Home Explore Help
Sign In
Qubes
/
core-agent-linux
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4de377bc3b
Branches Tags
core-agent-linu...
/
Makefile

Makefile 9.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241 
  1. RPMS_DIR=rpm/
    2. 

  2. 

  3. VERSION := $(shell cat version)
    4. 

  4. 

  5. SBINDIR ?= /usr/sbin
    6. 

  6. BINDIR ?= /usr/bin
    7. 

  7. LIBDIR ?= /usr/lib
    8. 

  8. SYSLIBDIR ?= /lib
    9. 

  9. 

  10. PYTHON ?= /usr/bin/python3
    11. 

  11. 

  12. # This makefile uses some bash-isms, make uses /bin/sh by default.
    13. 

  13. SHELL = /bin/bash
    14. 

  14. 

  15. help:
    16. 

  16. 	@echo "make rpms                  -- generate binary rpm packages"
    17. 

  17. 	@echo "make rpms-vm               -- generate binary rpm packages for VM"
    18. 

  18. 	@echo "make clean                 -- cleanup"
    19. 

  19. 	@echo "make install-vm            -- install VM related files"
    20. 

  20. 	@echo ""
    21. 

  21. 	@echo "You must have lsb_release, rpm-sign and pandoc installed."
    22. 

  22. 

  23. rpms: rpms-vm
    24. 

  24. 

  25. rpms-vm:
    26. 

  26. 	[ "$$BACKEND_VMM" != "" ] || { echo "error: you must define variable BACKEND_VMM" >&2 ; exit 1 ; }
    27. 

  27. 	lsb_release >/dev/null 2>&1 || { echo "error: you need lsb_release (package lsb) installed" >&2 ; exit 1 ; }
    28. 

  28. 	type pandoc >/dev/null 2>&1 || { echo "error: you need pandoc installed" >&2 ; exit 1 ; }
    29. 

  29. 	type rpmsign >/dev/null 2>&1 || { echo "error: you need rpm-sign installed" >&2 ; exit 1 ; }
    30. 

  30. 	rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm.spec
    31. 

  31. 	rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm-doc.spec
    32. 

  32. 	[ "$$SKIP_SIGNING" != "" ] || rpm --addsign \
    33. 

  33. 		$(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION)*.rpm \
    34. 

  34. 		$(RPMS_DIR)/x86_64/qubes-core-vm-doc-*$(VERSION)*.rpm
    35. 

  35. 

  36. rpms-dom0:
    37. 

  37. 	@true
    38. 

  38. 

  39. clean:
    40. 

  40. 	make -C misc clean
    41. 

  41. 	make -C qubes-rpc clean
    42. 

  42. 	make -C doc clean
    43. 

  43. 	rm -rf qubesagent/*.pyc qubesagent/__pycache__
    44. 

  44. 	rm -rf test-packages/__pycache__
    45. 

  45. 	rm -rf test-packages/qubesagent.egg-info
    46. 

  46. 	rm -rf __pycache__
    47. 

  47. 	rm -f .coverage
    48. 

  48. 

  49. all:
    50. 

  50. 	$(MAKE) -C misc VERSION=$(VERSION)
    51. 

  51. 	$(MAKE) -C qubes-rpc
    52. 

  52. 

  53. # Dropin Directory
    54. 

  54. SYSTEM_DROPIN_DIR ?= "lib/systemd/system"
    55. 

  55. USER_DROPIN_DIR ?= "usr/lib/systemd/user"
    56. 

  56. 

  57. SYSTEM_DROPINS := boot.automount chronyd.service crond.service
    58. 

  58. SYSTEM_DROPINS += cups.service cups-browsed.service cups.path cups.socket ModemManager.service
    59. 

  59. SYSTEM_DROPINS += getty@tty.service
    60. 

  60. SYSTEM_DROPINS += tmp.mount
    61. 

  61. SYSTEM_DROPINS += org.cups.cupsd.service org.cups.cupsd.path org.cups.cupsd.socket
    62. 

  62. SYSTEM_DROPINS += systemd-random-seed.service
    63. 

  63. SYSTEM_DROPINS += tor.service tor@default.service
    64. 

  64. SYSTEM_DROPINS += systemd-timesyncd.service
    65. 

  65. 

