR)/mandos.conf
1294 by Teddy Hogeborn
Make all required directories when installing
434
	install -D --mode=u=rwx,go=rx init.d-mandos \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
435
		$(DESTDIR)/etc/init.d/mandos
1294 by Teddy Hogeborn
Make all required directories when installing
436
	if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
437
		install -D --mode=u=rw,go=r mandos.service \
438
			$(SYSTEMD); \
638 by Teddy Hogeborn
Add systemd service support for Mandos server.
439
	fi
1294 by Teddy Hogeborn
Make all required directories when installing
440
	install -D --mode=u=rw,go=r default-mandos \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
441
		$(DESTDIR)/etc/default/mandos
200 by Teddy Hogeborn
* Makefile: Put the init script before avahi-daemon.
442
	if [ -z $(DESTDIR) ]; then \
443
		update-rc.d mandos defaults 25 15;\
444
	fi
1294 by Teddy Hogeborn
Make all required directories when installing
445
	install --directory $(MANDIR)/man8 $(MANDIR)/man5
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
446
	gzip --best --to-stdout mandos.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
447
		> $(MANDIR)/man8/mandos.8.gz
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
448
	gzip --best --to-stdout mandos-monitor.8 \
449
		> $(MANDIR)/man8/mandos-monitor.8.gz
450
	gzip --best --to-stdout mandos-ctl.8 \
451
		> $(MANDIR)/man8/mandos-ctl.8.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
452
	gzip --best --to-stdout mandos.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
453
		> $(MANDIR)/man5/mandos.conf.5.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
454
	gzip --best --to-stdout mandos-clients.conf.5 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
455
		> $(MANDIR)/man5/mandos-clients.conf.5.gz
549 by teddy at recompile
* Makefile (install-server): Add intro(8mandos) man page.
456
	gzip --best --to-stdout intro.8mandos \
457
		> $(MANDIR)/man8/intro.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
458
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
459
.PHONY: install-client-nokey
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
460
install-client-nokey: all doc
185 by Teddy Hogeborn
* .bzr-builddeb/default.conf: New.
461
	install --directory --mode=u=rwx $(KEYDIR) \
738.1.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
462
		$(LIBDIR)/mandos/plugins.d \
463
		$(LIBDIR)/mandos/plugin-helpers
1294 by Teddy Hogeborn
Make all required directories when installing
464
	if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
465
		install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
1160 by Teddy Hogeborn
Client: Use the systemd sysusers.d mechanism, if present
466
			$(SYSUSERS)/mandos-client.conf; \
467
	fi
640 by Teddy Hogeborn
Use architecture libdir.
468
	if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
1294 by Teddy Hogeborn
Make all required directories when installing
469
		install --directory \
470
			--mode=u=rwx "$(CONFDIR)/plugins.d" \
839 by Teddy Hogeborn
Client: Make plugin helper override directory mode u=rwx,go=
471
			"$(CONFDIR)/plugin-helpers"; \
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
472
	fi
1294 by Teddy Hogeborn
Make all required directories when installing
473
	install --directory --mode=u=rwx,go=rx \
505.3.17 by Teddy Hogeborn
* Makefile (install-client-nokey): Create network hook directory.
474
		"$(CONFDIR)/network-hooks.d"
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
475
	install --mode=u=rwx,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
476
		--target-directory=$(LIBDIR)/mandos plugin-runner
953 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
477
	install --mode=u=rwx,go=rx \
1136 by Teddy Hogeborn
Break some long lines and refine documentation
478
		--target-directory=$(LIBDIR)/mandos \
479
		mandos-to-cryptroot-unlock
1294 by Teddy Hogeborn
Make all required directories when installing
480
	install --directory $(PREFIX)/sbin
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
481
	install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
482
		mandos-keygen
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
483
	install --mode=u=rwx,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
484
		--target-directory=$(LIBDIR)/mandos/plugins.d \
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
485
		plugins.d/password-prompt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
486
	install --mode=u=rwxs,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
487
		--target-directory=$(LIBDIR)/mandos/plugins.d \
171 by Teddy Hogeborn
Renamed "password-request" to "mandos-client".
