2010-04-05 20:58:57 +02:00
|
|
|
RPMS_DIR=rpm/
|
2011-04-04 10:55:25 +02:00
|
|
|
|
2013-03-07 05:09:13 +01:00
|
|
|
VERSION := $(shell cat version)
|
2011-04-04 10:55:25 +02:00
|
|
|
|
2015-01-06 15:59:15 +01:00
|
|
|
LIBDIR ?= /usr/lib
|
|
|
|
SYSLIBDIR ?= /lib
|
2013-01-25 03:07:16 +01:00
|
|
|
|
2019-09-18 01:42:51 +02:00
|
|
|
PYTHON ?= /usr/bin/python3
|
2015-08-27 20:08:33 +02:00
|
|
|
|
2014-04-21 21:23:11 +02:00
|
|
|
# This makefile uses some bash-isms, make uses /bin/sh by default.
|
|
|
|
SHELL = /bin/bash
|
|
|
|
|
2010-04-05 20:58:57 +02:00
|
|
|
help:
|
2011-04-04 10:55:25 +02:00
|
|
|
@echo "make rpms -- generate binary rpm packages"
|
2012-11-14 01:41:21 +01:00
|
|
|
@echo "make rpms-vm -- generate binary rpm packages for VM"
|
2011-04-04 10:55:25 +02:00
|
|
|
@echo "make clean -- cleanup"
|
2013-04-17 01:44:28 +02:00
|
|
|
@echo "make install-vm -- install VM related files"
|
2016-10-23 21:46:57 +02:00
|
|
|
@echo ""
|
|
|
|
@echo "You must have lsb_release, rpm-sign and pandoc installed."
|
2010-04-05 20:58:57 +02:00
|
|
|
|
2013-03-07 05:09:13 +01:00
|
|
|
rpms: rpms-vm
|
2012-11-07 17:58:08 +01:00
|
|
|
|
2013-03-07 05:09:13 +01:00
|
|
|
rpms-vm:
|
2016-10-23 21:46:57 +02:00
|
|
|
[ "$$BACKEND_VMM" != "" ] || { echo "error: you must define variable BACKEND_VMM" >&2 ; exit 1 ; }
|
2016-10-28 07:22:39 +02:00
|
|
|
lsb_release >/dev/null 2>&1 || { echo "error: you need lsb_release (package lsb) installed" >&2 ; exit 1 ; }
|
2016-10-23 21:46:57 +02:00
|
|
|
type pandoc >/dev/null 2>&1 || { echo "error: you need pandoc installed" >&2 ; exit 1 ; }
|
|
|
|
type rpmsign >/dev/null 2>&1 || { echo "error: you need rpm-sign installed" >&2 ; exit 1 ; }
|
2012-01-06 21:31:12 +01:00
|
|
|
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm.spec
|
2013-03-12 17:10:49 +01:00
|
|
|
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm-doc.spec
|
2016-10-28 07:22:39 +02:00
|
|
|
[ "$$SKIP_SIGNING" != "" ] || rpm --addsign \
|
2013-03-07 05:09:13 +01:00
|
|
|
$(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION)*.rpm \
|
2015-11-10 16:58:03 +01:00
|
|
|
$(RPMS_DIR)/x86_64/qubes-core-vm-doc-*$(VERSION)*.rpm
|
2010-06-14 23:45:04 +02:00
|
|
|
|
2013-03-07 05:09:13 +01:00
|
|
|
rpms-dom0:
|
|
|
|
@true
|
2011-05-10 11:14:41 +02:00
|
|
|
|
2010-04-05 20:58:57 +02:00
|
|
|
clean:
|
2012-01-06 21:31:12 +01:00
|
|
|
make -C misc clean
|
2014-04-21 17:14:32 +02:00
|
|
|
make -C qubes-rpc clean
|
2018-04-20 16:27:26 +02:00
|
|
|
make -C doc clean
|
|
|
|
rm -rf qubesagent/*.pyc qubesagent/__pycache__
|
|
|
|
rm -rf test-packages/__pycache__
|
|
|
|
rm -rf test-packages/qubesagent.egg-info
|
|
|
|
rm -rf __pycache__
|
2018-05-02 04:48:51 +02:00
|
|
|
rm -f .coverage
|
2013-04-17 01:44:28 +02:00
|
|
|
|
2014-04-21 17:13:50 +02:00
|
|
|
all:
|
2019-10-21 00:57:19 +02:00
|
|
|
$(MAKE) -C misc VERSION=$(VERSION)
|
|
|
|
$(MAKE) -C qubes-rpc
|
