/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

Added optional parameters certdir, certkey and certfile that can be iven at start in the command line.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
 
        -Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
 
        -Wunused -Wuninitialized -Wstrict-overflow=5 \
4
 
        -Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
 
        -Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
6
 
        -Wunsafe-loop-optimizations -Wpointer-arith \
7
 
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
8
 
        -Wconversion -Wlogical-op -Waggregate-return \
9
 
        -Wstrict-prototypes -Wold-style-definition \
10
 
        -Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
 
        -Wredundant-decls -Wnested-externs -Winline -Wvla \
12
 
        -Wvolatile-register-var -Woverlength-strings
13
 
 
14
 
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
 
## Check which sanitizing options can be used
16
 
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
 
#       echo 'int main(){}' | $(CC) --language=c $(option) \
18
 
#       /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
19
 
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
20
 
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
21
 
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
22
 
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
 
        -fsanitize=return -fsanitize=signed-integer-overflow \
24
 
        -fsanitize=bounds -fsanitize=alignment \
25
 
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
26
 
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
 
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
28
 
        -fsanitize=enum -fsanitize-address-use-after-scope
29
 
 
30
 
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
 
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
 
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
33
 
LINK_FORTIFY_LD:=-z relro -z now
34
 
LINK_FORTIFY:=
35
 
 
36
 
# If BROKEN_PIE is set, do not build with -pie
37
 
ifndef BROKEN_PIE
38
 
FORTIFY += -fPIE
39
 
LINK_FORTIFY += -pie
40
 
endif
 
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs -Wswitch-default -Wswitch-enum -Wunused-parameter -Wstrict-aliasing=2 -Wextra -Wfloat-equal -Wundef -Wshadow -Wunsafe-loop-optimizations -Wpointer-arith -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings -Wconversion -Wstrict-prototypes -Wold-style-definition -Wpacked -Wnested-externs -Wunreachable-code -Winline -Wvolatile-register-var 
 
2
DEBUG=-ggdb3
41
3
#COVERAGE=--coverage
42
 
OPTIMIZE:=-Os -fno-strict-aliasing
43
 
LANGUAGE:=-std=gnu11
44
 
htmldir:=man
45
 
version:=1.8.4
46
 
SED:=sed
47
 
 
48
 
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
49
 
        || getent passwd nobody || echo 65534)))
50
 
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
51
 
        || getent group nogroup || echo 65534)))
52
 
 
53
 
## Use these settings for a traditional /usr/local install
54
 
# PREFIX:=$(DESTDIR)/usr/local
55
 
# CONFDIR:=$(DESTDIR)/etc/mandos
56
 
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
57
 
# MANDIR:=$(PREFIX)/man
58
 
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
59
 
# STATEDIR:=$(DESTDIR)/var/lib/mandos
60
 
# LIBDIR:=$(PREFIX)/lib
61
 
##
62
 
 
63
 
## These settings are for a package-type install
64
 
PREFIX:=$(DESTDIR)/usr
65
 
CONFDIR:=$(DESTDIR)/etc/mandos
66
 
KEYDIR:=$(DESTDIR)/etc/keys/mandos
67
 
MANDIR:=$(PREFIX)/share/man
68
 
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
69
 
STATEDIR:=$(DESTDIR)/var/lib/mandos
70
 
LIBDIR:=$(shell \
71
 
        for d in \
72
 
        "/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
73
 
        "`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
74
 
                if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
75
 
                        echo "$(DESTDIR)$$d"; \
76
 
                        break; \
77
 
                fi; \
78
 
        done)
79
 
##
80
 
 
81
 
SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
82
 
TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)
83
 
 
84
 
GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)
85
 
GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)
86
 
AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)
87
 
AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)
88
 
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
89
 
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
90
 
        getconf LFS_LDFLAGS)
91
 
LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)
92
 
LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)
 
