Checkpoint

svn path=/branches/tk377/; revision=4988

6 files changed, 200 insertions, 39 deletions

diff --git a/rcynic/Makefile.in b/rcynic/Makefile.in
index ee45fea7..58522a7f 100644
--- a/rcynic/Makefile.in
+++ b/rcynic/Makefile.in
@@ -14,25 +14,37 @@ CFLAGS = @CFLAGS@ -Wall -Wshadow -Wmissing-prototypes -Wmissing-declarations -We
 LDFLAGS = @LDFLAGS@ @LD_STATIC_FLAG@
 LIBS = @LIBS@
 
-AWK = @AWK@
-SORT= @SORT@
-PYTHON = @PYTHON@
-RRDTOOL = @RRDTOOL@
-
-abs_top_srcdir	 = @abs_top_srcdir@
-abs_top_builddir = @abs_top_builddir@
-
-host_os = @host_os@
-
-USE_RCYNIC_JAIL = @USE_RCYNIC_JAIL@
-RCYNIC_JAIL_DIRECTORY = @RCYNIC_JAIL_DIRECTORY@
+AWK			= @AWK@
+SORT			= @SORT@
+PYTHON			= @PYTHON@
+RRDTOOL			= @RRDTOOL@
+INSTALL			= @INSTALL@
+
+abs_top_srcdir		= @abs_top_srcdir@
+abs_top_builddir	= @abs_top_builddir@
+
+RCYNIC_INSTALL_TARGETS	= @RCYNIC_INSTALL_TARGETS@
+RCYNIC_DIR		= @RCYNIC_DIR@
+RCYNIC_JAIL_DIRS	= @RCYNIC_JAIL_DIRS@
+RCYNIC_CONF_FILE	= @RCYNIC_CONF_FILE@
+RCYNIC_TA_DIR		= @RCYNIC_TA_DIR@
+RCYNIC_DATA_DIR		= ${RCYNIC_DIR}/data
+RCYNIC_RPKI_RTR_DIR	= ${RCYNIC_DIR}/rpki-rtr
+RCYNIC_DIRS		= ${RCYNIC_TA_DIR} ${RCYNIC_JAIL_DIRS} ${RCYNIC_DATA_DIR} ${RCYNIC_RPKI_RTR_DIR}
+RCYNIC_CONF_RSYNC	= @RCYNIC_CONF_RSYNC@
+RCYNIC_CONF_DATA	= @RCYNIC_CONF_DATA@
+RCYNIC_CONF_TA_DIR	= @RCYNIC_CONF_TA_DIR@
+RCYNIC_USER		= rcynic
+RCYNIC_GROUP		= rcynic
+RCYNIC_GECOS		= RPKI Validation System
+RCYNIC_STATIC_RSYNC	= @RCYNIC_STATIC_RSYNC@
 
 SCRIPTS = rcynic-text rcynic-html rcynic-svn validation_status
 
-all: ${BIN} ${SCRIPTS}
+all: ${BIN} ${SCRIPTS} ${RCYNIC_STATIC_RSYNC}
 
 clean:
-	cd static-rsync; ${MAKE} $@
+	if test -r static-rsync/Makefile; then cd static-rsync; ${MAKE} $@; fi
 	rm -f ${BIN} ${OBJS} ${SCRIPTS}
 
 ${OBJ}: ${SRC} ${GEN}
@@ -44,27 +56,6 @@ ${GEN}: ${SRC}
 	${PYTHON} ${abs_top_srcdir}/buildtools/defstack.py ${SRC} >$@.tmp
 	mv $@.tmp $@
 
