To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to Makefile
- browse files at revision 541
- compare with another revision
- download diff
- download tarball
- view history from revision 541
- Committer: Teddy Hogeborn
- Date: 2011-12-31 20:07:11 UTC
- mfrom: (535.1.9 wireless-network-hook)
- Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r
Merge new wireless network hook. Fix bridge network hook to use
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.
- files added:
- initramfs-tools-hook-conf
- files removed:
- bugs.xml
- debian/tests
- debian/upstream
- dracut-module
- plugin-helpers
- files modified:
- .bzrignore
added
removed
Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
-Wswitch-default -Wswitch-enum -Wunused-parameter \
3
-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
6
4
-Wunsafe-loop-optimizations -Wpointer-arith \
7
5
-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
8
-Wconversion -Wlogical-op -Waggregate-return \
9
-Wstrict-prototypes -Wold-style-definition \
10
-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
-Wvolatile-register-var -Woverlength-strings
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
# echo 'int main(){}' | $(CC) --language=c $(option) \
18
# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
21
-fsanitize=shift -fsanitize=integer-divide-by-zero \
22
-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
-fsanitize=return -fsanitize=signed-integer-overflow \
24
-fsanitize=bounds -fsanitize=alignment \
25
-fsanitize=object-size -fsanitize=float-divide-by-zero \
26
-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
-fsanitize=returns-nonnull-attribute -fsanitize=bool \
28
-fsanitize=enum -fsanitize-address-use-after-scope
29
30
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
33
LINK_FORTIFY_LD:=-z relro -z now
34
LINK_FORTIFY:=
6
-Wconversion -Wstrict-prototypes -Wold-style-definition \
7
-Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
# -Wunreachable-code
9
#DEBUG=-ggdb3
10
# For info about _FORTIFY_SOURCE, see
11
# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>
12
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
13
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
14
LINK_FORTIFY_LD=-z relro -z now
15
LINK_FORTIFY=
35
16
36
17
# If BROKEN_PIE is set, do not build with -pie
37
18
ifndef BROKEN_PIE
39
20
LINK_FORTIFY += -pie
40
21
endif
41
22
#COVERAGE=--coverage
42
OPTIMIZE:=-Os -fno-strict-aliasing
43
LANGUAGE:=-std=gnu11
44
FEATURES:=-D_FILE_OFFSET_BITS=64
45
htmldir:=man
46
version:=1.8.9
47
SED:=sed
48
PKG_CONFIG?=pkg-config
49
50
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
51
|| getent passwd nobody || echo 65534)))
52
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
53
|| getent group nogroup || echo 65534)))
54
55
LINUXVERSION:=$(shell uname --kernel-release)
23
OPTIMIZE=-Os
24
LANGUAGE=-std=gnu99
25
htmldir=man
26
version=1.4.1
27
SED=sed
28
29
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
30
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))
56
31
57
32
## Use these settings for a traditional /usr/local install
58
# PREFIX:=$(DESTDIR)/usr/local
59
# CONFDIR:=$(DESTDIR)/etc/mandos
60
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
61
# MANDIR:=$(PREFIX)/man
62
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
63
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
64
# STATEDIR:=$(DESTDIR)/var/lib/mandos
65
# LIBDIR:=$(PREFIX)/lib
33
# PREFIX=$(DESTDIR)/usr/local
34
# CONFDIR=$(DESTDIR)/etc/mandos
35
# KEYDIR=$(DESTDIR)/etc/mandos/keys
36
# MANDIR=$(PREFIX)/man
37
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
38
# STATEDIR=$(DESTDIR)/var/lib/mandos
66
39
##
67
40
68
41
## These settings are for a package-type install
69
PREFIX:=$(DESTDIR)/usr
70
CONFDIR:=$(DESTDIR)/etc/mandos
71
KEYDIR:=$(DESTDIR)/etc/keys/mandos
72
MANDIR:=$(PREFIX)/share/man
73
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
74
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
75
STATEDIR:=$(DESTDIR)/var/lib/mandos
76
LIBDIR:=$(shell \
77
for d in \
78
"/usr/lib/`dpkg-architecture \
79
-qDEB_HOST_MULTIARCH 2>/dev/null`" \
80
"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
81
if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
82
echo "$(DESTDIR)$$d"; \
83
break; \
84
fi; \
85
done)
42
PREFIX=$(DESTDIR)/usr
43
CONFDIR=$(DESTDIR)/etc/mandos
44
KEYDIR=$(DESTDIR)/etc/keys/mandos
45
MANDIR=$(PREFIX)/share/man
46
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
47
STATEDIR=$(DESTDIR)/var/lib/mandos
86
48
##
87
49
88
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
89
--variable=systemdsystemunitdir)
90
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
91
--variable=tmpfilesdir)
92
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
93
--variable=sysusersdir)
