/mandos/trunk : revision 951

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

Committer: Teddy Hogeborn
Date: 2018-08-15 09:26:02 UTC
Revision ID: teddy@recompile.se-20180815092602-xoyb5s6gf8376i7u

http://bugs.debian.org/894495

mandos-client: Set system clock if necessary

* plugins.d/mandos-client.c (init_gpgme/import_key): If the system
  clock is not set, or set to january 1970, set the system clock to
  the more plausible value that is the mtime of the key file.  This is
  required by GnuPG to be able to import the keys.  (We can't pass the
  --ignore-time-conflict or the --ignore-valid-from options though
  GPGME.)

files added:
initramfs-tools-hook-conf

files removed:
debian/mandos-client.templates

debian/mandos.templates

debian/po/POTFILES.in

debian/po/de.po

debian/po/en_US.po

debian/po/fr.po

debian/po/pt.po

debian/po/sv.po

debian/po/templates.pot

debian/source/lintian-overrides

debian/tests

debian/tests/control

debian/upstream/metadata

dracut-module

dracut-module/ask-password-mandos.path

dracut-module/ask-password-mandos.service

dracut-module/cmdline-mandos.sh

dracut-module/module-setup.sh

dracut-module/password-agent.c

dracut-module/password-agent.xml

initramfs-tools-conf

initramfs-tools-conf-hook

initramfs-tools-script-stop

mandos-to-cryptroot-unlock

sysusers.d-mandos.conf

files modified:
.bzrignore

DBUS-API

INSTALL

Makefile

NEWS

TODO

clients.conf

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos-client.dirs

debian/mandos-client.lintian-overrides

debian/mandos-client.postinst

debian/mandos-client.postrm

debian/mandos.dirs

debian/mandos.lintian-overrides

debian/mandos.postinst

debian/rules

debian/watch

initramfs-tools-hook

initramfs-tools-script

initramfs-unpack

intro.xml

mandos

mandos-clients.conf.xml

mandos-ctl

mandos-ctl.xml

mandos-keygen

mandos-keygen.xml

mandos-monitor

mandos-monitor.xml

mandos-options.xml

mandos.conf.xml

mandos.lsm

mandos.xml

overview.xml

plugin-runner.c

plugin-runner.xml

plugins.d/askpass-fifo.c

plugins.d/askpass-fifo.xml

plugins.d/mandos-client.c

plugins.d/mandos-client.xml

plugins.d/password-prompt.c

plugins.d/password-prompt.xml

plugins.d/plymouth.c

plugins.d/plymouth.xml

plugins.d/splashy.xml

plugins.d/usplash.xml

Show diffs side-by-side

added added

removed removed

Makefile

-Wmissing-format-attribute -Wnormalized=nfc -Wpacked \

-Wredundant-decls -Wnested-externs -Winline -Wvla \

-Wvolatile-register-var -Woverlength-strings

#DEBUG:=-ggdb3 -fsanitize=address $(SANITIZE)

## Check which sanitizing options can be used

#SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \

# echo 'int main(){}' | $(CC) --language=c $(option) \

# /dev/stdin -o /dev/null >/dev/null 2>&1 && echo $(option)))

#DEBUG:=-ggdb3 -fsanitize=address

# For info about _FORTIFY_SOURCE, see feature_test_macros(7)

# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>

ALL_SANITIZE_OPTIONS:=-fsanitize=leak -fsanitize=undefined \

-fsanitize=shift -fsanitize=integer-divide-by-zero \

-fsanitize=object-size -fsanitize=float-divide-by-zero \

-fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \

-fsanitize=returns-nonnull-attribute -fsanitize=bool \

-fsanitize=enum -fsanitize-address-use-after-scope

# For info about _FORTIFY_SOURCE, see feature_test_macros(7)

# and <https://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.

FORTIFY:=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC

-fsanitize=enum

# Check which sanitizing options can be used

SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \

echo 'int main(){}' | $(CC) --language=c $(option) /dev/stdin \

-o /dev/null >/dev/null 2>&1 && echo $(option)))

