all: apps man MYLIBS = src/lib APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee src/faudit src/libconnect src/fnet src/fseccomp MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5 prefix=@prefix@ exec_prefix=@exec_prefix@ bindir=@bindir@ libdir=@libdir@ datarootdir=@datarootdir@ mandir=@mandir@ sysconfdir=@sysconfdir@ VERSION=@PACKAGE_VERSION@ NAME=@PACKAGE_NAME@ PACKAGE_TARNAME=@PACKAGE_TARNAME@ DOCDIR=@docdir@ HAVE_APPARMOR=@HAVE_APPARMOR@ BUSYBOX_WORKAROUND=@BUSYBOX_WORKAROUND@ uids.h:; ./mkuid.sh .PHONY: mylibs $(MYLIBS) mylibs: $(MYLIBS) uids.h $(MYLIBS): $(MAKE) -C $@ .PHONY: apps $(APPS) apps: $(APPS) $(APPS): $(MYLIBS) uids.h $(MAKE) -C $@ $(MANPAGES): $(wildcard src/man/*.txt) ./mkman.sh $(VERSION) src/man/$(basename $@).txt $@ man: $(MANPAGES) clean: for dir in $(APPS) $(MYLIBS); do \ $(MAKE) -C $$dir clean; \ done rm -fr gcov-file gcov-dir gcov-test-initialized rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm rm -f test/utils/index.html* rm -f test/utils/wget-log rm -f test/utils/lstesting rm -f test/environment/index.html* rm -f test/environment/wget-log* rm -fr test/environment/-testdir rm -f test/environment/logfile* rm -f test/environment/index.html rm -f test/environment/wget-log rm -f test/sysutils/firejail_t* cd test/compile; ./compile.sh --clean; cd ../.. distclean: clean for dir in $(APPS) $(MYLIBS); do \ $(MAKE) -C $$dir distclean; \ done rm -fr Makefile autom4te.cache config.log config.status config.h uids.h realinstall: # firejail executable install -m 0755 -d $(DESTDIR)/$(bindir) install -c -m 0755 src/firejail/firejail $(DESTDIR)/$(bindir)/. chmod u+s $(DESTDIR)/$(bindir)/firejail # firemon executable install -c -m 0755 src/firemon/firemon $(DESTDIR)/$(bindir)/. # firecfg executable install -c -m 0755 src/firecfg/firecfg $(DESTDIR)/$(bindir)/. # libraries and plugins install -m 0755 -d $(DESTDIR)/$(libdir)/firejail install -c -m 0644 src/libtrace/libtrace.so $(DESTDIR)/$(libdir)/firejail/. install -c -m 0644 src/libtracelog/libtracelog.so $(DESTDIR)/$(libdir)/firejail/. install -c -m 0644 src/libconnect/libconnect.so $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/ftee/ftee $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/fshaper/fshaper.sh $(DESTDIR)/$(libdir)/firejail/. install -c -m 0644 src/firecfg/firecfg.config $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/faudit/faudit $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/fnet/fnet $(DESTDIR)/$(libdir)/firejail/. install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/. # documents install -m 0755 -d $(DESTDIR)/$(DOCDIR) install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/. install -c -m 0644 README $(DESTDIR)/$(DOCDIR)/. install -c -m 0644 RELNOTES $(DESTDIR)/$(DOCDIR)/. # etc files ./mketc.sh $(sysconfdir) $(BUSYBOX_WORKAROUND) install -m 0755 -d $(DESTDIR)/$(sysconfdir)/firejail for file in .etc/* etc/firejail.config; do \ install -c -m 0644 $$file $(DESTDIR)/$(sysconfdir)/firejail; \ done sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" rm -fr .etc ifeq ($(HAVE_APPARMOR),-DHAVE_APPARMOR) # install apparmor profile sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d; fi;" install -c -m 0644 etc/firejail-default $(DESTDIR)/$(sysconfdir)/apparmor.d/. endif # man pages install -m 0755 -d $(DESTDIR)/$(mandir)/man1 install -m 0755 -d $(DESTDIR)/$(mandir)/man5 for man in $(MANPAGES); do \ rm -f $$man.gz; \ gzip -9n $$man; \ case "$$man" in \ *.1) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man1/; ;; \ *.5) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man5/; ;; \ esac; \ done rm -f $(MANPAGES) $(MANPAGES:%=%.gz) # bash completion install -m 0755 -d $(DESTDIR)/$(datarootdir)/bash-completion/completions install -c -m 0644 src/bash_completion/firejail.