/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

DBUS-API

INSTALL

NEWS

README

bugs.xml

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.examples

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos-client.templates

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.maintscript

debian/mandos.postinst

debian/mandos.prerm

debian/mandos.templates

debian/po

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/es.po

debian/po/fr.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

debian/po/templates.pot

debian/rules

debian/source

debian/source/format

debian/source/lintian-overrides

debian/source/local-options

debian/tests

debian/tests/control

debian/upstream

debian/upstream/metadata

debian/upstream/signing-key.asc

debian/watch

default-mandos

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

init.d-mandos

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-hook

initramfs-tools-script

initramfs-tools-script-stop

initramfs-unpack

intro.xml

legalnotice.xml

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos-to-cryptroot-unlock

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.service

mandos.xml

network-hooks.d

network-hooks.d/bridge

network-hooks.d/bridge.conf

network-hooks.d/openvpn

network-hooks.d/openvpn.conf

network-hooks.d/wireless

network-hooks.d/wireless.conf

overview.xml

plugin-helpers

plugin-helpers/mandos-client-iprouteadddel.c

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.xml

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

sysusers.d-mandos.conf

tmpfiles.d-mandos.conf

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/mandos-client.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

Makefile

WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \

-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \

-Wunused -Wuninitialized -Wstrict-overflow=5 \

-Wsuggest-attribute=pure -Wsuggest-attribute=const \

-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \

-Wunsafe-loop-optimizations -Wpointer-arith \

-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \

-Wconversion -Wlogical-op -Waggregate-return \

-Wstrict-prototypes -Wold-style-definition \

-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \

-Wredundant-decls -Wnested-externs -Winline -Wvla \

-Wvolatile-register-var -Woverlength-strings

#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)

## Check which sanitizing options can be used

#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \

# echo 'int main(){}' | $(CC) --language=c $(option) \

# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))

# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>

ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \

-fsanitize=shift -fsanitize=integer-divide-by-zero \

-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \

-fsanitize=return -fsanitize=signed-integer-overflow \

-fsanitize=bounds -fsanitize=alignment \

-fsanitize=object-size -fsanitize=float-divide-by-zero \

-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \

-fsanitize=returns-nonnull-attribute -fsanitize=bool \

-fsanitize=enum -fsanitize-address-use-after-scope

# For info about _FORTIFY_SOURCE, see feature_test_macros(7)

# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY:=-fstack-protector-all -fPIC

CPPFLAGS+=-D_FORTIFY_SOURCE=3

LINK_FORTIFY_LD:=-z relro -z now

LINK_FORTIFY:=

# If BROKEN_PIE is set, do not build with -pie

ifndef BROKEN_PIE

FORTIFY += -fPIE

LINK_FORTIFY += -pie

endif

#COVERAGE=--coverage

OPTIMIZE:=-Os -fno-strict-aliasing

LANGUAGE:=-std=gnu11

CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64

htmldir:=man

version:=1.8.16

SED:=sed

PKG_CONFIG?=pkg-config

USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \

|| getent passwd nobody || echo 65534)))

GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \

|| getent group nogroup || echo 65534)))

LINUXVERSION:=$(shell uname --kernel-release)

## Use these settings for a traditional /usr/local install

# PREFIX:=$(DESTDIR)/usr/local

# CONFDIR:=$(DESTDIR)/etc/mandos

# KEYDIR:=$(DESTDIR)/etc/mandos/keys

# MANDIR:=$(PREFIX)/man

# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools

# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

# STATEDIR:=$(DESTDIR)/var/lib/mandos

# LIBDIR:=$(PREFIX)/lib

# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d

## These settings are for a package-type install

PREFIX:=$(DESTDIR)/usr

CONFDIR:=$(DESTDIR)/etc/mandos

KEYDIR:=$(DESTDIR)/etc/keys/mandos

MANDIR:=$(PREFIX)/share/man

INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools

DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

STATEDIR:=$(DESTDIR)/var/lib/mandos

LIBDIR:=$(shell \

for d in \

"/usr/lib/`dpkg-architecture \

-qDEB_HOST_MULTIARCH 2>/dev/null`" \

"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \

if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \

echo "$(DESTDIR)$$d"; \

break; \

fi; \

done)

DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d

SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=systemdsystemunitdir)

TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=tmpfilesdir)

SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=sysusersdir)

GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)

GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)

100

AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)

101

AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)

102

GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \

103

|| gpgme-config --cflags; getconf LFS_CFLAGS)

104

GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \

105

|| gpgme-config --libs; getconf LFS_LIBS; \

106

getconf LFS_LDFLAGS)

