Artifact Content
Not logged in

Artifact 730ce4315c8417618581418768dcfa0bbe9d42dd:


all: apps man filters
MYLIBS = src/lib
APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee src/faudit src/libconnect src/fnet src/fseccomp src/fcopy
MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5
SECCOMP_FILTERS = seccomp seccomp.i386 seccomp.amd64

prefix=@prefix@
exec_prefix=@exec_prefix@
bindir=@bindir@
libdir=@libdir@
datarootdir=@datarootdir@
mandir=@mandir@
sysconfdir=@sysconfdir@

VERSION=@PACKAGE_VERSION@
NAME=@PACKAGE_NAME@
PACKAGE_TARNAME=@PACKAGE_TARNAME@
DOCDIR=@docdir@
HAVE_APPARMOR=@HAVE_APPARMOR@
BUSYBOX_WORKAROUND=@BUSYBOX_WORKAROUND@

uids.h:; ./mkuid.sh

.PHONY: mylibs $(MYLIBS)
mylibs: $(MYLIBS) uids.h
$(MYLIBS):
	$(MAKE) -C $@

.PHONY: apps $(APPS)
apps: $(APPS)
$(APPS): $(MYLIBS) uids.h
	$(MAKE) -C $@

$(MANPAGES): $(wildcard src/man/*.txt)
	./mkman.sh $(VERSION) src/man/$(basename $@).txt $@

man: $(MANPAGES)

filters: src/fseccomp
	src/fseccomp/fseccomp default seccomp
	src/fseccomp/fseccomp default seccomp.debug allow-debuggers
	src/fseccomp/fseccomp secondary 32 seccomp.i386
	src/fseccomp/fseccomp secondary 64 seccomp.amd64

clean:
	for dir in $(APPS) $(MYLIBS); do \
		$(MAKE) -C $$dir clean; \
	done
	rm -f $(MANPAGES) $(MANPAGES:%=%.gz) firejail*.rpm
	rm -f seccomp seccomp.debug seccomp.i386 seccomp.amd64
	rm -f test/utils/index.html*
	rm -f test/utils/wget-log
	rm -f test/utils/lstesting
	rm -f test/environment/index.html*
	rm -f test/environment/wget-log*
	rm -fr test/environment/-testdir
	rm -f test/environment/logfile*
	rm -f test/environment/index.html
	rm -f test/environment/wget-log
	rm -f test/sysutils/firejail_t*
	cd test/compile; ./compile.sh --clean; cd ../..

distclean: clean
	for dir in $(APPS) $(MYLIBS); do \
		$(MAKE) -C $$dir distclean; \
	done
	rm -fr Makefile autom4te.cache config.log config.status config.h uids.h

realinstall:
	# firejail executable
	install -m 0755 -d $(DESTDIR)/$(bindir)
	install -c -m 0755 src/firejail/firejail $(DESTDIR)/$(bindir)/.
	chmod u+s $(DESTDIR)/$(bindir)/firejail
	# firemon executable
	install -c -m 0755 src/firemon/firemon $(DESTDIR)/$(bindir)/.
	# firecfg executable
	install -c -m 0755 src/firecfg/firecfg $(DESTDIR)/$(bindir)/.
	# libraries and plugins
	install -m 0755 -d $(DESTDIR)/$(libdir)/firejail
	install -c -m 0644 src/libtrace/libtrace.so $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 src/libtracelog/libtracelog.so $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 src/libconnect/libconnect.so $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 src/ftee/ftee $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 src/fshaper/fshaper.sh $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 src/firecfg/firecfg.config $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 src/faudit/faudit $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 src/fnet/fnet $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 src/fseccomp/fseccomp $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 src/fcopy/fcopy $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 seccomp $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 seccomp.debug $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 seccomp.i386 $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0644 seccomp.amd64 $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 contrib/fix_private-bin.py $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 contrib/fjclip.py $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 contrib/fjdisplay.py $(DESTDIR)/$(libdir)/firejail/.
	install -c -m 0755 contrib/fjresize.py $(DESTDIR)/$(libdir)/firejail/.
	# documents
	install -m 0755 -d $(DESTDIR)/$(DOCDIR)
	install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/.
	install -c -m 0644 README $(DESTDIR)/$(DOCDIR)/.
	install -c -m 0644 RELNOTES $(DESTDIR)/$(DOCDIR)/.
	# etc files
	./mketc.sh $(sysconfdir) $(BUSYBOX_WORKAROUND)
	install -m 0755 -d $(DESTDIR)/$(sysconfdir)/firejail
	for file in .etc/* etc/firejail.config; do \
		install -c -m 0644 $$file $(DESTDIR)/$(sysconfdir)/firejail; \
	done
	sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
	rm -fr .etc
ifeq ($(HAVE_APPARMOR),-DHAVE_APPARMOR)	
	# install apparmor profile
	sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d; fi;"
	install -c -m 0644 etc/firejail-default $(DESTDIR)/$(sysconfdir)/apparmor.d/.
endif	
	# man pages
	install -m 0755 -d $(DESTDIR)/$(mandir)/man1
	install -m 0755 -d $(DESTDIR)/$(mandir)/man5
	for man in $(MANPAGES); do \
		rm -f $$man.gz; \
		gzip -9n $$man; \
		case "$$man" in \
			*.1) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man1/; ;; \
			*.5) install -c -m 0644 $$man.gz $(DESTDIR)/$(mandir)/man5/; ;; \
		esac; \
	done
	rm -f $(MANPAGES) $(MANPAGES:%=%.gz)
	# bash completion
	install -m 0755 -d $(DESTDIR)/$(datarootdir)/bash-completion/completions
	install -c -m 0644 src/bash_completion/firejail.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail
	install -c -m 0644 src/bash_completion/firemon.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
	install -c -m 0644 src/bash_completion/firecfg.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg

