github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 06:06:02 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions
firejail/Makefile.in
netblue30 8a898ef19a make deb-apparmor
2018-10-21 08:09:10 -04:00

286 lines
9.4 KiB
Makefile
Raw Permalink Blame History

all: apps man filters
MYLIBS = src/lib
APPS = src/firejail src/firemon src/fsec-print src/fsec-optimize src/firecfg src/fnetfilter src/fnet src/fseccomp src/libpostexecseccomp
MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-users.5
SECCOMP_FILTERS = seccomp seccomp.debug seccomp.32 seccomp.block_secondary seccomp.mdwx
prefix=@prefix@
exec_prefix=@exec_prefix@
bindir=@bindir@
libdir=@libdir@
datarootdir=@datarootdir@
mandir=@mandir@
sysconfdir=@sysconfdir@
VERSION=@PACKAGE_VERSION@
NAME=@PACKAGE_NAME@
PACKAGE_TARNAME=@PACKAGE_TARNAME@
DOCDIR=@docdir@
HAVE_SECCOMP=@HAVE_SECCOMP@
HAVE_APPARMOR=@HAVE_APPARMOR@
HAVE_CONTRIB_INSTALL=@HAVE_CONTRIB_INSTALL@
BUSYBOX_WORKAROUND=@BUSYBOX_WORKAROUND@
HAVE_SUID=@HAVE_SUID@
.PHONY: mylibs $(MYLIBS)
mylibs: $(MYLIBS)
$(MYLIBS):
$(MAKE) -C $@
.PHONY: apps $(APPS)
apps: $(APPS)
$(APPS): $(MYLIBS)
$(MAKE) -C $@
$(MANPAGES): $(wildcard src/man/*.txt)
./mkman.sh $(VERSION) src/man/$(basename $@).txt $@
man: $(MANPAGES)
filters: src/fseccomp
ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP)
src/fseccomp/fseccomp default seccomp
src/fsec-optimize/fsec-optimize seccomp
src/fseccomp/fseccomp default seccomp.debug allow-debuggers
src/fsec-optimize/fsec-optimize seccomp.debug
src/fseccomp/fseccomp secondary 32 seccomp.32
src/fsec-optimize/fsec-optimize seccomp.32
src/fseccomp/fseccomp secondary block seccomp.block_secondary
src/fseccomp/fseccomp memory-deny-write-execute seccomp.mdwx
endif
clean:
for dir in $(APPS) $(MYLIBS); do \
$(MAKE) -C $$dir clean; \
done
rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm
rm -f $(SECCOMP_FILTERS)
rm -f test/utils/index.html*
rm -f test/utils/wget-log
rm -f test/utils/lstesting
rm -f test/environment/index.html*
rm -f test/environment/wget-log*
rm -fr test/environment/-testdir
rm -f test/environment/logfile*
rm -f test/environment/index.html
rm -f test/environment/wget-log
rm -f test/sysutils/firejail_t*
cd test/compile; ./compile.sh --clean; cd ../..
distclean: clean
for dir in $(APPS) $(MYLIBS); do \
$(MAKE) -C $$dir distclean; \
done
rm -fr Makefile autom4te.cache config.log config.status config.h dummy.o src/common.mk
realinstall:
# firejail executable
install -m 0755 -d $(DESTDIR)/$(bindir)
install -c -m 0755 src/firejail/firejail $(DESTDIR)/$(bindir)/.
ifeq ($(HAVE_SUID),yes)
chmod u+s $(DESTDIR)/$(bindir)/firejail
endif
# firemon executable
install -c -m 0755 src/firemon/firemon $(DESTDIR)/$(bindir)/.
# firecfg executable
install -c -m 0755 src/firecfg/firecfg $(DESTDIR)/$(bindir)/.
# libraries and plugins
install -m 0755 -d $(DESTDIR)/$(libdir)/firejail
install -c -m 0644 src/libpostexecseccomp/libpostexecseccomp.so $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0755 src/fshaper/fshaper.sh $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0644 src/firecfg/firecfg.config $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0755 src/fnet/fnet $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0755 src/fnetfilter/fnetfilter $(DESTDIR)/$(libdir)/firejail/.
ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP)
install -c -m 0755 src/fsec-print/fsec-print $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0755 src/fsec-optimize/fsec-optimize $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0644 seccomp $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0644 seccomp.32 $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0644 seccomp.block_secondary $(DESTDIR)/$(libdir)/firejail/.
install -c -m 0644 seccomp.mdwx $(DESTDIR)/$(libdir)/firejail/.
endif
# documents
install -m 0755 -d $(DESTDIR)/$(DOCDIR)
install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/.
install -c -m 0644 README $(DESTDIR)/$(DOCDIR)/.
install -c -m 0644 RELNOTES $(DESTDIR)/$(DOCDIR)/.