-test: ${BIN}
-	if test -r rcynic.conf; \
-	then \
-		./${BIN} -j 0 && \
-		test -r rcynic.xml && \
-		echo && \
-		./rcynic-text rcynic.xml; \
-	else \
-		 echo No rcynic.conf, skipping test; \
-	fi
-
-install: ${BIN} installation-scripts/install.sh
-	cd installation-scripts; host_os="${host_os}"; jaildir="${DESTDIR}${RCYNIC_JAIL_DIRECTORY}" DESTDIR="${DESTDIR}"; AWK="${AWK}"; SORT="${SORT}"; . ./install.sh
-
-uninstall deinstall:
-	cd installation-scripts; host_os="${host_os}"; DESTDIR="${DESTDIR}"; . ./deinstall.sh
-
-distclean: clean
-	cd static-rsync; ${MAKE} $@
-	rm -f Makefile
-
 COMPILE_PYTHON = \
 	AC_PYTHON_INTERPRETER='${PYTHON}' \
 	AC_RRDTOOL_BINARY='${RRDTOOL}' \
@@ -87,3 +78,83 @@ tags: TAGS
 
 TAGS: ${SRC} ${GEN}
 	etags ${SRC} ${GEN}
+
+test: ${BIN}
+	if test -r rcynic.conf; \
+	then \
+		./${BIN} -j 0 && \
+		test -r rcynic.xml && \
+		echo && \
+		./rcynic-text rcynic.xml; \
+	else \
+		 echo No rcynic.conf, skipping test; \
+	fi
+
+uninstall deinstall:
+	@echo Sorry, automated deinstallation of rcynic is not implemented yet
+
+distclean: clean
+	if test -r static-rsync/Makefile; then cd static-rsync; ${MAKE} $@; fi
+	rm -f Makefile
+
+static-rsync/rsync:
+	@echo "Building static rsync for use in chroot jail"
+	cd static-rsync; ${MAKE} all
+
+install: ${BIN} ${RSYNC_INSTALL_TARGETS}
+
+# From here down is a long list of rules to handle installation on
+# various platforms.  This used to be a set of nasty shell scripts,
+# now it's nasty Makefile autoconf AC_SUBST_FILE snippets.
+#
+# Still working out details here.
+
+create-rcynic-directories: ${RCYNIC_DIRS}
+
+${RCYNIC_DIRS}:
+	mkdir -p -v -555 $@
+
+postconf-rcynic-directories: ${RCYNIC_DATA_DIR} ${RCYNIC_RPKI_RTR_DIR}
+	chown ${RCYNIC_USER}:${RCYNIC_GROUP} ${RCYNIC_DATA_DIR} ${RCYNIC_RPKI_RTR_DIR}
+
+# Old script only installed trust anchors if rcynic.conf was missing.
+# Haven't decided yet whether we want to preserve that behavior.
+
+install-rcynic-trust-anchors: ${RCYNIC_TA_DIR}
+	@cd sample-trust-anchors; \
+	for i in *.tal; \
+	do \
+	    ${INSTALL} -C -p -m 444 "$$i" "${RCYNIC_TA_DIR}/$$i"; \
+	done
+
+install-rcynic-conf: ${RCYNIC_CONF_FILE}
+
+${RCYNIC_CONF_FILE}:
+	@echo Found no ${RCYNIC_CONF_FILE}, creating sample config.  You might want to edit this.
+	@echo > $@.tmp '# Sample rcynic configuration file.  See documentation for details.'
+	@echo >>$@.tmp ''
+	@echo >>$@.tmp '[rcynic]'
+	@echo >>$@.tmp 'rsync-program		= ${RCYNIC_CONF_RSYNC}'
+	@echo >>$@.tmp 'authenticated		= ${RCYNIC_CONF_DATA}/authenticated'
+	@echo >>$@.tmp 'unauthenticated		= ${RCYNIC_CONF_DATA}/unauthenticated'
+	@echo >>$@.tmp 'lockfile		= ${RCYNIC_CONF_DATA}/lock'
+	@echo >>$@.tmp 'xml-summary		= ${RCYNIC_CONF_DATA}/rcynic.xml'
+	@echo >>$@.tmp 'jitter			= 600'