2014-04-21 17:13:50 +02:00
|
|
|
|
2015-07-24 10:58:34 +02:00
|
|
|
# Dropin Directory
|
2017-02-21 01:29:04 +01:00
|
|
|
SYSTEM_DROPIN_DIR ?= "lib/systemd/system"
|
|
|
|
USER_DROPIN_DIR ?= "usr/lib/systemd/user"
|
2015-07-24 10:58:34 +02:00
|
|
|
|
2019-08-20 16:37:23 +02:00
|
|
|
SYSTEM_DROPINS := boot.automount chronyd.service crond.service
|
2017-12-05 17:53:44 +01:00
|
|
|
SYSTEM_DROPINS += cups.service cups-browsed.service cups.path cups.socket ModemManager.service
|
2020-05-06 17:15:22 +02:00
|
|
|
SYSTEM_DROPINS += getty@tty.service serial-getty@.service
|
2015-11-07 13:25:21 +01:00
|
|
|
SYSTEM_DROPINS += tmp.mount
|
2015-11-11 15:59:43 +01:00
|
|
|
SYSTEM_DROPINS += org.cups.cupsd.service org.cups.cupsd.path org.cups.cupsd.socket
|
2016-07-16 23:44:57 +02:00
|
|
|
SYSTEM_DROPINS += systemd-random-seed.service
|
2016-07-27 04:13:35 +02:00
|
|
|
SYSTEM_DROPINS += tor.service tor@default.service
|
2017-07-06 23:37:26 +02:00
|
|
|
SYSTEM_DROPINS += systemd-timesyncd.service
|
2015-07-24 10:58:34 +02:00
|
|
|
|
2017-10-29 08:19:36 +01:00
|
|
|
SYSTEM_DROPINS_NETWORKING := NetworkManager.service NetworkManager-wait-online.service
|
|
|
|
SYSTEM_DROPINS_NETWORKING += tinyproxy.service
|
|
|
|
|
2015-11-07 18:28:45 +01:00
|
|
|
USER_DROPINS := pulseaudio.service pulseaudio.socket
|
|
|
|
|
2017-02-06 01:08:33 +01:00
|
|
|
# Ubuntu Dropins
|
|
|
|
ifeq ($(shell lsb_release -is), Ubuntu)
|
|
|
|
|
|
|
|
# 'crond.service' is named 'cron.service in Debian
|
|
|
|
SYSTEM_DROPINS := $(strip $(patsubst crond.service, cron.service, $(SYSTEM_DROPINS)))
|
|
|
|
SYSTEM_DROPINS += anacron.service
|
|
|
|
SYSTEM_DROPINS += anacron-resume.service
|
2018-03-19 18:32:10 +01:00
|
|
|
SYSTEM_DROPINS += netfilter-persistent.service
|
|
|
|
SYSTEM_DROPINS += exim4.service
|
|
|
|
SYSTEM_DROPINS += avahi-daemon.service
|
|
|
|
|
2017-02-06 01:08:33 +01:00
|
|
|
endif
|
|
|
|
|
2015-07-24 10:58:34 +02:00
|
|
|
# Debian Dropins
|
|
|
|
ifeq ($(shell lsb_release -is), Debian)
|
|
|
|
# 'crond.service' is named 'cron.service in Debian
|
2015-11-07 13:25:21 +01:00
|
|
|
SYSTEM_DROPINS := $(strip $(patsubst crond.service, cron.service, $(SYSTEM_DROPINS)))
|
2015-07-24 10:58:34 +02:00
|
|
|
|
2015-11-07 13:25:21 +01:00
|
|
|
# Wheezy System Dropins
|
2015-07-24 10:58:34 +02:00
|
|
|
# Disable sysinit 'network-manager.service' since systemd 'NetworkManager.service' is already installed
|
2015-11-07 13:25:21 +01:00
|
|
|
SYSTEM_DROPINS += $(strip $(if $(filter wheezy, $(shell lsb_release -cs)), network-manager.service,))
|
2015-08-09 20:32:35 +02:00
|
|
|
|
2015-11-11 15:39:05 +01:00
|
|
|
# handled by qubes-iptables service now
|
2015-11-07 13:25:21 +01:00
|
|
|
SYSTEM_DROPINS += netfilter-persistent.service
|
2017-02-06 00:36:27 +01:00
|
|
|
|
|
|
|
SYSTEM_DROPINS += anacron.service
|
|
|
|
SYSTEM_DROPINS += anacron-resume.service
|
2017-02-16 23:41:14 +01:00
|
|
|