94
95
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
96
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
97
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
98
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
99
GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
100
GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \
50
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
51
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
52
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
53
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
54
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
55
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
101
56
getconf LFS_LDFLAGS)
102
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
103
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
104
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
105
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
106
57
107
58
# Do not change these two
108
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
109
$(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'
110
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
111
) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
59
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
60
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
61
-DVERSION='"$(version)"'
62
LDFLAGS=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
112
63
113
64
# Commands to format a DocBook <refentry> document into a manual page
114
65
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
117
68
--param make.single.year.ranges 1 \
118
69
--param man.output.quietly 1 \
119
70
--param man.authors.section.enabled 0 \
120
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
71
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
121
72
$(notdir $<); \
122
if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
123
&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
124
MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
125
$(notdir $@); fi >/dev/null)
73
$(MANPOST) $(notdir $@);\
74
LANG=en_US.UTF-8 MANWIDTH=80 man --warnings --encoding=UTF-8 \
75
--local-file $(notdir $@) >/dev/null)
76
# DocBook-to-man post-processing to fix a '\n' escape bug
77
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
126
78
127
79
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
128
80
--param make.year.ranges 1 \
134
86
/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
135
87
$<; $(HTMLPOST) $@)
136
88
# Fix citerefentry links
137
HTMLPOST:=$(SED) --in-place \
89
HTMLPOST=$(SED) --in-place \
138
90
--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
139
91
140
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
92
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
141
93
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
142
94
plugins.d/plymouth
143
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
144
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
145
$(PLUGIN_HELPERS)
146
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
147
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
95
CPROGS=plugin-runner $(PLUGINS)
96
PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
97
DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
148
98
mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
149
dracut-module/password-agent.8mandos \
150
99
plugins.d/mandos-client.8mandos \
151
100
plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
152
101
plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
153
102
plugins.d/plymouth.8mandos intro.8mandos
154
103
155
htmldocs:=$(addsuffix .xhtml,$(DOCS))
156
157
objects:=$(addsuffix .o,$(CPROGS))
158
159
.PHONY: all
104
htmldocs=$(addsuffix .xhtml,$(DOCS))
105
106
objects=$(addsuffix .o,$(CPROGS))
107
160
108
all: $(PROGS) mandos.lsm
161
109
162
.PHONY: doc
163
110
doc: $(DOCS)
164
111
165
.PHONY: html
166
112
html: $(htmldocs)
167
113
168
114
%.5: %.xml common.ent legalnotice.xml
227
173
overview.xml legalnotice.xml
228
174
$(DOCBOOKTOHTML)
229
175
230
dracut-module/password-agent.8mandos: \
231
dracut-module/password-agent.xml common.ent \
232
overview.xml legalnotice.xml
233
$(DOCBOOKTOMAN)
234
dracut-module/password-agent.8mandos.xhtml: \
235
dracut-module/password-agent.xml common.ent \
236
overview.xml legalnotice.xml
237
$(DOCBOOKTOHTML)
238
239
176
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
240
177
common.ent \
241
178
mandos-options.xml \
284
221
--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
285
222
$@)
286
223
287
# Need to add the GnuTLS, Avahi and GPGME libraries
288
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
289
) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
290
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
291