107

LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)

108

LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)

109

GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)

110

GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)

111

112

# Do not change these two

113

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

114

$(LANGUAGE) -DVERSION='"$(version)"'

115

LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \

116

) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

117

118

# Commands to format a DocBook <refentry> document into a manual page

119

DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \

120

--param man.charmap.use.subset 0 \

121

--param make.year.ranges 1 \

122

--param make.single.year.ranges 1 \

123

--param man.output.quietly 1 \

124

--param man.authors.section.enabled 0 \

125

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

126

$(notdir $<); \

127

if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \

128

&& command -v man >/dev/null; then LANG=en_US.UTF-8 \

129

MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \

130

$(notdir $@); fi >/dev/null)

131

132

DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \

133

--param make.year.ranges 1 \

134

--param make.single.year.ranges 1 \

135

--param man.output.quietly 1 \

136

--param man.authors.section.enabled 0 \

137

--param citerefentry.link 1 \

138

--output $@ \

139

/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \

140

$<; $(HTMLPOST) $@)

141

# Fix citerefentry links

142

HTMLPOST:=$(SED) --in-place \

143

--expression='s/$<a class="citerefentry" href="$$"><span class="citerefentry"><span class="refentrytitle">$$[^<]*$$<\/span>($$[^)]*$$)<\/span><\/a>$/\1\3.\5\2\3\4\5\6/g'

144

145

PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \

146

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \

147

plugins.d/plymouth

148

PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel

149

CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \

150

$(PLUGIN_HELPERS)

151

PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)

152

DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \

153

mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \

154

dracut-module/password-agent.8mandos \

155

plugins.d/mandos-client.8mandos \

156

plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \

157

plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \

158

plugins.d/plymouth.8mandos intro.8mandos

159

160

htmldocs:=$(addsuffix .xhtml,$(DOCS))

161

162

objects:=$(addsuffix .o,$(CPROGS))

163

164

.PHONY: all

165

all: $(PROGS) mandos.lsm

166

167

.PHONY: doc

168

doc: $(DOCS)

169

170

.PHONY: html

171

html: $(htmldocs)

172

173

%.5: %.xml common.ent legalnotice.xml

174

$(DOCBOOKTOMAN)

175

%.5.xhtml: %.xml common.ent legalnotice.xml

176

$(DOCBOOKTOHTML)

177

178

%.8: %.xml common.ent legalnotice.xml

179

$(DOCBOOKTOMAN)

180

%.8.xhtml: %.xml common.ent legalnotice.xml

181

$(DOCBOOKTOHTML)

182

183

%.8mandos: %.xml common.ent legalnotice.xml

184

$(DOCBOOKTOMAN)

185

%.8mandos.xhtml: %.xml common.ent legalnotice.xml

186

$(DOCBOOKTOHTML)

187

188

intro.8mandos: intro.xml common.ent legalnotice.xml

189

$(DOCBOOKTOMAN)

190

intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml

191

$(DOCBOOKTOHTML)

192

193

mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \

194

legalnotice.xml

195

$(DOCBOOKTOMAN)

196

mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \

197

overview.xml legalnotice.xml

198

$(DOCBOOKTOHTML)

199

200

mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \

201

legalnotice.xml

202

$(DOCBOOKTOMAN)

203

mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \

204

legalnotice.xml

205

$(DOCBOOKTOHTML)

206

207

mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \

208

legalnotice.xml

209

$(DOCBOOKTOMAN)

210

mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \

211

legalnotice.xml

212

$(DOCBOOKTOHTML)

213

214

mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \

215

legalnotice.xml

216

$(DOCBOOKTOMAN)

217

mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \

218

legalnotice.xml

219

$(DOCBOOKTOHTML)

220

221

mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \

222

legalnotice.xml

223

$(DOCBOOKTOMAN)

224

mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \

225

legalnotice.xml

226

$(DOCBOOKTOHTML)

227

228

plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \

229

legalnotice.xml

230

$(DOCBOOKTOMAN)

231

plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \

232

overview.xml legalnotice.xml

233

$(DOCBOOKTOHTML)

234

235

dracut-module/password-agent.8mandos: \

236

dracut-module/password-agent.xml common.ent \

237

overview.xml legalnotice.xml

238

$(DOCBOOKTOMAN)

239

dracut-module/password-agent.8mandos.xhtml: \

240

dracut-module/password-agent.xml common.ent \

241

overview.xml legalnotice.xml

242

$(DOCBOOKTOHTML)

243

244

plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \

245

common.ent \

246

mandos-options.xml \

247

overview.xml legalnotice.xml

248

$(DOCBOOKTOMAN)

