To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to Makefile
- browse files at revision 110
- compare with another revision
- download diff
- download tarball
- view history from revision 110
- Committer: Teddy Hogeborn
- Date: 2008-08-29 05:53:59 UTC
- Revision ID: teddy@fukt.bsnet.se-20080829055359-wkdasnyxtylmnxus
* mandos.xml (EXAMPLE): Replaced all occurences of command name with
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
"&COMMANDNAME;".
* plugins.d/password-prompt.c (main): Improved some documentation
strings. Do perror() of
tcgetattr() fails. Add debug
output if interrupted by signal.
Loop over write() instead of
using fwrite() when outputting
password. Add debug output if
getline() returns 0, unless it
was caused by a signal. Add
exit status code to debug
output.
* plugins.d/password-prompt.xml: Changed all single quotes to double
quotes for consistency. Removed
<?xml-stylesheet>.
(ENTITY TIMESTAMP): New. Automatically updated by Emacs time-stamp
by using Emacs local variables.
(/refentry/refentryinfo/title): Changed to "Mandos Manual".
(/refentry/refentryinfo/productname): Changed to "Mandos".
(/refentry/refentryinfo/date): New; set to "&TIMESTAMP;".
(/refentry/refentryinfo/copyright): Split copyright holders.
(/refentry/refnamediv/refpurpose): Improved wording.
(SYNOPSIS): Fix to use correct markup. Add short options.
(DESCRIPTION, OPTIONS): Improved wording.
(OPTIONS): Improved wording. Use more correct markup. Document
short options.
(EXIT STATUS): Add text.
(ENVIRONMENT): Document use of "cryptsource" and "crypttarget".
(FILES): REMOVED.
(BUGS): Add text.
(EXAMPLE): Added some examples.
(SECURITY): Added text.
(SEE ALSO): Remove reference to mandos(8). Add reference to
crypttab(5).
- files added:
- initramfs-tools-hook-conf
- files removed:
- .bzr-builddeb
- debian
- debian/po
- debian/source
- debian/tests
- debian/upstream
- dracut-module
- network-hooks.d
- plugin-helpers
- files renamed:
- plugins.d/mandos-client.c => plugins.d/password-request.c
- plugins.d/mandos-client.xml => plugins.d/password-request.xml
- files modified:
- .bzrignore
added
removed
Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
-Wswitch-default -Wswitch-enum -Wunused-parameter \
3
-Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
6
4
-Wunsafe-loop-optimizations -Wpointer-arith \
7
5
-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
8
-Wconversion -Wlogical-op -Waggregate-return \
9
-Wstrict-prototypes -Wold-style-definition \
10
-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
-Wvolatile-register-var -Woverlength-strings
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
# echo 'int main(){}' | $(CC) --language=c $(option) \
18
# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
21
-fsanitize=shift -fsanitize=integer-divide-by-zero \
22
-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
-fsanitize=return -fsanitize=signed-integer-overflow \
24
-fsanitize=bounds -fsanitize=alignment \
25
-fsanitize=object-size -fsanitize=float-divide-by-zero \
26
-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
-fsanitize=returns-nonnull-attribute -fsanitize=bool \
28
-fsanitize=enum -fsanitize-address-use-after-scope
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
33
LINK_FORTIFY_LD:=-z relro -z now
34
LINK_FORTIFY:=
35
36
# If BROKEN_PIE is set, do not build with -pie
37
ifndef BROKEN_PIE
38
FORTIFY += -fPIE
39
LINK_FORTIFY += -pie
40
endif
6
-Wconversion -Wstrict-prototypes -Wold-style-definition \
7
-Wpacked -Wnested-externs -Wunreachable-code -Winline \
8
-Wvolatile-register-var
9
DEBUG=-ggdb3
10
# For info about _FORTIFY_SOURCE, see
11
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all
41
13
#COVERAGE=--coverage
42
OPTIMIZE:=-Os -fno-strict-aliasing
43
LANGUAGE:=-std=gnu11
44
FEATURES:=-D_FILE_OFFSET_BITS=64
45
htmldir:=man
46
version:=1.8.9
47
SED:=sed
48
PKG_CONFIG?=pkg-config
49
50
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
51
|| getent passwd nobody || echo 65534)))
52
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
53
|| getent group nogroup || echo 65534)))
54
55
LINUXVERSION:=$(shell uname --kernel-release)
56
57
## Use these settings for a traditional /usr/local install
58
# PREFIX:=$(DESTDIR)/usr/local
59
# CONFDIR:=$(DESTDIR)/etc/mandos
60
