To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to Makefile
- browse files at revision 723.1.1
- compare with another revision
- download diff
- download tarball
- view history from revision 723.1.1
- Committer: Teddy Hogeborn
- Date: 2014-07-25 22:44:20 UTC
- mto: This revision was merged to the branch mainline in revision 724.
- Revision ID: teddy@recompile.se-20140725224420-4a5ct2ptt0hsc92z
Require Python 2.7.
This is in preparation for the eventual move to Python 3, which will
happen as soon as all Python modules required by Mandos are available.
The mandos-ctl and mandos-monitor programs are already portable
between Python 2.6 and Python 3 without changes; this change will
bring the requirement up to Python 2.7.
* INSTALL (Prerequisites/Libraries/Mandos Server): Document
requirement of
Python 2.7; remove
Python-argparse
which is in the
Python 2.7 standard
library.
* debian/control (Source: mandos/Build-Depends-Indep): Depend on
exactly the
python2.7
package and all
the Python 2.7
versions of the
python modules.
(Package: mandos/Depends): - '' - but still depend on python (<=2.7)
and the generic versions of the Python
modules; this is for mandos-ctl and
mandos-monitor, both of which are
compatible with Python 3, and use
#!/usr/bin/python.
* mandos: Use #!/usr/bin/python2.7 instead of #!/usr/bin/python.
This is in preparation for the eventual move to Python 3, which will
happen as soon as all Python modules required by Mandos are available.
The mandos-ctl and mandos-monitor programs are already portable
between Python 2.6 and Python 3 without changes; this change will
bring the requirement up to Python 2.7.
* INSTALL (Prerequisites/Libraries/Mandos Server): Document
requirement of
Python 2.7; remove
Python-argparse
which is in the
Python 2.7 standard
library.
* debian/control (Source: mandos/Build-Depends-Indep): Depend on
exactly the
python2.7
package and all
the Python 2.7
versions of the
python modules.
(Package: mandos/Depends): - '' - but still depend on python (<=2.7)
and the generic versions of the Python
modules; this is for mandos-ctl and
mandos-monitor, both of which are
compatible with Python 3, and use
#!/usr/bin/python.
* mandos: Use #!/usr/bin/python2.7 instead of #!/usr/bin/python.
- files added:
- initramfs-tools-hook-conf
- files removed:
- bugs.xml
- debian/tests
- dracut-module
- plugin-helpers
- files modified:
- .bzrignore
added
removed
Makefile
1
WARN:=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
1
WARN=-O -Wall -Wextra -Wdouble-promotion -Wformat=2 -Winit-self \
2
2
-Wmissing-include-dirs -Wswitch-default -Wswitch-enum \
3
3
-Wunused -Wuninitialized -Wstrict-overflow=5 \
4
4
-Wsuggest-attribute=pure -Wsuggest-attribute=const \
10
10
-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \
11
11
-Wredundant-decls -Wnested-externs -Winline -Wvla \
12
12
-Wvolatile-register-var -Woverlength-strings
13
14
#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)
15
## Check which sanitizing options can be used
16
#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
17
# echo 'int main(){}' | $(CC) --language=c $(option) \
18
# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))
19
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
20
ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \
21
-fsanitize=shift -fsanitize=integer-divide-by-zero \
22
-fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
23
-fsanitize=return -fsanitize=signed-integer-overflow \
24
-fsanitize=bounds -fsanitize=alignment \
25
-fsanitize=object-size -fsanitize=float-divide-by-zero \
26
-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
27
-fsanitize=returns-nonnull-attribute -fsanitize=bool \
28
-fsanitize=enum -fsanitize-address-use-after-scope
29
13
#DEBUG=-ggdb3
30
14