+	@echo >>$@.tmp 'use-syslog		= true'
+	@echo >>$@.tmp 'log-level		= log_usage_err'
+	@cd ${RCYNIC_TA_DIR}; \
+	 j=1; \
+	 for i in *.tal; \
+	 do \
+	    echo >>$@ "trust-anchor-locator.$$j	= ${RCYNIC_CONF_TA_DIR}/$$i"; \
+	    j=$$((j+1)); \
+         done
+	@chmod 444 $@.tmp
+	@mv $@.tmp $@
+
+.FORCE:
+
+# Not sure we want this, test it both ways I guess
+#.PHONY: .FORCE
+
+@RCYNIC_MAKE_RULES@
diff --git a/rcynic/installation-scripts/deinstall.sh b/rcynic/installation-scripts/deinstall.sh
deleted file mode 100644
index 635c5acc..00000000
--- a/rcynic/installation-scripts/deinstall.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh -
-# $Id$
-
-echo Sorry, automated deinstallation of rcynic is not implemented yet
diff --git a/rcynic/rules.darwin.mk b/rcynic/rules.darwin.mk
new file mode 100644
index 00000000..8f0e87b7
--- /dev/null
+++ b/rcynic/rules.darwin.mk
@@ -0,0 +1,38 @@
+# $Id$
+
+create-rcynic-user-and-group: .FORCE
+	if /usr/bin/dscl . -read "/Groups/${RCYNIC_GROUP}" >/dev/null 2>&1; \
+	then \
+	    echo "You already have a group \"${RCYNIC_GROUP}\", so I will use it."; \
+	elif gid="$$(/usr/bin/dscl . -list /Groups PrimaryGroupID | /usr/bin/awk 'BEGIN {gid = 501} $$2 >= gid {gid = 1 + $$2} END {print gid}')" && \
+	    /usr/bin/dscl . -create "/Groups/${RCYNIC_GROUP}" && \
+	    /usr/bin/dscl . -create "/Groups/${RCYNIC_GROUP}" RealName "${RCYNIC_GECOS}" && \
+	    /usr/bin/dscl . -create "/Groups/${RCYNIC_GROUP}" PrimaryGroupID "$$gid" && \
+	    /usr/bin/dscl . -create "/Groups/${RCYNIC_GROUP}" GeneratedUID "$$(/usr/bin/uuidgen)" && \
+	    /usr/bin/dscl . -create "/Groups/${RCYNIC_GROUP}" Password "*"; \
+	then \
+	    echo "Added group \"${RCYNIC_GROUP}\"."; \
+	else \
+	    echo "Adding group \"${RCYNIC_GROUP}\" failed..."; \
+	    echo "Please create it, then try again."; \
+	    exit 1; \
+	fi; \
+	if /usr/bin/dscl . -read "/Users/${RCYNIC_USER}" >/dev/null 2>&1; \
+	then \
+	    echo "You already have a user \"${RCYNIC_USER}\", so I will use it."; \
+	elif uid="$$(/usr/bin/dscl . -list /Users UniqueID | /usr/bin/awk 'BEGIN {uid = 501} $$2 >= uid {uid = 1 + $$2} END {print uid}')" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" UserShell "/usr/bin/false" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" RealName "${RCYNIC_GECOS}" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" UniqueID "$$uid" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" PrimaryGroupID "$$gid" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" NFSHomeDirectory "/var/empty" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" GeneratedUID "$$(/usr/bin/uuidgen)" && \
+	    /usr/bin/dscl . -create "/Users/${RCYNIC_USER}" Password "*"; \
+	then \
+	    echo "Added user \"${RCYNIC_USER}\"."; \
+	else \
+	    echo "Adding user \"${RCYNIC_USER}\" failed..."; \