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
61
# MANDIR:=$(PREFIX)/man
62
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
63
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
64
# STATEDIR:=$(DESTDIR)/var/lib/mandos
65
# LIBDIR:=$(PREFIX)/lib
66
##
67
68
## These settings are for a package-type install
69
PREFIX:=$(DESTDIR)/usr
70
CONFDIR:=$(DESTDIR)/etc/mandos
71
KEYDIR:=$(DESTDIR)/etc/keys/mandos
72
MANDIR:=$(PREFIX)/share/man
73
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
74
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
75
STATEDIR:=$(DESTDIR)/var/lib/mandos
76
LIBDIR:=$(shell \
77
for d in \
78
"/usr/lib/`dpkg-architecture \
79
-qDEB_HOST_MULTIARCH 2>/dev/null`" \
80
"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
81
if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
82
echo "$(DESTDIR)$$d"; \
83
break; \
84
fi; \
85
done)
86
##
87
88
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
89
--variable=systemdsystemunitdir)
90
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
91
--variable=tmpfilesdir)
92
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
93
--variable=sysusersdir)
94
95
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
96
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
97
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
98
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
99
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
100
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
101
getconf LFS_LDFLAGS)
102
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
103
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
104
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
105
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
14
OPTIMIZE=-Os
15
LANGUAGE=-std=gnu99
16
# PREFIX=/usr/local
17
PREFIX=$(DESTDIR)/usr
18
# CONFDIR=/usr/local/lib/mandos
19
CONFDIR=$(DESTDIR)/etc/mandos
20
# MANDIR=/usr/local/man
21
MANDIR=$(DESTDIR)/usr/share/man
22
23
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
24
GNUTLS_LIBS=$(shell libgnutls-config --libs)
25
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
26
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
27
GPGME_CFLAGS=$(shell gpgme-config --cflags)
28
GPGME_LIBS=$(shell gpgme-config --libs)
106
29
107
30
# Do not change these two
108
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
109
$(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'
110
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
111
) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
31
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
32
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
33
LDFLAGS=$(COVERAGE)
112
34
113
# Commands to format a DocBook <refentry> document into a manual page
114
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
35
# Commands to format a DocBook refentry document into a manual page
36
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
115
37
--param man.charmap.use.subset 0 \
116
38
--param make.year.ranges 1 \
117
39
--param make.single.year.ranges 1 \
118
40
--param man.output.quietly 1 \
119
41
--param man.authors.section.enabled 0 \
120
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
42
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
121
43
$(notdir $<); \
122
if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
123
&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
124
MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
125
$(notdir $@); fi >/dev/null)
126
127
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
128
--param make.year.ranges 1 \
129
--param make.single.year.ranges 1 \
130
--param man.output.quietly 1 \
131
--param man.authors.section.enabled 0 \
132
--param citerefentry.link 1 \
133
--output $@ \
134
/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
135
$<; $(HTMLPOST) $@)
136
# Fix citerefentry links
137
HTMLPOST:=$(SED) --in-place \
138
--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
139
140
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
141
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
142
plugins.d/plymouth
143
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
144
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
145
$(PLUGIN_HELPERS)
146
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
