1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
-Wswitch-default -Wswitch-enum -Wunused-parameter \
3
-Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow \
4
-Wunsafe-loop-optimizations -Wpointer-arith \
5
-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
-Wconversion -Wstrict-prototypes -Wold-style-definition \
7
-Wpacked -Wnested-externs -Winline -Wvolatile-register-var
10
# For info about _FORTIFY_SOURCE, see
11
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIE -pie
13
LINK_FORTIFY=-z relro -pie
21
## Use these settings for a traditional /usr/local install
22
# PREFIX=$(DESTDIR)/usr/local
23
# CONFDIR=$(DESTDIR)/etc/mandos
24
# KEYDIR=$(DESTDIR)/etc/mandos/keys
25
# MANDIR=$(PREFIX)/man
26
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
29
## These settings are for a package-type install
31
CONFDIR=$(DESTDIR)/etc/mandos
32
KEYDIR=$(DESTDIR)/etc/keys/mandos
33
MANDIR=$(PREFIX)/share/man
34
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
37
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
38
GNUTLS_LIBS=$(shell libgnutls-config --libs)
39
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
40
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
41
GPGME_CFLAGS=$(shell gpgme-config --cflags)
42
GPGME_LIBS=$(shell gpgme-config --libs)
44
# Do not change these two
45
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
46
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
47
-DVERSION='"$(version)"'
48
LDFLAGS=$(COVERAGE) $(foreach flag,$(LINK_FORTIFY),-Xlinker $(flag))
50
# Commands to format a DocBook <refentry> document into a manual page
51
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
52
--param man.charmap.use.subset 0 \
53
--param make.year.ranges 1 \
54
--param make.single.year.ranges 1 \
55
--param man.output.quietly 1 \
56
--param man.authors.section.enabled 0 \
57
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
59
$(MANPOST) $(notdir $@)
60
# DocBook-to-man post-processing to fix a '\n' escape bug
61
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
63
DOCBOOKTOHTML=xsltproc --nonet --xinclude \
64
--param make.year.ranges 1 \
65
--param make.single.year.ranges 1 \
66
--param man.output.quietly 1 \
67
--param man.authors.section.enabled 0 \
68
--param citerefentry.link 1 \
70
/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
72
# Fix citerefentry links
73
HTMLPOST=$(SED) --in-place \
74
--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
76
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
77
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
78
CPROGS=plugin-runner $(PLUGINS)
79
PROGS=mandos mandos-keygen mandos-list $(CPROGS)
80
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
81
plugins.d/mandos-client.8mandos \
82
plugins.d/password-prompt.8mandos mandos.conf.5 \
83
plugins.d/usplash.8mandos plugins.d/splashy.8mandos \
84
plugins.d/askpass-fifo.8mandos mandos-clients.conf.5
86
htmldocs=$(addsuffix .xhtml,$(DOCS))
88
objects=$(addsuffix .o,$(CPROGS))
90
all: $(PROGS) mandos.lsm
96
%.5: %.xml common.ent legalnotice.xml
98
%.5.xhtml: %.xml common.ent legalnotice.xml
101
%.8: %.xml common.ent legalnotice.xml
103
%.8.xhtml: %.xml common.ent legalnotice.xml
106
%.8mandos: %.xml common.ent legalnotice.xml
108
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
111
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
114
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
115
overview.xml legalnotice.xml
118
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
121
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
125
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
128
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
132
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
135
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
136
overview.xml legalnotice.xml
139
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
142
overview.xml legalnotice.xml
144
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
147
overview.xml legalnotice.xml
150
# Update all these files with version number $(version)
153
--expression='s/^\(<ENTITY VERSION "\)[^"]*">$$/\1$(version)"/' \
158
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
161
mandos-keygen: Makefile
163
--expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
166
mandos-list: Makefile
168
--expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
173
--expression='s/^\(Version:\).*/\1\t$(version)/' \
176
--expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
179
plugins.d/mandos-client: plugins.d/mandos-client.o
180
$(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
181
$(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
183
.PHONY : all doc html clean distclean run-client run-server install \
184
install-server install-client uninstall uninstall-server \
185
uninstall-client purge purge-server purge-client
1
CFLAGS=-Wall -g -std=gnu99
188
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
192
maintainer-clean: clean
193
-rm --force --recursive keydir confdir
198
# Run the client with a local config and key
199
run-client: all keydir/seckey.txt keydir/pubkey.txt
200
./plugin-runner --plugin-dir=plugins.d \
201
--config-file=plugin-runner.conf \
202
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
205
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
206
install --directory keydir
207