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail install -c -m 0644 src/bash_completion/firemon.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon install -c -m 0644 src/bash_completion/firecfg.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg install: all $(MAKE) realinstall install-strip: all strip src/firejail/firejail strip src/firemon/firemon strip src/firecfg/firecfg strip src/libtrace/libtrace.so strip src/libtracelog/libtracelog.so strip src/libconnect/libconnect.so strip src/ftee/ftee strip src/faudit/faudit strip src/fnet/fnet strip src/fseccomp/fseccomp $(MAKE) realinstall uninstall: rm -f $(DESTDIR)/$(bindir)/firejail rm -f $(DESTDIR)/$(bindir)/firemon rm -f $(DESTDIR)/$(bindir)/firecfg rm -fr $(DESTDIR)/$(libdir)/firejail rm -fr $(DESTDIR)/$(datarootdir)/doc/firejail for man in $(MANPAGES); do \ rm -f $(DESTDIR)/$(mandir)/man5/$$man*; \ rm -f $(DESTDIR)/$(mandir)/man1/$$man*; \ done rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg DISTFILES = "src etc platform configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils" dist: mv config.status config.status.old make distclean mv config.status.old config.status rm -fr $(NAME)-$(VERSION) $(NAME)-$(VERSION).tar.xz mkdir -p $(NAME)-$(VERSION)/test cp -a "$(DISTFILES)" $(NAME)-$(VERSION) cp -a "$(DISTFILES_TEST)" $(NAME)-$(VERSION)/test rm -rf $(NAME)-$(VERSION)/src/tools find $(NAME)-$(VERSION) -name .svn -delete tar -cJvf $(NAME)-$(VERSION).tar.xz $(NAME)-$(VERSION) rm -fr $(NAME)-$(VERSION) asc:; ./mkasc.sh $(VERSION) deb: dist ./mkdeb.sh $(NAME) $(VERSION) snap: all cd platform/snap; ./snap.sh install-snap: snap sudo snap remove faudit; sudo snap install faudit*.snap test-compile: dist cd test/compile; ./compile.sh $(NAME)-$(VERSION) .PHONY: rpms rpms: ./platform/rpm/mkrpm.sh $(NAME) $(VERSION) extras: all $(MAKE) -C extras/firetools cppcheck: clean cppcheck --force . scan-build: clean scan-build make gcov-test-initialized: ./gcov-test-init.sh gcov: gcov-test-initialized lcov --capture -d src/firejail -d src/firemon -d src/fseccomp -d src/fnet -d src/ftee -d src/lib -d src/firecfg --output-file gcov-file rm -fr gcov-dir genhtml gcov-file --output-directory gcov-dir # # make test # test-profiles: cd test/profiles; ./profiles.sh | grep TESTING test-apps: cd test/apps; ./apps.sh | grep TESTING test-apps-x11: cd test/apps-x11; ./apps-x11.sh | grep TESTING test-apps-x11-xorg: cd test/apps-x11-xorg; ./apps-x11-xorg.sh | grep TESTING test-sysutils: cd test/sysutils; ./sysutils.sh | grep TESTING test-utils: cd test/utils; ./utils.sh | grep TESTING test-environment: cd test/environment; ./environment.sh | grep TESTING test-filters: cd test/filters; ./filters.sh | grep TESTING test-arguments: cd test/arguments; ./arguments.sh | grep TESTING test-fs: cd test/fs; ./fs.sh | grep TESTING test: test-profiles test-fs test-utils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments echo "TEST COMPLETE" # # individual tests, some of them requiring root access # # root access, network devices are created before the test test-network: cd test/network; ./network.sh | grep TESTING # all the tests are run as root test-root: cd test/root; su -c ./root.sh | grep TESTING # runs as regular user test-overlay: cd test/overlay; ./overlay.sh | grep TESTING # mount -o remount,rw,hidepid=2 /proc