/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2008-07-20 06:33:48 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080720063348-jscgy5p0itrgvlo8
* mandos-clients.conf ([foo]): Uncommented.
  ([foo]/secret): New.
  ([foo]/secfile): Commented out.
  ([foo]/checker): Changed to "fping -q -- %%(fqdn)s".
  ([foo]/timeout): New.

* server.py: New modeline for Python and Emacs.  Set a logging format.
  (Client.__init__): Bug fix: Choose either the value from the options
                     object or pass the argument through string_to_delta
                     for both "timeout" and "interval".
  (Client.checker_callback): Bug fix: Do not log spurious "Checker for
                             <foo> failed" messages.
  (Client.start_checker): Moved "Starting checker" log message down to
                          just before actually starting the subprocess.
                          Do not redirect the subprocesses' stdout to a
                          pipe.
  (peer_certificate, fingerprint): Added docstrings.
  (entry_group_state_changed): Call "killme()" instead of
                               "main_loop.quit()".
  (daemon, killme): New functions.
  (exitstatus, main_loop_started): New global variables.
  (__main__): Removed the "--cert", "--key", "--ca", and "--crl"
              options.  Removed the sleep command from the default
              checker.  Add a console logger in debug mode.  Call
              "killme()" instead of "main_loop.quit()" when there are no
              more clients.  Call "daemon()" if not in debug mode.
              Register "cleanup()" to run at exit.  Ignore some
              signals.  Catch DBusException to detect another running
              server and exit cleanly.  Exit with "exitstatus".
  (cleanup): New function.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
 
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
3
 
        -Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
 
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
 
#       -Wunreachable-code 
9
 
#DEBUG=-ggdb3
10
 
# For info about _FORTIFY_SOURCE, see
11
 
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
 
FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all
13
 
#COVERAGE=--coverage
14
 
OPTIMIZE=-Os
15
 
LANGUAGE=-std=gnu99
16
 
 
17
 
## Use these settings for a traditional /usr/local install
18
 
# PREFIX=$(DESTDIR)/usr/local
19
 
# CONFDIR=$(DESTDIR)/etc/mandos
20
 
# KEYDIR=$(DESTDIR)/etc/mandos/keys
21
 
# MANDIR=$(PREFIX)/man
22
 
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
23
 
##
24
 
 
25
 
## These settings are for a package-type install
26
 
PREFIX=$(DESTDIR)/usr
27
 
CONFDIR=$(DESTDIR)/etc/mandos
28
 
KEYDIR=$(DESTDIR)/etc/keys/mandos
29
 
MANDIR=$(PREFIX)/share/man
30
 
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
31
 
##
32
 
 
33
 
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
34
 
GNUTLS_LIBS=$(shell libgnutls-config --libs)
35
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
36
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
37
 
GPGME_CFLAGS=$(shell gpgme-config --cflags)
38
 
GPGME_LIBS=$(shell gpgme-config --libs)
39
 
 
40
 
# Do not change these two
41
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
42
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
43
 
LDFLAGS=$(COVERAGE)
44
 
 
45
 
# Commands to format a DocBook <refentry> document into a manual page
46
 
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
47
 
        --param man.charmap.use.subset          0 \
48
 
        --param make.year.ranges                1 \
49
 
        --param make.single.year.ranges         1 \
50
 
        --param man.output.quietly              1 \
51
 
        --param man.authors.section.enabled     0 \
52
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
53
 
