/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2008-07-20 06:33:48 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8
* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
 
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
3
 
        -Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
 
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Wunreachable-code -Winline \
8
 
        -Wvolatile-register-var
9
 
DEBUG=-ggdb3
10
 
# For info about _FORTIFY_SOURCE, see
11
 
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
 
FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all
13
 
#COVERAGE=--coverage
14
 
OPTIMIZE=-Os
15
 
LANGUAGE=-std=gnu99
16
 
# PREFIX=/usr/local
17
 
PREFIX=$(DESTDIR)/usr
18
 
# CONFDIR=/usr/local/lib/mandos
19
 
CONFDIR=$(DESTDIR)/etc/mandos
20
 
# MANDIR=/usr/local/man
21
 
MANDIR=$(DESTDIR)/usr/share/man
22
 
 
23
 
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
24
 
GNUTLS_LIBS=$(shell libgnutls-config --libs)
25
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
26
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
27
 
GPGME_CFLAGS=$(shell gpgme-config --cflags)
28
 
GPGME_LIBS=$(shell gpgme-config --libs)
29
 
 
30
 
# Do not change these two
31
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
32
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
33
 
LDFLAGS=$(COVERAGE)
34
 
 
35
 
# Commands to format a DocBook refentry document into a manual page
36
 
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
37
 
        --param man.charmap.use.subset          0 \
38
 
        --param make.year.ranges                1 \
39
 
        --param make.single.year.ranges         1 \
40
 
        --param man.output.quietly              1 \
41
 
        --param man.authors.section.enabled     0 \
42
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
43
 
        $(notdir $<); \
44
 
        $(MANPOST) $(notdir $@)
45
 
# DocBook-to-man post-processing to fix a \n escape bug
46
 
MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
47
 
 
48
 
PLUGINS=plugins.d/password-prompt plugins.d/password-request
49
 
PROGS=plugin-runner $(PLUGINS)
50
 
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
51
 
        plugins.d/password-request.8mandos \
52
 
        plugins.d/password-prompt.8mandos mandos.conf.5 \
53
 
        mandos-clients.conf.5
54
 
 
55
 
objects=$(addsuffix .o,$(PROGS))
56
 
 
57
 
all: $(PROGS)
58
 
 
59
 
doc: $(DOCS)
60
 
 
61
 
%.5: %.xml legalnotice.xml
62
 
        $(DOCBOOKTOMAN)
63
 
 
64
 
%.8: %.xml legalnotice.xml
65
 
        $(DOCBOOKTOMAN)
66
 
 
67
 
%.8mandos: %.xml legalnotice.xml
68
 
        $(DOCBOOKTOMAN)
69
 
 
70
 
mandos.8: mandos.xml mandos-options.xml overview.xml legalnotice.xml
71
 
        $(DOCBOOKTOMAN)
72
 
 
73
 
mandos-keygen.8: mandos-keygen.xml overview.xml legalnotice.xml
74
 
        $(DOCBOOKTOMAN)
75
 
 
76
 
mandos.conf.5: mandos.conf.xml mandos-options.xml legalnotice.xml
77
 
        $(DOCBOOKTOMAN)
78
 
 
79
 
plugin-runner.8mandos: plugin-runner.xml overview.xml legalnotice.xml
80
 
        $(DOCBOOKTOMAN)
81
 
 
82
 
plugins.d/password-request.8mandos: plugins.d/password-request.xml \
83
 
                                        mandos-options.xml \
84
 
                                        overview.xml legalnotice.xml
85
 
        $(DOCBOOKTOMAN)
86
 
 
87
 
plugins.d/password-request: plugins.d/password-request.o
88
 
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
89
 
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
90
 
 
91
 
.PHONY : all doc clean distclean run-client run-server install \
92
 
        install-server install-client uninstall uninstall-server \
93
 
        uninstall-client purge purge-server purge-client
 
1
CFLAGS=-Wall -g -std=gnu99
 
2
LDFLAGS=-lgnutls
 
3
 
 
4
all: plugbasedclient
94
5
 
95
6
clean:
96
 
        -rm --force $(PROGS) $(objects) $(DOCS) core
97
 
 
98
 
distclean: clean
99
 
mostlyclean: clean
100
 
maintainer-clean: clean
101
 
        -rm --force --recursive keydir confdir
102
 
 
103
 
check:
104
 
        ./mandos --check
105
 
 
106
 
# Run the client with a local config and key
107
 
run-client: all keydir/seckey.txt keydir/pubkey.txt \
108
 
        keydir/secring.gpg keydir/pubring.gpg
109
 
        ./plugin-runner --plugin-dir=plugins.d \
110
 
                --config-file=plugin-runner.conf \
111
 
                --options-for=password-request:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
112
 