249

plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \

250

common.ent \

251

mandos-options.xml \

252

overview.xml legalnotice.xml

253

$(DOCBOOKTOHTML)

254

255

# Update all these files with version number $(version)

256

common.ent: Makefile

257

$(strip $(SED) --in-place \

258

--expression='s/^$<!ENTITY version "$[^"]*">$$/\1$(version)">/' \

259

$@)

260

261

mandos: Makefile

262

$(strip $(SED) --in-place \

263

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

264

$@)

265

266

mandos-keygen: Makefile

267

$(strip $(SED) --in-place \

268

--expression='s/^$VERSION="$[^"]*"$$/\1$(version)"/' \

269

$@)

270

271

mandos-ctl: Makefile

272

$(strip $(SED) --in-place \

273

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

274

$@)

275

276

mandos-monitor: Makefile

277

$(strip $(SED) --in-place \

278

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

279

$@)

280

281

mandos.lsm: Makefile

282

$(strip $(SED) --in-place \

283

--expression='s/^$Version:$.*/\1\t$(version)/' \

284

$@)

285

$(strip $(SED) --in-place \

286

--expression='s/^$Entered-date:$.*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \

287

$@)

288

$(strip $(SED) --in-place \

289

--expression='s/$mandos_$[0-9.]\+$\.orig\.tar\.gz$/\1$(version)\2/' \

290

$@)

291

292

# Uses nested functions

293

plugin-runner: LDFLAGS += -Xlinker --no-warn-execstack

294

dracut-module/password-agent: LDFLAGS += -Xlinker --no-warn-execstack

295

plugins.d/password-prompt: LDFLAGS += -Xlinker --no-warn-execstack

296

plugins.d/mandos-client: LDFLAGS += -Xlinker --no-warn-execstack

297

plugins.d/plymouth: LDFLAGS += -Xlinker --no-warn-execstack

298

299

# Need to add the GnuTLS, Avahi and GPGME libraries

300

plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \

301

) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)

302

plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \

303

) $(AVAHI_LIBS) $(GPGME_LIBS)

304

305

# Need to add the libnl-route library

306

plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)

307

plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)

308

309

# Need to add the GLib and pthread libraries

310

dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)

311

# Note: -lpthread is unnecessary with the GNU C library 2.34 or later

312

dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread

313

314

.PHONY: clean

CFLAGS="-Wall -std=gnu99"

LDFLAGS=-lgnutls

all: plugbasedclient

315

clean:

316

-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core

317

318

.PHONY: distclean

319

distclean: clean

320

.PHONY: mostlyclean

321

mostlyclean: clean

322

.PHONY: maintainer-clean

323

maintainer-clean: clean

324

-rm --force --recursive keydir confdir statedir

325

326

.PHONY: check

327

check: all

328

./mandos --check

329

./mandos-ctl --check

330

./mandos-keygen --version

331

./plugin-runner --version

332

./plugin-helpers/mandos-client-iprouteadddel --version

333

./dracut-module/password-agent --test

334

335

# Run the client with a local config and key

336

.PHONY: run-client

337

run-client: all keydir/seckey.txt keydir/pubkey.txt \

338

keydir/tls-privkey.pem keydir/tls-pubkey.pem

339

@echo '######################################################'

340

@echo '# The following error messages are harmless and can #'

341

@echo '# be safely ignored: #'

342

@echo '## From plugin-runner: #'

343

@echo '# setgid: Operation not permitted #'

344

@echo '# setuid: Operation not permitted #'

345

@echo '## From askpass-fifo: #'

346

@echo '# mkfifo: Permission denied #'

347

@echo '## From mandos-client: #'

348

@echo '# Failed to raise privileges: Operation not permi... #'

349

@echo '# Warning: network hook "*" exited with status * #'

350

@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'

351

@echo '# Failed to bring up interface "*": Operation not... #'

352

@echo '# #'

353

@echo '# (The messages are caused by not running as root, #'

354

@echo '# but you should NOT run "make run-client" as root #'

355

@echo '# unless you also unpacked and compiled Mandos as #'

356

@echo '# root, which is also NOT recommended.) #'

357

@echo '######################################################'

358

# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring

359

./plugin-runner --plugin-dir=plugins.d \

360

--plugin-helper-dir=plugin-helpers \

361

--config-file=plugin-runner.conf \

362

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \

363

--env-for=mandos-client:GNOME_KEYRING_CONTROL= \

364

$(CLIENTARGS)

