/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2008-08-16 03:29:08 UTC
  • Revision ID: teddy@fukt.bsnet.se-20080816032908-ihw7c05r2mnyk389
Add feature to specify custom environment variables for plugins.

* plugin-runner.c (plugin): New members "environ" and "envc" to
                            contain possible custom environment.
  (getplugin): Return NULL on failure instead of doing exit(); all
               callers changed.
  (add_to_char_array): New helper function for "add_argument" and
                       "add_environment".
  (addargument): Renamed to "add_argument".  Return bool.  Call
                 "add_to_char_array" to actually do things.
  (add_environment): New; analogous to "add_argument".
  (addcustomargument): Renamed to "add_to_argv" to avoid confusion
                       with "add_argument".
  (main): New options "--global-envs" and "--envs-for" to specify
          custom environment for plugins.  Print environment for
          plugins in debug mode.  Use asprintf instead of strcpy and
          strcat.  Use execve() for plugins with custom environments.
          Free environment for plugin when freeing plugin list.

Show diffs side-by-side

added added

removed removed

Lines of Context:
4
4
        -Wunsafe-loop-optimizations -Wpointer-arith \
5
5
        -Wbad-function-cast -Wcast-qual -Wcast-align -Wwrite-strings \
6
6
        -Wconversion -Wstrict-prototypes -Wold-style-definition \
7
 
        -Wpacked -Wnested-externs -Winline -Wvolatile-register-var
8
 
#       -Wunreachable-code 
9
 
#DEBUG=-ggdb3
 
7
        -Wpacked -Wnested-externs -Wunreachable-code -Winline \
 
8
        -Wvolatile-register-var
 
9
DEBUG=-ggdb3
10
10
# For info about _FORTIFY_SOURCE, see
11
11
# <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>
12
12
FORTIFY=-D_FORTIFY_SOURCE=2 # -fstack-protector-all
13
13
#COVERAGE=--coverage
14
14
OPTIMIZE=-Os
15
15
LANGUAGE=-std=gnu99
16
 
 
17
 
## Use these settings for a traditional /usr/local install
18
 
# PREFIX=$(DESTDIR)/usr/local
19
 
# CONFDIR=$(DESTDIR)/etc/mandos
20
 
# KEYDIR=$(DESTDIR)/etc/mandos/keys
21
 
# MANDIR=$(PREFIX)/man
22
 
# INITRAMFSTOOLS=$(DESTDIR)/etc/initramfs-tools
23
 
##
24
 
 
25
 
## These settings are for a package-type install
26
 
PREFIX=$(DESTDIR)/usr
27
 
CONFDIR=$(DESTDIR)/etc/mandos
28
 
KEYDIR=$(DESTDIR)/etc/keys/mandos
29
 
MANDIR=$(PREFIX)/share/man
30
 
INITRAMFSTOOLS=$(DESTDIR)/usr/share/initramfs-tools
31
 
##
32
 
 
33
 
GNUTLS_CFLAGS=$(shell libgnutls-config --cflags)
34
 
GNUTLS_LIBS=$(shell libgnutls-config --libs)
35
 
AVAHI_CFLAGS=$(shell pkg-config --cflags-only-I avahi-core)
36
 
AVAHI_LIBS=$(shell pkg-config --libs avahi-core)
37
 
GPGME_CFLAGS=$(shell gpgme-config --cflags)
38
 
GPGME_LIBS=$(shell gpgme-config --libs)
 
16
# PREFIX=/usr/local
 
17
PREFIX=/usr
 
18
# CONFDIR=/usr/local/lib/mandos
 
19
CONFDIR=/etc/mandos
 
20
# MANDIR=/usr/local/man
 
21
MANDIR=/usr/share/man
39
22
 
40
23
# Do not change these two
41
 
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \
42
 
        $(LANGUAGE) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS)
 
24
CFLAGS=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) $(LANGUAGE)
43
25
LDFLAGS=$(COVERAGE)
44
26
 
45
 
# Commands to format a DocBook <refentry> document into a manual page
46
 
DOCBOOKTOMAN=cd $(dir $<); xsltproc --nonet --xinclude \
 
27
DOCBOOKTOMAN=xsltproc --nonet \
47
28
        --param man.charmap.use.subset          0 \
48
29
        --param make.year.ranges                1 \
49
30
        --param make.single.year.ranges         1 \
50
31
        --param man.output.quietly              1 \
51
 