+	    echo "Please create it, then try again."; \
+	    exit 1; \
+	fi
diff --git a/rcynic/rules.freebsd.mk b/rcynic/rules.freebsd.mk
new file mode 100644
index 00000000..3eab4780
--- /dev/null
+++ b/rcynic/rules.freebsd.mk
@@ -0,0 +1,25 @@
+# $Id$
+
+create-rcynic-user-and-group: .FORCE
+	if /usr/sbin/pw groupshow "${RCYNIC_GROUP}" 2>/dev/null; \
+	then \
+	    echo "You already have a group \"${RCYNIC_GROUP}\", so I will use it."; \
+	elif /usr/sbin/pw groupadd ${RCYNIC_GROUP}; \
+	then \
+	    echo "Added group \"${RCYNIC_GROUP}\"."; \
+	else \
+	    echo "Adding group \"${RCYNIC_GROUP}\" failed..."; \
+	    echo "Please create it, then try again."; \
+	    exit 1; \
+	fi
+	if /usr/sbin/pw usershow "${RCYNIC_USER}" 2>/dev/null; \
+	then \
+	    echo "You already have a user \"${RCYNIC_USER}\", so I will use it."; \
+	elif /usr/sbin/pw useradd ${RCYNIC_USER} -g ${RCYNIC_GROUP} -h - -d /nonexistant -s /usr/sbin/nologin -c "${RCYNIC_GECOS}"; \
+	then \
+	    echo "Added user \"${RCYNIC_USER}\"."; \
+	else \
+	    echo "Adding user \"${RCYNIC_USER}\" failed..."; \
+	    echo "Please create it, then try again."; \
+	    exit 1; \
+	fi
diff --git a/rcynic/rules.linux.mk b/rcynic/rules.linux.mk
new file mode 100644
index 00000000..3ed5b730
--- /dev/null
+++ b/rcynic/rules.linux.mk
@@ -0,0 +1,27 @@
+# $Id$
+
+create-rcynic-user-and-group: .FORCE
+	if ${AWK} -F: 'BEGIN {status = 1} $$1 == ${RCYNIC_GROUP} {status = 0} END {exit status}' /etc/group; \
+	then \
+	    echo "You already have a group \"${RCYNIC_GROUP}\", so I will use it."; \
+	elif /usr/sbin/groupadd ${RCYNIC_GROUP}; \
+	then \
+	    echo "Added group \"${RCYNIC_GROUP}\"."; \
+	else \
+	    echo "Adding group \"${RCYNIC_GROUP}\" failed..."; \
+	    echo "Please create it, then try again."; \
+	    exit 1; \
+	fi
+	nogroup='-N'; \
+	if test -f /etc/redhat-release; then; read vendor release version < /etc/redhat-release; if test $$vendor = CentOS; then; nogroup='-n'; fi; fi; \
+	if ${AWK} -F: 'BEGIN {status = 1} $$1 == ${RCYNIC_USER} {status = 0} END {exit status}' /etc/passwd; \
+	then \
+	    echo "You already have a user \"${RCYNIC_USER}\", so I will use it." \
+	elif /usr/sbin/useradd -g ${RCYNIC_GROUP} -M $$nogroup -d "${RCYNIC_DIR}" -s /sbin/nologin -c "${RCYNIC_GECOS}" ${RCYNIC_USER}; \
+	then \
+	    echo "Added user \"${RCYNIC_USER}\"."; \
+	else \
+	    echo "Adding user \"${RCYNIC_USER}\" failed..."; \
+	    echo "Please create it, then try again."; \
+	    exit 1; \
+	fi
diff --git a/rcynic/rules.unknown.mk b/rcynic/rules.unknown.mk
new file mode 100644
index 00000000..fea2aebc
--- /dev/null
+++ b/rcynic/rules.unknown.mk
@@ -0,0 +1,4 @@
+# $Id$
+
+create-rcynic-user-and-group: .FORCE
+	@echo "Don't know how to make $@ on this platform"; exit 1