# For info about _FORTIFY_SOURCE, see feature_test_macros(7)
31
# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
32
FORTIFY:=-fstack-protector-all -fPIC
33
CPPFLAGS+=-D_FORTIFY_SOURCE=3
34
LINK_FORTIFY_LD:=-z relro -z now
35
LINK_FORTIFY:=
15
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
16
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
17
LINK_FORTIFY_LD=-z relro -z now
18
LINK_FORTIFY=
36
19
37
20
# If BROKEN_PIE is set, do not build with -pie
38
21
ifndef BROKEN_PIE
40
23
LINK_FORTIFY += -pie
41
24
endif
42
25
#COVERAGE=--coverage
43
OPTIMIZE:=-Os -fno-strict-aliasing
44
LANGUAGE:=-std=gnu11
45
CPPFLAGS+=-D_FILE_OFFSET_BITS=64 -D_TIME_BITS=64
46
htmldir:=man
47
version:=1.8.16
48
SED:=sed
49
PKG_CONFIG?=pkg-config
50
51
USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \
52
|| getent passwd nobody || echo 65534)))
53
GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \
54
|| getent group nogroup || echo 65534)))
55
56
LINUXVERSION:=$(shell uname --kernel-release)
26
OPTIMIZE=-Os -fno-strict-aliasing
27
LANGUAGE=-std=gnu99
28
htmldir=man
29
version=1.6.7
30
SED=sed
31
32
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
33
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))
57
34
58
35
## Use these settings for a traditional /usr/local install
59
# PREFIX:=$(DESTDIR)/usr/local
60
# CONFDIR:=$(DESTDIR)/etc/mandos
61
# KEYDIR:=$(DESTDIR)/etc/mandos/keys
62
# MANDIR:=$(PREFIX)/man
63
# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools
64
# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
65
# STATEDIR:=$(DESTDIR)/var/lib/mandos
66
# LIBDIR:=$(PREFIX)/lib
67
# DBUSPOLICYDIR:=$(DESTDIR)/etc/dbus-1/system.d
36
# PREFIX=$(DESTDIR)/usr/local
37
# CONFDIR=$(DESTDIR)/etc/mandos
38
# KEYDIR=$(DESTDIR)/etc/mandos/keys
39
# MANDIR=$(PREFIX)/man
40
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
41
# STATEDIR=$(DESTDIR)/var/lib/mandos
42
# LIBDIR=$(PREFIX)/lib
68
43
##
69
44
70
45
## These settings are for a package-type install
71
PREFIX:=$(DESTDIR)/usr
72
CONFDIR:=$(DESTDIR)/etc/mandos
73
KEYDIR:=$(DESTDIR)/etc/keys/mandos
74
MANDIR:=$(PREFIX)/share/man
75
INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools
76
DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos
77
STATEDIR:=$(DESTDIR)/var/lib/mandos
78
LIBDIR:=$(shell \
46
PREFIX=$(DESTDIR)/usr
47
CONFDIR=$(DESTDIR)/etc/mandos
48
KEYDIR=$(DESTDIR)/etc/keys/mandos
49
MANDIR=$(PREFIX)/share/man
50
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
51
STATEDIR=$(DESTDIR)/var/lib/mandos
52
LIBDIR=$(shell \
79
53
for d in \
80
"/usr/lib/`dpkg-architecture \
81
-qDEB_HOST_MULTIARCH 2>/dev/null`" \
54
"/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \
82
55
"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \
83
56
if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \
84
57
echo "$(DESTDIR)$$d"; \
85
58
break; \
86
59
fi; \
87
60
done)
88
DBUSPOLICYDIR:=$(DESTDIR)/usr/share/dbus-1/system.d
89
61
##
90
62
91
SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
92
--variable=systemdsystemunitdir)
93
TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
94
--variable=tmpfilesdir)
95
SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \
96
--variable=sysusersdir)
63
SYSTEMD=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)
97
64
98
GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)
99
GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)
100
AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)
101
AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)
102
GPGME_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gpgme 2>/dev/null \
103
|| gpgme-config --cflags; getconf LFS_CFLAGS)
104
GPGME_LIBS:=$(shell $(PKG_CONFIG) --libs gpgme 2>/dev/null \
105