        --param man.authors.section.enabled     0 \
52
 
         /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \
53
 
        $(notdir $<); \
54
 
        $(MANPOST) $(notdir $@)
55
 
# DocBook-to-man post-processing to fix a '\n' escape bug
56
 
MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
 
32
        --param man.authors.section.enabled     0
57
33
 
58
 
PLUGINS=plugins.d/password-prompt plugins.d/mandos-client
 
34
PLUGINS=plugins.d/password-prompt plugins.d/password-request
59
35
PROGS=plugin-runner $(PLUGINS)
60
36
DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
61
 
        plugins.d/mandos-client.8mandos \
 
37
        plugins.d/password-request.8mandos \
62
38
        plugins.d/password-prompt.8mandos mandos.conf.5 \
63
39
        mandos-clients.conf.5
64
40
 
65
 
objects=$(addsuffix .o,$(PROGS))
 
41
objects=$(shell for p in $(PROGS); do echo $${p}.o; done)
66
42
 
67
43
all: $(PROGS)
68
44
 
69
45
doc: $(DOCS)
70
46
 
71
 
%.5: %.xml legalnotice.xml
72
 
        $(DOCBOOKTOMAN)
73
 
 
74
 
%.8: %.xml legalnotice.xml
75
 
        $(DOCBOOKTOMAN)
76
 
 
77
 
%.8mandos: %.xml legalnotice.xml
78
 
        $(DOCBOOKTOMAN)
79
 
 
80
 
mandos.8: mandos.xml mandos-options.xml overview.xml legalnotice.xml
81
 
        $(DOCBOOKTOMAN)
82
 
 
83
 
mandos-keygen.8: mandos-keygen.xml overview.xml legalnotice.xml
84
 
        $(DOCBOOKTOMAN)
85
 
 
86
 
mandos.conf.5: mandos.conf.xml mandos-options.xml legalnotice.xml
87
 
        $(DOCBOOKTOMAN)
88
 
 
89
 
plugin-runner.8mandos: plugin-runner.xml overview.xml legalnotice.xml
90
 
        $(DOCBOOKTOMAN)
91
 
 
92
 
plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \
93
 
                                        mandos-options.xml \
94
 
                                        overview.xml legalnotice.xml
95
 
        $(DOCBOOKTOMAN)
96
 
 
97
 
plugins.d/mandos-client: plugins.d/mandos-client.o
98
 
        $(LINK.o) $(GNUTLS_LIBS) $(AVAHI_LIBS) $(GPGME_LIBS) \
99
 
                $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
100
 
 
101
 
.PHONY : all doc clean distclean run-client run-server install \
 
47
%.5: %.xml
 
48
        cd $(dir $^); $(DOCBOOKTOMAN) $(notdir $^)
 
49
 
 
50
%.8: %.xml
 
51
        cd $(dir $^); $(DOCBOOKTOMAN) $(notdir $^)
 
52
 
 
53
%.8mandos: %.xml
 
54
        cd $(dir $^); $(DOCBOOKTOMAN) $(notdir $^)
 
55
 
 
56
plugin-runner: plugin-runner.o
 
57
        $(LINK.o) -lgnutls $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
 
58
 
 
59
plugins.d/password-request: plugins.d/password-request.o
 
60
        $(LINK.o) -lgnutls -lavahi-core -lgpgme $(COMMON) $^ \
 
61
                $(LOADLIBES) $(LDLIBS) -o $@
 
62
 
 
63
plugins.d/password-prompt: plugins.d/password-prompt.o
 
64
        $(LINK.o) $(COMMON) $^ $(LOADLIBES) $(LDLIBS) -o $@
 
65
 
 
66
.PHONY : all clean distclean run-client run-server install \
102
67
        install-server install-client uninstall uninstall-server \
103
68
        uninstall-client purge purge-server purge-client
104
69
 
108
73
distclean: clean
109
74
mostlyclean: clean
110
75
maintainer-clean: clean
111
 
        -rm --force --recursive keydir confdir
 
76
        -rm --force --recursive keydir
112
77
 
113
78
check:
114
79
        ./mandos --check
115
80
 
116
 
# Run the client with a local config and key
117
 
run-client: all keydir/seckey.txt keydir/pubkey.txt
 
81
run-client: all
 
82
        -mkdir keydir
 
83
        -./mandos-keygen --dir keydir
118
84
        ./plugin-runner --plugin-dir=plugins.d \
119
 
                --config-file=plugin-runner.conf \
120
 
                --options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt
121
 
 
122
 
# Used by run-client
123
 
keydir/seckey.txt keydir/pubkey.txt: mandos-keygen
124
 
        install --directory keydir
125
 
        ./mandos-keygen --dir keydir --force
126
 
 
127
 
# Run the server with a local config
128
 
run-server: confdir/mandos.conf confdir/clients.conf
129
 
        ./mandos --debug --configdir=confdir
130
 
 
131
 
# Used by run-server
132
 
confdir/mandos.conf: mandos.conf
133
 
        install --directory confdir
134
 
        install --mode=u=rw,go=r $^ $@
135
 
confdir/clients.conf: clients.conf keydir/seckey.txt
136
 
        install --directory confdir
137
 
        install --mode=u=rw $< $@
138
 
# Add a client password
139
 
        ./mandos-keygen --dir keydir --password >> $@
140
 
 
141
 
install: install-server install-client-nokey
 
85
                --options-for=password-request:--keydir=keydir
 
86
 
 
87
run-server:
 
88
        ./mandos --debug --configdir=.
 