  66. SYSTEM_DROPINS_NETWORKING := NetworkManager.service NetworkManager-wait-online.service
    67. 

  67. SYSTEM_DROPINS_NETWORKING += tinyproxy.service
    68. 

  68. 

  69. USER_DROPINS := pulseaudio.service pulseaudio.socket
    70. 

  70. 

  71. # Ubuntu Dropins
    72. 

  72. ifeq ($(shell lsb_release -is), Ubuntu)
    73. 

  73. 

  74.     # 'crond.service' is named 'cron.service in Debian
    75. 

  75.     SYSTEM_DROPINS := $(strip $(patsubst crond.service, cron.service, $(SYSTEM_DROPINS)))
    76. 

  76.     SYSTEM_DROPINS += anacron.service
    77. 

  77.     SYSTEM_DROPINS += anacron-resume.service
    78. 

  78.     SYSTEM_DROPINS += netfilter-persistent.service
    79. 

  79.     SYSTEM_DROPINS += exim4.service
    80. 

  80.     SYSTEM_DROPINS += avahi-daemon.service
    81. 

  81. 

  82. endif
    83. 

  83. 

  84. # Debian Dropins
    85. 

  85. ifeq ($(shell lsb_release -is), Debian)
    86. 

  86.     # 'crond.service' is named 'cron.service in Debian
    87. 

  87.     SYSTEM_DROPINS := $(strip $(patsubst crond.service, cron.service, $(SYSTEM_DROPINS)))
    88. 

  88. 

  89.     # Wheezy System Dropins
    90. 

  90.     # Disable sysinit 'network-manager.service' since systemd 'NetworkManager.service' is already installed
    91. 

  91.     SYSTEM_DROPINS += $(strip $(if $(filter wheezy, $(shell lsb_release -cs)), network-manager.service,))
    92. 

  92. 

  93.     # handled by qubes-iptables service now
    94. 

  94.     SYSTEM_DROPINS += netfilter-persistent.service
    95. 

  95. 

  96.     SYSTEM_DROPINS += anacron.service
    97. 

  97.     SYSTEM_DROPINS += anacron-resume.service
    98. 

  98.     SYSTEM_DROPINS += exim4.service
    99. 

  99.     SYSTEM_DROPINS += avahi-daemon.service
    100. 

  100. endif
    101. 

  101. 

  102. install-systemd-dropins:
    103. 

  103. 	# Install system dropins
    104. 

  104. 	@for dropin in $(SYSTEM_DROPINS); do \
    105. 

  105. 	    install -d $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d ;\
    106. 

  106. 	    install -m 0644 vm-systemd/$${dropin}.d/*.conf $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d/ ;\
    107. 

  107. 	done
    108. 

  108. 

  109. 	# Install user dropins
    110. 

  110. 	@for dropin in $(USER_DROPINS); do \
    111. 

  111. 	    install -d $(DESTDIR)/$(USER_DROPIN_DIR)/$${dropin}.d ;\
    112. 

  112. 	    install -m 0644 vm-systemd/user/$${dropin}.d/*.conf $(DESTDIR)/$(USER_DROPIN_DIR)/$${dropin}.d/ ;\
    113. 

  113. 	done
    114. 

  114. 

  115. install-systemd-networking-dropins:
    116. 

  116. 	# Install system dropins
    117. 

  117. 	@for dropin in $(SYSTEM_DROPINS_NETWORKING); do \
    118. 

  118. 	    install -d $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d ;\
    119. 

  119. 	    install -m 0644 vm-systemd/$${dropin}.d/*.conf $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d/ ;\
    120. 

  120. 	done
    121. 

  121. 

  122. install-init:
    123. 

  123. 	install -d $(DESTDIR)$(LIBDIR)/qubes/init
    124. 

  124. 	# FIXME: do a source code move vm-systemd/*.sh to init/
    125. 

  125. 	# since those scripts are shared between sysvinit and systemd.
    126. 

  126. 	install -m 0755 init/*.sh vm-systemd/*.sh $(DESTDIR)$(LIBDIR)/qubes/init/
    127. 