LINK_FORTIFY_LD:=-z relro -z now

LINK_FORTIFY:=

#COVERAGE=--coverage

OPTIMIZE:=-Os -fno-strict-aliasing

LANGUAGE:=-std=gnu11

FEATURES:=-D_FILE_OFFSET_BITS=64

htmldir:=man

version:=1.8.9

version:=1.7.19

SED:=sed

PKG_CONFIG?=pkg-config

USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos \

|| getent passwd nobody || echo 65534)))

GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos \

|| getent group nogroup || echo 65534)))

LINUXVERSION:=$(shell uname --kernel-release)

USER:=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))

GROUP:=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nogroup || echo 65534)))

## Use these settings for a traditional /usr/local install

# PREFIX:=$(DESTDIR)/usr/local

# KEYDIR:=$(DESTDIR)/etc/mandos/keys

# MANDIR:=$(PREFIX)/man

# INITRAMFSTOOLS:=$(DESTDIR)/etc/initramfs-tools

# DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

# STATEDIR:=$(DESTDIR)/var/lib/mandos

# LIBDIR:=$(PREFIX)/lib

KEYDIR:=$(DESTDIR)/etc/keys/mandos

MANDIR:=$(PREFIX)/share/man

INITRAMFSTOOLS:=$(DESTDIR)/usr/share/initramfs-tools

DRACUTMODULE:=$(DESTDIR)/usr/lib/dracut/modules.d/90mandos

STATEDIR:=$(DESTDIR)/var/lib/mandos

LIBDIR:=$(shell \

for d in \

"/usr/lib/`dpkg-architecture \

-qDEB_HOST_MULTIARCH 2>/dev/null`" \

"/usr/lib/`dpkg-architecture -qDEB_HOST_MULTIARCH 2>/dev/null`" \

"`rpm --eval='%{_libdir}' 2>/dev/null`" /usr/lib; do \

if [ -d "$$d" -a "$$d" = "$${d%/}" ]; then \

echo "$(DESTDIR)$$d"; \

done)

SYSTEMD:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=systemdsystemunitdir)

TMPFILES:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=tmpfilesdir)

SYSUSERS:=$(DESTDIR)$(shell $(PKG_CONFIG) systemd \

--variable=sysusersdir)

SYSTEMD:=$(DESTDIR)$(shell pkg-config systemd --variable=systemdsystemunitdir)

TMPFILES:=$(DESTDIR)$(shell pkg-config systemd --variable=tmpfilesdir)

GNUTLS_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I gnutls)

GNUTLS_LIBS:=$(shell $(PKG_CONFIG) --libs gnutls)

AVAHI_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I avahi-core)

AVAHI_LIBS:=$(shell $(PKG_CONFIG) --libs avahi-core)

GNUTLS_CFLAGS:=$(shell pkg-config --cflags-only-I gnutls)

GNUTLS_LIBS:=$(shell pkg-config --libs gnutls)

AVAHI_CFLAGS:=$(shell pkg-config --cflags-only-I avahi-core)

AVAHI_LIBS:=$(shell pkg-config --libs avahi-core)

GPGME_CFLAGS:=$(shell gpgme-config --cflags; getconf LFS_CFLAGS)

100

GPGME_LIBS:=$(shell gpgme-config --libs; getconf LFS_LIBS; \

101

getconf LFS_LDFLAGS)

102

LIBNL3_CFLAGS:=$(shell $(PKG_CONFIG) --cflags-only-I libnl-route-3.0)

103

LIBNL3_LIBS:=$(shell $(PKG_CONFIG) --libs libnl-route-3.0)

104

GLIB_CFLAGS:=$(shell $(PKG_CONFIG) --cflags glib-2.0)

105

GLIB_LIBS:=$(shell $(PKG_CONFIG) --libs glib-2.0)

LIBNL3_CFLAGS:=$(shell pkg-config --cflags-only-I libnl-route-3.0)

LIBNL3_LIBS:=$(shell pkg-config --libs libnl-route-3.0)

106

107

# Do not change these two

108

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(COVERAGE) $(OPTIMIZE) \

109

$(LANGUAGE) $(FEATURES) -DVERSION='"$(version)"'