89
 
 
90
install: install-server install-client
142
91
 
143
92
install-server: doc
144
 
        install --directory $(CONFDIR)
145
 
        install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos
146
 
        install --mode=u=rw,go=r --target-directory=$(CONFDIR) \
147
 
                mandos.conf
148
 
        install --mode=u=rw --target-directory=$(CONFDIR) \
 
93
        mkdir --mode=0755 --parents $(CONFDIR) $(MANDIR)/man5 \
 
94
                $(MANDIR)/man8
 
95
        install --mode=0755 mandos $(PREFIX)/sbin/mandos
 
96
        install --mode=0644 --target-directory=$(CONFDIR) mandos.conf
 
97
        install --mode=0640 --target-directory=$(CONFDIR) \
149
98
                clients.conf
150
 
        install --mode=u=rwx,go=rx init.d-mandos \
151
 
                $(DESTDIR)/etc/init.d/mandos
152
 
        install --mode=u=rw,go=r default-mandos \
153
 
                $(DESTDIR)/etc/default/mandos
154
 
        update-rc.d mandos defaults
155
99
        gzip --best --to-stdout mandos.8 \
156
100
                > $(MANDIR)/man8/mandos.8.gz
157
101
        gzip --best --to-stdout mandos.conf.5 \
159
103
        gzip --best --to-stdout mandos-clients.conf.5 \
160
104
                > $(MANDIR)/man5/mandos-clients.conf.5.gz
161
105
 
162
 
install-client-nokey: all doc
163
 
        install --directory $(PREFIX)/lib/mandos $(CONFDIR)
164
 
        install --directory --mode=u=rwx $(KEYDIR) \
165
 
                $(PREFIX)/lib/mandos/plugins.d
166
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
167
 
                install --mode=u=rwx \
168
 
                        --directory "$(CONFDIR)/plugins.d" && \
169
 
                install --mode=u=rw,go=r etc-plugins.d-README \
170
 
                        $(CONFDIR)/plugins.d/README ; \
171
 
        fi
172
 
        install --mode=u=rwx,go=rx \
173
 
                --target-directory=$(PREFIX)/lib/mandos plugin-runner
174
 
        install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \
 
106
install-client: all doc /usr/share/initramfs-tools/hooks/.
 
107
        mkdir --mode=0755 --parents $(PREFIX)/lib/mandos $(CONFDIR) \
 
108
                $(MANDIR)/man8
 
109
        -mkdir --mode=0700 $(PREFIX)/lib/mandos/plugins.d
 
110
        chmod u=rwx,g=,o= $(PREFIX)/lib/mandos/plugins.d
 
111
        install --mode=0755 --target-directory=$(PREFIX)/lib/mandos \
 
112
                plugin-runner
 
113
        install --mode=0755 --target-directory=$(PREFIX)/sbin \
175
114
                mandos-keygen
176
 
        install --mode=u=rwx,go=rx \
 
115
        install --mode=0755 \
177
116
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
178
117
                plugins.d/password-prompt
179
 
        install --mode=u=rwxs,go=rx \
180
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
181
 
                plugins.d/mandos-client
182
 
        install --mode=u=rwx,go=rx \
183
 
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
184
 
                plugins.d/usplash
 
118
        install --mode=4755 \
 
119
                --target-directory=$(PREFIX)/lib/mandos/plugins.d \
 
120
                plugins.d/password-request
185
121
        install initramfs-tools-hook \
186
 
                $(INITRAMFSTOOLS)/hooks/mandos
187
 
        install --mode=u=rw,go=r initramfs-tools-hook-conf \
188
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos
 
122
                /usr/share/initramfs-tools/hooks/mandos
 
123
        install initramfs-tools-hook-conf \
 
124
                /usr/share/initramfs-tools/conf-hooks.d/mandos
189
125
        install initramfs-tools-script \
190
 
                $(INITRAMFSTOOLS)/scripts/local-top/mandos
191
 
        install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)
 