  127. 	install -m 0644 init/functions $(DESTDIR)$(LIBDIR)/qubes/init/
    128. 

  128. 

  129. # Systemd service files
    130. 

  130. SYSTEMD_ALL_SERVICES := $(wildcard vm-systemd/qubes-*.service)
    131. 

  131. SYSTEMD_NETWORK_SERVICES := vm-systemd/qubes-firewall.service vm-systemd/qubes-iptables.service vm-systemd/qubes-updates-proxy.service
    132. 

  132. SYSTEMD_CORE_SERVICES := $(filter-out $(SYSTEMD_NETWORK_SERVICES), $(SYSTEMD_ALL_SERVICES))
    133. 

  133. 

  134. install-systemd: install-init
    135. 

  135. 	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
    136. 

  136. 	install -m 0644 $(SYSTEMD_CORE_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
    137. 

  137. 	install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
    138. 

  138. 	install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
    139. 

  139. 	install -m 0644 vm-systemd/qubes-core.conf $(DESTDIR)$(SYSLIBDIR)/modules-load.d/
    140. 

  140. 

  141. install-sysvinit: install-init
    142. 

  142. 	install -d $(DESTDIR)/etc/init.d
    143. 

  143. 	install vm-init.d/qubes-sysinit $(DESTDIR)/etc/init.d/
    144. 

  144. 	install vm-init.d/qubes-core-early $(DESTDIR)/etc/init.d/
    145. 

  145. 	install vm-init.d/qubes-core $(DESTDIR)/etc/init.d/
    146. 

  146. 	install vm-init.d/qubes-core-netvm $(DESTDIR)/etc/init.d/
    147. 

  147. 	install vm-init.d/qubes-firewall $(DESTDIR)/etc/init.d/
    148. 

  148. 	install vm-init.d/qubes-updates-proxy $(DESTDIR)/etc/init.d/
    149. 

  149. 	install vm-init.d/qubes-updates-proxy-forwarder $(DESTDIR)/etc/init.d/
    150. 

  150. 	install -D vm-init.d/qubes-core.modules $(DESTDIR)/etc/sysconfig/modules/qubes-core.modules
    151. 

  151. 	install network/qubes-iptables $(DESTDIR)/etc/init.d/
    152. 

  152. 

  153. install-rh: install-systemd install-systemd-dropins install-sysvinit
    154. 

  154. 

  155. install-doc:
    156. 

  156. 	$(MAKE) -C doc install
    157. 

  157. 

  158. install-common: install-doc
    159. 

  159. 	$(MAKE) -C autostart-dropins install
    160. 

  160. 	$(MAKE) -C applications-dropins install
    161. 

  161. 

  162. 	# force /usr/bin before /bin to have /usr/bin/python instead of /bin/python
    163. 

  163. 	PATH="/usr/bin:$(PATH)" $(PYTHON) setup.py install $(PYTHON_PREFIX_ARG) -O1 --root $(DESTDIR)
    164. 

  164. 	mkdir -p $(DESTDIR)$(SBINDIR)
    165. 

  165. 

  166. 

  167. # Networking install target includes:
    168. 

  168. # * basic network functionality (setting IP address, DNS, default gateway)
    169. 

  169. # * package update proxy client
    170. 

  170. install-networking:
    171. 

  171. 	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system
    172. 

  172. 	install -m 0644 vm-systemd/qubes-*.socket $(DESTDIR)$(SYSLIBDIR)/systemd/system/
    173. 

  173. 

  174. # Netvm install target includes:
    175. 

  175. # * qubes-firewall service (FirewallVM)
    176. 

  176. # * DNS redirection setup
    177. 

  177. # * proxy service used by TemplateVMs to download updates
    178. 

  178. install-netvm:
    179. 

  179. 	install -D -m 0644 $(SYSTEMD_NETWORK_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
    180. 

  180. 

  181. 	install -D -m 0755 network/qubes-iptables $(DESTDIR)$(LIBDIR)/qubes/init/qubes-iptables
    182. 

  182. 

  183. 	install -D -m 0644 vm-systemd/qubes-core-agent-linux.tmpfiles \
    184. 