        $(notdir $<); \
54
 
        $(MANPOST) $(notdir $@)
55
 
# DocBook-to-man post-processing to fix a '\n' escape bug
56
 
MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
57
 
 
58
 
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client
59
 
PROGS=plugin-runner $(PLUGINS)
60
 
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
61
 
        plugins.d/mandos-client.8mandos \
62
 
        plugins.d/password-prompt.8mandos mandos.conf.5 \
63
 
        mandos-clients.conf.5
64
 
 
65
 
objects=$(addsuffix .o,$(PROGS))
66
 
 
67
 
all: $(PROGS)
68
 
 
69
 
doc: $(DOCS)
70
 
 
71
 
%.5: %.xml legalnotice.xml
72
 
        $(DOCBOOKTOMAN)
73
 
 
74
 
%.8: %.xml legalnotice.xml
75
 
        $(DOCBOOKTOMAN)
76
 
 
77
 
%.8mandos: %.xml legalnotice.xml
78
 
        $(DOCBOOKTOMAN)
79
 
 
80
 
mandos.8: mandos.xml mandos-options.xml overview.xml legalnotice.xml
81
 
        $(DOCBOOKTOMAN)
82
 
 
83
 
mandos-keygen.8: mandos-keygen.xml overview.xml legalnotice.xml
84
 
        $(DOCBOOKTOMAN)
85
 
 
86
 
mandos.conf.5: mandos.conf.xml mandos-options.xml legalnotice.xml
87
 
        $(DOCBOOKTOMAN)
88
 
 
89
 
plugin-runner.8mandos: plugin-runner.xml overview.xml legalnotice.xml
90
 
        $(DOCBOOKTOMAN)
91
 
 
92
 
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
93
 
                                        mandos-options.xml \
94
 
                                        overview.xml legalnotice.xml
95
 
        $(DOCBOOKTOMAN)
96
 
 
97
 
plugins.d/mandos-client: plugins.d/mandos-client.o
98
 
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
99
 
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
100
 
 
101
 
.PHONY : all doc clean distclean run-client run-server install \
102
 
        install-server install-client uninstall uninstall-server \
103
 
        uninstall-client purge purge-server purge-client
 
1
CFLAGS=-Wall -g -std=gnu99
 
2
LDFLAGS=-lgnutls
 
3
 
 
4
all: plugbasedclient
104
5
 
105
6
clean:
106
 
        -rm --force $(PROGS) $(objects) $(DOCS) core
107
 
 
108
 
distclean: clean
109
 
mostlyclean: clean
110
 
maintainer-clean: clean
111
 
        -rm --force --recursive keydir confdir
112
 
 
113
 
check:
114
 
        ./mandos --check
115
 
 
116
 
# Run the client with a local config and key
117
 
run-client: all keydir/seckey.txt keydir/pubkey.txt
118
 
        ./plugin-runner --plugin-dir=plugins.d \
119
 
                --config-file=plugin-runner.conf \
120
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
121
 
 
122
 
# Used by run-client
123
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
124
 
        install --directory keydir
125
 
        ./mandos-keygen --dir keydir --force
126
 
 
127
 
# Run the server with a local config
128
 
run-server: confdir/mandos.conf confdir/clients.conf
129
 
        ./mandos --debug --configdir=confdir
130
 
 
131
 
# Used by run-server
132
 
confdir/mandos.conf: mandos.conf
133
 
        install --directory confdir
134
 
        install --mode=u=rw,go=r $^ $@
135
 
confdir/clients.conf: clients.conf keydir/seckey.txt
136
 
        install --directory confdir
137
 
        install --mode=u=rw $< $@
138
 
# Add a client password
139
 
        ./mandos-keygen --dir keydir --password >> $@
140
 
 
141
 
install: install-server install-client-nokey
142
 
 
143
 
install-server: doc
144
 
        install --directory $(CONFDIR) $(MANDIR)/man5 \
145
 
                $(MANDIR)/man8 $(DESTDIR)/etc/init.d \
146
 
                $(DESTDIR)/etc/default $(PREFIX)/sbin
147
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
148
 
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
149
 
                mandos.conf
150
 
        install --mode=u=rw --target-directory=$(CONFDIR) \
151
 
                clients.conf
152
 
        install --mode=u=rwx,go=rx init.d-mandos \
153
 
                $(DESTDIR)/etc/init.d/mandos
154
 
        install --mode=u=rw,go=r default-mandos \
155
 
                $(DESTDIR)/etc/default/mandos
156
 
        update-rc.d mandos defaults
157
 
        gzip --best --to-stdout mandos.8 \
158
 
                > $(MANDIR)/man8/mandos.8.gz
159
 
        gzip --best --to-stdout mandos.conf.5 \
160
 
                > $(MANDIR)/man5/mandos.conf.5.gz
161
 
        gzip --best --to-stdout mandos-clients.conf.5 \
162
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
163
 
