#!/usr/bin/make -f # Sample debian/rules that uses debhelper. # GNU copyright 1997 to 1999 by Joey Hess. # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 # This is the debhelper compatability version to use. export DH_COMPAT=4 export DH_OPTIONS ifeq (,$(wildcard /usr/bin/po2debconf)) PO2DEBCONF := no MINDEBCONFVER := 0.5 else PO2DEBCONF := yes MINDEBCONFVER := 1.2.0 endif configure: configure-stamp configure-stamp: patch dh_testdir # Add here commands to configure the package. ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \ --enable-http --enable-ldap \ --enable-dbus --enable-xml \ --enable-smartcard --enable-cisco-quirks # Could enable --enable-nat-transport, but this is actually insecure, # so don't! # And for --enable-eap-sim we would need the library, which we don't # have right now. touch configure-stamp patch: dh_testdir dpatch apply-all unpatch: dpatch deapply-all build: build-stamp build-stamp: configure-stamp $(MAKE) # also generate the fswcert tool #$(MAKE) -C programs/fswcert/ # ugly hack.... #$(MAKE) -C programs/fswcert/ programs WERROR='-lcrypto' touch build-stamp clean: unpatch dh_testdir dh_testroot rm -f build-stamp configure-stamp -$(MAKE) clean #-$(MAKE) -C programs/fswcert/ clean # after a make clean, no binaries _should_ be left, but .... -find $(CURDIR) -name "*.o" | xargs --no-run-if-empty rm -find $(CURDIR)/lib/libcrypto -name "*.a" | xargs --no-run-if-empty rm # Really clean (#356716) # This is a hack: should be better implemented rm -f lib/libstrongswan/libstrongswan.a || true rm -f lib/libstrongswan/liboswlog.a || true # just in case something went wrong rm -f $(CURDIR)/debian/ipsec.secrets # and make sure that template are up-to-date debconf-updatepo dh_clean ifeq ($(PO2DEBCONF),yes) # Hack for woody compatibility. This makes sure that the # debian/templates file shipped in the source package doesn't # specify encodings, which woody's debconf can't handle. If building # on a system with po-debconf installed (conveniently debhelper (>= # 4.1.16) depends on it), the binary-arch target will generate a # better version for sarge. echo 1 > debian/po/output po2debconf debian/strongswan.templates.master > debian/strongswan.templates rm -f debian/po/output endif install-strongswan: DH_OPTIONS=-a install-strongswan: build dh_testdir dh_testroot dh_clean -k dh_installdirs # Add here commands to install the package into debian/tmp. $(MAKE) install DESTDIR=$(CURDIR)/debian/strongswan install --mode=0600 $(CURDIR)/debian/ipsec.secrets.proto $(CURDIR)/debian/strongswan/etc/ipsec.secrets # use bash for init.d and _plutorun # TODO: check if we still need this patch $(CURDIR)/debian/strongswan/etc/init.d/ipsec < debian/use-bash1.diff patch $(CURDIR)/debian/strongswan/usr/lib/ipsec/_plutorun < debian/use-bash2.diff # install the fswcert tool #install $(CURDIR)/programs/fswcert/fswcert $(CURDIR)/debian/strongswan/usr/bin #install $(CURDIR)/programs/fswcert/fswcert.8 $(CURDIR)/debian/strongswan/usr/share/man/man8 # TODO: check if we still need this rm -f $(CURDIR)/debian/strongswan/etc/init.d/ipsec?* rm -f $(CURDIR)/debian/strongswan/usr/lib/ipsec/_plutorun?* # this is handled by update-rc.d rm -rf $(CURDIR)/debian/strongswan/etc/rc?.d dh_installdocs -pstrongswan -n # change the paths in the installed doc files (but only in regular # files, not in links to the outside of the build tree !) # TODO: check if we still need this ( cd $(CURDIR)/debian/strongswan/; \ for f in `grep "/usr/local/" --recursive --files-with-match *`; \ do \ if [ -f $$f -a ! -L $$f ]; then \ cp $$f $$f.old; \ sed 's/\/usr\/local\//\/usr\//' $$f.old > $$f; \ rm $$f.old; \ fi; \ done ) # the logcheck ignore files install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.paranoid $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.paranoid/strongswan install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.server/strongswan install -D --mode=0600 $(CURDIR)/debian/logcheck.ignore.server $(CURDIR)/debian/strongswan/etc/logcheck/ignore.d.workstation/strongswan install -D --mode=0600 $(CURDIR)/debian/logcheck.violations.ignore $(CURDIR)/debian/strongswan/etc/logcheck/violations.ignore.d/strongswan # set permissions on ipsec.secrets chmod 600 $(CURDIR)/debian/strongswan/etc/ipsec.secrets chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.conf chmod 700 -R $(CURDIR)/debian/strongswan/etc/ipsec.d/private/ # don't know why they come with +x set by default... chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.d/policies/* chmod 644 $(CURDIR)/debian/strongswan/etc/ipsec.d/examples/* # or why these are copied to the directory... rm -f $(CURDIR)/debian/strongswan/usr/lib/ipsec/ipsec_pr.template rm -f $(CURDIR)/debian/strongswan/usr/lib/ipsec/distro.txt # more lintian cleanups find $(CURDIR)/debian/strongswan -name ".cvsignore" | xargs --no-run-if-empty rm -f find $(CURDIR)/debian/strongswan -name "/.svn/" | xargs --no-run-if-empty rm -rf # and lintian overrides install --mode=0644 $(CURDIR)/debian/strongswan.lintian-overrides $(CURDIR)/debian/strongswan/usr/share/lintian/overrides/strongswan binary-common: #dh_testversion 2 dh_testdir dh_testroot dh_installdebconf dh_installchangelogs CHANGES dh_link dh_strip dh_compress dh_fixperms -X etc/ipsec.conf -X etc/ipsec.secrets -X etc/ipsec.d # dh_makeshlibs dh_installdeb # dh_perl dh_shlibdeps dh_gencontrol dh_md5sums dh_builddeb # Build architecture-independent files here. binary-indep: $(MAKE) -f debian/rules DH_OPTIONS=-i binary-common # Build architecture-dependent files here. binary-arch: install-strongswan $(MAKE) -f debian/rules DH_OPTIONS=-a binary-common # Any other binary targets build just one binary package at a time. #binary-%: build install # make -f debian/rules binary-common DH_OPTIONS=-p$* binary: binary-indep binary-arch .PHONY: clean binary-indep binary-arch