110

LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(strip \

111

) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

CFLAGS+=$(WARN) $(DEBUG) $(FORTIFY) $(SANITIZE) $(COVERAGE) \

$(OPTIMIZE) $(LANGUAGE) -DVERSION='"$(version)"'

LDFLAGS+=-Xlinker --as-needed $(COVERAGE) $(LINK_FORTIFY) $(foreach flag,$(LINK_FORTIFY_LD),-Xlinker $(flag))

112

113

# Commands to format a DocBook <refentry> document into a manual page

114

DOCBOOKTOMAN=$(strip cd $(dir $<); xsltproc --nonet --xinclude \

120

102

/usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl \

121

103

$(notdir $<); \

122

104

if locale --all 2>/dev/null | grep --regexp='^en_US\.utf8$$' \

123

&& command -v man >/dev/null; then LANG=en_US.UTF-8 \

124

MANWIDTH=80 man --warnings --encoding=UTF-8 --local-file \

125

$(notdir $@); fi >/dev/null)

105

&& type man 2>/dev/null; then LANG=en_US.UTF-8 MANWIDTH=80 \

106

man --warnings --encoding=UTF-8 --local-file $(notdir $@); \

107

fi >/dev/null)

126

108

127

109

DOCBOOKTOHTML=$(strip xsltproc --nonet --xinclude \

128

110

--param make.year.ranges 1 \

141

123

plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo \

142

124

plugins.d/plymouth

143

125

PLUGIN_HELPERS:=plugin-helpers/mandos-client-iprouteadddel

144

CPROGS:=plugin-runner dracut-module/password-agent $(PLUGINS) \

145

$(PLUGIN_HELPERS)

126

CPROGS:=plugin-runner $(PLUGINS) $(PLUGIN_HELPERS)

146

127

PROGS:=mandos mandos-keygen mandos-ctl mandos-monitor $(CPROGS)

147

128

DOCS:=mandos.8 mandos-keygen.8 mandos-monitor.8 mandos-ctl.8 \

148

129

mandos.conf.5 mandos-clients.conf.5 plugin-runner.8mandos \

149

dracut-module/password-agent.8mandos \

150

130

plugins.d/mandos-client.8mandos \

151

131

plugins.d/password-prompt.8mandos plugins.d/usplash.8mandos \

152

132

plugins.d/splashy.8mandos plugins.d/askpass-fifo.8mandos \

224

204

overview.xml legalnotice.xml

225

205

$(DOCBOOKTOHTML)

226

206

227

dracut-module/password-agent.8mandos: \

228

dracut-module/password-agent.xml common.ent \

229

overview.xml legalnotice.xml

230

$(DOCBOOKTOMAN)

231

dracut-module/password-agent.8mandos.xhtml: \

232

dracut-module/password-agent.xml common.ent \

233

overview.xml legalnotice.xml

234

$(DOCBOOKTOHTML)

235

236

207

plugins.d/mandos-client.8mandos: plugins.d/mandos-client.xml \

237

208

common.ent \

238

209

mandos-options.xml \

281

252

--expression='s/$mandos_$[0-9.]\+$\.orig\.tar\.gz$/\1$(version)\2/' \

282

253

$@)

283

254

284

# Need to add the GnuTLS, Avahi and GPGME libraries

255

# Need to add the GnuTLS, Avahi and GPGME libraries, and can't use

256

# -fsanitize=leak because GnuTLS and GPGME both leak memory.

285

257

plugins.d/mandos-client: plugins.d/mandos-client.c

286

$(LINK.c) $^ $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(strip\

287

) $(GPGME_CFLAGS) $(GNUTLS_LIBS) $(strip\

288

) $(AVAHI_LIBS) $(GPGME_LIBS) $(LOADLIBES) $(strip\

289

) $(LDLIBS) -o $@

258

$(CC) $(filter-out -fsanitize=leak,$(CFLAGS)) $(strip\

259

) $(GNUTLS_CFLAGS) $(AVAHI_CFLAGS) $(GPGME_CFLAGS) $(strip\

260

) $(CPPFLAGS) $(LDFLAGS) $(TARGET_ARCH) $^ $(strip\

261

) -lrt $(GNUTLS_LIBS) $(AVAHI_LIBS) $(strip\

262

) $(GPGME_LIBS) $(LOADLIBES) $(LDLIBS) -o $@

290

263

291

# Need to add the libnl-route library

292

264

plugin-helpers/mandos-client-iprouteadddel: plugin-helpers/mandos-client-iprouteadddel.c