126
                /usr/share/initramfs-tools/scripts/local-top/mandos
192
127
        gzip --best --to-stdout mandos-keygen.8 \
193
128
                > $(MANDIR)/man8/mandos-keygen.8.gz
194
129
        gzip --best --to-stdout plugin-runner.8mandos \
195
130
                > $(MANDIR)/man8/plugin-runner.8mandos.gz
196
131
        gzip --best --to-stdout plugins.d/password-prompt.8mandos \
197
132
                > $(MANDIR)/man8/password-prompt.8mandos.gz
198
 
        gzip --best --to-stdout plugins.d/mandos-client.8mandos \
199
 
                > $(MANDIR)/man8/mandos-client.8mandos.gz
200
 
 
201
 
install-client: install-client-nokey
202
 
# Post-installation stuff
203
 
        -$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"
 
133
        gzip --best --to-stdout plugins.d/password-request.8mandos \
 
134
                > $(MANDIR)/man8/password-request.8mandos.gz
 
135
        -$(PREFIX)/sbin/mandos-keygen
204
136
        update-initramfs -k all -u
205
 
        echo "Now run mandos-keygen --password --dir $(KEYDIR)"
206
137
 
207
138
uninstall: uninstall-server uninstall-client
208
139
 
209
 
uninstall-server:
 
140
uninstall-server: $(PREFIX)/sbin/mandos
210
141
        -rm --force $(PREFIX)/sbin/mandos \
211
142
                $(MANDIR)/man8/mandos.8.gz \
212
143
                $(MANDIR)/man5/mandos.conf.5.gz \
213
144
                $(MANDIR)/man5/mandos-clients.conf.5.gz
214
 
        update-rc.d -f mandos remove
215
145
        -rmdir $(CONFDIR)
216
146
 
217
147
uninstall-client:
218
148
# Refuse to uninstall client if /etc/crypttab is explicitly configured
219
149
# to use it.
220
150
        ! grep --regexp='^ *[^ #].*keyscript=[^,=]*/mandos/' \
221
 
                $(DESTDIR)/etc/crypttab
 
151
                /etc/crypttab
222
152
        -rm --force $(PREFIX)/sbin/mandos-keygen \
223
153
                $(PREFIX)/lib/mandos/plugin-runner \
224
154
                $(PREFIX)/lib/mandos/plugins.d/password-prompt \
225
 
                $(PREFIX)/lib/mandos/plugins.d/mandos-client \
226
 
                $(PREFIX)/lib/mandos/plugins.d/usplash \
227
 
                $(INITRAMFSTOOLS)/hooks/mandos \
228
 
                $(INITRAMFSTOOLS)/conf-hooks.d/mandos \
229
 
                $(INITRAMFSTOOLS)/scripts/local-top/mandos \
 
155
                $(PREFIX)/lib/mandos/plugins.d/password-request \
 
156
                /usr/share/initramfs-tools/hooks/mandos \
 
157
                /usr/share/initramfs-tools/conf-hooks.d/mandos \
230
158
                $(MANDIR)/man8/plugin-runner.8mandos.gz \
231
159
                $(MANDIR)/man8/mandos-keygen.8.gz \
232
160
                $(MANDIR)/man8/password-prompt.8mandos.gz \
233
 
                $(MANDIR)/man8/mandos-client.8mandos.gz
234
 
        if [ "$(CONFDIR)" != "$(PREFIX)/lib/mandos" ]; then \
235
 
                rm --force $(CONFDIR)/plugins.d/README; \
236
 
        fi
 
161
                $(MANDIR)/man8/password-request.8mandos.gz
237
162
        -rmdir $(PREFIX)/lib/mandos/plugins.d $(CONFDIR)/plugins.d \
238
 
                 $(PREFIX)/lib/mandos $(CONFDIR) $(KEYDIR)
 
163
                 $(PREFIX)/lib/mandos $(CONFDIR)
239
164
        update-initramfs -k all -u
240
165
 
241
166
purge: purge-server purge-client
242
167
 
243
168
purge-server: uninstall-server
244
 
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf \
245
 
                $(DESTDIR)/etc/default/mandos \
246
 
                $(DESTDIR)/etc/init.d/mandos \
247
 
                $(DESTDIR)/var/run/mandos.pid
 
169
        -rm --force $(CONFDIR)/mandos.conf $(CONFDIR)/clients.conf
248
170
        -rmdir $(CONFDIR)
249
171
 
250
172
purge-client: uninstall-client
251
 
        -shred --remove $(KEYDIR)/seckey.txt
252
 
        -rm --force $(CONFDIR)/plugin-runner.conf \
253
 
                $(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt
254
 
        -rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)
 
173
        -rm --force $(CONFDIR)/seckey.txt $(CONFDIR)/pubkey.txt
 
174
        -rmdir $(CONFDIR) $(CONFDIR)/plugins.d