SYSTEM_DROPINS += exim4.service
|
|
|
|
SYSTEM_DROPINS += avahi-daemon.service
|
2015-07-24 10:58:34 +02:00
|
|
|
endif
|
|
|
|
|
|
|
|
install-systemd-dropins:
|
2015-11-07 13:25:21 +01:00
|
|
|
# Install system dropins
|
|
|
|
@for dropin in $(SYSTEM_DROPINS); do \
|
2017-02-21 01:29:04 +01:00
|
|
|
install -d $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d ;\
|
|
|
|
install -m 0644 vm-systemd/$${dropin}.d/*.conf $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d/ ;\
|
2015-07-24 10:58:34 +02:00
|
|
|
done
|
2015-11-11 15:57:25 +01:00
|
|
|
|
2015-11-07 18:28:45 +01:00
|
|
|
# Install user dropins
|
|
|
|
@for dropin in $(USER_DROPINS); do \
|
2017-02-21 01:29:04 +01:00
|
|
|
install -d $(DESTDIR)/$(USER_DROPIN_DIR)/$${dropin}.d ;\
|
|
|
|
install -m 0644 vm-systemd/user/$${dropin}.d/*.conf $(DESTDIR)/$(USER_DROPIN_DIR)/$${dropin}.d/ ;\
|
2015-11-07 18:28:45 +01:00
|
|
|
done
|
2015-07-24 10:58:34 +02:00
|
|
|
|
2017-10-29 08:19:36 +01:00
|
|
|
install-systemd-networking-dropins:
|
|
|
|
# Install system dropins
|
|
|
|
@for dropin in $(SYSTEM_DROPINS_NETWORKING); do \
|
|
|
|
install -d $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d ;\
|
|
|
|
install -m 0644 vm-systemd/$${dropin}.d/*.conf $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d/ ;\
|
|
|
|
done
|
|
|
|
|
2016-10-22 17:43:16 +02:00
|
|
|
install-init:
|
|
|
|
install -d $(DESTDIR)$(LIBDIR)/qubes/init
|
|
|
|
# FIXME: do a source code move vm-systemd/*.sh to init/
|
|
|
|
# since those scripts are shared between sysvinit and systemd.
|
|
|
|
install -m 0755 init/*.sh vm-systemd/*.sh $(DESTDIR)$(LIBDIR)/qubes/init/
|
|
|
|
install -m 0644 init/functions $(DESTDIR)$(LIBDIR)/qubes/init/
|
|
|
|
|
2017-10-29 08:19:36 +01:00
|
|
|
# Systemd service files
|
|
|
|
SYSTEMD_ALL_SERVICES := $(wildcard vm-systemd/qubes-*.service)
|
|
|
|
SYSTEMD_NETWORK_SERVICES := vm-systemd/qubes-firewall.service vm-systemd/qubes-iptables.service vm-systemd/qubes-updates-proxy.service
|
|
|
|
SYSTEMD_CORE_SERVICES := $(filter-out $(SYSTEMD_NETWORK_SERVICES), $(SYSTEMD_ALL_SERVICES))
|
|
|
|
|
2016-10-22 17:43:16 +02:00
|
|
|
install-systemd: install-init
|
2015-02-08 00:08:26 +01:00
|
|
|
install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
|
2017-10-29 08:19:36 +01:00
|
|
|
install -m 0644 $(SYSTEMD_CORE_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
2015-01-06 15:59:15 +01:00
|
|
|
install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
2015-02-08 00:08:26 +01:00
|
|
|
install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
|
2015-01-06 15:59:15 +01:00
|
|
|
install -m 0644 vm-systemd/qubes-core.conf $(DESTDIR)$(SYSLIBDIR)/modules-load.d/
|
2013-04-17 01:44:28 +02:00
|
|
|
|
2016-10-22 17:43:16 +02:00
|
|
|
install-sysvinit: install-init
|
2014-09-29 22:57:55 +02:00
|
|
|
install -d $(DESTDIR)/etc/init.d
|
2016-10-22 17:43:16 +02:00
|
|
|