147
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
148
mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
149
dracut-module/password-agent.8mandos \
150
plugins.d/mandos-client.8mandos \
151
plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
152
plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
153
plugins.d/plymouth.8mandos intro.8mandos
154
155
htmldocs:=$(addsuffix .xhtml,$(DOCS))
156
157
objects:=$(addsuffix .o,$(CPROGS))
158
159
.PHONY: all
160
all: $(PROGS) mandos.lsm
161
162
.PHONY: doc
44
$(MANPOST) $(notdir $@)
45
# DocBook-to-man post-processing to fix a \n escape bug
46
MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
47
48
PLUGINS=plugins.d/password-prompt plugins.d/password-request
49
PROGS=plugin-runner $(PLUGINS)
50
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
51
plugins.d/password-request.8mandos \
52
plugins.d/password-prompt.8mandos mandos.conf.5 \
53
mandos-clients.conf.5
54
55
objects=$(addsuffix .o,$(PROGS))
56
57
all: $(PROGS)
58
163
59
doc: $(DOCS)
164
60
165
.PHONY: html
166
html: $(htmldocs)
167
168
%.5: %.xml common.ent legalnotice.xml
169
$(DOCBOOKTOMAN)
170
%.5.xhtml: %.xml common.ent legalnotice.xml
171
$(DOCBOOKTOHTML)
172
173
%.8: %.xml common.ent legalnotice.xml
174
$(DOCBOOKTOMAN)
175
%.8.xhtml: %.xml common.ent legalnotice.xml
176
$(DOCBOOKTOHTML)
177
178
%.8mandos: %.xml common.ent legalnotice.xml
179
$(DOCBOOKTOMAN)
180
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
181
$(DOCBOOKTOHTML)
182
183
intro.8mandos: intro.xml common.ent legalnotice.xml
184
$(DOCBOOKTOMAN)
185
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
186
$(DOCBOOKTOHTML)
187
188
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
189
legalnotice.xml
190
$(DOCBOOKTOMAN)
191
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
192
overview.xml legalnotice.xml
193
$(DOCBOOKTOHTML)
194
195
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
196
legalnotice.xml
197
$(DOCBOOKTOMAN)
198
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
199
legalnotice.xml
200
$(DOCBOOKTOHTML)
201
202
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
203
legalnotice.xml
204
$(DOCBOOKTOMAN)
205
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
206
legalnotice.xml
207
$(DOCBOOKTOHTML)
208
209
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
210
legalnotice.xml
211
$(DOCBOOKTOMAN)
212
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
213
legalnotice.xml
214
$(DOCBOOKTOHTML)
215
216
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
217
legalnotice.xml
218
$(DOCBOOKTOMAN)
219
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
220
legalnotice.xml
221
$(DOCBOOKTOHTML)
222
223
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
224
legalnotice.xml
225
$(DOCBOOKTOMAN)
226
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
227
overview.xml legalnotice.xml
228
$(DOCBOOKTOHTML)
229
230
dracut-module/password-agent.8mandos: \
231
dracut-module/password-agent.xml common.ent \
232
overview.xml legalnotice.xml
233
$(DOCBOOKTOMAN)
234
dracut-module/password-agent.8mandos.xhtml: \
235
dracut-module/password-agent.xml common.ent \
236
overview.xml legalnotice.xml
237
$(DOCBOOKTOHTML)
238
239
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
240
common.ent \
241
mandos-options.xml \
242
overview.xml legalnotice.xml
243
$(DOCBOOKTOMAN)
244
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
245
common.ent \
246
mandos-options.xml \
247
overview.xml legalnotice.xml
248
$(DOCBOOKTOHTML)
249
250
# Update all these files with version number $(version)
251
common.ent: Makefile
252
$(strip $(SED) --in-place \
253
--expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
254
$@)
255
256
mandos: Makefile
257
$(strip $(SED) --in-place \
258
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
259
$@)
260
261
mandos-keygen: Makefile
262
$(strip $(SED) --in-place \
263
--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
264
$@)
265
266
mandos-ctl: Makefile
267
$(strip $(SED) --in-place \
268
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
269
$@)
270
271
mandos-monitor: Makefile
272
$(strip $(SED) --in-place \
273
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
274
$@)
275
276
mandos.lsm: Makefile
277
$(strip $(SED) --in-place \
278
--expression='s/^\(Version:\).*/\1\t$(version)/' \
