diff --git a/Makefile.in b/Makefile.in index 7b84c560522..134e7bd660c 100644 --- a/Makefile.in +++ b/Makefile.in @@ -75,7 +75,7 @@ distclean: clean for dir in $(APPS) $(MYLIBS); do \ $(MAKE) -C $$dir distclean; \ done - rm -fr Makefile autom4te.cache config.log config.status config.h uids.h dummy.o + rm -fr Makefile autom4te.cache config.log config.status config.h uids.h dummy.o src/common.mk realinstall: # firejail executable @@ -177,6 +177,7 @@ install-strip: all strip src/fnetfilter/fnetfilter strip src/fseccomp/fseccomp strip src/fsec-print/fsec-print + strip src/fsec-optimize/fsec-optimize strip src/fcopy/fcopy strip src/fldd/fldd strip src/fbuilder/fbuilder diff --git a/configure b/configure index 9a7d9111192..5addefc72b3 100755 --- a/configure +++ b/configure @@ -3863,7 +3863,7 @@ if test "$prefix" = /usr; then sysconfdir="/etc" fi -ac_config_files="$ac_config_files Makefile src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile" +ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -4573,6 +4573,7 @@ for ac_config_target in $ac_config_targets do case $ac_config_target in "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; + "src/common.mk") CONFIG_FILES="$CONFIG_FILES src/common.mk" ;; "src/lib/Makefile") CONFIG_FILES="$CONFIG_FILES src/lib/Makefile" ;; "src/fcopy/Makefile") CONFIG_FILES="$CONFIG_FILES src/fcopy/Makefile" ;; "src/fnet/Makefile") CONFIG_FILES="$CONFIG_FILES src/fnet/Makefile" ;; diff --git a/configure.ac b/configure.ac index d3405a13571..460c93d50d3 100644 --- a/configure.ac +++ b/configure.ac @@ -199,7 +199,7 @@ if test "$prefix" = /usr; then sysconfdir="/etc" fi -AC_OUTPUT(Makefile src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ +AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile) diff --git a/src/common.mk.in b/src/common.mk.in new file mode 100644 index 00000000000..1d4dbe3046d --- /dev/null +++ b/src/common.mk.in @@ -0,0 +1,37 @@ +# common definitions for all makefiles + +CC=@CC@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +sysconfdir=@sysconfdir@ + +VERSION=@PACKAGE_VERSION@ +NAME=@PACKAGE_NAME@ +HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ +HAVE_SECCOMP=@HAVE_SECCOMP@ +HAVE_CHROOT=@HAVE_CHROOT@ +HAVE_BIND=@HAVE_BIND@ +HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ +HAVE_NETWORK=@HAVE_NETWORK@ +HAVE_USERNS=@HAVE_USERNS@ +HAVE_X11=@HAVE_X11@ +HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ +HAVE_WHITELIST=@HAVE_WHITELIST@ +HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ +HAVE_APPARMOR=@HAVE_APPARMOR@ +HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ +HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ +HAVE_GCOV=@HAVE_GCOV@ +HAVE_GIT_INSTALL=@HAVE_GIT_INSTALL@ + +H_FILE_LIST = $(sort $(wildcard *.[h])) +C_FILE_LIST = $(sort $(wildcard *.c)) +OBJS = $(C_FILE_LIST:.c=.o) +BINOBJS = $(foreach file, $(OBJS), $file) + +CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) $(HAVE_GIT_INSTALL) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security +LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ +EXTRA_CFLAGS +=@EXTRA_CFLAGS@ + diff --git a/src/faudit/Makefile.in b/src/faudit/Makefile.in index a3b505c3933..26df0fe514f 100644 --- a/src/faudit/Makefile.in +++ b/src/faudit/Makefile.in @@ -1,25 +1,14 @@ all: faudit -CC=@CC@ -PREFIX=@prefix@ -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(PREFIX)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) - $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ + $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ faudit: $(OBJS) - $(CC) $(LDFLAGS) -o $@ $(OBJS) + $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) -clean:; rm -f *.o faudit +clean:; rm -f *.o faudit *.gcov *.gcda *.gcno distclean: clean rm -fr Makefile diff --git a/src/fbuilder/Makefile.in b/src/fbuilder/Makefile.in index 5bf78f92a68..7a606c87224 100644 --- a/src/fbuilder/Makefile.in +++ b/src/fbuilder/Makefile.in @@ -1,37 +1,6 @@ all: fbuilder -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fcopy/Makefile.in b/src/fcopy/Makefile.in index 519240c3d8a..c9e7d87abf5 100644 --- a/src/fcopy/Makefile.in +++ b/src/fcopy/Makefile.in @@ -1,38 +1,6 @@ all: fcopy -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/firecfg/Makefile.in b/src/firecfg/Makefile.in index f0d389e36d5..b6dbb039da7 100644 --- a/src/firecfg/Makefile.in +++ b/src/firecfg/Makefile.in @@ -1,33 +1,6 @@ all: firecfg -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ @@ -35,7 +8,7 @@ LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread firecfg: $(OBJS) ../lib/common.o $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) -clean:; rm -f *.o firecfg firecfg.1 firecfg.1.gz *.gcov *.gcda *.gcno +clean:; rm -f *.o firecfg *.gcov *.gcda *.gcno distclean: clean rm -fr Makefile diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in index 