365

366

# Used by run-client

367

keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen

368

install --directory keydir

369

./mandos-keygen --dir keydir --force

370

if ! [ -e keydir/tls-privkey.pem ]; then \

371

install --mode=u=rw /dev/null keydir/tls-privkey.pem; \

372

373

if ! [ -e keydir/tls-pubkey.pem ]; then \

374

install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \

375

376

377

# Run the server with a local config

378

.PHONY: run-server

379

run-server: confdir/mandos.conf confdir/clients.conf statedir

380

./mandos --debug --no-dbus --configdir=confdir \

381

--statedir=statedir $(SERVERARGS)

382

383

# Used by run-server

384

confdir/mandos.conf: mandos.conf

385

install -D --mode=u=rw,go=r $^ $@

386

confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem

387

install -D --mode=u=rw $< $@

388

# Add a client password

389

./mandos-keygen --dir keydir --password --no-ssh >> $@

390

statedir:

391

install --directory statedir

392

393

.PHONY: install

394

install: install-server install-client-nokey

395

396

.PHONY: install-html

397

install-html: html

398

install -D --mode=u=rw,go=r --target-directory=$(htmldir) \

399

$(htmldocs)

400

401

.PHONY: install-server

402

install-server: doc

403

if install --directory --mode=u=rwx --owner=$(USER) \

404

--group=$(GROUP) $(STATEDIR); then \

405

:; \

406

elif install --directory --mode=u=rwx $(STATEDIR); then \

407

chown -- $(USER):$(GROUP) $(STATEDIR) || :; \

408

409

if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \

410

install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \

411

$(TMPFILES)/mandos.conf; \

412

413

if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \

414

install -D --mode=u=rw,go=r sysusers.d-mandos.conf \

415

$(SYSUSERS)/mandos.conf; \

416

417

install --directory $(PREFIX)/sbin

418

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

419

mandos

420

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

421

mandos-ctl

422

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

423

mandos-monitor

424

install --directory $(CONFDIR)

425

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

426

mandos.conf

427

install --mode=u=rw --target-directory=$(CONFDIR) \

428

clients.conf

429

install -D --mode=u=rw,go=r dbus-mandos.conf \

430

$(DBUSPOLICYDIR)/mandos.conf

431

install -D --mode=u=rwx,go=rx init.d-mandos \

432

$(DESTDIR)/etc/init.d/mandos

433

if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \

434

install -D --mode=u=rw,go=r mandos.service \

435

$(SYSTEMD); \

436

437

install -D --mode=u=rw,go=r default-mandos \

438

$(DESTDIR)/etc/default/mandos

439

if [ -z $(DESTDIR) ]; then \

440

update-rc.d mandos defaults 25 15;\

441

442

install --directory $(MANDIR)/man8 $(MANDIR)/man5

443

gzip --best --to-stdout mandos.8 \

444

> $(MANDIR)/man8/mandos.8.gz

445

gzip --best --to-stdout mandos-monitor.8 \

446

> $(MANDIR)/man8/mandos-monitor.8.gz

447

gzip --best --to-stdout mandos-ctl.8 \

448

> $(MANDIR)/man8/mandos-ctl.8.gz

449

gzip --best --to-stdout mandos.conf.5 \

450

> $(MANDIR)/man5/mandos.conf.5.gz

451

gzip --best --to-stdout mandos-clients.conf.5 \

452

> $(MANDIR)/man5/mandos-clients.conf.5.gz

453

gzip --best --to-stdout intro.8mandos \

454

> $(MANDIR)/man8/intro.8mandos.gz

455

456

.PHONY: install-client-nokey

457

install-client-nokey: all doc

458

install --directory --mode=u=rwx $(KEYDIR) \

459

$(LIBDIR)/mandos/plugins.d \

460

$(LIBDIR)/mandos/plugin-helpers

461

if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \

462

install -D --mode=u=rw,go=r sysusers.d-mandos.conf \

463

$(SYSUSERS)/mandos-client.conf; \

464

465

if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \

466

install --directory \

467

--mode=u=rwx "$(CONFDIR)/plugins.d" \

468

"$(CONFDIR)/plugin-helpers"; \

469

470

install --directory --mode=u=rwx,go=rx \

471

"$(CONFDIR)/network-hooks.d"

472

install --mode=u=rwx,go=rx \

473

--target-directory=$(LIBDIR)/mandos plugin-runner

474

install --mode=u=rwx,go=rx \

475

--target-directory=$(LIBDIR)/mandos \

476

mandos-to-cryptroot-unlock

477

install --directory $(PREFIX)/sbin

478

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

479

mandos-keygen

480

install --mode=u=rwx,go=rx \

481