2008-08-19 19:30:36 +00:00
|
|
|
# Installation directories.
|
2011-09-19 20:38:33 +00:00
|
|
|
PREFIX ?= $(DESTDIR)/usr
|
2008-08-19 19:30:36 +00:00
|
|
|
BINDIR ?= $(PREFIX)/bin
|
|
|
|
MANDIR ?= $(PREFIX)/share/man
|
|
|
|
ETCDIR ?= $(DESTDIR)/etc
|
|
|
|
LOCALEDIR = /usr/share/locale
|
|
|
|
PAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
|
|
|
|
AUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
|
|
|
|
# Enable capabilities to permit newrole to generate audit records.
|
|
|
|
# This will make newrole a setuid root program.
|
|
|
|
# The capabilities used are: CAP_AUDIT_WRITE.
|
|
|
|
AUDIT_LOG_PRIV ?= n
|
|
|
|
# Enable capabilities to permit newrole to utilitize the pam_namespace module.
|
|
|
|
# This will make newrole a setuid root program.
|
|
|
|
# The capabilities used are: CAP_SYS_ADMIN, CAP_CHOWN, CAP_FOWNER and
|
|
|
|
# CAP_DAC_OVERRIDE.
|
|
|
|
NAMESPACE_PRIV ?= n
|
|
|
|
# If LSPP_PRIV is y, then newrole will be made into setuid root program.
|
|
|
|
# Enabling this option will force AUDIT_LOG_PRIV and NAMESPACE_PRIV to be y.
|
|
|
|
LSPP_PRIV ?= n
|
|
|
|
VERSION = $(shell cat ../VERSION)
|
|
|
|
|
|
|
|
CFLAGS ?= -Werror -Wall -W
|
|
|
|
EXTRA_OBJS =
|
|
|
|
override CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
|
|
|
|
LDLIBS += -lselinux -L$(PREFIX)/lib
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(PAMH), /usr/include/security/pam_appl.h)
|
2008-08-19 19:30:36 +00:00
|
|
|
override CFLAGS += -DUSE_PAM
|
|
|
|
EXTRA_OBJS += hashtab.o
|
|
|
|
LDLIBS += -lpam -lpam_misc
|
|
|
|
else
|
|
|
|
override CFLAGS += -D_XOPEN_SOURCE=500
|
|
|
|
LDLIBS += -lcrypt
|
|
|
|
endif
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(AUDITH), /usr/include/libaudit.h)
|
2008-08-19 19:30:36 +00:00
|
|
|
override CFLAGS += -DUSE_AUDIT
|
|
|
|
LDLIBS += -laudit
|
|
|
|
endif
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(LSPP_PRIV),y)
|
2008-08-19 19:30:36 +00:00
|
|
|
override AUDIT_LOG_PRIV=y
|
|
|
|
override NAMESPACE_PRIV=y
|
|
|
|
endif
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(AUDIT_LOG_PRIV),y)
|
2008-08-19 19:30:36 +00:00
|
|
|
override CFLAGS += -DAUDIT_LOG_PRIV
|
|
|
|
IS_SUID=y
|
|
|
|
endif
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(NAMESPACE_PRIV),y)
|
2008-08-19 19:30:36 +00:00
|
|
|
override CFLAGS += -DNAMESPACE_PRIV
|
|
|
|
IS_SUID=y
|
|
|
|
endif
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(IS_SUID),y)
|
2008-08-19 19:30:36 +00:00
|
|
|
MODE := 4555
|
2010-12-17 20:13:31 +00:00
|
|
|
LDLIBS += -lcap-ng
|
2008-08-19 19:30:36 +00:00
|
|
|
else
|
|
|
|
MODE := 0555
|
|
|
|
endif
|
|
|
|
|
|
|
|
all: newrole
|
|
|
|
|
|
|
|
newrole: newrole.o $(EXTRA_OBJS)
|
|
|
|
$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
|
|
|
|
|
|
|
|
install: all
|
|
|
|
test -d $(BINDIR) || install -m 755 -d $(BINDIR)
|
|
|
|
test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
|
|
|
|
test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
|
|
|
|
install -m $(MODE) newrole $(BINDIR)
|
|
|
|
install -m 644 newrole.1 $(MANDIR)/man1/
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(PAMH), /usr/include/security/pam_appl.h)
|
2008-08-19 19:30:36 +00:00
|
|
|
test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
|
2011-09-19 20:38:33 +00:00
|
|
|
ifeq ($(LSPP_PRIV),y)
|
2008-08-19 19:30:36 +00:00
|
|
|
install -m 644 newrole-lspp.pamd $(ETCDIR)/pam.d/newrole
|
|
|
|
else
|
|
|
|
install -m 644 newrole.pamd $(ETCDIR)/pam.d/newrole
|
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
|
|
|
clean:
|
|
|
|
rm -f newrole *.o
|
|
|
|
|
|
|
|
indent:
|
|
|
|
../../scripts/Lindent $(wildcard *.[ch])
|
|
|
|
|
|
|
|
relabel: install
|
|
|
|
/sbin/restorecon $(BINDIR)/newrole
|