|| gpgme-config --libs; getconf LFS_LIBS; \
65
GNUTLS_CFLAGS=$(shell pkg-config --cflags-only-I gnutls)
66
GNUTLS_LIBS=$(shell pkg-config --libs gnutls)
67
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
68
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
69
GPGME_CFLAGS=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)
70
GPGME_LIBS=$(shell gpgme-config --libs; getconf LFS_LIBS; \
106
71
getconf LFS_LDFLAGS)
107
LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)
108
LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)
109
GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)
110
GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)
111
72
112
73
# Do not change these two
113
74
CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
114
$(LANGUAGE) -DVERSION='"$(version)"'
115
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \
116
) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
75
$(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) \
76
-DVERSION='"$(version)"'
77
LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))
117
78
118
79
# Commands to format a DocBook <refentry> document into a manual page
119
80
DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \
125
86
/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
126
87
$(notdir $<); \
127
88
if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \
128
&& command -v man >/dev/null; then LANG=en_US.UTF-8 \
129
MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \
130
$(notdir $@); fi >/dev/null)
89
&& type man 2>/dev/null; then LANG=en_US.UTF-8 MANWIDTH=80 \
90
man --warnings --encoding=UTF-8 --local-file $(notdir $@); \
91
fi >/dev/null)
131
92
132
93
DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \
133
94
--param make.year.ranges 1 \
139
100
/usr/share/xml/docbook/stylesheet/nwalsh/xhtml/docbook.xsl \
140
101
$<; $(HTMLPOST) $@)
141
102
# Fix citerefentry links
142
HTMLPOST:=$(SED) --in-place \
103
HTMLPOST=$(SED) --in-place \
143
104
--expression='s/\(<a class="citerefentry" href="\)\("><span class="citerefentry"><span class="refentrytitle">\)\([^<]*\)\(<\/span>(\)\([^)]*\)\()<\/span><\/a>\)/\1\3.\5\2\3\4\5\6/g'
144
105
145
PLUGINS:=plugins.d/password-prompt plugins.d/mandos-client \
106
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
146
107
plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
147
108
plugins.d/plymouth
148
PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel
149
CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \
150
$(PLUGIN_HELPERS)
151
PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
152
DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
109
CPROGS=plugin-runner $(PLUGINS)
110
PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
111
DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
153
112
mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
154
dracut-module/password-agent.8mandos \
155
113
plugins.d/mandos-client.8mandos \
156
114
plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \
157
115
plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \
158
116
plugins.d/plymouth.8mandos intro.8mandos
159
117
160
htmldocs:=$(addsuffix .xhtml,$(DOCS))
161
162
objects:=$(addsuffix .o,$(CPROGS))
163
164
.PHONY: all
118
htmldocs=$(addsuffix .xhtml,$(DOCS))
119
120
objects=$(addsuffix .o,$(CPROGS))
121
165
122
all: $(PROGS) mandos.lsm
166
123
167
.PHONY: doc
168
124
doc: $(DOCS)
169
125
170
.PHONY: html
171
126
html: $(htmldocs)
172
127
173
128
%.5: %.xml common.ent legalnotice.xml
232
187
overview.xml legalnotice.xml
233
188
$(DOCBOOKTOHTML)
234
189
235
dracut-module/password-agent.8mandos: \
236
dracut-module/password-agent.xml common.ent \
237
overview.xml legalnotice.xml
238
$(DOCBOOKTOMAN)
239
dracut-module/password-agent.8mandos.xhtml: \
240
