To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to Makefile
- browse files at revision 541
- compare with another revision
- download diff
- download tarball
- view history from revision 541
- Committer: Teddy Hogeborn
- Date: 2011-12-31 20:07:11 UTC
- mfrom: (535.1.9 wireless-network-hook)
- Revision ID: teddy@recompile.se-20111231200711-6dli3r8drftem57r
Merge new wireless network hook. Fix bridge network hook to use
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.
hardware addresses instead of interface names. Implement and document
new "CONNECT" environment variable for network hooks.
- files removed:
- bugs.xml
- debian/upstream
- plugin-helpers
- files modified:
- .bzrignore
added
removed
Makefile
1
WARN=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
-Wsuggest-attribute=pure -Wsuggest-attribute=const \
5
-Wsuggest-attribute=noreturn -Wfloat-equal -Wundef -Wshadow \
1
WARN=-O -Wall -Wformat=2 -Winit-self -Wmissing-include-dirs \
2
-Wswitch-default -Wswitch-enum -Wunused-parameter \
3
-Wstrict-aliasing=1 -Wextra -Wfloat-equal -Wundef -Wshadow \
6
4
-Wunsafe-loop-optimizations -Wpointer-arith \
7
5
-Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
8
-Wconversion -Wlogical-op -Waggregate-return \
9
-Wstrict-prototypes -Wold-style-definition \
10
-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
-Wvolatile-register-var -Woverlength-strings
6
-Wconversion -Wstrict-prototypes -Wold-style-definition \
7
-Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
# -Wunreachable-code
13
9
#DEBUG=-ggdb3
14
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
15
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
10
# For info about _FORTIFY_SOURCE, see
11
# <http://www.kernel.org/doc/man-pages/online/pages/man7/feature_test_macros.7.html>
12
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
16
13
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
17
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
18
ALL_SANITIZE_OPTIONS:=-fsanitize=address -fsanitize=undefined \
19
-fsanitize=shift -fsanitize=integer-divide-by-zero \
20
-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
21
-fsanitize=return -fsanitize=signed-integer-overflow \
22
-fsanitize=bounds -fsanitize=alignment \
23
-fsanitize=object-size -fsanitize=float-divide-by-zero \
24
-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
25
-fsanitize=returns-nonnull-attribute -fsanitize=bool \
26
-fsanitize=enum
27
# Check which sanitizing options can be used
28
SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
29
echo 'int main(){}' | $(CC) --language=c $(option) /dev/stdin \
30
-o /dev/null >/dev/null 2>&1 && echo $(option)))
31
14
LINK_FORTIFY_LD=-z relro -z now
32
15
LINK_FORTIFY=
33
16
37
20
LINK_FORTIFY += -pie
38
21
endif
39
22
#COVERAGE=--coverage
40
OPTIMIZE=-Os -fno-strict-aliasing
41
LANGUAGE=-std=gnu11
23
OPTIMIZE=-Os
24
LANGUAGE=-std=gnu99
42
25
htmldir=man
43
version=1.7.10
26
version=1.4.1
44
27
SED=sed
45
28
46
29
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
47
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nogroup || echo 65534)))
30
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))
48
31
49
32
## Use these settings for a traditional /usr/local install
50
33
# PREFIX=$(DESTDIR)/usr/local
53
36
# MANDIR=$(PREFIX)/man
54
37
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
55
38
# STATEDIR=$(DESTDIR)/var/lib/mandos
56
# LIBDIR=$(PREFIX)/lib
57
39
##
58
40
59
41
## These settings are for a package-type install
63
45
MANDIR=$(PREFIX)/share/man
64
46
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
65
47
STATEDIR=$(DESTDIR)/var/lib/mandos
66
LIBDIR=$(shell \
67
for d in \
68
"/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
69
"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
70
if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
71
echo "$(DESTDIR)$$d"; \
72
break; \
73
fi; \
74
done)
75
48
##
76
49
77
SYSTEMD=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
78
TMPFILES=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)
79
80
50
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
81
51
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
82
52
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
84
54
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
85
55
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
86
56
getconf LFS_LDFLAGS)
87
LIBNL3_CFLAGS=$(shell pkg-config --cflags-only-I libnl-route-3.0)
88
LIBNL3_LIBS=$(shell pkg-config --libs libnl-route-3.0)
89
57
90
58
# Do not change these two
91
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(SANITIZE) $(COVERAGE) \
92
$(OPTIMIZE) $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) \
93
$(GPGME_CFLAGS) -DVERSION='"$(version)"'
94
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
59
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
60
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