install vm-init.d/qubes-sysinit $(DESTDIR)/etc/init.d/
|
|
|
|
install vm-init.d/qubes-core-early $(DESTDIR)/etc/init.d/
|
2014-09-29 22:57:55 +02:00
|
|
|
install vm-init.d/qubes-core $(DESTDIR)/etc/init.d/
|
|
|
|
install vm-init.d/qubes-core-netvm $(DESTDIR)/etc/init.d/
|
|
|
|
install vm-init.d/qubes-firewall $(DESTDIR)/etc/init.d/
|
|
|
|
install vm-init.d/qubes-updates-proxy $(DESTDIR)/etc/init.d/
|
2017-05-26 03:07:47 +02:00
|
|
|
install vm-init.d/qubes-updates-proxy-forwarder $(DESTDIR)/etc/init.d/
|
2014-09-29 22:57:55 +02:00
|
|
|
install -D vm-init.d/qubes-core.modules $(DESTDIR)/etc/sysconfig/modules/qubes-core.modules
|
2015-08-04 17:15:01 +02:00
|
|
|
install network/qubes-iptables $(DESTDIR)/etc/init.d/
|
2014-09-29 22:57:55 +02:00
|
|
|
|
2015-07-24 10:58:34 +02:00
|
|
|
install-rh: install-systemd install-systemd-dropins install-sysvinit
|
2015-11-10 16:49:29 +01:00
|
|
|
|
2017-06-20 23:34:04 +02:00
|
|
|
install-doc:
|
|
|
|
$(MAKE) -C doc install
|
2015-11-10 16:49:29 +01:00
|
|
|
|
2017-06-20 23:34:04 +02:00
|
|
|
install-common: install-doc
|
2015-08-27 21:29:32 +02:00
|
|
|
$(MAKE) -C autostart-dropins install
|
2020-01-27 12:22:45 +01:00
|
|
|
$(MAKE) -C applications-dropins install
|
2015-02-03 04:36:55 +01:00
|
|
|
|
2016-09-12 05:22:53 +02:00
|
|
|
# force /usr/bin before /bin to have /usr/bin/python instead of /bin/python
|
2017-10-23 19:53:25 +02:00
|
|
|
PATH="/usr/bin:$(PATH)" $(PYTHON) setup.py install $(PYTHON_PREFIX_ARG) -O1 --root $(DESTDIR)
|
2017-10-17 21:59:38 +02:00
|
|
|
|
2014-04-21 17:13:50 +02:00
|
|
|
|
2017-10-29 08:19:36 +01:00
|
|
|
# Networking install target includes:
|
|
|
|
# * basic network functionality (setting IP address, DNS, default gateway)
|
|
|
|
# * package update proxy client
|
|
|
|
install-networking:
|
|
|
|
install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system
|
|
|
|
install -m 0644 vm-systemd/qubes-*.socket $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
|
|
|
|
|
|
|
# Netvm install target includes:
|
|
|
|
# * qubes-firewall service (FirewallVM)
|
|
|
|
# * DNS redirection setup
|
|
|
|
# * proxy service used by TemplateVMs to download updates
|
|
|
|
install-netvm:
|
|
|
|
install -D -m 0644 $(SYSTEMD_NETWORK_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
|
|
|
|
|
|
|
install -D -m 0755 network/qubes-iptables $(DESTDIR)$(LIBDIR)/qubes/init/qubes-iptables
|
|
|
|
|
|
|
|
install -D -m 0644 vm-systemd/qubes-core-agent-linux.tmpfiles \
|
|
|
|
$(DESTDIR)/usr/lib/tmpfiles.d/qubes-core-agent-linux.conf
|
|
|
|
|
|
|
|
install -D network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes/qubes-setup-dnat-to-ns
|
|
|
|
|
|
|
|
install -d $(DESTDIR)/etc/dhclient.d
|
|
|
|
ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh
|
|
|
|
|
|
|
|
install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
|
|
|
|
install -D network/vif-qubes-nat.sh $(DESTDIR)/etc/xen/scripts/vif-qubes-nat.sh