dracut-module/password-agent.xml common.ent \
241
overview.xml legalnotice.xml
242
$(DOCBOOKTOHTML)
243
244
190
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
245
191
common.ent \
246
192
mandos-options.xml \
289
235
--expression='s/\(mandos_\)[0-9.]\+\(\.orig\.tar\.gz\)/\1$(version)\2/' \
290
236
$@)
291
237
292
# Uses nested functions
293
plugin-runner: LDFLAGS += -Xlinker --no-warn-execstack
294
dracut-module/password-agent: LDFLAGS += -Xlinker --no-warn-execstack
295
plugins.d/password-prompt: LDFLAGS += -Xlinker --no-warn-execstack
296
plugins.d/mandos-client: LDFLAGS += -Xlinker --no-warn-execstack
297
plugins.d/plymouth: LDFLAGS += -Xlinker --no-warn-execstack
298
299
# Need to add the GnuTLS, Avahi and GPGME libraries
300
plugins.d/mandos-client: CFLAGS += $(GNUTLS_CFLAGS) $(strip \
301
) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
302
plugins.d/mandos-client: LDLIBS += $(GNUTLS_LIBS) $(strip \
303
) $(AVAHI_LIBS) $(GPGME_LIBS)
304
305
# Need to add the libnl-route library
306
plugin-helpers/mandos-client-iprouteadddel: CFLAGS += $(LIBNL3_CFLAGS)
307
plugin-helpers/mandos-client-iprouteadddel: LDLIBS += $(LIBNL3_LIBS)
308
309
# Need to add the GLib and pthread libraries
310
dracut-module/password-agent: CFLAGS += $(GLIB_CFLAGS)
311
# Note: -lpthread is unnecessary with the GNU C library 2.34 or later
312
dracut-module/password-agent: LDLIBS += $(GLIB_LIBS) -lpthread
313
314
.PHONY: clean
238
plugins.d/mandos-client: plugins.d/mandos-client.c
239
$(LINK.c) $^ -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\
240
) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@
241
242
.PHONY : all doc html clean distclean mostlyclean maintainer-clean \
243
check run-client run-server install install-html \
244
install-server install-client-nokey install-client uninstall \
245
uninstall-server uninstall-client purge purge-server \
246
purge-client
247
315
248
clean:
316
249
-rm --force $(CPROGS) $(objects) $(htmldocs) $(DOCS) core
317
250
318
.PHONY: distclean
319
251
distclean: clean
320
.PHONY: mostlyclean
321
252
mostlyclean: clean
322
.PHONY: maintainer-clean
323
253
maintainer-clean: clean
324
254
-rm --force --recursive keydir confdir statedir
325
255
326
.PHONY: check
327
check: all
256
check: all
328
257
./mandos --check
329
258
./mandos-ctl --check
330
./mandos-keygen --version
331
./plugin-runner --version
332
./plugin-helpers/mandos-client-iprouteadddel --version
333
./dracut-module/password-agent --test
334
259
335
260
# Run the client with a local config and key
336
.PHONY: run-client
337
run-client: all keydir/seckey.txt keydir/pubkey.txt \
338
keydir/tls-privkey.pem keydir/tls-pubkey.pem
339
@echo '######################################################'
340
@echo '# The following error messages are harmless and can #'
341
@echo '# be safely ignored: #'
342
@echo '## From plugin-runner: #'
343
@echo '# setgid: Operation not permitted #'
344
@echo '# setuid: Operation not permitted #'
345
@echo '## From askpass-fifo: #'
346
@echo '# mkfifo: Permission denied #'
347
@echo '## From mandos-client: #'
348
@echo '# Failed to raise privileges: Operation not permi... #'
349
@echo '# Warning: network hook "*" exited with status * #'
350
@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'
351
@echo '# Failed to bring up interface "*": Operation not... #'
352
@echo '# #'
353
@echo '# (The messages are caused by not running as root, #'
354
@echo '# but you should NOT run "make run-client" as root #'
355
@echo '# unless you also unpacked and compiled Mandos as #'
356
@echo '# root, which is also NOT recommended.) #'
357
@echo '######################################################'
261
run-client: all keydir/seckey.txt keydir/pubkey.txt
262