293

265

$(LINK.c) $(LIBNL3_CFLAGS) $^ $(LIBNL3_LIBS) $(strip\

294

266

) $(LOADLIBES) $(LDLIBS) -o $@

295

267

296

# Need to add the GLib and pthread libraries

297

dracut-module/password-agent: dracut-module/password-agent.c

298

$(LINK.c) $(GLIB_CFLAGS) $^ $(GLIB_LIBS) -lpthread $(strip\

299

) $(LOADLIBES) $(LDLIBS) -o $@

300

301

268

.PHONY : all doc html clean distclean mostlyclean maintainer-clean \

302

269

check run-client run-server install install-html \

303

270

install-server install-client-nokey install-client uninstall \

312

279

maintainer-clean: clean

313

280

-rm --force --recursive keydir confdir statedir

314

281

315

check: all

282

check: all

316

283

./mandos --check

317

284

./mandos-ctl --check

318

./mandos-keygen --version

319

./plugin-runner --version

320

./plugin-helpers/mandos-client-iprouteadddel --version

321

./dracut-module/password-agent --test

322

285

323

286

# Run the client with a local config and key

324

run-client: all keydir/seckey.txt keydir/pubkey.txt \

325

keydir/tls-privkey.pem keydir/tls-pubkey.pem

326

@echo '######################################################'

327

@echo '# The following error messages are harmless and can #'

328

@echo '# be safely ignored: #'

329

@echo '## From plugin-runner: #'

330

@echo '# setgid: Operation not permitted #'

331

@echo '# setuid: Operation not permitted #'

332

@echo '## From askpass-fifo: #'

333

@echo '# mkfifo: Permission denied #'

334

@echo '## From mandos-client: #'

335

@echo '# Failed to raise privileges: Operation not permi... #'

336

@echo '# Warning: network hook "*" exited with status * #'

337

@echo '# ioctl SIOCSIFFLAGS +IFF_UP: Operation not permi... #'

338

@echo '# Failed to bring up interface "*": Operation not... #'

339

@echo '# #'

340

@echo '# (The messages are caused by not running as root, #'

341

@echo '# but you should NOT run "make run-client" as root #'

342

@echo '# unless you also unpacked and compiled Mandos as #'

343

@echo '# root, which is also NOT recommended.) #'

344

@echo '######################################################'

287

run-client: all keydir/seckey.txt keydir/pubkey.txt

288

@echo "###################################################################"

289

@echo "# The following error messages are harmless and can be safely #"

290

@echo "# ignored: #"

291

@echo "# From plugin-runner: setgid: Operation not permitted #"

292

@echo "# setuid: Operation not permitted #"

293

@echo "# From askpass-fifo: mkfifo: Permission denied #"

294

@echo "# From mandos-client: #"

295

@echo "# Failed to raise privileges: Operation not permitted #"

296

@echo "# Warning: network hook \"*\" exited with status * #"

297

@echo "# #"

298

@echo "# (The messages are caused by not running as root, but you should #"

299

@echo "# NOT run \"make run-client\" as root unless you also unpacked and #"

300

@echo "# compiled Mandos as root, which is also NOT recommended.) #"

301

@echo "###################################################################"

345

302

# We set GNOME_KEYRING_CONTROL to block pam_gnome_keyring

346

303

./plugin-runner --plugin-dir=plugins.d \

347

304

--plugin-helper-dir=plugin-helpers \

348

305

--config-file=plugin-runner.conf \

349

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--tls-privkey=keydir/tls-privkey.pem,--tls-pubkey=keydir/tls-pubkey.pem,--network-hook-dir=network-hooks.d \

306

--options-for=mandos-client:--seckey=keydir/seckey.txt,--pubkey=keydir/pubkey.txt,--network-hook-dir=network-hooks.d \

