/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2011-12-31 20:07:11 UTC
  • mfrom: (535.1.9 wireless-network-hook)
  • Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r
Merge new wireless network hook.  Fix bridge network hook to use
hardware addresses instead of interface names.  Implement and document
new "CONNECT" environment variable for network hooks.

Show diffs side-by-side

added added

removed removed

Lines of Context:
1
 
WARN=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
 
        -Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
 
        -Wunused -Wuninitialized -Wstrict-overflow=5 \
4
 
        -Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
 
        -Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
 
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
 
2
        -Wswitch-default -Wswitch-enum -Wunused-parameter \
 
3
        -Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
6
4
        -Wunsafe-loop-optimizations -Wpointer-arith \
7
5
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
8
 
        -Wconversion -Wlogical-op -Waggregate-return \
9
 
        -Wstrict-prototypes -Wold-style-definition \
10
 
        -Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
 
        -Wredundant-decls -Wnested-externs -Winline -Wvla \
12
 
        -Wvolatile-register-var -Woverlength-strings
 
6
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
 
7
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
 
8
#       -Wunreachable-code
13
9
#DEBUG=-ggdb3
14
 
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
 
10
# For info about _FORTIFY_SOURCE, see
 
11
# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>
15
12
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
16
13
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
17
14
LINK_FORTIFY_LD=-z relro -z now
23
20
LINK_FORTIFY += -pie
24
21
endif
25
22
#COVERAGE=--coverage
26
 
OPTIMIZE=-Os -fno-strict-aliasing
 
23
OPTIMIZE=-Os
27
24
LANGUAGE=-std=gnu99
28
25
htmldir=man
29
 
version=1.6.9
 
26
version=1.4.1
30
27
SED=sed
31
28
 
32
29
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
39
36
# MANDIR=$(PREFIX)/man
40
37
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
41
38
# STATEDIR=$(DESTDIR)/var/lib/mandos
42
 
# LIBDIR=$(PREFIX)/lib
43
39
##
44
40
 
45
41
## These settings are for a package-type install
49
45
MANDIR=$(PREFIX)/share/man
50
46
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
51
47
STATEDIR=$(DESTDIR)/var/lib/mandos
52
 
LIBDIR=$(shell \
53
 
        for d in \
54
 
        "/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
55
 
        "`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
56
 
                if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
57
 
                        echo "$(DESTDIR)$$d"; \
58
 
                        break; \
59
 
                fi; \
60
 
        done)
61
48
##
62
49
 
63
 
SYSTEMD=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
64
 
 
65
50
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
66
51
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
67
52
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
71
56
        getconf LFS_LDFLAGS)
72
57
 
73
58
# Do not change these two
74
 
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
 
59
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
75
60
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
76
61
        -DVERSION='"$(version)"'
77
 
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
 
62
LDFLAGS=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
78
63
 
79
64
# Commands to format a DocBook <refentry> document into a manual page
80
65
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
83
68
        --param make.single.year.ranges         1 \
84
69
        --param man.output.quietly              1 \
85
70
        --param man.authors.section.enabled     0 \
86
 
        /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
 
71
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
87
72
        $(notdir $<); \
88
 
        if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
89
 
        && type man 2>/dev/null; then LANG=en_US.UTF-8 MANWIDTH=80 \
90
 
        man --warnings --encoding=UTF-8 --local-file $(notdir $@); \
91
 
        fi >/dev/null)
 
73
        $(MANPOST) $(notdir $@);\
 
74
        LANG=en_US.UTF-8 MANWIDTH=80 man --warnings --encoding=UTF-8 \
 
75
        --local-file $(notdir $@) >/dev/null)
 
76
# DocBook-to-man post-processing to fix a '\n' escape bug
 
77
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
92
78
 
93
79
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
94
80
        --param make.year.ranges                1 \
239
225
        $(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\
240
226
                ) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@
241
227
 