./mandos-keygen --dir keydir --force
209
# Run the server with a local config
210
run-server: confdir/mandos.conf confdir/clients.conf
211
./mandos --debug --configdir=confdir
214
confdir/mandos.conf: mandos.conf
215
install --directory confdir
216
install --mode=u=rw,go=r $^ $@
217
confdir/clients.conf: clients.conf keydir/seckey.txt
218
install --directory confdir
219
install --mode=u=rw $< $@
220
# Add a client password
221
./mandos-keygen --dir keydir --password >> $@
223
install: install-server install-client-nokey
226
install --directory $(htmldir)
227
install --mode=u=rw,go=r --target-directory=$(htmldir) \
231
install --directory $(CONFDIR)
232
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
233
install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
235
install --mode=u=rw --target-directory=$(CONFDIR) \
237
install --mode=u=rwx,go=rx init.d-mandos \
238
$(DESTDIR)/etc/init.d/mandos
239
install --mode=u=rw,go=r default-mandos \
240
$(DESTDIR)/etc/default/mandos
241
if [ -z $(DESTDIR) ]; then \
242
update-rc.d mandos defaults 25 15;\
244
gzip --best --to-stdout mandos.8 \
245
> $(MANDIR)/man8/mandos.8.gz
246
gzip --best --to-stdout mandos.conf.5 \
247
> $(MANDIR)/man5/mandos.conf.5.gz
248
gzip --best --to-stdout mandos-clients.conf.5 \
249
> $(MANDIR)/man5/mandos-clients.conf.5.gz
251
install-client-nokey: all doc
252
install --directory $(PREFIX)/lib/mandos $(CONFDIR)
253
install --directory --mode=u=rwx $(KEYDIR) \
254
$(PREFIX)/lib/mandos/plugins.d
255
if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
256
install --mode=u=rwx \
257
--directory "$(CONFDIR)/plugins.d"; \
259
install --mode=u=rwx,go=rx \
260
--target-directory=$(PREFIX)/lib/mandos plugin-runner
261
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
263
install --mode=u=rwx,go=rx \
264
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
265
plugins.d/password-prompt
266
install --mode=u=rwxs,go=rx \
267
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
268
plugins.d/mandos-client
269
install --mode=u=rwxs,go=rx \
270
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
272
install --mode=u=rwxs,go=rx \
273
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
275
install --mode=u=rwxs,go=rx \
276
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
277
plugins.d/askpass-fifo
278
install initramfs-tools-hook \
279
$(INITRAMFSTOOLS)/hooks/mandos
280
install --mode=u=rw,go=r initramfs-tools-hook-conf \
281
$(INITRAMFSTOOLS)/conf-hooks.d/mandos
282
install initramfs-tools-script \
283
$(INITRAMFSTOOLS)/scripts/local-top/mandos
284
install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
285
gzip --best --to-stdout mandos-keygen.8 \
286
> $(MANDIR)/man8/mandos-keygen.8.gz
287
gzip --best --to-stdout plugin-runner.8mandos \
288
> $(MANDIR)/man8/plugin-runner.8mandos.gz
289
gzip --best --to-stdout plugins.d/password-prompt.8mandos \
290
> $(MANDIR)/man8/password-prompt.8mandos.gz
291
gzip --best --to-stdout plugins.d/mandos-client.8mandos \
292
> $(MANDIR)/man8/mandos-client.8mandos.gz
293
gzip --best --to-stdout plugins.d/usplash.8mandos \
294
> $(MANDIR)/man8/usplash.8mandos.gz
295
gzip --best --to-stdout plugins.d/splashy.8mandos \
296
> $(MANDIR)/man8/splashy.8mandos.gz
297
gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
298
> $(MANDIR)/man8/askpass-fifo.8mandos.gz
300
install-client: install-client-nokey
301
# Post-installation stuff
302
-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
303
update-initramfs -k all -u
304
echo "Now run mandos-keygen --password --dir $(KEYDIR)"
306
uninstall: uninstall-server uninstall-client
309
-rm --force $(PREFIX)/sbin/mandos \
310
$(MANDIR)/man8/mandos.8.gz \
311
$(MANDIR)/man5/mandos.conf.5.gz \
312
$(MANDIR)/man5/mandos-clients.conf.5.gz
313
update-rc.d -f mandos remove
317
# Refuse to uninstall client if /etc/crypttab is explicitly configured
319
! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
320
$(DESTDIR)/etc/crypttab
321
-rm --force $(PREFIX)/sbin/mandos-keygen \
322
$(PREFIX)/lib/mandos/plugin-runner \
323
$(PREFIX)/lib/mandos/plugins.d/password-prompt \
324
$(PREFIX)/lib/mandos/plugins.d/mandos-client \
325
$(PREFIX)/lib/mandos/plugins.d/usplash \
326
$(PREFIX)/lib/mandos/plugins.d/splashy \
327
$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
328
$(INITRAMFSTOOLS)/hooks/mandos \
329
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
330
$(INITRAMFSTOOLS)/scripts/local-top/mandos \
331
$(MANDIR)/man8/plugin-runner.8mandos.gz \
332
$(MANDIR)/man8/mandos-keygen.8.gz \
333
$(MANDIR)/man8/password-prompt.8mandos.gz \
334
$(MANDIR)/man8/usplash.8mandos.gz \
335
$(MANDIR)/man8/splashy.8mandos.gz \
336
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
337
$(MANDIR)/man8/mandos-client.8mandos.gz
338
-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
339
$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
340
update-initramfs -k all -u
342
purge: purge-server purge-client
344
purge-server: uninstall-server
345
-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
346
$(DESTDIR)/etc/default/mandos \
347
$(DESTDIR)/etc/init.d/mandos \
348
$(DESTDIR)/var/run/mandos.pid
351
purge-client: uninstall-client
352
-shred --remove $(KEYDIR)/seckey.txt
353
-rm --force $(CONFDIR)/plugin-runner.conf \
354
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
355
-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)