350

307

--env-for=mandos-client:GNOME_KEYRING_CONTROL= \

351

308

$(CLIENTARGS)

352

309

353

310

# Used by run-client

354

keydir/seckey.txt keydir/pubkey.txt keydir/tls-privkey.pem keydir/tls-pubkey.pem: mandos-keygen

311

keydir/seckey.txt keydir/pubkey.txt: mandos-keygen

355

312

install --directory keydir

356

313

./mandos-keygen --dir keydir --force

357

314

364

321

confdir/mandos.conf: mandos.conf

365

322

install --directory confdir

366

323

install --mode=u=rw,go=r $^ $@

367

confdir/clients.conf: clients.conf keydir/seckey.txt keydir/tls-pubkey.pem

324

confdir/clients.conf: clients.conf keydir/seckey.txt

368

325

install --directory confdir

369

326

install --mode=u=rw $< $@

370

327

# Add a client password

387

344

elif install --directory --mode=u=rwx $(STATEDIR); then \

388

345

chown -- $(USER):$(GROUP) $(STATEDIR) || :; \

389

346

390

if [ "$(TMPFILES)" != "$(DESTDIR)" \

391

-a -d "$(TMPFILES)" ]; then \

347

if [ "$(TMPFILES)" != "$(DESTDIR)" -a -d "$(TMPFILES)" ]; then \

392

348

install --mode=u=rw,go=r tmpfiles.d-mandos.conf \

393

349

$(TMPFILES)/mandos.conf; \

394

350

395

if [ "$(SYSUSERS)" != "$(DESTDIR)" \

396

-a -d "$(SYSUSERS)" ]; then \

397

install --mode=u=rw,go=r sysusers.d-mandos.conf \

398

$(SYSUSERS)/mandos.conf; \

399

400

351

install --mode=u=rwx,go=rx mandos $(PREFIX)/sbin/mandos

401

352

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

402

353

mandos-ctl

436

387

install --directory --mode=u=rwx $(KEYDIR) \

437

388

$(LIBDIR)/mandos/plugins.d \

438

389

$(LIBDIR)/mandos/plugin-helpers

439

if [ "$(SYSUSERS)" != "$(DESTDIR)" \

440

-a -d "$(SYSUSERS)" ]; then \

441

install --mode=u=rw,go=r sysusers.d-mandos.conf \

442

$(SYSUSERS)/mandos-client.conf; \

443

444

390

if [ "$(CONFDIR)" != "$(LIBDIR)/mandos" ]; then \

445

391

install --mode=u=rwx \

446

392

--directory "$(CONFDIR)/plugins.d" \

450

396

"$(CONFDIR)/network-hooks.d"

451

397

install --mode=u=rwx,go=rx \

452

398

--target-directory=$(LIBDIR)/mandos plugin-runner

453

install --mode=u=rwx,go=rx \

454

--target-directory=$(LIBDIR)/mandos \

455

mandos-to-cryptroot-unlock

456

399

install --mode=u=rwx,go=rx --target-directory=$(PREFIX)/sbin \

457

400

mandos-keygen

458

401

install --mode=u=rwx,go=rx \

478

421

plugin-helpers/mandos-client-iprouteadddel

479

422

install initramfs-tools-hook \

480

423

$(INITRAMFSTOOLS)/hooks/mandos

481

install --mode=u=rw,go=r initramfs-tools-conf \

482

$(INITRAMFSTOOLS)/conf.d/mandos-conf

483

install --mode=u=rw,go=r initramfs-tools-conf-hook \

484

$(INITRAMFSTOOLS)/conf-hooks.d/zz-mandos

424

install --mode=u=rw,go=r initramfs-tools-hook-conf \

425

$(INITRAMFSTOOLS)/conf-hooks.d/mandos

485

426

install initramfs-tools-script \

486

427

$(INITRAMFSTOOLS)/scripts/init-premount/mandos

487

install initramfs-tools-script-stop \

488

$(INITRAMFSTOOLS)/scripts/local-premount/mandos

489

install --directory $(DRACUTMODULE)