) $(AVAHI_LIBS) $(GPGME_LIBS)
292
293
# Need to add the libnl-route library
294
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
295
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
296
297
# Need to add the GLib and pthread libraries
298
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
299
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
300
301
.PHONY: clean
224
plugins.d/mandos-client: plugins.d/mandos-client.c
225
$(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\
226
) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@
227
228
.PHONY : all doc html clean distclean run-client run-server install \
229
install-server install-client uninstall uninstall-server \
230
uninstall-client purge purge-server purge-client
231
302
232
clean:
303
233
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
304
234
305
.PHONY: distclean
306
235
distclean: clean
307
.PHONY: mostlyclean
308
236
mostlyclean: clean
309
.PHONY: maintainer-clean
310
237
maintainer-clean: clean
311
238
-rm --force --recursive keydir confdir statedir
312
239
313
.PHONY: check
314
check: all
240
check: all
315
241
./mandos --check
316
./mandos-ctl --check
317
./mandos-keygen --version
318
./plugin-runner --version
319
./plugin-helpers/mandos-client-iprouteadddel --version
320
./dracut-module/password-agent --test
321
242
322
243
# Run the client with a local config and key
323
.PHONY: run-client
324
run-client: all keydir/seckey.txt keydir/pubkey.txt \
325
keydir/tls-privkey.pem keydir/tls-pubkey.pem
326
@echo '######################################################'
327
@echo '# The following error messages are harmless and can #'
328
@echo '# be safely ignored: #'
329
@echo '## From plugin-runner: #'
330
@echo '# setgid: Operation not permitted #'
331
@echo '# setuid: Operation not permitted #'
332
@echo '## From askpass-fifo: #'
333
@echo '# mkfifo: Permission denied #'
334
@echo '## From mandos-client: #'
335
@echo '# Failed to raise privileges: Operation not permi... #'
336
@echo '# Warning: network hook "*" exited with status * #'
337
@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
338
@echo '# Failed to bring up interface "*": Operation not... #'
339
@echo '# #'
340
@echo '# (The messages are caused by not running as root, #'
341
@echo '# but you should NOT run "make run-client" as root #'
342
@echo '# unless you also unpacked and compiled Mandos as #'
343
@echo '# root, which is also NOT recommended.) #'
344
@echo '######################################################'
345
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
244
run-client: all keydir/seckey.txt keydir/pubkey.txt
245
@echo "###################################################################"
246
@echo "# The following error messages are harmless and can be safely #"
247
@echo "# ignored. The messages are caused by not running as root, but #"
248
@echo "# you should NOT run \"make run-client\" as root unless you also #"
249
@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"
250
@echo "# From plugin-runner: setuid: Operation not permitted #"
251
@echo "# From askpass-fifo: mkfifo: Permission denied #"
252
@echo "# From mandos-client: setuid: Operation not permitted #"
253
@echo "# seteuid: Operation not permitted #"
254
@echo "# klogctl: Operation not permitted #"
255
@echo "###################################################################"
346
256
./plugin-runner --plugin-dir=plugins.d \
347
--plugin-helper-dir=plugin-helpers \
348
257
--config-file=plugin-runner.conf \
349
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
350
--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
258
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
351
259
$(CLIENTARGS)
352
260
353
261
# Used by run-client
354
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
262
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
355
263
install --directory keydir
356
264
./mandos-keygen --dir keydir --force
357
265
358
266
# Run the server with a local config
359
.PHONY: run-server
360
run-server: confdir/mandos.conf confdir/clients.conf statedir
267
run-server: confdir/mandos.conf confdir/clients.conf
361
268
./mandos --debug --no-dbus --configdir=confdir \
362
269
--statedir=statedir $(SERVERARGS)
363
270
365
272
confdir/mandos.conf: mandos.conf
366
273
install --directory confdir
367
274
install --mode=u=rw,go=r $^ $@
368
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
275
confdir/clients.conf: clients.conf keydir/seckey.txt
369
276
install --directory confdir
370
277
install --mode=u=rw $< $@
371
278
# Add a client password
372
./mandos-keygen --dir keydir --password --no-ssh >> $@
279
./mandos-keygen --dir keydir --password >> $@
373
280
statedir:
374
281
install --directory statedir
375
282
376
.PHONY: install
377
283
install: install-server install-client-nokey