279
$@)
280
$(strip $(SED) --in-place \
281
--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
282
$@)
283
$(strip $(SED) --in-place \
284
--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
285
$@)
286
287
# Need to add the GnuTLS, Avahi and GPGME libraries
288
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
289
) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
290
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
291
) $(AVAHI_LIBS) $(GPGME_LIBS)
292
293
# Need to add the libnl-route library
294
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
295
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
296
297
# Need to add the GLib and pthread libraries
298
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
299
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
300
301
.PHONY: clean
61
%.5: %.xml
62
$(DOCBOOKTOMAN)
63
64
%.8: %.xml
65
$(DOCBOOKTOMAN)
66
67
%.8mandos: %.xml
68
$(DOCBOOKTOMAN)
69
70
mandos.8: mandos.xml mandos-options.xml
71
$(DOCBOOKTOMAN)
72
73
mandos.conf.5: mandos.conf.xml mandos-options.xml
74
$(DOCBOOKTOMAN)
75
76
plugins.d/password-request: plugins.d/password-request.o
77
$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
78
$(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
79
80
.PHONY : all doc clean distclean run-client run-server install \
81
install-server install-client uninstall uninstall-server \
82
uninstall-client purge purge-server purge-client
83
302
84
clean:
303
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
85
-rm --force $(PROGS) $(objects) $(DOCS) core
304
86
305
.PHONY: distclean
306
87
distclean: clean
307
.PHONY: mostlyclean
308
88
mostlyclean: clean
309
.PHONY: maintainer-clean
310
89
maintainer-clean: clean
311
-rm --force --recursive keydir confdir statedir
90
-rm --force --recursive keydir confdir
312
91
313
.PHONY: check
314
check: all
92
check:
315
93
./mandos --check
316
./mandos-ctl --check
317
./mandos-keygen --version
318
./plugin-runner --version
319
./plugin-helpers/mandos-client-iprouteadddel --version
320
./dracut-module/password-agent --test
321
94
322
# Run the client with a local config and key
323
.PHONY: run-client
95
# Run the server with a local key
324
96
run-client: all keydir/seckey.txt keydir/pubkey.txt \
325
keydir/tls-privkey.pem keydir/tls-pubkey.pem
326
@echo '######################################################'
327
@echo '# The following error messages are harmless and can #'
328
@echo '# be safely ignored: #'
329
@echo '## From plugin-runner: #'
330
@echo '# setgid: Operation not permitted #'
331
@echo '# setuid: Operation not permitted #'
332
@echo '## From askpass-fifo: #'
333
@echo '# mkfifo: Permission denied #'
334
@echo '## From mandos-client: #'
335
@echo '# Failed to raise privileges: Operation not permi... #'
336
@echo '# Warning: network hook "*" exited with status * #'
337
@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
338
@echo '# Failed to bring up interface "*": Operation not... #'
339
@echo '# #'
340
@echo '# (The messages are caused by not running as root, #'
341
@echo '# but you should NOT run "make run-client" as root #'
342
@echo '# unless you also unpacked and compiled Mandos as #'
343
@echo '# root, which is also NOT recommended.) #'
344
@echo '######################################################'
345
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
97
keydir/secring.gpg keydir/pubring.gpg
346
98
./plugin-runner --plugin-dir=plugins.d \
347
--plugin-helper-dir=plugin-helpers \
348
--config-file=plugin-runner.conf \
349
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
350
--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
351
$(CLIENTARGS)
99
--options-for=password-request:--keydir=keydir
352
100
353
101
# Used by run-client
354
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
102
keydir/secring.gpg: keydir/seckey.txt
103
gpg --homedir $(dir $<) --import $^
104
keydir/pubring.gpg: keydir/pubkey.txt
105
gpg --homedir $(dir $<) --import $^
106
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
355
107
install --directory keydir
356
108
./mandos-keygen --dir keydir --force
357
109
358
110
# Run the server with a local config
359
.PHONY: run-server
360
run-server: confdir/mandos.conf confdir/clients.conf statedir
361