 
164
 
install-client-nokey: all doc
165
 
        install --directory $(PREFIX)/lib/mandos $(CONFDIR) \
166
 
                $(MANDIR)/man8 $(PREFIX)/sbin \
167
 
                $(INITRAMFSTOOLS)/hooks \
168
 
                $(INITRAMFSTOOLS)/conf-hooks.d \
169
 
                $(INITRAMFSTOOLS)/scripts/local-top
170
 
        install --directory --mode=u=rwx $(KEYDIR)
171
 
        install --directory --mode=u=rwx \
172
 
                $(PREFIX)/lib/mandos/plugins.d
173
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
174
 
                install --mode=u=rwx \
175
 
                        --directory "$(CONFDIR)/plugins.d" && \
176
 
                install --mode=u=rw,go=r etc-plugins.d-README \
177
 
                        $(CONFDIR)/plugins.d/README ; \
178
 
        fi
179
 
        install --mode=u=rwx,go=rx \
180
 
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
181
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
182
 
                mandos-keygen
183
 
        install --mode=u=rwx,go=rx \
184
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
185
 
                plugins.d/password-prompt
186
 
        install --mode=u=rwxs,go=rx \
187
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
188
 
                plugins.d/mandos-client
189
 
        install --mode=u=rwx,go=rx \
190
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
191
 
                plugins.d/usplash
192
 
        install initramfs-tools-hook \
193
 
                $(INITRAMFSTOOLS)/hooks/mandos
194
 
        install initramfs-tools-hook-conf \
195
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
196
 
        install initramfs-tools-script \
197
 
                $(INITRAMFSTOOLS)/scripts/local-top/mandos
198
 
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
199
 
        gzip --best --to-stdout mandos-keygen.8 \
200
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
201
 
        gzip --best --to-stdout plugin-runner.8mandos \
202
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
203
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
204
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
205
 
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
206
 
                > $(MANDIR)/man8/mandos-client.8mandos.gz
207
 
 
208
 
install-client: install-client-nokey
209
 
# Post-installation stuff
210
 
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
211
 
        update-initramfs -k all -u
212
 
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
213
 
 
214
 
uninstall: uninstall-server uninstall-client
215
 
 
216
 
uninstall-server:
217
 
        -rm --force $(PREFIX)/sbin/mandos \
218
 
                $(MANDIR)/man8/mandos.8.gz \
219
 
                $(MANDIR)/man5/mandos.conf.5.gz \
220
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
221
 
        update-rc.d -f mandos remove
222
 
        -rmdir $(CONFDIR)
223
 
 
224
 
uninstall-client:
225
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
226
 
# to use it.
227
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
228
 
                $(DESTDIR)/etc/crypttab
229
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
230
 
                $(PREFIX)/lib/mandos/plugin-runner \
231
 
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
232
 
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
233
 
                $(PREFIX)/lib/mandos/plugins.d/usplash \
234
 
                $(INITRAMFSTOOLS)/hooks/mandos \
235
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
236
 
                $(INITRAMFSTOOLS)/scripts/local-top/mandos \
237
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
238
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
239
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
240
 
                $(MANDIR)/man8/mandos-client.8mandos.gz
241
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
242
 
                rm --force $(CONFDIR)/plugins.d/README; \
243
 
        fi
244
 
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
245
 
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
246
 
        update-initramfs -k all -u
247
 
 
248
 
purge: purge-server purge-client
249
 
 
250
 
purge-server: uninstall-server
251
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
252
 
                $(DESTDIR)/etc/default/mandos \
253
 
                $(DESTDIR)/etc/init.d/mandos \
254
 
                $(DESTDIR)/var/run/mandos.pid
255
 
        -rmdir $(CONFDIR)
256
 
 
257
 
purge-client: uninstall-client
258
 
        -shred --remove $(KEYDIR)/seckey.txt
259
 
        -rm --force $(CONFDIR)/plugin-runner.conf \
260
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
261
 
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
 
7
        rm -f plugbasedclient