378
284
379
.PHONY: install-html
380
285
install-html: html
381
286
install --directory $(htmldir)
382
287
install --mode=u=rw,go=r --target-directory=$(htmldir) \
383
288
$(htmldocs)
384
289
385
.PHONY: install-server
386
290
install-server: doc
387
291
install --directory $(CONFDIR)
388
if install --directory --mode=u=rwx --owner=$(USER) \
389
--group=$(GROUP) $(STATEDIR); then \
390
:; \
391
elif install --directory --mode=u=rwx $(STATEDIR); then \
392
chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
393
fi
394
if [ "$(TMPFILES)" != "$(DESTDIR)" \
395
-a -d "$(TMPFILES)" ]; then \
396
install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
397
$(TMPFILES)/mandos.conf; \
398
fi
399
if [ "$(SYSUSERS)" != "$(DESTDIR)" \
400
-a -d "$(SYSUSERS)" ]; then \
401
install --mode=u=rw,go=r sysusers.d-mandos.conf \
402
$(SYSUSERS)/mandos.conf; \
403
fi
292
install --directory --mode=u=rwx --owner=$(USER) \
293
--group=$(GROUP) $(STATEDIR)
404
294
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
405
295
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
406
296
mandos-ctl
414
304
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
415
305
install --mode=u=rwx,go=rx init.d-mandos \
416
306
$(DESTDIR)/etc/init.d/mandos
417
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
418
install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
419
fi
420
307
install --mode=u=rw,go=r default-mandos \
421
308
$(DESTDIR)/etc/default/mandos
422
309
if [ -z $(DESTDIR) ]; then \
432
319
> $(MANDIR)/man5/mandos.conf.5.gz
433
320
gzip --best --to-stdout mandos-clients.conf.5 \
434
321
> $(MANDIR)/man5/mandos-clients.conf.5.gz
435
gzip --best --to-stdout intro.8mandos \
436
> $(MANDIR)/man8/intro.8mandos.gz
437
322
438
.PHONY: install-client-nokey
439
323
install-client-nokey: all doc
440
install --directory $(LIBDIR)/mandos $(CONFDIR)
324
install --directory $(PREFIX)/lib/mandos $(CONFDIR)
441
325
install --directory --mode=u=rwx $(KEYDIR) \
442
$(LIBDIR)/mandos/plugins.d \
443
$(LIBDIR)/mandos/plugin-helpers
444
if [ "$(SYSUSERS)" != "$(DESTDIR)" \
445
-a -d "$(SYSUSERS)" ]; then \
446
install --mode=u=rw,go=r sysusers.d-mandos.conf \
447
$(SYSUSERS)/mandos-client.conf; \
448
fi
449
if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
326
$(PREFIX)/lib/mandos/plugins.d
327
if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
450
328
install --mode=u=rwx \
451
--directory "$(CONFDIR)/plugins.d" \
452
"$(CONFDIR)/plugin-helpers"; \
329
--directory "$(CONFDIR)/plugins.d"; \
453
330
fi
454
331
install --mode=u=rwx,go=rx --directory \
455
332
"$(CONFDIR)/network-hooks.d"
456
333
install --mode=u=rwx,go=rx \
457
--target-directory=$(LIBDIR)/mandos plugin-runner
458
install --mode=u=rwx,go=rx \
459
--target-directory=$(LIBDIR)/mandos \
460
mandos-to-cryptroot-unlock
334
--target-directory=$(PREFIX)/lib/mandos plugin-runner
461
335
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
462
336
mandos-keygen
463
337
install --mode=u=rwx,go=rx \
464
--target-directory=$(LIBDIR)/mandos/plugins.d \
338
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
465
339
plugins.d/password-prompt
466
340
install --mode=u=rwxs,go=rx \
467
--target-directory=$(LIBDIR)/mandos/plugins.d \
341
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
468
342
plugins.d/mandos-client
469
343
install --mode=u=rwxs,go=rx \
470
--target-directory=$(LIBDIR)/mandos/plugins.d \
344
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
471
345
plugins.d/usplash
472
346
install --mode=u=rwxs,go=rx \
473
--target-directory=$(LIBDIR)/mandos/plugins.d \
347
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
474
348
plugins.d/splashy
475
349
install --mode=u=rwxs,go=rx \
476
--target-directory=$(LIBDIR)/mandos/plugins.d \
350
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
477
351
plugins.d/askpass-fifo
478
352
install --mode=u=rwxs,go=rx \
479
--target-directory=$(LIBDIR)/mandos/plugins.d \
353
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
480
354
plugins.d/plymouth
481
install --mode=u=rwx,go=rx \
482
--target-directory=$(LIBDIR)/mandos/plugin-helpers \
483
plugin-helpers/mandos-client-iprouteadddel
484
355
install initramfs-tools-hook \
485
356
$(INITRAMFSTOOLS)/hooks/mandos
486
install --mode=u=rw,go=r initramfs-tools-conf \
487
$(INITRAMFSTOOLS)/conf.d/mandos-conf
488
install --mode=u=rw,go=r initramfs-tools-conf-hook \
489
$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
357
install --mode=u=rw,go=r initramfs-tools-hook-conf \
358
$(INITRAMFSTOOLS)/conf-hooks.d/mandos
490
359
install initramfs-tools-script \
491
360
$(INITRAMFSTOOLS)/scripts/init-premount/mandos
492
install initramfs-tools-script-stop \
493
$(INITRAMFSTOOLS)/scripts/local-premount/mandos
494
install --directory $(DRACUTMODULE)
495