# etc files
./mketc.sh $(sysconfdir) $(BUSYBOX_WORKAROUND)
install -m 0755 -d $(DESTDIR)/$(sysconfdir)/firejail
for file in .etc/* etc/firejail.config; do \
install -c -m 0644 $$file $(DESTDIR)/$(sysconfdir)/firejail; \
done
sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
rm -fr .etc
ifeq ($(HAVE_APPARMOR),-DHAVE_APPARMOR)
# install apparmor profile
sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d; fi;"
install -c -m 0644 etc/firejail-default $(DESTDIR)/$(sysconfdir)/apparmor.d/.
sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d/local ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d/local; fi;"
install -c -m 0644 etc/firejail-local $(DESTDIR)/$(sysconfdir)/apparmor.d/local/.
endif
# man pages
install -m 0755 -d $(DESTDIR)/$(mandir)/man1
install -m 0755 -d $(DESTDIR)/$(mandir)/man5
for man in $(MANPAGES); do \
rm -f $$man.gz; \
gzip -9n $$man; \
case "$$man" in \
*.1) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man1/; ;; \
*.5) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man5/; ;; \
esac; \
done
rm -f $(MANPAGES) $(MANPAGES:%=%.gz)
# bash completion
install -m 0755 -d $(DESTDIR)/$(datarootdir)/bash-completion/completions
install -c -m 0644 src/bash_completion/firejail.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail
install -c -m 0644 src/bash_completion/firemon.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
install -c -m 0644 src/bash_completion/firecfg.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
install: all
$(MAKE) realinstall
install-strip: all
strip src/firejail/firejail
strip src/firemon/firemon
strip src/firecfg/firecfg
strip src/libpostexecseccomp/libpostexecseccomp.so
strip src/fnet/fnet
strip src/fnetfilter/fnetfilter
strip src/fseccomp/fseccomp
strip src/fsec-print/fsec-print
strip src/fsec-optimize/fsec-optimize
$(MAKE) realinstall
uninstall:
rm -f $(DESTDIR)/$(bindir)/firejail
rm -f $(DESTDIR)/$(bindir)/firemon
rm -f $(DESTDIR)/$(bindir)/firecfg
rm -fr $(DESTDIR)/$(libdir)/firejail
rm -fr $(DESTDIR)/$(datarootdir)/doc/firejail
for man in $(MANPAGES); do \
rm -f $(DESTDIR)/$(mandir)/man5/$$man*; \
rm -f $(DESTDIR)/$(mandir)/man1/$$man*; \
done
rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail
rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
DISTFILES = "src etc platform configure configure.ac dummy.c Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkdeb-apparmor.sh COPYING README RELNOTES"
DISTFILES_TEST = "test/apps test/root test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils"
dist:
mv config.status config.status.old
make distclean
mv config.status.old config.status
rm -fr $(NAME)-$(VERSION) $(NAME)-$(VERSION).tar.xz
mkdir -p $(NAME)-$(VERSION)/test
cp -a "$(DISTFILES)" $(NAME)-$(VERSION)
cp -a "$(DISTFILES_TEST)" $(NAME)-$(VERSION)/test
rm -rf $(NAME)-$(VERSION)/src/tools
find $(NAME)-$(VERSION) -name .svn -delete
tar -cJvf $(NAME)-$(VERSION).tar.xz $(NAME)-$(VERSION)
rm -fr $(NAME)-$(VERSION)
asc:; ./mkasc.sh $(VERSION)
deb: dist
./mkdeb.sh $(NAME) $(VERSION)
deb-apparmor: dist
./mkdeb-apparmor.sh $(NAME) $(VERSION)
snap: all
cd platform/snap; ./snap.sh
test-compile: dist
cd test/compile; ./compile.sh $(NAME)-$(VERSION)
.PHONY: rpms
rpms:
./platform/rpm/mkrpm.sh $(NAME) $(VERSION)
extras: all
$(MAKE) -C extras/firetools
cppcheck: clean
cppcheck --force .
scan-build: clean
scan-build make
#
# make test
#
test-profiles:
cd test/profiles; ./profiles.sh | grep TESTING
test-apps:
cd test/apps; ./apps.sh | grep TESTING
test-sysutils:
cd test/sysutils; ./sysutils.sh | grep TESTING
test-utils:
cd test/utils; ./utils.sh | grep TESTING
test-environment:
cd test/environment; ./environment.sh | grep TESTING
test-filters:
ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP)
cd test/filters; ./filters.sh | grep TESTING
endif
test-arguments:
cd test/arguments; ./arguments.sh | grep TESTING
test-fs:
cd test/fs; ./fs.sh | grep TESTING
test-fnetfilter:
cd test/fnetfilter; ./fnetfilter.sh | grep TESTING
test: test-profiles test-fnetfilter test-fs test-utils test-sysutils test-environment test-apps test-filters test-arguments
echo "TEST COMPLETE"
test-travis: test-profiles test-fnetfilter test-fs test-utils test-sysutils test-environment test-filters test-arguments
echo "TEST COMPLETE"
##########################################
# Individual tests, some of them require root access
# The tests are very intrussive, by the time you are done
# with them you will need to restart your computer.
##########################################
# a firejail-test account is required, public/private key setup
test-ssh:
cd test/ssh; ./ssh.sh | grep TESTING
# Huge appimage files, not included in "make dist" archive
test-appimage:
cd test/appimage; ./appimage.sh | grep TESTING
# Root access, network devices are created before the test
# restart your computer to get rid of these devices
test-network:
cd test/network; ./network.sh | grep TESTING
# requires the same setup as test-network
test-stress:
cd test/stress; ./stress.sh | grep TESTING
# Tesets running a root user
test-root:
cd test/root; su -c ./root.sh | grep TESTING
# For testing hidepid system, the command to set it up is "mount -o remount,rw,hidepid=2 /proc"
test-all: test-root test-network test-appimage
echo "TEST COMPLETE"
Reference in a new issue View git blame Copy permalink