@echo "###################################################################"
263
@echo "# The following error messages are harmless and can be safely #"
264
@echo "# ignored. The messages are caused by not running as root, but #"
265
@echo "# you should NOT run \"make run-client\" as root unless you also #"
266
@echo "# unpacked and compiled Mandos as root, which is NOT recommended. #"
267
@echo "# From plugin-runner: setgid: Operation not permitted #"
268
@echo "# setuid: Operation not permitted #"
269
@echo "# From askpass-fifo: mkfifo: Permission denied #"
270
@echo "# From mandos-client: #"
271
@echo "# Failed to raise privileges: Operation not permitted #"
272
@echo "# Warning: network hook \"*\" exited with status * #"
273
@echo "###################################################################"
358
274
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
359
275
./plugin-runner --plugin-dir=plugins.d \
360
--plugin-helper-dir=plugin-helpers \
361
276
--config-file=plugin-runner.conf \
362
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \
277
--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
363
278
--env-for=mandos-client:GNOME_KEYRING_CONTROL= \
364
279
$(CLIENTARGS)
365
280
366
281
# Used by run-client
367
keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen
282
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
368
283
install --directory keydir
369
284
./mandos-keygen --dir keydir --force
370
if ! [ -e keydir/tls-privkey.pem ]; then \
371
install --mode=u=rw /dev/null keydir/tls-privkey.pem; \
372
fi
373
if ! [ -e keydir/tls-pubkey.pem ]; then \
374
install --mode=u=rw /dev/null keydir/tls-pubkey.pem; \
375
fi
376
285
377
286
# Run the server with a local config
378
.PHONY: run-server
379
287
run-server: confdir/mandos.conf confdir/clients.conf statedir
380
288
./mandos --debug --no-dbus --configdir=confdir \
381
289
--statedir=statedir $(SERVERARGS)
382
290
383
291
# Used by run-server
384
292
confdir/mandos.conf: mandos.conf
385
install -D --mode=u=rw,go=r $^ $@
386
confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem
387
install -D --mode=u=rw $< $@
293
install --directory confdir
294
install --mode=u=rw,go=r $^ $@
295
confdir/clients.conf: clients.conf keydir/seckey.txt
296
install --directory confdir
297
install --mode=u=rw $< $@
388
298
# Add a client password
389
299
./mandos-keygen --dir keydir --password --no-ssh >> $@
390
300
statedir:
391
301
install --directory statedir
392
302
393
.PHONY: install
394
303
install: install-server install-client-nokey
395
304
396
.PHONY: install-html
397
305
install-html: html
398
install -D --mode=u=rw,go=r --target-directory=$(htmldir) \
306
install --directory $(htmldir)
307
install --mode=u=rw,go=r --target-directory=$(htmldir) \
399
308
$(htmldocs)
400
309
401
.PHONY: install-server
402
310
install-server: doc
311
install --directory $(CONFDIR)
403
312
if install --directory --mode=u=rwx --owner=$(USER) \
404
313
--group=$(GROUP) $(STATEDIR); then \
405
314
:; \
406
315
elif install --directory --mode=u=rwx $(STATEDIR); then \
407
316
chown -- $(USER):$(GROUP) $(STATEDIR) || :; \
408
317
fi
409
if [ "$(TMPFILES)" != "$(DESTDIR)" ]; then \
410
install -D --mode=u=rw,go=r tmpfiles.d-mandos.conf \
411
$(TMPFILES)/mandos.conf; \
412
fi
413
if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
414
install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
415
$(SYSUSERS)/mandos.conf; \
416
fi
417
install --directory $(PREFIX)/sbin
418
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
419
mandos
318
install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
420
319
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
421
320
mandos-ctl
422
321
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
423
322
mandos-monitor
424
install --directory $(CONFDIR)