488
		plugins.d/mandos-client
208 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/usplash".
489
	install --mode=u=rwxs,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
490
		--target-directory=$(LIBDIR)/mandos/plugins.d \
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
491
		plugins.d/usplash
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
492
	install --mode=u=rwxs,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
493
		--target-directory=$(LIBDIR)/mandos/plugins.d \
205 by Teddy Hogeborn
* Makefile (PLUGINS, uninstall-client,
494
		plugins.d/splashy
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
495
	install --mode=u=rwxs,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
496
		--target-directory=$(LIBDIR)/mandos/plugins.d \
214 by Teddy Hogeborn
* Makefile (PLUGINS): Added "plugins.d/askpass-fifo".
497
		plugins.d/askpass-fifo
425 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
498
	install --mode=u=rwxs,go=rx \
640 by Teddy Hogeborn
Use architecture libdir.
499
		--target-directory=$(LIBDIR)/mandos/plugins.d \
425 by Teddy Hogeborn
* Makefile: Compile and install new "plymouth" plugin.
500
		plugins.d/plymouth
836 by Teddy Hogeborn
Client: Fix permissions on plugin helper directory.
501
	install --mode=u=rwx,go=rx \
738.1.6 by Teddy Hogeborn
Fix minor bugs and typos and add some more debug output.
502
		--target-directory=$(LIBDIR)/mandos/plugin-helpers \
503
		plugin-helpers/mandos-client-iprouteadddel
1294 by Teddy Hogeborn
Make all required directories when installing
504
	install -D initramfs-tools-hook \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
505
		$(INITRAMFSTOOLS)/hooks/mandos
1294 by Teddy Hogeborn
Make all required directories when installing
506
	install -D --mode=u=rw,go=r initramfs-tools-conf \
954 by Teddy Hogeborn
Move UMASK setting to more proper place
507
		$(INITRAMFSTOOLS)/conf.d/mandos-conf
1294 by Teddy Hogeborn
Make all required directories when installing
508
	install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
1099 by Teddy Hogeborn
Installation: Fix UMASK even if set by some other initramfs hook
509
		$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
1294 by Teddy Hogeborn
Make all required directories when installing
510
	install -D initramfs-tools-script \
302 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
511
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos
1294 by Teddy Hogeborn
Make all required directories when installing
512
	install -D initramfs-tools-script-stop \
953 by Teddy Hogeborn
Adapt to changes in cryptsetup; use "cryptroot-unlock" program
513
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos
1294 by Teddy Hogeborn
Make all required directories when installing
514
	install -D --mode=u=rw,go=r \
515
		--target-directory=$(DRACUTMODULE) \
1127 by Teddy Hogeborn
Add dracut(8) support
516
		dracut-module/ask-password-mandos.path \
517
		dracut-module/ask-password-mandos.service
518
	install --mode=u=rwxs,go=rx \
519
		--target-directory=$(DRACUTMODULE) \
520
		dracut-module/module-setup.sh \
521
		dracut-module/cmdline-mandos.sh \
522
		dracut-module/password-agent
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
523
	install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
1294 by Teddy Hogeborn
Make all required directories when installing
524
	install --directory $(MANDIR)/man8
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
525
	gzip --best --to-stdout mandos-keygen.8 \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
526
		> $(MANDIR)/man8/mandos-keygen.8.gz
527
	gzip --best --to-stdout plugin-runner.8mandos \
528
		> $(MANDIR)/man8/plugin-runner.8mandos.gz
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
529
	gzip --best --to-stdout plugins.d/mandos-client.8mandos \
530
		> $(MANDIR)/man8/mandos-client.8mandos.gz
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
531
	gzip --best --to-stdout plugins.d/password-prompt.8mandos \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
532
		> $(MANDIR)/man8/password-prompt.8mandos.gz
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
533
	gzip --best --to-stdout plugins.d/usplash.8mandos \
534
		> $(MANDIR)/man8/usplash.8mandos.gz
535
	gzip --best --to-stdout plugins.d/splashy.8mandos \
536
		> $(MANDIR)/man8/splashy.8mandos.gz
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
537
	gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
538
		> $(MANDIR)/man8/askpass-fifo.8mandos.gz
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
539
	gzip --best --to-stdout plugins.d/plymouth.8mandos \
540
		> $(MANDIR)/man8/plymouth.8mandos.gz
1127 by Teddy Hogeborn
Add dracut(8) support
541
	gzip --best --to-stdout dracut-module/password-agent.8mandos \
542
		> $(MANDIR)/man8/password-agent.8mandos.gz
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
543
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
544
.PHONY: install-client
182 by Teddy Hogeborn
* Makefile (install): Use "install-client-nokey".