install: all
	$(MAKE) realinstall

install-strip: all
	strip src/firejail/firejail
	strip src/firemon/firemon
	strip src/firecfg/firecfg
	strip src/libtrace/libtrace.so
	strip src/libtracelog/libtracelog.so
	strip src/libconnect/libconnect.so
	strip src/ftee/ftee
	strip src/faudit/faudit
	strip src/fnet/fnet
	strip src/fseccomp/fseccomp
	strip src/fcopy/fcopy
	$(MAKE) realinstall

uninstall:
	rm -f $(DESTDIR)/$(bindir)/firejail
	rm -f $(DESTDIR)/$(bindir)/firemon
	rm -f $(DESTDIR)/$(bindir)/firecfg
	rm -fr $(DESTDIR)/$(libdir)/firejail
	rm -fr $(DESTDIR)/$(datarootdir)/doc/firejail
	for man in $(MANPAGES); do \
		rm -f $(DESTDIR)/$(mandir)/man5/$$man*; \
		rm -f $(DESTDIR)/$(mandir)/man1/$$man*; \
	done
	rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail
	rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
	rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
	
DISTFILES = "src etc platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES"
DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils"

dist:
	mv config.status config.status.old
	make distclean
	mv config.status.old config.status
	rm -fr $(NAME)-$(VERSION) $(NAME)-$(VERSION).tar.xz
	mkdir -p $(NAME)-$(VERSION)/test
	cp -a "$(DISTFILES)" $(NAME)-$(VERSION)
	cp -a "$(DISTFILES_TEST)" $(NAME)-$(VERSION)/test
	rm -rf $(NAME)-$(VERSION)/src/tools
	find $(NAME)-$(VERSION) -name .svn -delete
	tar -cJvf $(NAME)-$(VERSION).tar.xz $(NAME)-$(VERSION)
	rm -fr $(NAME)-$(VERSION)

asc:; ./mkasc.sh $(VERSION)

deb: dist
	./mkdeb.sh $(NAME) $(VERSION)

snap: all
	cd platform/snap; ./snap.sh

install-snap: snap
	sudo snap remove faudit; sudo snap install faudit*.snap

test-compile: dist
	cd test/compile; ./compile.sh $(NAME)-$(VERSION)

.PHONY: rpms
rpms:
	./platform/rpm/mkrpm.sh $(NAME) $(VERSION)

extras: all
	$(MAKE) -C extras/firetools
	
cppcheck: clean
	cppcheck --force .

scan-build: clean
	scan-build make


#
# make test
#


test-profiles:
	cd test/profiles; ./profiles.sh | grep TESTING

test-apps:
	cd test/apps; ./apps.sh | grep TESTING

test-apps-x11:
	cd test/apps-x11; ./apps-x11.sh | grep TESTING

test-apps-x11-xorg:
	cd test/apps-x11-xorg; ./apps-x11-xorg.sh | grep TESTING

test-sysutils:
	cd test/sysutils; ./sysutils.sh | grep TESTING
	
test-utils:
	cd test/utils; ./utils.sh | grep TESTING

test-environment:
	cd test/environment; ./environment.sh | grep TESTING

test-filters:
	cd test/filters; ./filters.sh | grep TESTING

test-arguments:
	cd test/arguments; ./arguments.sh | grep TESTING
	
test-fs:
	cd test/fs; ./fs.sh | grep TESTING

test-fcopy:
	cd test/fcopy; ./fcopy.sh | grep TESTING
	
test: test-profiles test-fcopy test-fs test-utils  test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments
	echo "TEST COMPLETE"

##########################################
# Individual tests, some of them require root access
# The tests are very intrussive, by the time you are done
# with them you will need to restart your computer.
##########################################

# requires root access
test-chroot:
	cd test/chroot; ./chroot.sh | grep testing

# Huge appimage files, not included in "make dist" archive
test-appimage:
	cd test/appimage; ./appimage.sh | grep TESTING

# Root access, network devices are created before the test
# restart your computer to get rid of these devices
test-network:
	cd test/network; ./network.sh | grep TESTING

# Tesets running a root user
test-root:
	cd test/root; su -c ./root.sh | grep TESTING
	
# OverlayFS is not available on all platforms
test-overlay:
	cd test/overlay; ./overlay.sh | grep TESTING

# For testing hidepid system, the command to set it up is "mount -o remount,rw,hidepid=2 /proc"

test-all: test-root test-chroot test-network test-appimage test-overlay
	echo "TEST COMPLETE"