242
 
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
243
 
        check run-client run-server install install-html \
244
 
        install-server install-client-nokey install-client uninstall \
245
 
        uninstall-server uninstall-client purge purge-server \
246
 
        purge-client
 
228
.PHONY : all doc html clean distclean run-client run-server install \
 
229
        install-server install-client uninstall uninstall-server \
 
230
        uninstall-client purge purge-server purge-client
247
231
 
248
232
clean:
249
233
        -rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
255
239
 
256
240
check:  all
257
241
        ./mandos --check
258
 
        ./mandos-ctl --check
259
242
 
260
243
# Run the client with a local config and key
261
244
run-client: all keydir/seckey.txt keydir/pubkey.txt
264
247
        @echo "# ignored.  The messages are caused by not running as root, but   #"
265
248
        @echo "# you should NOT run \"make run-client\" as root unless you also    #"
266
249
        @echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"
267
 
        @echo "# From plugin-runner: setgid: Operation not permitted             #"
268
 
        @echo "#                     setuid: Operation not permitted             #"
 
250
        @echo "# From plugin-runner: setuid: Operation not permitted             #"
269
251
        @echo "# From askpass-fifo:  mkfifo: Permission denied                   #"
270
 
        @echo "# From mandos-client:                                             #"
271
 
        @echo "#             Failed to raise privileges: Operation not permitted #"
272
 
        @echo "#             Warning: network hook \"*\" exited with status *      #"
 
252
        @echo "# From mandos-client: setuid: Operation not permitted             #"
 
253
        @echo "#                     seteuid: Operation not permitted            #"
 
254
        @echo "#                     klogctl: Operation not permitted            #"
273
255
        @echo "###################################################################"
274
 
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
275
256
        ./plugin-runner --plugin-dir=plugins.d \
276
257
                --config-file=plugin-runner.conf \
277
258
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
278
 
                --env-for=mandos-client:GNOME_KEYRING_CONTROL= \
279
259
                $(CLIENTARGS)
280
260
 
281
261
# Used by run-client
284
264
        ./mandos-keygen --dir keydir --force
285
265
 
286
266
# Run the server with a local config
287
 
run-server: confdir/mandos.conf confdir/clients.conf statedir
 
267
run-server: confdir/mandos.conf confdir/clients.conf
288
268
        ./mandos --debug --no-dbus --configdir=confdir \
289
269
                --statedir=statedir $(SERVERARGS)
290
270
 
296
276
        install --directory confdir
297
277
        install --mode=u=rw $< $@
298
278
# Add a client password
299
 
        ./mandos-keygen --dir keydir --password --no-ssh >> $@
 
279
        ./mandos-keygen --dir keydir --password >> $@
300
280
statedir:
301
281
        install --directory statedir
302
282
 
309
289
 
310
290
install-server: doc
311
291
        install --directory $(CONFDIR)
312
 
        if install --directory --mode=u=rwx --owner=$(USER) \
313
 
                --group=$(GROUP) $(STATEDIR); then \
314
 
                :; \
315
 
        elif install --directory --mode=u=rwx $(STATEDIR); then \
316
 
                chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
317
 
        fi
 
292
        install --directory --mode=u=rwx --owner=$(USER) \
 
293
                --group=$(GROUP) $(STATEDIR)
318
294
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
319
295
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
320
296
                mandos-ctl
328
304
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
329
305
        install --mode=u=rwx,go=rx init.d-mandos \
330
306
                $(DESTDIR)/etc/init.d/mandos
331
 
        if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
332
 
                install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
333
 
        fi
334
307
        install --mode=u=rw,go=r default-mandos \
335
308
                $(DESTDIR)/etc/default/mandos
336
309
        if [ -z $(DESTDIR) ]; then \
346
319
                > $(MANDIR)/man5/mandos.conf.5.gz
347
320
        gzip --best --to-stdout mandos-clients.conf.5 \
348
321
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
349
 
        gzip --best --to-stdout intro.8mandos \
350
 
                > $(MANDIR)/man8/intro.8mandos.gz
351
322
 
352
323
install-client-nokey: all doc
353
 
        install --directory $(LIBDIR)/mandos $(CONFDIR)
 