  184. 		$(DESTDIR)/usr/lib/tmpfiles.d/qubes-core-agent-linux.conf
    185. 

  185. 

  186. 	mkdir -p $(DESTDIR)$(SBINDIR)
    187. 

  187. 

  188. ifneq ($(SBINDIR),/usr/bin)
    189. 

  189. 	mv $(DESTDIR)/usr/bin/qubes-firewall $(DESTDIR)$(SBINDIR)/qubes-firewall
    190. 

  190. endif
    191. 

  191. 

  192. 	install -D network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes/qubes-setup-dnat-to-ns
    193. 

  193. 

  194. 	install -d $(DESTDIR)/etc/dhclient.d
    195. 

  195. 	ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh
    196. 

  196. 

  197. 	install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
    198. 

  198. 	install -D network/vif-qubes-nat.sh $(DESTDIR)/etc/xen/scripts/vif-qubes-nat.sh
    199. 

  199. 	install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
    200. 

  200. 	install -m 0644 -D network/updates-blacklist $(DESTDIR)/etc/tinyproxy/updates-blacklist
    201. 

  201. 	install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy
    202. 

  202. 

  203. 	install -m 0400 -D network/iptables $(DESTDIR)/etc/qubes/iptables.rules
    204. 

  204. 	install -m 0400 -D network/ip6tables $(DESTDIR)/etc/qubes/ip6tables.rules
    205. 

  205. 	install -m 0400 -D network/ip6tables-enabled $(DESTDIR)/etc/qubes/ip6tables-enabled.rules
    206. 

  206. 

  207. 	install -m 0755 -D qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc/qubes.UpdatesProxy
    208. 

  208. 

  209. # networkmanager install target allow integration of NetworkManager for Qubes VM:
    210. 

  210. # * make connections config persistent
    211. 

  211. # * adjust DNS redirections when needed
    212. 

  212. # * show/hide NetworkManager applet icon
    213. 

  213. install-networkmanager:
    214. 

  214. 	install -d $(DESTDIR)$(LIBDIR)/qubes/
    215. 

  215. 	install network/qubes-fix-nm-conf.sh $(DESTDIR)$(LIBDIR)/qubes/
    216. 

  216. 	install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/
    217. 

  217. 

  218. 	install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/
    219. 

  219. 	install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/
    220. 

  220. 

  221. 	install -d $(DESTDIR)/usr/lib/NetworkManager/conf.d
    222. 

  222. 	install -m 0644 network/nm-30-qubes.conf $(DESTDIR)/usr/lib/NetworkManager/conf.d/30-qubes.conf
    223. 

  223. 

  224. 	install -d $(DESTDIR)/etc/xdg/autostart
    225. 

  225. 	install -m 0755 network/show-hide-nm-applet.sh $(DESTDIR)$(LIBDIR)/qubes/
    226. 

  226. 	install -m 0644 network/show-hide-nm-applet.desktop $(DESTDIR)/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop
    227. 

  227. 

  228. install-deb: install-common install-systemd install-systemd-dropins install-systemd-networking-dropins install-networking install-networkmanager install-netvm
    229. 

  229. 	install -d $(DESTDIR)/etc/sysctl.d
    230. 

  230. 	install -m 644 network/80-qubes.conf $(DESTDIR)/etc/sysctl.d/
    231. 

  231. 	install -d $(DESTDIR)/etc/needrestart/conf.d
    232. 

  232. 	install -D -m 0644 misc/50_qubes.conf $(DESTDIR)/etc/needrestart/conf.d/50_qubes.conf
    233. 

  233. 

  234. 	mkdir -p $(DESTDIR)/etc/systemd/system/
    235. 

  235. 	install -m 0644 vm-systemd/haveged.service  $(DESTDIR)/etc/systemd/system/
    236. 

  236. 

  237. install-corevm: install-rh install-common install-systemd install-sysvinit install-systemd-dropins install-networking
    238. 

  238. 

  239. install-netvm: install-systemd-networking-dropins install-networkmanager
    240. 

  240. 

  241. install-vm: install-corevm install-netvm
    242.