 
113
 
# Used by run-client
114
 
keydir/secring.gpg: keydir/seckey.txt
115
 
        gpg --homedir $(dir $<) --import $^
116
 
keydir/pubring.gpg: keydir/pubkey.txt
117
 
        gpg --homedir $(dir $<) --import $^
118
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
119
 
        install --directory keydir
120
 
        ./mandos-keygen --dir keydir --force
121
 
 
122
 
# Run the server with a local config
123
 
run-server: confdir/mandos.conf confdir/clients.conf
124
 
        ./mandos --debug --configdir=confdir
125
 
 
126
 
# Used by run-server
127
 
confdir/mandos.conf: mandos.conf
128
 
        install --directory confdir
129
 
        install $^ $@
130
 
confdir/clients.conf: clients.conf keydir/seckey.txt
131
 
        install --directory confdir
132
 
        install clients.conf $@
133
 
# Add a client password
134
 
        ./mandos-keygen --dir keydir --password >> $@
135
 
 
136
 
install: install-server install-client
137
 
 
138
 
install-server: doc
139
 
        install --directory --parents $(CONFDIR) $(MANDIR)/man5 \
140
 
                $(MANDIR)/man8
141
 
        install --mode=0755 mandos $(PREFIX)/sbin/mandos
142
 
        install --mode=0644 --target-directory=$(CONFDIR) mandos.conf
143
 
        install --mode=0640 --target-directory=$(CONFDIR) \
144
 
                clients.conf
145
 
        gzip --best --to-stdout mandos.8 \
146
 
                > $(MANDIR)/man8/mandos.8.gz
147
 
        gzip --best --to-stdout mandos.conf.5 \
148
 
                > $(MANDIR)/man5/mandos.conf.5.gz
149
 
        gzip --best --to-stdout mandos-clients.conf.5 \
150
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
151
 
 
152
 
install-client: all doc /usr/share/initramfs-tools/hooks/.
153
 
        install --directory --parents $(PREFIX)/lib/mandos \
154
 
                $(CONFDIR) $(MANDIR)/man8
155
 
        install --directory --mode=0700 $(PREFIX)/lib/mandos/plugins.d
156
 
        chmod u=rwx,g=,o= $(PREFIX)/lib/mandos/plugins.d
157
 
        install --mode=0755 --target-directory=$(PREFIX)/lib/mandos \
158
 
                plugin-runner
159
 
        install --mode=0755 --target-directory=$(PREFIX)/sbin \
160
 
                mandos-keygen
161
 
        install --mode=0755 \
162
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
163
 
                plugins.d/password-prompt
164
 
        install --mode=4755 \
165
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
166
 
                plugins.d/password-request
167
 
        install initramfs-tools-hook \
168
 
                /usr/share/initramfs-tools/hooks/mandos
169
 
        install initramfs-tools-hook-conf \
170
 
                /usr/share/initramfs-tools/conf-hooks.d/mandos
171
 
        install initramfs-tools-script \
172
 
                /usr/share/initramfs-tools/scripts/local-top/mandos
173
 
        gzip --best --to-stdout mandos-keygen.8 \
174
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
175
 
        gzip --best --to-stdout plugin-runner.8mandos \
176
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
177
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
178
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
179
 
        gzip --best --to-stdout plugins.d/password-request.8mandos \
180
 
                > $(MANDIR)/man8/password-request.8mandos.gz
181
 
        -$(PREFIX)/sbin/mandos-keygen
182
 
        update-initramfs -k all -u
183
 
 
184
 
uninstall: uninstall-server uninstall-client
185
 
 
186
 
uninstall-server: $(PREFIX)/sbin/mandos
187
 
        -rm --force $(PREFIX)/sbin/mandos \
188
 
                $(MANDIR)/man8/mandos.8.gz \
189
 
                $(MANDIR)/man5/mandos.conf.5.gz \
190
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
191
 
        -rmdir $(CONFDIR)
192
 
 
193
 
uninstall-client:
194
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
195
 
# to use it.
196
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
197
 
                /etc/crypttab
198
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
199
 
                $(PREFIX)/lib/mandos/plugin-runner \
200
 
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
201
 
                $(PREFIX)/lib/mandos/plugins.d/password-request \
202
 
                /usr/share/initramfs-tools/hooks/mandos \
203
 
                /usr/share/initramfs-tools/conf-hooks.d/mandos \
204
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
205
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
206
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
207
 
                $(MANDIR)/man8/password-request.8mandos.gz
208
 
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
209
 
                 $(PREFIX)/lib/mandos $(CONFDIR)
210
 
        update-initramfs -k all -u
211
 
 
212
 
purge: purge-server purge-client
213
 
 
214
 
purge-server: uninstall-server
215
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf
216
 
        -rmdir $(CONFDIR)
217
 
 
218
 
purge-client: uninstall-client
219
 
        -rm --force $(CONFDIR)/seckey.txt $(CONFDIR)/pubkey.txt
220
 
        -rmdir $(CONFDIR) $(CONFDIR)/plugins.d
 
7
        rm -f plugbasedclient