324
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
354
325
        install --directory --mode=u=rwx $(KEYDIR) \
355
 
                $(LIBDIR)/mandos/plugins.d
356
 
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
 
326
                $(PREFIX)/lib/mandos/plugins.d
 
327
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
357
328
                install --mode=u=rwx \
358
329
                        --directory "$(CONFDIR)/plugins.d"; \
359
330
        fi
360
331
        install --mode=u=rwx,go=rx --directory \
361
332
                "$(CONFDIR)/network-hooks.d"
362
333
        install --mode=u=rwx,go=rx \
363
 
                --target-directory=$(LIBDIR)/mandos plugin-runner
 
334
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
364
335
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
365
336
                mandos-keygen
366
337
        install --mode=u=rwx,go=rx \
367
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
 
338
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
368
339
                plugins.d/password-prompt
369
340
        install --mode=u=rwxs,go=rx \
370
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
 
341
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
371
342
                plugins.d/mandos-client
372
343
        install --mode=u=rwxs,go=rx \
373
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
 
344
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
374
345
                plugins.d/usplash
375
346
        install --mode=u=rwxs,go=rx \
376
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
 
347
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
377
348
                plugins.d/splashy
378
349
        install --mode=u=rwxs,go=rx \
379
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
 
350
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
380
351
                plugins.d/askpass-fifo
381
352
        install --mode=u=rwxs,go=rx \
382
 
                --target-directory=$(LIBDIR)/mandos/plugins.d \
 
353
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
383
354
                plugins.d/plymouth
384
355
        install initramfs-tools-hook \
385
356
                $(INITRAMFSTOOLS)/hooks/mandos
431
402
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
432
403
                $(DESTDIR)/etc/crypttab
433
404
        -rm --force $(PREFIX)/sbin/mandos-keygen \
434
 
                $(LIBDIR)/mandos/plugin-runner \
435
 
                $(LIBDIR)/mandos/plugins.d/password-prompt \
436
 
                $(LIBDIR)/mandos/plugins.d/mandos-client \
437
 
                $(LIBDIR)/mandos/plugins.d/usplash \
438
 
                $(LIBDIR)/mandos/plugins.d/splashy \
439
 
                $(LIBDIR)/mandos/plugins.d/askpass-fifo \
440
 
                $(LIBDIR)/mandos/plugins.d/plymouth \
 
405
                $(PREFIX)/lib/mandos/plugin-runner \
 
406
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
 
407
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
 
408
                $(PREFIX)/lib/mandos/plugins.d/usplash \
 
409
                $(PREFIX)/lib/mandos/plugins.d/splashy \
 
410
                $(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
 
411
                $(PREFIX)/lib/mandos/plugins.d/plymouth \
441
412
                $(INITRAMFSTOOLS)/hooks/mandos \
442
413
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
443
414
                $(INITRAMFSTOOLS)/scripts/init-premount/mandos \
449
420
                $(MANDIR)/man8/splashy.8mandos.gz \
450
421
                $(MANDIR)/man8/askpass-fifo.8mandos.gz \
451
422
                $(MANDIR)/man8/plymouth.8mandos.gz \
452
 
        -rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
453
 
                 $(LIBDIR)/mandos $(CONFDIR) $(KEYDIR)
 
423
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
 
424
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
454
425
        update-initramfs -k all -u
455
426
 
456
427
purge: purge-server purge-client
460
431
                $(DESTDIR)/etc/dbus-1/system.d/mandos.conf
461
432
                $(DESTDIR)/etc/default/mandos \
462
433
                $(DESTDIR)/etc/init.d/mandos \
463
 
                $(SYSTEMD)/mandos.service \
464
 
                $(DESTDIR)/run/mandos.pid \
465
434
                $(DESTDIR)/var/run/mandos.pid
466
435
        -rmdir $(CONFDIR)
467
436