|
|
|
|
install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
|
|
|
|
install -m 0644 -D network/updates-blacklist $(DESTDIR)/etc/tinyproxy/updates-blacklist
|
|
|
|
install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy
|
|
|
|
|
|
|
|
install -m 0400 -D network/iptables $(DESTDIR)/etc/qubes/iptables.rules
|
|
|
|
install -m 0400 -D network/ip6tables $(DESTDIR)/etc/qubes/ip6tables.rules
|
2017-12-03 03:30:53 +01:00
|
|
|
install -m 0400 -D network/ip6tables-enabled $(DESTDIR)/etc/qubes/ip6tables-enabled.rules
|
2017-10-29 08:19:36 +01:00
|
|
|
|
|
|
|
install -m 0755 -D qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc/qubes.UpdatesProxy
|
|
|
|
|
|
|
|
# networkmanager install target allow integration of NetworkManager for Qubes VM:
|
|
|
|
# * make connections config persistent
|
|
|
|
# * adjust DNS redirections when needed
|
|
|
|
# * show/hide NetworkManager applet icon
|
|
|
|
install-networkmanager:
|
|
|
|
install -d $(DESTDIR)$(LIBDIR)/qubes/
|
|
|
|
install network/qubes-fix-nm-conf.sh $(DESTDIR)$(LIBDIR)/qubes/
|
|
|
|
install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/
|
|
|
|
|
|
|
|
install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/
|
|
|
|
install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/
|
|
|
|
|
|
|
|
install -d $(DESTDIR)/usr/lib/NetworkManager/conf.d
|
2017-10-29 21:22:11 +01:00
|
|
|
install -m 0644 network/nm-30-qubes.conf $(DESTDIR)/usr/lib/NetworkManager/conf.d/30-qubes.conf
|
2017-10-29 08:19:36 +01:00
|
|
|
|
|
|
|
install -d $(DESTDIR)/etc/xdg/autostart
|
|
|
|
install -m 0755 network/show-hide-nm-applet.sh $(DESTDIR)$(LIBDIR)/qubes/
|
|
|
|
install -m 0644 network/show-hide-nm-applet.desktop $(DESTDIR)/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop
|
|
|
|
|
2017-10-29 22:02:01 +01:00
|
|
|
install-deb: install-common install-systemd install-systemd-dropins install-systemd-networking-dropins install-networking install-networkmanager install-netvm
|
2014-09-26 18:55:42 +02:00
|
|
|
install -d $(DESTDIR)/etc/sysctl.d
|
|
|
|
install -m 644 network/80-qubes.conf $(DESTDIR)/etc/sysctl.d/
|
2015-11-24 06:18:36 +01:00
|
|
|
install -d $(DESTDIR)/etc/needrestart/conf.d
|
|
|
|
install -D -m 0644 misc/50_qubes.conf $(DESTDIR)/etc/needrestart/conf.d/50_qubes.conf
|
|
|
|
|
2017-05-22 17:30:06 +02:00
|
|
|
mkdir -p $(DESTDIR)/etc/systemd/system/
|
|
|
|
install -m 0644 vm-systemd/haveged.service $(DESTDIR)/etc/systemd/system/
|
2014-07-27 06:11:43 +02:00
|
|
|
|
2017-10-29 16:40:21 +01:00
|
|
|
install-corevm: install-rh install-common install-systemd install-sysvinit install-systemd-dropins install-networking
|
2017-10-29 08:20:51 +01:00
|
|
|
|
2017-11-20 16:56:57 +01:00
|
|
|
install-netvm: install-systemd-networking-dropins install-networkmanager
|
2017-10-29 08:20:51 +01:00
|
|
|
|
|
|
|
install-vm: install-corevm install-netvm
|