/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2015-07-01 20:01:26 UTC
  • mto: This revision was merged to the branch mainline in revision 759.
  • Revision ID: teddy@recompile.se-20150701200126-qb3f6c3jcas2f4og
mandos-client: Try to start a plugin to add and remove a local route.

* debian/mandos-client.README.Debian: Add setting of environment
                                      variable MANDOSPLUGINHELPERDIR
                                      to command line testing
                                      mandos-client.
* mandos-client.c (raise_privileges): Moved to top of file.
                  (raise_privileges_permanently): - '' -
                  (lower_privileges): - '' -
                  (lower_privileges_permanently): - '' -
  (add_remove_local_route, add_local_route, remove_local_route): New.
  (start_mandos_communication): Set SOCK_CLOEXEC flag on socket.  Run
                                the above functions to add (and
                                remove) local route, if the conditions
                                indicates it could help.
  (run_network_hooks): Use O_DIRECTORY, O_PATH, and O_CLOEXEC flags
                       when opening network hook directory. Do
                       TEMP_FAILURE_RETRY around opening of /dev/null
                       and network hook executables.  Move redirecting
                       of stdout and stderr to as late as possible
                       before fexecve().
  (main): Use O_DIRECTORY and O_PATH when opening temporary directory.
* plugins.d/mandos-client.xml (ENVIRONMENT): Document usage of the
                                             MANDOSPLUGINHELPERDIR
                                             environment variable.

Show diffs side-by-side

added added

removed removed

Lines of Context:
Makefile
26
26
OPTIMIZE=-Os -fno-strict-aliasing
27
27
LANGUAGE=-std=gnu99
28
28
htmldir=man
29
 
version=1.6.5
 
29
version=1.6.9
30
30
SED=sed
31
31
 
32
32
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
106
106
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
107
107
        plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \
108
108
        plugins.d/plymouth
109
 
CPROGS=plugin-runner $(PLUGINS)
 
109
PLUGIN_HELPERS=
 
110
CPROGS=plugin-runner $(PLUGINS) $(PLUGIN_HELPERS)
110
111
PROGS=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)
111
112
DOCS=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \
112
113
        mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \
273
274
        @echo "###################################################################"
274
275
# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring
275
276
        ./plugin-runner --plugin-dir=plugins.d \
 
277
                --plugin-helper-dir=plugin-helpers \
276
278
                --config-file=plugin-runner.conf \
277
279
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \
278
280
                --env-for=mandos-client:GNOME_KEYRING_CONTROL= \
356
358
        if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \
357
359
                install --mode=u=rwx \
358
360
                        --directory "$(CONFDIR)/plugins.d"; \
 
361
                install --directory "$(CONFDIR)/plugin-helpers"; \
359
362
        fi
360
363
        install --mode=u=rwx,go=rx --directory \
361
364
                "$(CONFDIR)/network-hooks.d"