61
-DVERSION='"$(version)"'
62
LDFLAGS=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
95
63
96
64
# Commands to format a DocBook <refentry> document into a manual page
97
65
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
100
68
--param make.single.year.ranges 1 \
101
69
--param man.output.quietly 1 \
102
70
--param man.authors.section.enabled 0 \
103
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
71
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
104
72
$(notdir $<); \
105
if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
106
&& type man 2>/dev/null; then LANG=en_US.UTF-8 MANWIDTH=80 \
107
man --warnings --encoding=UTF-8 --local-file $(notdir $@); \
108
fi >/dev/null)
73
$(MANPOST) $(notdir $@);\
74
LANG=en_US.UTF-8 MANWIDTH=80 man --warnings --encoding=UTF-8 \
75
--local-file $(notdir $@) >/dev/null)
76
# DocBook-to-man post-processing to fix a '\n' escape bug
77
MANPOST=$(SED) --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
109
78
110
79
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
111
80
--param make.year.ranges 1 \
123
92
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
124
93
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
125
94
plugins.d/plymouth
126
PLUGIN_HELPERS=plugin-helpers/mandos-client-iprouteadddel
127
CPROGS=plugin-runner $(PLUGINS) $(PLUGIN_HELPERS)
95
CPROGS=plugin-runner $(PLUGINS)
128
96
PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
129
97
DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
130
98
mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
257
225
$(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\
258
226
) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@
259
227
260
plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c
261
$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\
262
) $(LOADLIBES) $(LDLIBS) -o $@
263
264
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
265
check run-client run-server install install-html \
266
install-server install-client-nokey install-client uninstall \
267
uninstall-server uninstall-client purge purge-server \
268
purge-client
228
.PHONY : all doc html clean distclean run-client run-server install \
229
install-server install-client uninstall uninstall-server \
230
uninstall-client purge purge-server purge-client
269
231
270
232
clean:
271
233
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
277
239
278
240
check: all
279
241
./mandos --check
280
./mandos-ctl --check
281
242
282
243
# Run the client with a local config and key
283
244
run-client: all keydir/seckey.txt keydir/pubkey.txt
286
247
@echo "# ignored. The messages are caused by not running as root, but #"
287
248
@echo "# you should NOT run \"make run-client\" as root unless you also #"
288
249
@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"
289
@echo "# From plugin-runner: setgid: Operation not permitted #"
290
@echo "# setuid: Operation not permitted #"
250
@echo "# From plugin-runner: setuid: Operation not permitted #"
291
251
@echo "# From askpass-fifo: mkfifo: Permission denied #"
292
@echo "# From mandos-client: #"
293
@echo "# Failed to raise privileges: Operation not permitted #"
294
@echo "# Warning: network hook \"*\" exited with status * #"
252
@echo "# From mandos-client: setuid: Operation not permitted #"
253
@echo "# seteuid: Operation not permitted #"
254
@echo "# klogctl: Operation not permitted #"
295
255
@echo "###################################################################"
296
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
297
256
./plugin-runner --plugin-dir=plugins.d \
298
--plugin-helper-dir=plugin-helpers \
299
257
--config-file=plugin-runner.conf \
300
258
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
301
--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
302
259
$(CLIENTARGS)
303
260
304
261
# Used by run-client
307
264
./mandos-keygen --dir keydir --force
308
265
309
266
# Run the server with a local config
310
run-server: confdir/mandos.conf confdir/clients.conf statedir
267
run-server: confdir/mandos.conf confdir/clients.conf
311
268
./mandos --debug --no-dbus --configdir=confdir \
312
269
--statedir=statedir $(SERVERARGS)
313
270
319
276
install --directory confdir
320
277
install --mode=u=rw $< $@
321
278
# Add a client password
322
./mandos-keygen --dir keydir --password --no-ssh >> $@
279
./mandos-keygen --dir keydir --password >> $@
323
280
statedir:
324
281
install --directory statedir
325
282
332
289
333
290
install-server: doc
334
291
install --directory $(CONFDIR)
335
if install --directory --mode=u=rwx --owner=$(USER) \
336
--group=$(GROUP) $(STATEDIR); then \
337
:; \
338
elif install --directory --mode=u=rwx $(STATEDIR); then \
339
chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
340
fi
341
if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \
342
install --mode=u=rw,go=r tmpfiles.d-mandos.conf \