4
OPTIMIZE=-Os
 
5
LANGUAGE=-std=gnu99
93
6
 
94
7
# Do not change these two
95
 
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) \
96
 
        $(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'
97
 
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
98
 
        ) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
99
 
 
100
 
# Commands to format a DocBook <refentry> document into a manual page
101
 
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
102
 
        --param man.charmap.use.subset          0 \
103
 
        --param make.year.ranges                1 \
104
 
        --param make.single.year.ranges         1 \
105
 
        --param man.output.quietly              1 \
106
 
        --param man.authors.section.enabled     0 \
107
 
        /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
108
 
        $(notdir $<); \
109
 
        if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
110
 
        && command -v man >/dev/null; then LANG=en_US.UTF-8 \
111
 
        MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
112
 
        $(notdir $@); fi >/dev/null)
113
 
 
114
 
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
115
 
        --param make.year.ranges                1 \
116
 
        --param make.single.year.ranges         1 \
117
 
        --param man.output.quietly              1 \
118
 
        --param man.authors.section.enabled     0 \
119
 
        --param citerefentry.link               1 \
120
 
        --output $@ \
121
 
        /usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
122
 
        $<; $(HTMLPOST) $@)
123
 
# Fix citerefentry links
124
 
HTMLPOST:=$(SED) --in-place \
125
 
        --expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
126
 
 
127
 
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
128
 
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
129
 
        plugins.d/plymouth
130
 
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
131
 
CPROGS:=plugin-runner $(PLUGINS) $(PLUGIN_HELPERS)
132
 
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
133
 
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
134
 
        mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
135
 
        plugins.d/mandos-client.8mandos \
136
 
        plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
137
 
        plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
138
 
        plugins.d/plymouth.8mandos intro.8mandos
139
 
 
140
 
htmldocs:=$(addsuffix .xhtml,$(DOCS))
141
 
 
142
 
objects:=$(addsuffix .o,$(CPROGS))
143
 
 
144
 
all: $(PROGS) mandos.lsm
145
 
 
146
 
doc: $(DOCS)
147
 
 
148
 
html: $(htmldocs)
149
 
 
150
 
%.5: %.xml common.ent legalnotice.xml
151
 
        $(DOCBOOKTOMAN)
152
 
%.5.xhtml: %.xml common.ent legalnotice.xml
153
 
        $(DOCBOOKTOHTML)
154
 
 
155
 
%.8: %.xml common.ent legalnotice.xml
156
 
        $(DOCBOOKTOMAN)
157
 
%.8.xhtml: %.xml common.ent legalnotice.xml
158
 
        $(DOCBOOKTOHTML)
159
 
 
160
 
%.8mandos: %.xml common.ent legalnotice.xml
161
 
        $(DOCBOOKTOMAN)
162
 
%.8mandos.xhtml: %.xml common.ent legalnotice.xml
163
 
        $(DOCBOOKTOHTML)
164
 
 
165
 
intro.8mandos: intro.xml common.ent legalnotice.xml
166
 
        $(DOCBOOKTOMAN)
167
 
intro.8mandos.xhtml: intro.xml common.ent legalnotice.xml
168
 
        $(DOCBOOKTOHTML)
169
 
 
170
 
mandos.8: mandos.xml common.ent mandos-options.xml overview.xml \
171
 
                legalnotice.xml
172
 
        $(DOCBOOKTOMAN)
173
 
mandos.8.xhtml: mandos.xml common.ent mandos-options.xml \
174
 
                overview.xml legalnotice.xml
175
 
        $(DOCBOOKTOHTML)
176
 
 
177
 
mandos-keygen.8: mandos-keygen.xml common.ent overview.xml \
178
 
                legalnotice.xml
179
 
        $(DOCBOOKTOMAN)
180
 
mandos-keygen.8.xhtml: mandos-keygen.xml common.ent overview.xml \
181
 
                 legalnotice.xml
182
 
        $(DOCBOOKTOHTML)
183
 
 
184
 
mandos-monitor.8: mandos-monitor.xml common.ent overview.xml \
185
 
                legalnotice.xml
186
 
        $(DOCBOOKTOMAN)
187
 
mandos-monitor.8.xhtml: mandos-monitor.xml common.ent overview.xml \
188
 