490

install --mode=u=rw,go=r --target-directory=$(DRACUTMODULE) \

491

dracut-module/ask-password-mandos.path \

492

dracut-module/ask-password-mandos.service

493

install --mode=u=rwxs,go=rx \

494

--target-directory=$(DRACUTMODULE) \

495

dracut-module/module-setup.sh \

496

dracut-module/cmdline-mandos.sh \

497

dracut-module/password-agent

498

428

install --mode=u=rw,go=r plugin-runner.conf $(CONFDIR)

499

429

gzip --best --to-stdout mandos-keygen.8 \

500

430

> $(MANDIR)/man8/mandos-keygen.8.gz

512

442

> $(MANDIR)/man8/askpass-fifo.8mandos.gz

513

443

gzip --best --to-stdout plugins.d/plymouth.8mandos \

514

444

> $(MANDIR)/man8/plymouth.8mandos.gz

515

gzip --best --to-stdout dracut-module/password-agent.8mandos \

516

> $(MANDIR)/man8/password-agent.8mandos.gz

517

445

518

446

install-client: install-client-nokey

519

447

# Post-installation stuff

520

448

-$(PREFIX)/sbin/mandos-keygen --dir "$(KEYDIR)"

521

if command -v update-initramfs >/dev/null; then \

522

update-initramfs -k all -u; \

523

elif command -v dracut >/dev/null; then \

524

for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \

525

if [ -w "$$initrd" ]; then \

526

chmod go-r "$$initrd"; \

527

dracut --force "$$initrd"; \

528

fi; \

529

done; \

530

449

update-initramfs -k all -u

531

450

echo "Now run mandos-keygen --password --dir $(KEYDIR)"

532

451

533

452

uninstall: uninstall-server uninstall-client

560

479

$(INITRAMFSTOOLS)/hooks/mandos \

561

480

$(INITRAMFSTOOLS)/conf-hooks.d/mandos \

562

481

$(INITRAMFSTOOLS)/scripts/init-premount/mandos \

563

$(INITRAMFSTOOLS)/scripts/local-premount/mandos \

564

$(DRACUTMODULE)/ask-password-mandos.path \

565

$(DRACUTMODULE)/ask-password-mandos.service \

566

$(DRACUTMODULE)/module-setup.sh \

567

$(DRACUTMODULE)/cmdline-mandos.sh \

568

$(DRACUTMODULE)/password-agent \

569

482

$(MANDIR)/man8/mandos-keygen.8.gz \

570

483

$(MANDIR)/man8/plugin-runner.8mandos.gz \

571

484

$(MANDIR)/man8/mandos-client.8mandos.gz

574

487

$(MANDIR)/man8/splashy.8mandos.gz \

575

488

$(MANDIR)/man8/askpass-fifo.8mandos.gz \

576

489

$(MANDIR)/man8/plymouth.8mandos.gz \

577

$(MANDIR)/man8/password-agent.8mandos.gz \

578

490

-rmdir $(LIBDIR)/mandos/plugins.d $(CONFDIR)/plugins.d \

579

$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR) $(DRACUTMODULE)

580

if command -v update-initramfs >/dev/null; then \

581

update-initramfs -k all -u; \

582

elif command -v dracut >/dev/null; then \

583

for initrd in $(DESTDIR)/boot/initr*-$(LINUXVERSION); do \

584

test -w "$$initrd" && dracut --force "$$initrd"; \

585

done; \

586

491

$(LIBDIR)/mandos $(CONFDIR) $(KEYDIR)

492

update-initramfs -k all -u

587

493

588

494

purge: purge-server purge-client

589

495

598

504

-rmdir $(CONFDIR)

599

505

600

506

purge-client: uninstall-client

601

-shred --remove $(KEYDIR)/seckey.txt $(KEYDIR)/tls-privkey.pem

507

-shred --remove $(KEYDIR)/seckey.txt

602

508

-rm --force $(CONFDIR)/plugin-runner.conf \

603

$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt \

604

$(KEYDIR)/tls-pubkey.txt $(KEYDIR)/tls-privkey.txt

509

$(KEYDIR)/pubkey.txt $(KEYDIR)/seckey.txt

605

510

-rmdir $(KEYDIR) $(CONFDIR)/plugins.d $(CONFDIR)

Older »