545
install-client: install-client-nokey
166 by Teddy Hogeborn
* Makefile (confdir/clients.conf): Tighten permissions to "u=rw".
546
# Post-installation stuff
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
547
	-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
1127 by Teddy Hogeborn
Add dracut(8) support
548
	if command -v update-initramfs >/dev/null; then \
549
	    update-initramfs -k all -u; \
550
	elif command -v dracut >/dev/null; then \
1136 by Teddy Hogeborn
Break some long lines and refine documentation
551
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
1127 by Teddy Hogeborn
Add dracut(8) support
552
		if [ -w "$$initrd" ]; then \
553
		    chmod go-r "$$initrd"; \
554
		    dracut --force "$$initrd"; \
555
		fi; \
556
	    done; \
557
	fi
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
558
	echo "Now run mandos-keygen --password --dir $(KEYDIR)"
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
559
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
560
.PHONY: uninstall
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
561
uninstall: uninstall-server uninstall-client
562
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
563
.PHONY: uninstall-server
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
564
uninstall-server:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
565
	-rm --force $(PREFIX)/sbin/mandos \
430 by teddy at bsnet
* mandos-monitor.xml: New.
566
		$(PREFIX)/sbin/mandos-ctl \
567
		$(PREFIX)/sbin/mandos-monitor \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
568
		$(MANDIR)/man8/mandos.8.gz \
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
569
		$(MANDIR)/man8/mandos-monitor.8.gz \
570
		$(MANDIR)/man8/mandos-ctl.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
571
		$(MANDIR)/man5/mandos.conf.5.gz \
572
		$(MANDIR)/man5/mandos-clients.conf.5.gz
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
573
	update-rc.d -f mandos remove
163 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): Removed.
574
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
575
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
576
.PHONY: uninstall-client
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
577
uninstall-client:
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
578
# Refuse to uninstall client if /etc/crypttab is explicitly configured
579
# to use it.
580
	! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
581
		$(DESTDIR)/etc/crypttab
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
582
	-rm --force $(PREFIX)/sbin/mandos-keygen \
640 by Teddy Hogeborn
Use architecture libdir.
