/mandos/trunk : revision 13

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

Committer: Björn Påhlsson
Date: 2008-07-20 02:52:20 UTC
Revision ID: belorn@braxen-20080720025220-r5u0388uy9iu23h6

Added following support:
Pluginbased client handler
rewritten Mandos client
Avahi instead of udp server discovery
openpgp encrypted key support
Passprompt stand alone application for direct console input
Added logging for Mandos server

files added:
ca.pem

cert.pem

client-cert.pem

client-key.pem

crl.pem

key.pem

plugins.d/Makefile

files removed:
.bzr-builddeb

.bzr-builddeb/default.conf

.bzrignore

COPYING

DBUS-API

INSTALL

NEWS

README

common.ent

dbus-mandos.conf

debian

debian/changelog

debian/compat

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.docs

debian/mandos-client.links

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.README.Debian

debian/mandos.dirs

debian/mandos.docs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/mandos.prerm

debian/po

debian/rules

debian/watch

default-mandos

init.d-mandos

initramfs-tools-hook

initramfs-tools-hook-conf

initramfs-tools-script

legalnotice.xml

mandos-clients.conf.xml

mandos-ctl

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-options.xml

mandos.conf

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.conf

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.xml

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/splashy.c

plugins.d/splashy.xml

plugins.d/usplash.c

plugins.d/usplash.xml

files renamed:
clients.conf => mandos-clients.conf

plugin-runner.c => plugbasedclient.c

plugins.d/mandos-client.c => plugins.d/mandosclient.c

plugins.d/password-prompt.c => plugins.d/passprompt.c

mandos => server.py

files modified:
Makefile

TODO

Show diffs side-by-side

added added

removed removed

Makefile

WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \

-Wswitch-default -Wswitch-enum -Wunused-parameter \

-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \

-Wunsafe-loop-optimizations -Wpointer-arith \

-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \

-Wconversion -Wstrict-prototypes -Wold-style-definition \

-Wpacked -Wnested-externs -Winline -Wvolatile-register-var

# -Wunreachable-code

#DEBUG=-ggdb3

# For info about _FORTIFY_SOURCE, see

# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>

# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

LINK_FORTIFY_LD=-z relro -z now

LINK_FORTIFY=

# If BROKEN_PIE is set, do not build with -pie

ifndef BROKEN_PIE

FORTIFY += -fPIE

LINK_FORTIFY += -pie

endif

#COVERAGE=--coverage

OPTIMIZE=-Os

LANGUAGE=-std=gnu99

htmldir=man

version=1.0.14

SED=sed

## Use these settings for a traditional /usr/local install

# PREFIX=$(DESTDIR)/usr/local

# CONFDIR=$(DESTDIR)/etc/mandos

# KEYDIR=$(DESTDIR)/etc/mandos/keys

# MANDIR=$(PREFIX)/man

# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools

## These settings are for a package-type install

PREFIX=$(DESTDIR)/usr

CONFDIR=$(DESTDIR)/etc/mandos

KEYDIR=$(DESTDIR)/etc/keys/mandos

MANDIR=$(PREFIX)/share/man

INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools

GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)

GNUTLS_LIBS=$(shell pkg-config --libs gnutls)

AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \

getconf LFS_LDFLAGS)

# Do not change these two

CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \

-DVERSION='"$(version)"'

LDFLAGS=$(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

# Commands to format a DocBook <refentry> document into a manual page

DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \

--param man.charmap.use.subset 0 \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.output.quietly 1 \

--param man.authors.section.enabled 0 \

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

$(notdir $<); \

$(MANPOST) $(notdir $@))

# DocBook-to-man post-processing to fix a '\n' escape bug

MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'

DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \

--param make.year.ranges 1 \

--param make.single.year.ranges 1 \

--param man.output.quietly 1 \

--param man.authors.section.enabled 0 \

--param citerefentry.link 1 \

--output $@ \

/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \

$<; $(HTMLPOST) $@)

# Fix citerefentry links

HTMLPOST=$(SED) --in-place \

--expression='s/$<a class="citerefentry" href="$$"><span class="citerefentry"><span class="refentrytitle">$$[^<]*$$<\/span>($$[^)]*$$)<\/span><\/a>$/\1\3.\5\2\3\4\5\6/g'

PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \

plugins.d/plymouth

CPROGS=plugin-runner $(PLUGINS)

PROGS=mandos mandos-keygen mandos-ctl $(CPROGS)

DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \

plugins.d/mandos-client.8mandos \

plugins.d/password-prompt.8mandos mandos.conf.5 \

plugins.d/usplash.8mandos plugins.d/splashy.8mandos \

plugins.d/askpass-fifo.8mandos mandos-clients.conf.5

htmldocs=$(addsuffix .xhtml,$(DOCS))

objects=$(addsuffix .o,$(CPROGS))

100

all: $(PROGS) mandos.lsm

101

102

doc: $(DOCS)

103

104

html: $(htmldocs)

105

106

%.5: %.xml common.ent legalnotice.xml

107

$(DOCBOOKTOMAN)

108

%.5.xhtml: %.xml common.ent legalnotice.xml

109

$(DOCBOOKTOHTML)

110

111

%.8: %.xml common.ent legalnotice.xml

112

$(DOCBOOKTOMAN)

113

%.8.xhtml: %.xml common.ent legalnotice.xml

114

$(DOCBOOKTOHTML)

115

116

%.8mandos: %.xml common.ent legalnotice.xml

117

$(DOCBOOKTOMAN)

118

%.8mandos.xhtml: %.xml common.ent legalnotice.xml

119

$(DOCBOOKTOHTML)

120

121

mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \

122

legalnotice.xml

123

$(DOCBOOKTOMAN)

124

mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \

125

overview.xml legalnotice.xml

126

$(DOCBOOKTOHTML)

127

128

mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \

129

legalnotice.xml

130

$(DOCBOOKTOMAN)

131

mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \

132

legalnotice.xml

133

$(DOCBOOKTOHTML)

134

135

mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \

136

legalnotice.xml

137

$(DOCBOOKTOMAN)

138

mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \

139

legalnotice.xml

140

$(DOCBOOKTOHTML)

141

142

plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \

143

legalnotice.xml

144

$(DOCBOOKTOMAN)

145

plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \

146

overview.xml legalnotice.xml

147

$(DOCBOOKTOHTML)

148

149

plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \

150

common.ent \

151

mandos-options.xml \

152

overview.xml legalnotice.xml

153

$(DOCBOOKTOMAN)

154

plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \

155

common.ent \

156

mandos-options.xml \

157

overview.xml legalnotice.xml

158

$(DOCBOOKTOHTML)

159

160

# Update all these files with version number $(version)

161

common.ent: Makefile

162

$(strip $(SED) --in-place \

163

--expression='s/^$<!ENTITY version "$[^"]*">$$/\1$(version)">/' \

164

$@)

165

166

mandos: Makefile

167

$(strip $(SED) --in-place \

168

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

169

$@)

170

171

mandos-keygen: Makefile

172

$(strip $(SED) --in-place \

173

--expression='s/^$VERSION="$[^"]*"$$/\1$(version)"/' \

174

$@)

175

176

mandos-ctl: Makefile

177

$(strip $(SED) --in-place \

178

--expression='s/^$version = "$[^"]*"$$/\1$(version)"/' \

179

$@)

180

181

mandos.lsm: Makefile

182

$(strip $(SED) --in-place \

183

--expression='s/^$Version:$.*/\1\t$(version)/' \

184

$@)

185

$(strip $(SED) --in-place \

186

--expression='s/^$Entered-date:$.*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \

187

$@)

188

$(strip $(SED) --in-place \

189

--expression='s/$mandos_$[0-9.]\+$\.orig\.tar\.gz$/\1$(version)\2/' \

190

$@)

191

192

plugins.d/mandos-client: plugins.d/mandos-client.c

193

$(LINK.c) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) $(strip\

194

) $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@

195

196

.PHONY : all doc html clean distclean run-client run-server install \

197

install-server install-client uninstall uninstall-server \

198

uninstall-client purge purge-server purge-client

CFLAGS="-Wall -std=gnu99"

LDFLAGS=-lgnutls

all: plugbasedclient

199

200

clean:

201

-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core

202

203

distclean: clean

204

mostlyclean: clean

205

maintainer-clean: clean

206

-rm --force --recursive keydir confdir

207

208

check: all

209

./mandos --check

210

211

# Run the client with a local config and key

212

run-client: all keydir/seckey.txt keydir/pubkey.txt

213

@echo "###################################################################"

214

@echo "# The following error messages are harmless and can be safely #"

215

@echo "# ignored. The messages are caused by not running as root, but #"

216

@echo "# you should NOT run \"make run-client\" as root unless you also #"

217

@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"

218

@echo "# From plugin-runner: setuid: Operation not permitted #"

219

@echo "# From askpass-fifo: mkfifo: Permission denied #"

220

@echo "# From mandos-client: setuid: Operation not permitted #"

221

@echo "# seteuid: Operation not permitted #"

222

@echo "# klogctl: Operation not permitted #"

223

@echo "###################################################################"

224

./plugin-runner --plugin-dir=plugins.d \

225

--config-file=plugin-runner.conf \

226

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt \

227

$(CLIENTARGS)

228

229

# Used by run-client

230

keydir/seckey.txt keydir/pubkey.txt: mandos-keygen

231

install --directory keydir

232

./mandos-keygen --dir keydir --force

233

234

# Run the server with a local config

235

run-server: confdir/mandos.conf confdir/clients.conf

236

@echo "#################################################################"

237

@echo "# NOTE: Please IGNORE the error about \"Could not open file #"

238

@echo "# u'/var/run/mandos.pid'\" - it is harmless and is caused by #"

239

@echo "# the server not running as root. Do NOT run \"make run-server\" #"

240

@echo "# server as root if you didn't also unpack and compile it thus. #"

241

@echo "#################################################################"

242

./mandos --debug --no-dbus --configdir=confdir $(SERVERARGS)

243

244

# Used by run-server

245

confdir/mandos.conf: mandos.conf

246

install --directory confdir

247

install --mode=u=rw,go=r $^ $@

248

confdir/clients.conf: clients.conf keydir/seckey.txt

249

install --directory confdir

250

install --mode=u=rw $< $@

251

# Add a client password

252

./mandos-keygen --dir keydir --password >> $@

253

254

install: install-server install-client-nokey

255

256

install-html: html

257

install --directory $(htmldir)

258

install --mode=u=rw,go=r --target-directory=$(htmldir) \

259

$(htmldocs)

260

261

install-server: doc

262

install --directory $(CONFDIR)

263

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

264

install --mode=u=rw,go=r --target-directory=$(CONFDIR) \

265

mandos.conf

266

install --mode=u=rw --target-directory=$(CONFDIR) \

267

clients.conf

268

install --mode=u=rw,go=r dbus-mandos.conf \

269

$(DESTDIR)/etc/dbus-1/system.d/mandos.conf

270

install --mode=u=rwx,go=rx init.d-mandos \

271

$(DESTDIR)/etc/init.d/mandos

272

install --mode=u=rw,go=r default-mandos \

273

$(DESTDIR)/etc/default/mandos

274

if [ -z $(DESTDIR) ]; then \

275

update-rc.d mandos defaults 25 15;\

276

277

gzip --best --to-stdout mandos.8 \

278

> $(MANDIR)/man8/mandos.8.gz

279

gzip --best --to-stdout mandos.conf.5 \

280

> $(MANDIR)/man5/mandos.conf.5.gz

281

gzip --best --to-stdout mandos-clients.conf.5 \

282

> $(MANDIR)/man5/mandos-clients.conf.5.gz

283

284

install-client-nokey: all doc

285

install --directory $(PREFIX)/lib/mandos $(CONFDIR)

286

install --directory --mode=u=rwx $(KEYDIR) \

287

$(PREFIX)/lib/mandos/plugins.d

288

if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \

289

install --mode=u=rwx \

290

--directory "$(CONFDIR)/plugins.d"; \

291

292

install --mode=u=rwx,go=rx \

293

--target-directory=$(PREFIX)/lib/mandos plugin-runner

294

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

295

mandos-keygen

296

install --mode=u=rwx,go=rx \

297