                 legalnotice.xml
189
 
        $(DOCBOOKTOHTML)
190
 
 
191
 
mandos-ctl.8: mandos-ctl.xml common.ent overview.xml \
192
 
                legalnotice.xml
193
 
        $(DOCBOOKTOMAN)
194
 
mandos-ctl.8.xhtml: mandos-ctl.xml common.ent overview.xml \
195
 
                 legalnotice.xml
196
 
        $(DOCBOOKTOHTML)
197
 
 
198
 
mandos.conf.5: mandos.conf.xml common.ent mandos-options.xml \
199
 
                legalnotice.xml
200
 
        $(DOCBOOKTOMAN)
201
 
mandos.conf.5.xhtml: mandos.conf.xml common.ent mandos-options.xml \
202
 
                legalnotice.xml
203
 
        $(DOCBOOKTOHTML)
204
 
 
205
 
plugin-runner.8mandos: plugin-runner.xml common.ent overview.xml \
206
 
                legalnotice.xml
207
 
        $(DOCBOOKTOMAN)
208
 
plugin-runner.8mandos.xhtml: plugin-runner.xml common.ent \
209
 
                overview.xml legalnotice.xml
210
 
        $(DOCBOOKTOHTML)
211
 
 
212
 
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
213
 
                                        common.ent \
214
 
                                        mandos-options.xml \
215
 
                                        overview.xml legalnotice.xml
216
 
        $(DOCBOOKTOMAN)
217
 
plugins.d/mandos-client.8mandos.xhtml: plugins.d/mandos-client.xml \
218
 
                                        common.ent \
219
 
                                        mandos-options.xml \
220
 
                                        overview.xml legalnotice.xml
221
 
        $(DOCBOOKTOHTML)
222
 
 
223
 
# Update all these files with version number $(version)
224
 
common.ent: Makefile
225
 
        $(strip $(SED) --in-place \
226
 
                --expression='s/^\(<!ENTITY version "\)[^"]*">$$/\1$(version)">/' \
227
 
                $@)
228
 
 
229
 
mandos: Makefile
230
 
        $(strip $(SED) --in-place \
231
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
232
 
                $@)
233
 
 
234
 
mandos-keygen: Makefile
235
 
        $(strip $(SED) --in-place \
236
 
                --expression='s/^\(VERSION="\)[^"]*"$$/\1$(version)"/' \
237
 
                $@)
238
 
 
239
 
mandos-ctl: Makefile
240
 
        $(strip $(SED) --in-place \
241
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
242
 
                $@)
243
 
 
244
 
mandos-monitor: Makefile
245
 
        $(strip $(SED) --in-place \
246
 
                --expression='s/^\(version = "\)[^"]*"$$/\1$(version)"/' \
247
 
                $@)
248
 
 
249
 
mandos.lsm: Makefile
250
 
        $(strip $(SED) --in-place \
251
 
                --expression='s/^\(Version:\).*/\1\t$(version)/' \
252
 
                $@)
253
 
        $(strip $(SED) --in-place \
254
 
                --expression='s/^\(Entered-date:\).*/\1\t$(shell date --rfc-3339=date --reference=Makefile)/' \
255
 
                $@)
256
 
        $(strip $(SED) --in-place \
257
 
                --expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
258
 
                $@)
259
 
 
260
 
# Need to add the GnuTLS, Avahi and GPGME libraries
261
 
plugins.d/mandos-client: plugins.d/mandos-client.c
262
 
        $(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\
263
 
                ) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\
264
 
                ) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\
265
 
                ) $(LDLIBS) -o $@
266
 
 
267
 
# Need to add the libnl-route library
268
 
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
269
 
        $(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
270
 
                ) $(LOADLIBES) $(LDLIBS) -o $@
271
 
 
272
 
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
273
 
        check run-client run-server install install-html \
274
 
        install-server install-client-nokey install-client uninstall \
275
 
        uninstall-server uninstall-client purge purge-server \
276
 
        purge-client
277
 
 
 
8
CFLAGS=$(WARN) $(COVERAGE) $(DEBUG) $(OPTIMIZE) $(LANGUAGE)
 
9
LDFLAGS=$(COVERAGE)
 
10
 
 
11
PROGS=plugbasedclient plugins.d/mandosclient plugins.d/passprompt
 
12
 
 
13
objects=$(shell for p in $(PROGS); do echo $${p}.o; done)
 