583
		$(LIBDIR)/mandos/plugin-runner \
584
		$(LIBDIR)/mandos/plugins.d/password-prompt \
585
		$(LIBDIR)/mandos/plugins.d/mandos-client \
586
		$(LIBDIR)/mandos/plugins.d/usplash \
587
		$(LIBDIR)/mandos/plugins.d/splashy \
588
		$(LIBDIR)/mandos/plugins.d/askpass-fifo \
589
		$(LIBDIR)/mandos/plugins.d/plymouth \
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
590
		$(INITRAMFSTOOLS)/hooks/mandos \
591
		$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
302 by Teddy Hogeborn
* Makefile (install-client-nokey): Move "initramfs-tools-script" from
592
		$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
1127 by Teddy Hogeborn
Add dracut(8) support
593
		$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
594
		$(DRACUTMODULE)/ask-password-mandos.path \
595
		$(DRACUTMODULE)/ask-password-mandos.service \
596
		$(DRACUTMODULE)/module-setup.sh \
597
		$(DRACUTMODULE)/cmdline-mandos.sh \
598
		$(DRACUTMODULE)/password-agent \
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
599
		$(MANDIR)/man8/mandos-keygen.8.gz \
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
600
		$(MANDIR)/man8/plugin-runner.8mandos.gz \
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
601
		$(MANDIR)/man8/mandos-client.8mandos.gz
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
602
		$(MANDIR)/man8/password-prompt.8mandos.gz \
225 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/usplash.8mandos" and
603
		$(MANDIR)/man8/usplash.8mandos.gz \
604
		$(MANDIR)/man8/splashy.8mandos.gz \
226 by Teddy Hogeborn
* Makefile (DOCS): Added "plugins.d/askpass-fifo.8mandos".
605
		$(MANDIR)/man8/askpass-fifo.8mandos.gz \
435 by teddy at bsnet
* Makefile (DOCS): Added "plymouth.8mandos".
606
		$(MANDIR)/man8/plymouth.8mandos.gz \
1127 by Teddy Hogeborn
Add dracut(8) support
607
		$(MANDIR)/man8/password-agent.8mandos.gz \
640 by Teddy Hogeborn
Use architecture libdir.
608
	-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
1127 by Teddy Hogeborn
Add dracut(8) support
609
		 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
610
	if command -v update-initramfs >/dev/null; then \
611
	    update-initramfs -k all -u; \
612
	elif command -v dracut >/dev/null; then \
1136 by Teddy Hogeborn
Break some long lines and refine documentation
613
	    for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
1127 by Teddy Hogeborn
Add dracut(8) support
614
		test -w "$$initrd" && dracut --force "$$initrd"; \
615
	    done; \
616
	fi
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
617
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
618
.PHONY: purge
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
619
purge: purge-server purge-client
620
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
621
.PHONY: purge-server
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
622
purge-server: uninstall-server
162 by Teddy Hogeborn
* Makefile (PIDDIR, USER, GROUP): New variables.
623
	-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
420.1.1 by teddy at bsnet
* Makefile (install-server): Install dbus-mandos.conf as
624
		$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
175 by Teddy Hogeborn
* Makefile: Clearly separate "local" install variable settings from
625
		$(DESTDIR)/etc/default/mandos \
626
		$(DESTDIR)/etc/init.d/mandos \
637 by Teddy Hogeborn
Fix fallback to /var/run if /run does not exist for Makefile.
627
		$(DESTDIR)/run/mandos.pid \
628
		$(DESTDIR)/var/run/mandos.pid
1290 by Teddy Hogeborn
Minor fix for manual Makefile uninstallations
629
	if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
630
		-rm --force -- $(SYSTEMD)/mandos.service; \
631
	fi
74 by Teddy Hogeborn
* Makefile (PREFIX, CONFDIR): New.
632
	-rmdir $(CONFDIR)
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
633
1189 by Teddy Hogeborn
Makefile: Declare phoniness of targets at each target
634
.PHONY: purge-client
67 by Teddy Hogeborn
* mandos-keygen: New program to generate new client keys on
635
purge-client: uninstall-client
962 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
636
	-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
161 by Teddy Hogeborn
* Makefile (purge-client): Also remove "plugin-runner.conf".
637
	-rm --force $(CONFDIR)/plugin-runner.conf \
962 by Teddy Hogeborn
Add support for using raw public keys in TLS (RFC 7250)
638
		$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
639
		$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
160 by Teddy Hogeborn
* Makefile: Changed to use symbolic instead of octal modes throughout.
640
	-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)