install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \
496
dracut-module/ask-password-mandos.path \
497
dracut-module/ask-password-mandos.service
498
install --mode=u=rwxs,go=rx \
499
--target-directory=$(DRACUTMODULE) \
500
dracut-module/module-setup.sh \
501
dracut-module/cmdline-mandos.sh \
502
dracut-module/password-agent
503
361
install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
504
362
gzip --best --to-stdout mandos-keygen.8 \
505
363
> $(MANDIR)/man8/mandos-keygen.8.gz
517
375
> $(MANDIR)/man8/askpass-fifo.8mandos.gz
518
376
gzip --best --to-stdout plugins.d/plymouth.8mandos \
519
377
> $(MANDIR)/man8/plymouth.8mandos.gz
520
gzip --best --to-stdout dracut-module/password-agent.8mandos \
521
> $(MANDIR)/man8/password-agent.8mandos.gz
522
378
523
.PHONY: install-client
524
379
install-client: install-client-nokey
525
380
# Post-installation stuff
526
381
-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
527
if command -v update-initramfs >/dev/null; then \
528
update-initramfs -k all -u; \
529
elif command -v dracut >/dev/null; then \
530
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
531
if [ -w "$$initrd" ]; then \
532
chmod go-r "$$initrd"; \
533
dracut --force "$$initrd"; \
534
fi; \
535
done; \
536
fi
382
update-initramfs -k all -u
537
383
echo "Now run mandos-keygen --password --dir $(KEYDIR)"
538
384
539
.PHONY: uninstall
540
385
uninstall: uninstall-server uninstall-client
541
386
542
.PHONY: uninstall-server
543
387
uninstall-server:
544
388
-rm --force $(PREFIX)/sbin/mandos \
545
389
$(PREFIX)/sbin/mandos-ctl \
552
396
update-rc.d -f mandos remove
553
397
-rmdir $(CONFDIR)
554
398
555
.PHONY: uninstall-client
556
399
uninstall-client:
557
400
# Refuse to uninstall client if /etc/crypttab is explicitly configured
558
401
# to use it.
559
402
! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
560
403
$(DESTDIR)/etc/crypttab
561
404
-rm --force $(PREFIX)/sbin/mandos-keygen \
562
$(LIBDIR)/mandos/plugin-runner \
563
$(LIBDIR)/mandos/plugins.d/password-prompt \
564
$(LIBDIR)/mandos/plugins.d/mandos-client \
565
$(LIBDIR)/mandos/plugins.d/usplash \
566
$(LIBDIR)/mandos/plugins.d/splashy \
567
$(LIBDIR)/mandos/plugins.d/askpass-fifo \
568
$(LIBDIR)/mandos/plugins.d/plymouth \
405
$(PREFIX)/lib/mandos/plugin-runner \
406
$(PREFIX)/lib/mandos/plugins.d/password-prompt \
407
$(PREFIX)/lib/mandos/plugins.d/mandos-client \
408
$(PREFIX)/lib/mandos/plugins.d/usplash \
409
$(PREFIX)/lib/mandos/plugins.d/splashy \
410
$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
411
$(PREFIX)/lib/mandos/plugins.d/plymouth \
569
412
$(INITRAMFSTOOLS)/hooks/mandos \
570
413
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
571
414
$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
572
$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
573
$(DRACUTMODULE)/ask-password-mandos.path \
574
$(DRACUTMODULE)/ask-password-mandos.service \
575
$(DRACUTMODULE)/module-setup.sh \
576
$(DRACUTMODULE)/cmdline-mandos.sh \
577
$(DRACUTMODULE)/password-agent \
578
415
$(MANDIR)/man8/mandos-keygen.8.gz \
579
416
$(MANDIR)/man8/plugin-runner.8mandos.gz \
580
417
$(MANDIR)/man8/mandos-client.8mandos.gz
583
420
$(MANDIR)/man8/splashy.8mandos.gz \
584
421
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
585
422
$(MANDIR)/man8/plymouth.8mandos.gz \
586
$(MANDIR)/man8/password-agent.8mandos.gz \
587
-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
588
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
589
if command -v update-initramfs >/dev/null; then \
590
update-initramfs -k all -u; \
591
elif command -v dracut >/dev/null; then \
592
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
593
test -w "$$initrd" && dracut --force "$$initrd"; \
594
done; \
595
fi
423
-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
424
$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
425
update-initramfs -k all -u
596
426
597
.PHONY: purge
598
427
purge: purge-server purge-client
599
428
600
.PHONY: purge-server
601
429
purge-server: uninstall-server
602
430
-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
603
431
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
604
432
$(DESTDIR)/etc/default/mandos \
605
433
$(DESTDIR)/etc/init.d/mandos \
606
$(SYSTEMD)/mandos.service \
607
$(DESTDIR)/run/mandos.pid \
608
434
$(DESTDIR)/var/run/mandos.pid
609
435
-rmdir $(CONFDIR)
610
436
611
.PHONY: purge-client
612
437
purge-client: uninstall-client
613
-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
438
-shred --remove $(KEYDIR)/seckey.txt
614
439
-rm --force $(CONFDIR)/plugin-runner.conf \
615
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
616
$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
440
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
617
441
-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0