343
$(TMPFILES)/mandos.conf; \
344
fi
292
install --directory --mode=u=rwx --owner=$(USER) \
293
--group=$(GROUP) $(STATEDIR)
345
294
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
346
295
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
347
296
mandos-ctl
355
304
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
356
305
install --mode=u=rwx,go=rx init.d-mandos \
357
306
$(DESTDIR)/etc/init.d/mandos
358
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
359
install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
360
fi
361
307
install --mode=u=rw,go=r default-mandos \
362
308
$(DESTDIR)/etc/default/mandos
363
309
if [ -z $(DESTDIR) ]; then \
373
319
> $(MANDIR)/man5/mandos.conf.5.gz
374
320
gzip --best --to-stdout mandos-clients.conf.5 \
375
321
> $(MANDIR)/man5/mandos-clients.conf.5.gz
376
gzip --best --to-stdout intro.8mandos \
377
> $(MANDIR)/man8/intro.8mandos.gz
378
322
379
323
install-client-nokey: all doc
380
install --directory $(LIBDIR)/mandos $(CONFDIR)
324
install --directory $(PREFIX)/lib/mandos $(CONFDIR)
381
325
install --directory --mode=u=rwx $(KEYDIR) \
382
$(LIBDIR)/mandos/plugins.d \
383
$(LIBDIR)/mandos/plugin-helpers
384
if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
326
$(PREFIX)/lib/mandos/plugins.d
327
if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
385
328
install --mode=u=rwx \
386
--directory "$(CONFDIR)/plugins.d" \
387
"$(CONFDIR)/plugin-helpers"; \
329
--directory "$(CONFDIR)/plugins.d"; \
388
330
fi
389
331
install --mode=u=rwx,go=rx --directory \
390
332
"$(CONFDIR)/network-hooks.d"
391
333
install --mode=u=rwx,go=rx \
392
--target-directory=$(LIBDIR)/mandos plugin-runner
334
--target-directory=$(PREFIX)/lib/mandos plugin-runner
393
335
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
394
336
mandos-keygen
395
337
install --mode=u=rwx,go=rx \
396
--target-directory=$(LIBDIR)/mandos/plugins.d \
338
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
397
339
plugins.d/password-prompt
398
340
install --mode=u=rwxs,go=rx \
399
--target-directory=$(LIBDIR)/mandos/plugins.d \
341
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
400
342
plugins.d/mandos-client
401
343
install --mode=u=rwxs,go=rx \
402
--target-directory=$(LIBDIR)/mandos/plugins.d \
344
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
403
345
plugins.d/usplash
404
346
install --mode=u=rwxs,go=rx \
405
--target-directory=$(LIBDIR)/mandos/plugins.d \
347
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
406
348
plugins.d/splashy
407
349
install --mode=u=rwxs,go=rx \
408
--target-directory=$(LIBDIR)/mandos/plugins.d \
350
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
409
351
plugins.d/askpass-fifo
410
352
install --mode=u=rwxs,go=rx \
411
--target-directory=$(LIBDIR)/mandos/plugins.d \
353
--target-directory=$(PREFIX)/lib/mandos/plugins.d \
412
354
plugins.d/plymouth
413
install --mode=u=rwx,go=rx \
414
--target-directory=$(LIBDIR)/mandos/plugin-helpers \
415
plugin-helpers/mandos-client-iprouteadddel
416
355
install initramfs-tools-hook \
417
356
$(INITRAMFSTOOLS)/hooks/mandos
418
357
install --mode=u=rw,go=r initramfs-tools-hook-conf \
463
402
! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
464
403
$(DESTDIR)/etc/crypttab
465
404
-rm --force $(PREFIX)/sbin/mandos-keygen \
466
$(LIBDIR)/mandos/plugin-runner \
467
$(LIBDIR)/mandos/plugins.d/password-prompt \
468
$(LIBDIR)/mandos/plugins.d/mandos-client \
469
$(LIBDIR)/mandos/plugins.d/usplash \
470
$(LIBDIR)/mandos/plugins.d/splashy \
471
$(LIBDIR)/mandos/plugins.d/askpass-fifo \
472
$(LIBDIR)/mandos/plugins.d/plymouth \
405
$(PREFIX)/lib/mandos/plugin-runner \
406
$(PREFIX)/lib/mandos/plugins.d/password-prompt \
407
$(PREFIX)/lib/mandos/plugins.d/mandos-client \
408
$(PREFIX)/lib/mandos/plugins.d/usplash \
409
$(PREFIX)/lib/mandos/plugins.d/splashy \
410
$(PREFIX)/lib/mandos/plugins.d/askpass-fifo \
411
$(PREFIX)/lib/mandos/plugins.d/plymouth \
473
412
$(INITRAMFSTOOLS)/hooks/mandos \
474
413
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
475
414
$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
481
420
$(MANDIR)/man8/splashy.8mandos.gz \
482
421
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
483
422
$(MANDIR)/man8/plymouth.8mandos.gz \
484
-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
485
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR)
423
-rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
424
$(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
486
425
update-initramfs -k all -u
487
426
488
427
purge: purge-server purge-client
492
431
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
493
432
$(DESTDIR)/etc/default/mandos \
494
433
$(DESTDIR)/etc/init.d/mandos \
495
$(SYSTEMD)/mandos.service \
496
$(DESTDIR)/run/mandos.pid \
497
434
$(DESTDIR)/var/run/mandos.pid
498
435
-rmdir $(CONFDIR)
499
436
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0