14
 
 
15
all: $(PROGS)
 
16
 
 
17
plugbasedclient: plugbasedclient.o
 
18
        $(LINK.o) -lgnutls $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
 
19
 
 
20
plugins.d/mandosclient: plugins.d/mandosclient.o
 
21
        $(LINK.o) -lgnutls -lavahi-core -lgpgme $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
 
22
 
 
23
plugins.d/passprompt: plugins.d/passprompt.o
 
24
        $(LINK.o) $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
 
25
 
 
26
.PHONY : clean
278
27
clean:
279
 
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
280
 
 
281
 
distclean: clean
282
 
mostlyclean: clean
283
 
maintainer-clean: clean
284
 
        -rm --force --recursive keydir confdir statedir
285
 
 
286
 
check: all
287
 
        ./mandos --check
288
 
        ./mandos-ctl --check
289
 
        ./mandos-keygen --version
290
 
        ./plugin-runner --version
291
 
        ./plugin-helpers/mandos-client-iprouteadddel --version
292
 
 
293
 
# Run the client with a local config and key
294
 
run-client: all keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem
295
 
        @echo "###################################################################"
296
 
        @echo "# The following error messages are harmless and can be safely     #"
297
 
        @echo "# ignored:                                                        #"
298
 
        @echo "# From plugin-runner: setgid: Operation not permitted             #"
299
 
        @echo "#                     setuid: Operation not permitted             #"
300
 
        @echo "# From askpass-fifo:  mkfifo: Permission denied                   #"
301
 
        @echo "# From mandos-client:                                             #"
302
 
        @echo "#             Failed to raise privileges: Operation not permitted #"
303
 
        @echo "#             Warning: network hook \"*\" exited with status *      #"
304
 
        @echo "#                                                                 #"
305
 
        @echo "# (The messages are caused by not running as root, but you should #"
306
 
        @echo "# NOT run \"make run-client\" as root unless you also unpacked and  #"
307
 
        @echo "# compiled Mandos as root, which is also NOT recommended.)        #"
308
 
        @echo "###################################################################"
309
 
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
310
 
        ./plugin-runner --plugin-dir=plugins.d \
311
 
                --plugin-helper-dir=plugin-helpers \
312
 
                --config-file=plugin-runner.conf \
313
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
314
 
                --env-for=mandos-client:GNOME_KEYRING_CONTROL= \
315
 
                $(CLIENTARGS)
316
 
 
317
 
# Used by run-client
318
 
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
319
 
        install --directory keydir
320
 
        ./mandos-keygen --dir keydir --force
321
 
 
322
 
# Run the server with a local config
323
 
run-server: confdir/mandos.conf confdir/clients.conf statedir
324
 
        ./mandos --debug --no-dbus --configdir=confdir \
325
 
                --statedir=statedir $(SERVERARGS)
326
 
 
327
 
# Used by run-server
328
 
confdir/mandos.conf: mandos.conf
329
 
        install --directory confdir
330
 
        install --mode=u=rw,go=r $^ $@
331
 
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
332
 
        install --directory confdir
333
 
        install --mode=u=rw $< $@
334
 
# Add a client password
335
 
        ./mandos-keygen --dir keydir --password --no-ssh >> $@
336
 
statedir:
337
 
        install --directory statedir
338
 
 
339
 
install: install-server install-client-nokey
340
 
 
341
 
install-html: html
342
 
        install --directory $(htmldir)
343
 
        install --mode=u=rw,go=r --target-directory=$(htmldir) \
344
 
                $(htmldocs)
345
 
 
346
 
install-server: doc
347
 
        install --directory $(CONFDIR)
348
 
        if install --directory --mode=u=rwx --owner=$(USER) \
349
 
                --group=$(GROUP) $(STATEDIR); then \
350
 
                :; \
351
 
        elif install --directory --mode=u=rwx $(STATEDIR); then \
352
 
                chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
353
 
        fi
354
 
        if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \
355
 
                install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
356
 
                        $(TMPFILES)/mandos.conf; \
357
 
        fi
358
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
359
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
360
 