./mandos --debug --no-dbus --configdir=confdir \
362
--statedir=statedir $(SERVERARGS)
111
run-server: confdir/mandos.conf confdir/clients.conf
112
./mandos --debug --configdir=confdir
363
113
364
114
# Used by run-server
365
115
confdir/mandos.conf: mandos.conf
366
116
install --directory confdir
367
install --mode=u=rw,go=r $^ $@
368
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
117
install $^ $@
118
confdir/clients.conf: clients.conf keydir/seckey.txt
369
119
install --directory confdir
370
install --mode=u=rw $< $@
120
install clients.conf $@
371
121
# Add a client password
372
./mandos-keygen --dir keydir --password --no-ssh >> $@
373
statedir:
374
install --directory statedir
375
376
.PHONY: install
377
install: install-server install-client-nokey
378
379
.PHONY: install-html
380
install-html: html
381
install --directory $(htmldir)
382
install --mode=u=rw,go=r --target-directory=$(htmldir) \
383
$(htmldocs)
384
385
.PHONY: install-server
122
./mandos-keygen --dir keydir --password >> $@
123
124
install: install-server install-client
125
386
126
install-server: doc
387
install --directory $(CONFDIR)
388
if install --directory --mode=u=rwx --owner=$(USER) \
389
--group=$(GROUP) $(STATEDIR); then \
390
:; \
391
elif install --directory --mode=u=rwx $(STATEDIR); then \
392
chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
393
fi
394
if [ "$(TMPFILES)" != "$(DESTDIR)" \
395
-a -d "$(TMPFILES)" ]; then \
396
install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
397
$(TMPFILES)/mandos.conf; \
398
fi
399
if [ "$(SYSUSERS)" != "$(DESTDIR)" \
400
-a -d "$(SYSUSERS)" ]; then \
401
install --mode=u=rw,go=r sysusers.d-mandos.conf \
402
$(SYSUSERS)/mandos.conf; \
403
fi
404
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
405
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
406
mandos-ctl
407
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
408
mandos-monitor
409
install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
410
mandos.conf
411
install --mode=u=rw --target-directory=$(CONFDIR) \
127
install --directory --parents $(CONFDIR) $(MANDIR)/man5 \
128
$(MANDIR)/man8
129
install --mode=0755 mandos $(PREFIX)/sbin/mandos
130
install --mode=0644 --target-directory=$(CONFDIR) mandos.conf
131
install --mode=0640 --target-directory=$(CONFDIR) \
412
132
clients.conf
413
install --mode=u=rw,go=r dbus-mandos.conf \
414
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
415
install --mode=u=rwx,go=rx init.d-mandos \
416
$(DESTDIR)/etc/init.d/mandos
417
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
418
install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
419
fi
420
install --mode=u=rw,go=r default-mandos \
421
$(DESTDIR)/etc/default/mandos
422
if [ -z $(DESTDIR) ]; then \
423
update-rc.d mandos defaults 25 15;\
424
fi
425
133
gzip --best --to-stdout mandos.8 \
426
134
> $(MANDIR)/man8/mandos.8.gz
427
gzip --best --to-stdout mandos-monitor.8 \
428
> $(MANDIR)/man8/mandos-monitor.8.gz
429
gzip --best --to-stdout mandos-ctl.8 \
430
> $(MANDIR)/man8/mandos-ctl.8.gz
431
135
gzip --best --to-stdout mandos.conf.5 \
432
136
> $(MANDIR)/man5/mandos.conf.5.gz
433
137
gzip --best --to-stdout mandos-clients.conf.5 \
434
138
> $(MANDIR)/man5/mandos-clients.conf.5.gz
435
gzip --best --to-stdout intro.8mandos \
436
> $(MANDIR)/man8/intro.8mandos.gz
437
139
438
.PHONY: install-client-nokey
439
install-client-nokey: all doc
440
install --directory $(LIBDIR)/mandos $(CONFDIR)
441
install --directory --mode=u=rwx $(KEYDIR) \
442
$(LIBDIR)/mandos/plugins.d \
443
$(LIBDIR)/mandos/plugin-helpers
444
if [ "$(SYSUSERS)" != "$(DESTDIR)" \
445
-a -d "$(SYSUSERS)" ]; then \
446
install --mode=u=rw,go=r sysusers.d-mandos.conf \
447
$(SYSUSERS)/mandos-client.conf; \
448
fi
449
if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
450
install --mode=u=rwx \
451
--directory "$(CONFDIR)/plugins.d" \
452
"$(CONFDIR)/plugin-helpers"; \
453
fi
454
install --mode=u=rwx,go=rx --directory \
455
"$(CONFDIR)/network-hooks.d"
456
install --mode=u=rwx,go=rx \
457
--target-directory=$(LIBDIR)/mandos plugin-runner
458
install --mode=u=rwx,go=rx \
459
--target-directory=$(LIBDIR)/mandos \
460
mandos-to-cryptroot-unlock
461
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
140
install-client: all doc /usr/share/initramfs-tools/hooks/.