425
323
install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
426
324
mandos.conf
427
325
install --mode=u=rw --target-directory=$(CONFDIR) \
428
326
clients.conf
429
install -D --mode=u=rw,go=r dbus-mandos.conf \
430
$(DBUSPOLICYDIR)/mandos.conf
431
install -D --mode=u=rwx,go=rx init.d-mandos \
327
install --mode=u=rw,go=r dbus-mandos.conf \
328
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
329
install --mode=u=rwx,go=rx init.d-mandos \
432
330
$(DESTDIR)/etc/init.d/mandos
433
if [ "$(SYSTEMD)" != "$(DESTDIR)" ]; then \
434
install -D --mode=u=rw,go=r mandos.service \
435
$(SYSTEMD); \
331
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
332
install --mode=u=rw,go=r mandos.service $(SYSTEMD); \
436
333
fi
437
install -D --mode=u=rw,go=r default-mandos \
334
install --mode=u=rw,go=r default-mandos \
438
335
$(DESTDIR)/etc/default/mandos
439
336
if [ -z $(DESTDIR) ]; then \
440
337
update-rc.d mandos defaults 25 15;\
441
338
fi
442
install --directory $(MANDIR)/man8 $(MANDIR)/man5
443
339
gzip --best --to-stdout mandos.8 \
444
340
> $(MANDIR)/man8/mandos.8.gz
445
341
gzip --best --to-stdout mandos-monitor.8 \
453
349
gzip --best --to-stdout intro.8mandos \
454
350
> $(MANDIR)/man8/intro.8mandos.gz
455
351
456
.PHONY: install-client-nokey
457
352
install-client-nokey: all doc
353
install --directory $(LIBDIR)/mandos $(CONFDIR)
458
354
install --directory --mode=u=rwx $(KEYDIR) \
459
$(LIBDIR)/mandos/plugins.d \
460
$(LIBDIR)/mandos/plugin-helpers
461
if [ "$(SYSUSERS)" != "$(DESTDIR)" ]; then \
462
install -D --mode=u=rw,go=r sysusers.d-mandos.conf \
463
$(SYSUSERS)/mandos-client.conf; \
464
fi
355
$(LIBDIR)/mandos/plugins.d
465
356
if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
466
install --directory \
467
--mode=u=rwx "$(CONFDIR)/plugins.d" \
468
"$(CONFDIR)/plugin-helpers"; \
357
install --mode=u=rwx \
358
--directory "$(CONFDIR)/plugins.d"; \
469
359
fi
470
install --directory --mode=u=rwx,go=rx \
360
install --mode=u=rwx,go=rx --directory \
471
361
"$(CONFDIR)/network-hooks.d"
472
362
install --mode=u=rwx,go=rx \
473
363
--target-directory=$(LIBDIR)/mandos plugin-runner
474
install --mode=u=rwx,go=rx \
475
--target-directory=$(LIBDIR)/mandos \
476
mandos-to-cryptroot-unlock
477
install --directory $(PREFIX)/sbin
478
364
install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
479
365
mandos-keygen
480
366
install --mode=u=rwx,go=rx \
495
381
install --mode=u=rwxs,go=rx \
496
382
--target-directory=$(LIBDIR)/mandos/plugins.d \
497
383
plugins.d/plymouth
498
install --mode=u=rwx,go=rx \
499
--target-directory=$(LIBDIR)/mandos/plugin-helpers \
500
plugin-helpers/mandos-client-iprouteadddel
501
install -D initramfs-tools-hook \
384
install initramfs-tools-hook \
502
385
$(INITRAMFSTOOLS)/hooks/mandos
503
install -D --mode=u=rw,go=r initramfs-tools-conf \
504
$(INITRAMFSTOOLS)/conf.d/mandos-conf
505
install -D --mode=u=rw,go=r initramfs-tools-conf-hook \
506
$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos
507
install -D initramfs-tools-script \
386
install --mode=u=rw,go=r initramfs-tools-hook-conf \
387
$(INITRAMFSTOOLS)/conf-hooks.d/mandos
388
install initramfs-tools-script \
508
389
$(INITRAMFSTOOLS)/scripts/init-premount/mandos
509
install -D initramfs-tools-script-stop \
510
$(INITRAMFSTOOLS)/scripts/local-premount/mandos
511
install -D --mode=u=rw,go=r \
512
--target-directory=$(DRACUTMODULE) \
513
dracut-module/ask-password-mandos.path \
514
dracut-module/ask-password-mandos.service
515
install --mode=u=rwxs,go=rx \
516
--target-directory=$(DRACUTMODULE) \
517
dracut-module/module-setup.sh \
518
dracut-module/cmdline-mandos.sh \
519
dracut-module/password-agent
520
390
install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
521