                mandos-ctl
361
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
362
 
                mandos-monitor
363
 
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
364
 
                mandos.conf
365
 
        install --mode=u=rw --target-directory=$(CONFDIR) \
366
 
                clients.conf
367
 
        install --mode=u=rw,go=r dbus-mandos.conf \
368
 
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
369
 
        install --mode=u=rwx,go=rx init.d-mandos \
370
 
                $(DESTDIR)/etc/init.d/mandos
371
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
372
 
                install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
373
 
        fi
374
 
        install --mode=u=rw,go=r default-mandos \
375
 
                $(DESTDIR)/etc/default/mandos
376
 
        if [ -z $(DESTDIR) ]; then \
377
 
                update-rc.d mandos defaults 25 15;\
378
 
        fi
379
 
        gzip --best --to-stdout mandos.8 \
380
 
                > $(MANDIR)/man8/mandos.8.gz
381
 
        gzip --best --to-stdout mandos-monitor.8 \
382
 
                > $(MANDIR)/man8/mandos-monitor.8.gz
383
 
        gzip --best --to-stdout mandos-ctl.8 \
384
 
                > $(MANDIR)/man8/mandos-ctl.8.gz
385
 
        gzip --best --to-stdout mandos.conf.5 \
386
 
                > $(MANDIR)/man5/mandos.conf.5.gz
387
 
        gzip --best --to-stdout mandos-clients.conf.5 \
388
 
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
389
 
        gzip --best --to-stdout intro.8mandos \
390
 
                > $(MANDIR)/man8/intro.8mandos.gz
391
 
 
392
 
install-client-nokey: all doc
393
 
        install --directory $(LIBDIR)/mandos $(CONFDIR)
394
 
        install --directory --mode=u=rwx $(KEYDIR) \
395
 
                $(LIBDIR)/mandos/plugins.d \
396
 
                $(LIBDIR)/mandos/plugin-helpers
397
 
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
398
 
                install --mode=u=rwx \
399
 
                        --directory "$(CONFDIR)/plugins.d" \
400
 
                        "$(CONFDIR)/plugin-helpers"; \
401
 
        fi
402
 
        install --mode=u=rwx,go=rx --directory \
403
 
                "$(CONFDIR)/network-hooks.d"
404
 
        install --mode=u=rwx,go=rx \
405
 
                --target-directory=$(LIBDIR)/mandos plugin-runner
406
 
        install --mode=u=rwx,go=rx \
407
 
                --target-directory=$(LIBDIR)/mandos mandos-to-cryptroot-unlock
408
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
409
 
                mandos-keygen
410
 
        install --mode=u=rwx,go=rx \
411
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
412
 
                plugins.d/password-prompt
413
 
        install --mode=u=rwxs,go=rx \
414
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
415
 
                plugins.d/mandos-client
416
 
        install --mode=u=rwxs,go=rx \
417
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
418
 
                plugins.d/usplash
419
 
        install --mode=u=rwxs,go=rx \
420
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
421
 
                plugins.d/splashy
422
 
        install --mode=u=rwxs,go=rx \
423
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
424
 
                plugins.d/askpass-fifo
425
 
        install --mode=u=rwxs,go=rx \
426
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
427
 