141
install --directory --parents $(PREFIX)/lib/mandos \
142
$(CONFDIR) $(MANDIR)/man8
143
install --directory --mode=0700 $(PREFIX)/lib/mandos/plugins.d
144
chmod u=rwx,g=,o= $(PREFIX)/lib/mandos/plugins.d
145
install --mode=0755 --target-directory=$(PREFIX)/lib/mandos \
146
plugin-runner
147
install --mode=0755 --target-directory=$(PREFIX)/sbin \
462
148
mandos-keygen
463
install --mode=u=rwx,go=rx \
464
--target-directory=$(LIBDIR)/mandos/plugins.d \
149
install --mode=0755 \
150
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
465
151
plugins.d/password-prompt
466
install --mode=u=rwxs,go=rx \
467
--target-directory=$(LIBDIR)/mandos/plugins.d \
468
plugins.d/mandos-client
469
install --mode=u=rwxs,go=rx \
470
--target-directory=$(LIBDIR)/mandos/plugins.d \
471
plugins.d/usplash
472
install --mode=u=rwxs,go=rx \
473
--target-directory=$(LIBDIR)/mandos/plugins.d \
474
plugins.d/splashy
475
install --mode=u=rwxs,go=rx \
476
--target-directory=$(LIBDIR)/mandos/plugins.d \
477
plugins.d/askpass-fifo
478
install --mode=u=rwxs,go=rx \
479
--target-directory=$(LIBDIR)/mandos/plugins.d \
480
plugins.d/plymouth
481
install --mode=u=rwx,go=rx \
482
--target-directory=$(LIBDIR)/mandos/plugin-helpers \
483
plugin-helpers/mandos-client-iprouteadddel
152
install --mode=4755 \
153
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
154
plugins.d/password-request
484
155
install initramfs-tools-hook \
485
$(INITRAMFSTOOLS)/hooks/mandos
486
install --mode=u=rw,go=r initramfs-tools-conf \
487
$(INITRAMFSTOOLS)/conf.d/mandos-conf
488
install --mode=u=rw,go=r initramfs-tools-conf-hook \
489
$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
156
/usr/share/initramfs-tools/hooks/mandos
157
install initramfs-tools-hook-conf \
158
/usr/share/initramfs-tools/conf-hooks.d/mandos
490
159
install initramfs-tools-script \
491
$(INITRAMFSTOOLS)/scripts/init-premount/mandos
492
install initramfs-tools-script-stop \
493
$(INITRAMFSTOOLS)/scripts/local-premount/mandos
494
install --directory $(DRACUTMODULE)
495
install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
496
dracut-module/ask-password-mandos.path \
497
dracut-module/ask-password-mandos.service
498
install --mode=u=rwxs,go=rx \
499
--target-directory=$(DRACUTMODULE) \
500
dracut-module/module-setup.sh \
501
dracut-module/cmdline-mandos.sh \
502
dracut-module/password-agent
503
install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
160
/usr/share/initramfs-tools/scripts/local-top/mandos
504
161
gzip --best --to-stdout mandos-keygen.8 \
505
162
> $(MANDIR)/man8/mandos-keygen.8.gz
506
163
gzip --best --to-stdout plugin-runner.8mandos \
507
164
> $(MANDIR)/man8/plugin-runner.8mandos.gz
508
gzip --best --to-stdout plugins.d/mandos-client.8mandos \
509
> $(MANDIR)/man8/mandos-client.8mandos.gz
510
165
gzip --best --to-stdout plugins.d/password-prompt.8mandos \
511
166
> $(MANDIR)/man8/password-prompt.8mandos.gz
512
gzip --best --to-stdout plugins.d/usplash.8mandos \
513
> $(MANDIR)/man8/usplash.8mandos.gz
514
gzip --best --to-stdout plugins.d/splashy.8mandos \
515
> $(MANDIR)/man8/splashy.8mandos.gz
516
gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
517
> $(MANDIR)/man8/askpass-fifo.8mandos.gz
518
gzip --best --to-stdout plugins.d/plymouth.8mandos \
519
> $(MANDIR)/man8/plymouth.8mandos.gz
520
gzip --best --to-stdout dracut-module/password-agent.8mandos \
521
> $(MANDIR)/man8/password-agent.8mandos.gz
522
523
.PHONY: install-client
524
install-client: install-client-nokey
525
# Post-installation stuff
526
-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
527
if command -v update-initramfs >/dev/null; then \
528
update-initramfs -k all -u; \
529
elif command -v dracut >/dev/null; then \
530
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
531
if [ -w "$$initrd" ]; then \
532
chmod go-r "$$initrd"; \
533
dracut --force "$$initrd"; \
534
fi; \
535
done; \
536
fi
537
echo "Now run mandos-keygen --password --dir $(KEYDIR)"
538
539
.PHONY: uninstall
167
gzip --best --to-stdout plugins.d/password-request.8mandos \
168
> $(MANDIR)/man8/password-request.8mandos.gz
169
-$(PREFIX)/sbin/mandos-keygen
170
update-initramfs -k all -u
171
540
172
uninstall: uninstall-server uninstall-client
541
173
542
.PHONY: uninstall-server
543
uninstall-server:
174
uninstall-server: $(PREFIX)/sbin/mandos
544
175
-rm --force $(PREFIX)/sbin/mandos \
545
$(PREFIX)/sbin/mandos-ctl \
546
$(PREFIX)/sbin/mandos-monitor \
547
176
$(MANDIR)/man8/mandos.8.gz \
548
$(MANDIR)/man8/mandos-monitor.8.gz \
549
$(MANDIR)/man8/mandos-ctl.8.gz \
550
177
$(MANDIR)/man5/mandos.conf.5.gz \
551
178
$(MANDIR)/man5/mandos-clients.conf.5.gz
552
update-rc.d -f mandos remove
553
179
-rmdir $(CONFDIR)
554
180
555
.PHONY: uninstall-client
556
181
uninstall-client:
557
182
# Refuse to uninstall client if /etc/crypttab is explicitly configured
558
183
# to use it.
559
184
! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
560
$(DESTDIR)/etc/crypttab
185
/etc/crypttab
561
186
-rm --force $(PREFIX)/sbin/mandos-keygen \
562
$(LIBDIR)/mandos/plugin-runner \
563
$(LIBDIR)/mandos/plugins.d/password-prompt \
564
$(LIBDIR)/mandos/plugins.d/mandos-client \
565
$(LIBDIR)/mandos/plugins.d/usplash \
566
$(LIBDIR)/mandos/plugins.d/splashy \
567
$(LIBDIR)/mandos/plugins.d/askpass-fifo \
568
$(LIBDIR)/mandos/plugins.d/plymouth \
569
$(INITRAMFSTOOLS)/hooks/mandos \
570
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
571
$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
572
$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
573
$(DRACUTMODULE)/ask-password-mandos.path \
574
$(DRACUTMODULE)/ask-password-mandos.service \
575
$(DRACUTMODULE)/module-setup.sh \
576
$(DRACUTMODULE)/cmdline-mandos.sh \
577
$(DRACUTMODULE)/password-agent \
187
$(PREFIX)/lib/mandos/plugin-runner \
188
$(PREFIX)/lib/mandos/plugins.d/password-prompt \
189
$(PREFIX)/lib/mandos/plugins.d/password-request \
190
/usr/share/initramfs-tools/hooks/mandos \
191
/usr/share/initramfs-tools/conf-hooks.d/mandos \
192
$(MANDIR)/man8/plugin-runner.8mandos.gz \
578
193
$(MANDIR)/man8/mandos-keygen.8.gz \
579
$(MANDIR)/man8/plugin-runner.8mandos.gz \
580
$(MANDIR)/man8/mandos-client.8mandos.gz
581
194
$(MANDIR)/man8/password-prompt.8mandos.gz \
582
$(MANDIR)/man8/usplash.8mandos.gz \
583
$(MANDIR)/man8/splashy.8mandos.gz \
584
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
585
$(MANDIR)/man8/plymouth.8mandos.gz \
586
$(MANDIR)/man8/password-agent.8mandos.gz \
587
-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
588
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
589
if command -v update-initramfs >/dev/null; then \
590
update-initramfs -k all -u; \
591
elif command -v dracut >/dev/null; then \
592
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
593
test -w "$$initrd" && dracut --force "$$initrd"; \
594
done; \
595
fi
195
$(MANDIR)/man8/password-request.8mandos.gz
196
-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
197
$(PREFIX)/lib/mandos $(CONFDIR)
198
update-initramfs -k all -u
596
199
597
.PHONY: purge
598
200
purge: purge-server purge-client
599
201
600
.PHONY: purge-server
601
202
purge-server: uninstall-server
602
-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
603
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
604
$(DESTDIR)/etc/default/mandos \
605
$(DESTDIR)/etc/init.d/mandos \
606
$(SYSTEMD)/mandos.service \
607
$(DESTDIR)/run/mandos.pid \
608
$(DESTDIR)/var/run/mandos.pid
203
-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf
609
204
-rmdir $(CONFDIR)
610
205
611
.PHONY: purge-client
612
206
purge-client: uninstall-client
613
-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
614
-rm --force $(CONFDIR)/plugin-runner.conf \
615
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
616
$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
617
-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
207
-rm --force $(CONFDIR)/seckey.txt $(CONFDIR)/pubkey.txt
208
-rmdir $(CONFDIR) $(CONFDIR)/plugins.d
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0