install --directory $(MANDIR)/man8
522
391
gzip --best --to-stdout mandos-keygen.8 \
523
392
> $(MANDIR)/man8/mandos-keygen.8.gz
524
393
gzip --best --to-stdout plugin-runner.8mandos \
535
404
> $(MANDIR)/man8/askpass-fifo.8mandos.gz
536
405
gzip --best --to-stdout plugins.d/plymouth.8mandos \
537
406
> $(MANDIR)/man8/plymouth.8mandos.gz
538
gzip --best --to-stdout dracut-module/password-agent.8mandos \
539
> $(MANDIR)/man8/password-agent.8mandos.gz
540
407
541
.PHONY: install-client
542
408
install-client: install-client-nokey
543
409
# Post-installation stuff
544
410
-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
545
if command -v update-initramfs >/dev/null; then \
546
update-initramfs -k all -u; \
547
elif command -v dracut >/dev/null; then \
548
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
549
if [ -w "$$initrd" ]; then \
550
chmod go-r "$$initrd"; \
551
dracut --force "$$initrd"; \
552
fi; \
553
done; \
554
fi
411
update-initramfs -k all -u
555
412
echo "Now run mandos-keygen --password --dir $(KEYDIR)"
556
413
557
.PHONY: uninstall
558
414
uninstall: uninstall-server uninstall-client
559
415
560
.PHONY: uninstall-server
561
416
uninstall-server:
562
417
-rm --force $(PREFIX)/sbin/mandos \
563
418
$(PREFIX)/sbin/mandos-ctl \
570
425
update-rc.d -f mandos remove
571
426
-rmdir $(CONFDIR)
572
427
573
.PHONY: uninstall-client
574
428
uninstall-client:
575
429
# Refuse to uninstall client if /etc/crypttab is explicitly configured
576
430
# to use it.
587
441
$(INITRAMFSTOOLS)/hooks/mandos \
588
442
$(INITRAMFSTOOLS)/conf-hooks.d/mandos \
589
443
$(INITRAMFSTOOLS)/scripts/init-premount/mandos \
590
$(INITRAMFSTOOLS)/scripts/local-premount/mandos \
591
$(DRACUTMODULE)/ask-password-mandos.path \
592
$(DRACUTMODULE)/ask-password-mandos.service \
593
$(DRACUTMODULE)/module-setup.sh \
594
$(DRACUTMODULE)/cmdline-mandos.sh \
595
$(DRACUTMODULE)/password-agent \
596
444
$(MANDIR)/man8/mandos-keygen.8.gz \
597
445
$(MANDIR)/man8/plugin-runner.8mandos.gz \
598
446
$(MANDIR)/man8/mandos-client.8mandos.gz
601
449
$(MANDIR)/man8/splashy.8mandos.gz \
602
450
$(MANDIR)/man8/askpass-fifo.8mandos.gz \
603
451
$(MANDIR)/man8/plymouth.8mandos.gz \
604
$(MANDIR)/man8/password-agent.8mandos.gz \
605
452
-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \
606
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)
607
if command -v update-initramfs >/dev/null; then \
608
update-initramfs -k all -u; \
609
elif command -v dracut >/dev/null; then \
610
for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \
611
test -w "$$initrd" && dracut --force "$$initrd"; \
612
done; \
613
fi
453
$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR)
454
update-initramfs -k all -u
614
455
615
.PHONY: purge
616
456
purge: purge-server purge-client
617
457
618
.PHONY: purge-server
619
458
purge-server: uninstall-server
620
459
-rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
621
460
$(DESTDIR)/etc/dbus-1/system.d/mandos.conf
622
461
$(DESTDIR)/etc/default/mandos \
623
462
$(DESTDIR)/etc/init.d/mandos \
463
$(SYSTEMD)/mandos.service \
624
464
$(DESTDIR)/run/mandos.pid \
625
465
$(DESTDIR)/var/run/mandos.pid
626
if [ "$(SYSTEMD)" != "$(DESTDIR)" -a -d "$(SYSTEMD)" ]; then \
627
-rm --force -- $(SYSTEMD)/mandos.service; \
628
fi
629
466
-rmdir $(CONFDIR)
630
467
631
.PHONY: purge-client
632
468
purge-client: uninstall-client
633
-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem
469
-shred --remove $(KEYDIR)/seckey.txt
634
470
-rm --force $(CONFDIR)/plugin-runner.conf \
635
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \
636
$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt
471
$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
637
472
-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0