                plugins.d/plymouth
428
 
        install --mode=u=rwx,go=rx \
429
 
                --target-directory=$(LIBDIR)/mandos/plugin-helpers \
430
 
                plugin-helpers/mandos-client-iprouteadddel
431
 
        install initramfs-tools-hook \
432
 
                $(INITRAMFSTOOLS)/hooks/mandos
433
 
        install --mode=u=rw,go=r initramfs-tools-conf \
434
 
                $(INITRAMFSTOOLS)/conf.d/mandos-conf
435
 
        install --mode=u=rw,go=r initramfs-tools-conf-hook \
436
 
                $(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
437
 
        install initramfs-tools-script \
438
 
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos
439
 
        install initramfs-tools-script-stop \
440
 
                $(INITRAMFSTOOLS)/scripts/local-premount/mandos
441
 
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
442
 
        gzip --best --to-stdout mandos-keygen.8 \
443
 
                > $(MANDIR)/man8/mandos-keygen.8.gz
444
 
        gzip --best --to-stdout plugin-runner.8mandos \
445
 
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
446
 
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
447
 
                > $(MANDIR)/man8/mandos-client.8mandos.gz
448
 
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
449
 
                > $(MANDIR)/man8/password-prompt.8mandos.gz
450
 
        gzip --best --to-stdout plugins.d/usplash.8mandos \
451
 
                > $(MANDIR)/man8/usplash.8mandos.gz
452
 
        gzip --best --to-stdout plugins.d/splashy.8mandos \
453
 
                > $(MANDIR)/man8/splashy.8mandos.gz
454
 
        gzip --best --to-stdout plugins.d/askpass-fifo.8mandos \
455
 
                > $(MANDIR)/man8/askpass-fifo.8mandos.gz
456
 
        gzip --best --to-stdout plugins.d/plymouth.8mandos \
457
 
                > $(MANDIR)/man8/plymouth.8mandos.gz
458
 
 
459
 
install-client: install-client-nokey
460
 
# Post-installation stuff
461
 
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
462
 
        update-initramfs -k all -u
463
 
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
464
 
 
465
 
uninstall: uninstall-server uninstall-client
466
 
 
467
 
uninstall-server:
468
 
        -rm --force $(PREFIX)/sbin/mandos \
469
 
                $(PREFIX)/sbin/mandos-ctl \
470
 
                $(PREFIX)/sbin/mandos-monitor \
471
 
                $(MANDIR)/man8/mandos.8.gz \
472
 
                $(MANDIR)/man8/mandos-monitor.8.gz \
473
 
                $(MANDIR)/man8/mandos-ctl.8.gz \
474
 
                $(MANDIR)/man5/mandos.conf.5.gz \
475
 
                $(MANDIR)/man5/mandos-clients.conf.5.gz
476
 
        update-rc.d -f mandos remove
477
 
        -rmdir $(CONFDIR)
478
 
 
479
 
uninstall-client:
480
 
# Refuse to uninstall client if /etc/crypttab is explicitly configured
481
 
# to use it.
482
 
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
483
 
                $(DESTDIR)/etc/crypttab
484
 
        -rm --force $(PREFIX)/sbin/mandos-keygen \
485
 
                $(LIBDIR)/mandos/plugin-runner \
486
 
                $(LIBDIR)/mandos/plugins.d/password-prompt \
487
 
                $(LIBDIR)/mandos/plugins.d/mandos-client \
488
 
                $(LIBDIR)/mandos/plugins.d/usplash \
489
 
                $(LIBDIR)/mandos/plugins.d/splashy \
490
 
                $(LIBDIR)/mandos/plugins.d/askpass-fifo \
491
 
                $(LIBDIR)/mandos/plugins.d/plymouth \
492
 
                $(INITRAMFSTOOLS)/hooks/mandos \
493
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
494
 
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos \
495
 
                $(MANDIR)/man8/mandos-keygen.8.gz \
496
 
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
497
 
                $(MANDIR)/man8/mandos-client.8mandos.gz
498
 
                $(MANDIR)/man8/password-prompt.8mandos.gz \
499
 
                $(MANDIR)/man8/usplash.8mandos.gz \
500
 
                $(MANDIR)/man8/splashy.8mandos.gz \
501
 
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
502
 
                $(MANDIR)/man8/plymouth.8mandos.gz \
503
 
        -rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
504
 
                 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR)
505
 
        update-initramfs -k all -u
506
 
 
507
 
purge: purge-server purge-client
508
 
 
509
 
purge-server: uninstall-server
510
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
511
 
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
512
 
                $(DESTDIR)/etc/default/mandos \
513
 
                $(DESTDIR)/etc/init.d/mandos \
514
 
                $(SYSTEMD)/mandos.service \
515
 
                $(DESTDIR)/run/mandos.pid \
516
 
                $(DESTDIR)/var/run/mandos.pid
517
 
        -rmdir $(CONFDIR)
518
 
 
519
 
purge-client: uninstall-client
520
 
        -shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
521
 
        -rm --force $(CONFDIR)/plugin-runner.conf \
522
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
523
 
                $(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
524
 
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
 
28
        -rm -f $(PROGS) $(objects) core