54392410375..9bd2f9c2268 100644 --- a/src/firejail/Makefile.in +++ b/src/firejail/Makefile.in @@ -1,38 +1,6 @@ all: firejail -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -HAVE_GCOV=@HAVE_GCOV@ -HAVE_GIT_INSTALL=@HAVE_GIT_INSTALL@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) $(HAVE_GIT_INSTALL) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ @@ -40,7 +8,7 @@ LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o ../lib/ldd_utils.o $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) -clean:; rm -f *.o firejail firejail.1 firejail.1.gz *.gcov *.gcda *.gcno +clean:; rm -f *.o firejail *.gcov *.gcda *.gcno distclean: clean rm -fr Makefile diff --git a/src/firemon/Makefile.in b/src/firemon/Makefile.in index ede25f6b57b..d3ffe5d3f7b 100644 --- a/src/firemon/Makefile.in +++ b/src/firemon/Makefile.in @@ -1,24 +1,6 @@ all: firemon -CC=@CC@ -prefix=@prefix@ -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_GCOV=@HAVE_GCOV@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' $(HAVE_APPARMOR) $(HAVE_GCOV) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - +include ../common.mk %.o : %.c $(H_FILE_LIST) $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fldd/Makefile.in b/src/fldd/Makefile.in index e199d517d47..5af37cfbd9e 100644 --- a/src/fldd/Makefile.in +++ b/src/fldd/Makefile.in @@ -1,37 +1,6 @@ all: fldd -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h ../include/ldd_utils.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fnet/Makefile.in b/src/fnet/Makefile.in index 06b8bbee7b8..06b3981a99f 100644 --- a/src/fnet/Makefile.in +++ b/src/fnet/Makefile.in @@ -1,37 +1,6 @@ all: fnet -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/libnetlink.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fnetfilter/Makefile.in b/src/fnetfilter/Makefile.in index 0a0a8acc0e2..2e263cc2bbf 100644 --- a/src/fnetfilter/Makefile.in +++ b/src/fnetfilter/Makefile.in @@ -1,37 +1,6 @@ all: fnetfilter -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fsec-optimize/Makefile.in b/src/fsec-optimize/Makefile.in index faa1aa47699..e5e14a6a680 100644 --- a/src/fsec-optimize/Makefile.in +++ b/src/fsec-optimize/Makefile.in @@ -1,37 +1,6 @@ all: fsec-optimize -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fsec-print/Makefile.in b/src/fsec-print/Makefile.in index 177b23f06ff..3db4406f45e 100644 --- a/src/fsec-print/Makefile.in +++ b/src/fsec-print/Makefile.in @@ -1,38 +1,6 @@ all: fsec-print -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/fseccomp/Makefile.in b/src/fseccomp/Makefile.in index 3fd73bc5c25..2c99096bbee 100644 --- a/src/fseccomp/Makefile.in +++ b/src/fseccomp/Makefile.in @@ -1,37 +1,6 @@ all: fseccomp -CC=@CC@ -prefix=@prefix@ -exec_prefix=@exec_prefix@ -libdir=@libdir@ -sysconfdir=@sysconfdir@ - -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_SECCOMP_H=@HAVE_SECCOMP_H@ -HAVE_SECCOMP=@HAVE_SECCOMP@ -HAVE_CHROOT=@HAVE_CHROOT@ -HAVE_BIND=@HAVE_BIND@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_NETWORK=@HAVE_NETWORK@ -HAVE_USERNS=@HAVE_USERNS@ -HAVE_X11=@HAVE_X11@ -HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ -HAVE_WHITELIST=@HAVE_WHITELIST@ -HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ -HAVE_APPARMOR=@HAVE_APPARMOR@ -HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ -HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_SECCOMP) $(HAVE_GLOBALCFG) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ diff --git a/src/ftee/Makefile.in b/src/ftee/Makefile.in index 8846126f8bd..d3b92362c02 100644 --- a/src/ftee/Makefile.in +++ b/src/ftee/Makefile.in @@ -1,26 +1,12 @@ all: ftee -CC=@CC@ -PREFIX=@prefix@ -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) -DPREFIX='"$(PREFIX)"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread +include ../common.mk %.o : %.c $(H_FILE_LIST) $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ ftee: $(OBJS) - $(CC) $(LDFLAGS) -o $@ $(OBJS) $(EXTRA_LDFLAGS) + $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) clean:; rm -f *.o ftee *.gcov *.gcda *.gcno diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in index a25014c7459..a744b8d805d 100644 --- a/src/lib/Makefile.in +++ b/src/lib/Makefile.in @@ -1,18 +1,4 @@ -CC=@CC@ -PREFIX=@prefix@ -VERSION=@PACKAGE_VERSION@ -NAME=@PACKAGE_NAME@ -HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ -HAVE_GCOV=@HAVE_GCOV@ -EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ -EXTRA_CFLAGS +=@EXTRA_CFLAGS@ - -H_FILE_LIST = $(sort $(wildcard *.[h])) -C_FILE_LIST = $(sort $(wildcard *.c)) -OBJS = $(C_FILE_LIST:.c=.o) -BINOBJS = $(foreach file, $(OBJS), $file) -CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DLIBDIR='"$(libdir)"' $(HAVE_GCOV) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIC -Wformat -Wformat-security -LDFLAGS:=-pic -Wl,-z,relro -Wl,-z,now +include ../common.mk all: $(OBJS)