113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Installation directories.
2468bff095253171300a5faa4bb23f0b2524fde08Eric ParisPREFIX ?= $(DESTDIR)/usr
313cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleBINDIR ?= $(PREFIX)/bin
413cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleMANDIR ?= $(PREFIX)/share/man
513cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleETCDIR ?= $(DESTDIR)/etc
613cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleLOCALEDIR = /usr/share/locale
713cd4c8960688af11ad23b4c946149015c80d54Joshua BrindlePAMH = $(shell ls /usr/include/security/pam_appl.h 2>/dev/null)
813cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleAUDITH = $(shell ls /usr/include/libaudit.h 2>/dev/null)
913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Enable capabilities to permit newrole to generate audit records.
1013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# This will make newrole a setuid root program.
1113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# The capabilities used are: CAP_AUDIT_WRITE.
1213cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleAUDIT_LOG_PRIV ?= n
1313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Enable capabilities to permit newrole to utilitize the pam_namespace module.
1413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# This will make newrole a setuid root program.
1513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# The capabilities used are: CAP_SYS_ADMIN, CAP_CHOWN, CAP_FOWNER and
1613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# CAP_DAC_OVERRIDE. 
1713cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleNAMESPACE_PRIV ?= n
1813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# If LSPP_PRIV is y, then newrole will be made into setuid root program.
1913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle# Enabling this option will force AUDIT_LOG_PRIV and NAMESPACE_PRIV to be y.
2013cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleLSPP_PRIV ?= n
2113cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleVERSION = $(shell cat ../VERSION)
2213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
2313cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleCFLAGS ?= -Werror -Wall -W
2413cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleEXTRA_OBJS =
2513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleoverride CFLAGS += -DVERSION=\"$(VERSION)\" $(LDFLAGS) -I$(PREFIX)/include -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
2613cd4c8960688af11ad23b4c946149015c80d54Joshua BrindleLDLIBS += -lselinux -L$(PREFIX)/lib
27468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(PAMH), /usr/include/security/pam_appl.h)
2813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override CFLAGS += -DUSE_PAM
2913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	EXTRA_OBJS += hashtab.o
3013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	LDLIBS += -lpam -lpam_misc
3113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleelse
3213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override CFLAGS += -D_XOPEN_SOURCE=500
3313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	LDLIBS += -lcrypt
3413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
35468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(AUDITH), /usr/include/libaudit.h)
3613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override CFLAGS += -DUSE_AUDIT
3713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	LDLIBS += -laudit
3813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
39468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(LSPP_PRIV),y)
4013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override AUDIT_LOG_PRIV=y
4113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override NAMESPACE_PRIV=y
4213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
43468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(AUDIT_LOG_PRIV),y)
4413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override CFLAGS += -DAUDIT_LOG_PRIV
4513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	IS_SUID=y
4613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
47468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(NAMESPACE_PRIV),y)
4813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	override CFLAGS += -DNAMESPACE_PRIV
4913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	IS_SUID=y
5013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
51468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(IS_SUID),y)
5213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	MODE := 4555
5316d1c1cbe5fe7de125084948280c46175ab6a712Daniel J Walsh	LDLIBS += -lcap-ng
5413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleelse
5513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	MODE := 0555
5613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
5713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
5813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleall: newrole
5913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
6013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlenewrole: newrole.o $(EXTRA_OBJS)
6113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	$(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS)
6213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
6313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleinstall: all
6413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	test -d $(BINDIR)      || install -m 755 -d $(BINDIR)
6513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
6613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	test -d $(MANDIR)/man1 || install -m 755 -d $(MANDIR)/man1
6713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	install -m $(MODE) newrole $(BINDIR)
6813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	install -m 644 newrole.1 $(MANDIR)/man1/
69468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(PAMH), /usr/include/security/pam_appl.h)
7013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	test -d $(ETCDIR)/pam.d || install -m 755 -d $(ETCDIR)/pam.d
71468bff095253171300a5faa4bb23f0b2524fde08Eric Parisifeq ($(LSPP_PRIV),y)
7213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	install -m 644 newrole-lspp.pamd $(ETCDIR)/pam.d/newrole
7313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleelse
7413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	install -m 644 newrole.pamd $(ETCDIR)/pam.d/newrole
7513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
7613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleendif
7713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
7813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleclean:
7913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	rm -f newrole *.o 
8013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
8113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindleindent:
8213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	../../scripts/Lindent $(wildcard *.[ch])
8313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle
8413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlerelabel: install
8513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle	/sbin/restorecon $(BINDIR)/newrole
86