113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Installation directories. 2468bff095253171300a5faa4bb23f0b2524fde08Eric ParisPREFIX ?= $(DESTDIR)/usr 313cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleBINDIR ?= $(PREFIX)/bin 413cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleMANDIR ?= $(PREFIX)/share/man 513cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleETCDIR ?= $(DESTDIR)/etc 613cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleLOCALEDIR = /usr/share/locale 713cd4c8960688af11ad23b4c946149015c80d54Joshua BrindlePAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null) 813cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleAUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null) 913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Enable capabilities to permit newrole to generate audit records. 1013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# This will make newrole a setuid root program. 1113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# The capabilities used are: CAP_AUDIT_WRITE. 1213cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleAUDIT_LOG_PRIV ?= n 1313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Enable capabilities to permit newrole to utilitize the pam_namespace module. 1413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# This will make newrole a setuid root program. 1513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# The capabilities used are: CAP_SYS_ADMIN, CAP_CHOWN, CAP_FOWNER and 1613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# CAP_DAC_OVERRIDE. 1713cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleNAMESPACE_PRIV ?= n 1813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# If LSPP_PRIV is y, then newrole will be made into setuid root program. 1913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Enabling this option will force AUDIT_LOG_PRIV and NAMESPACE_PRIV to be y. 2013cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleLSPP_PRIV ?= n 2113cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleVERSION = $(shell cat ../VERSION) 2213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 2313cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleCFLAGS ?= -Werror -Wall -W 2413cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleEXTRA_OBJS = 2513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleoverride CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\"" 2613cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleLDLIBS += -lselinux -L$(PREFIX)/lib 27468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(PAMH), /usr/include/security/pam_appl.h) 2813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override CFLAGS += -DUSE_PAM 2913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle EXTRA_OBJS += hashtab.o 3013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle LDLIBS += -lpam -lpam_misc 3113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleelse 3213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override CFLAGS += -D_XOPEN_SOURCE=500 3313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle LDLIBS += -lcrypt 3413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 35468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(AUDITH), /usr/include/libaudit.h) 3613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override CFLAGS += -DUSE_AUDIT 3713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle LDLIBS += -laudit 3813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 39468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(LSPP_PRIV),y) 4013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override AUDIT_LOG_PRIV=y 4113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override NAMESPACE_PRIV=y 4213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 43468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(AUDIT_LOG_PRIV),y) 4413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override CFLAGS += -DAUDIT_LOG_PRIV 4513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle IS_SUID=y 4613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 47468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(NAMESPACE_PRIV),y) 4813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle override CFLAGS += -DNAMESPACE_PRIV 4913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle IS_SUID=y 5013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 51468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(IS_SUID),y) 5213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle MODE := 4555 5316d1c1cbe5fe7de125084948280c46175ab6a712Daniel J Walsh LDLIBS += -lcap-ng 5413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleelse 5513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle MODE := 0555 5613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 5713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleall: newrole 5913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlenewrole: newrole.o $(EXTRA_OBJS) 6113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS) 6213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 6313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleinstall: all 6413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle test -d $(BINDIR) || install -m 755 -d $(BINDIR) 6513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d 6613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1 6713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle install -m $(MODE) newrole $(BINDIR) 6813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle install -m 644 newrole.1 $(MANDIR)/man1/ 69468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(PAMH), /usr/include/security/pam_appl.h) 7013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d 71468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(LSPP_PRIV),y) 7213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle install -m 644 newrole-lspp.pamd $(ETCDIR)/pam.d/newrole 7313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleelse 7413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle install -m 644 newrole.pamd $(ETCDIR)/pam.d/newrole 7513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 7613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif 7713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 7813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleclean: 7913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle rm -f newrole *.o 8013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 8113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleindent: 8213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ../../scripts/Lindent $(wildcard *.[ch]) 8313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 8413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlerelabel: install 8513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle /sbin/restorecon $(BINDIR)/newrole 86