From 853b4a57bc1d1937939e979e14a6ab7e7e67a913 Mon Sep 17 00:00:00 2001 From: Ron Isaacson Date: Sun, 28 Jun 2020 16:21:12 -0400 Subject: [PATCH 1/4] Remove unnecessary CMake options --- CMakeLists.txt | 3 --- 1 file changed, 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index bafea7af..7a0c4a8d 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -37,7 +37,6 @@ endif() if(UNIX) include(GNUInstallDirs) - set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}") include(CheckIncludeFile) Check_Include_File(sys/auxv.h HAVE_SYS_AUXV) @@ -59,8 +58,6 @@ string(TIMESTAMP TIME_SECOND "%S" UTC) message(STATUS "Build date: ${DATE_DAY}/${DATE_MONTH}/${DATE_YEAR}") message(STATUS "Build time: ${TIME_HOUR}:${TIME_MINUTE}:${TIME_SECOND}") -set(CPACK_PACKAGING_INSTALL_PREFIX ${CMAKE_INSTALL_PREFIX}) - add_subdirectory(src) if(UNIX) From 6fe678fe8418a6afd6282ab94b59d6f47247a3cb Mon Sep 17 00:00:00 2001 From: Ron Isaacson Date: Mon, 29 Jun 2020 23:04:35 -0400 Subject: [PATCH 2/4] Fix wrapper script generation --- src/CMakeLists.txt | 25 +++++++++++++++++-------- src/vpnbridge/CMakeLists.txt | 2 +- src/vpnclient/CMakeLists.txt | 2 +- src/vpncmd/CMakeLists.txt | 2 +- src/vpnserver/CMakeLists.txt | 2 +- 5 files changed, 21 insertions(+), 12 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 1853db29..5568fe42 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -1,17 +1,26 @@ if(UNIX) # Creates wrapper scripts and installs them in the user's binaries directory, which is usually "/usr/local/bin". # This is required because symlinks use the folder they are in as working directory. - macro(install_wrapper_script component target) - get_filename_component(file_name ${target} NAME) + # + # The actual wrapper script needs to be generated at install time, not build time, because it depends on the + # installation prefix. This is especially important when generating packages (rpm/deb) where the prefix is + # changed from /usr to /usr/local for the install step. + # + # The placeholder is needed to satisfy the "install" dependency scanner which runs early. + # + macro(install_wrapper_script component) + file(GENERATE OUTPUT ${BUILD_DIRECTORY}/${component}.sh + CONTENT "# placeholder\n" + ) - file(WRITE ${TOP_DIRECTORY}/tmp/script/${file_name} "#!/bin/sh\n") - file(APPEND ${TOP_DIRECTORY}/tmp/script/${file_name} "${target} \"$@\"\n") - file(APPEND ${TOP_DIRECTORY}/tmp/script/${file_name} "exit $?\n") + install(CODE "file(WRITE ${BUILD_DIRECTORY}/${component}.sh \"#!/bin/sh\nexec \${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBEXECDIR}/softether/${component}/${component} \\\"$@\\\"\n\")" + COMPONENT ${component} + ) - install(FILES ${TOP_DIRECTORY}/tmp/script/${file_name} + install(PROGRAMS ${BUILD_DIRECTORY}/${component}.sh COMPONENT ${component} - DESTINATION ${CMAKE_INSTALL_FULL_BINDIR} - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE + DESTINATION bin + RENAME ${component} ) endmacro(install_wrapper_script) endif() diff --git a/src/vpnbridge/CMakeLists.txt b/src/vpnbridge/CMakeLists.txt index 34dd6b4c..5a6da417 100644 --- a/src/vpnbridge/CMakeLists.txt +++ b/src/vpnbridge/CMakeLists.txt @@ -39,7 +39,7 @@ if(UNIX) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ ) - install_wrapper_script("vpnbridge" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnbridge/vpnbridge") + install_wrapper_script("vpnbridge") if(NOT "${CMAKE_INSTALL_SYSTEMD_UNITDIR}" STREQUAL "") configure_file(${TOP_DIRECTORY}/systemd/softether-vpnbridge.service ${CMAKE_BINARY_DIR}/systemd/softether-vpnbridge.service) install(FILES ${CMAKE_BINARY_DIR}/systemd/softether-vpnbridge.service diff --git a/src/vpnclient/CMakeLists.txt b/src/vpnclient/CMakeLists.txt index 24a3196a..1cfa798e 100644 --- a/src/vpnclient/CMakeLists.txt +++ b/src/vpnclient/CMakeLists.txt @@ -39,7 +39,7 @@ if(UNIX) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ ) - install_wrapper_script("vpnclient" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnclient/vpnclient") + install_wrapper_script("vpnclient") if(NOT "${CMAKE_INSTALL_SYSTEMD_UNITDIR}" STREQUAL "") configure_file(${TOP_DIRECTORY}/systemd/softether-vpnclient.service ${CMAKE_BINARY_DIR}/systemd/softether-vpnclient.service) install(FILES ${CMAKE_BINARY_DIR}/systemd/softether-vpnclient.service diff --git a/src/vpncmd/CMakeLists.txt b/src/vpncmd/CMakeLists.txt index 5999d3e9..3d257961 100644 --- a/src/vpncmd/CMakeLists.txt +++ b/src/vpncmd/CMakeLists.txt @@ -39,5 +39,5 @@ if(UNIX) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ ) - install_wrapper_script("vpncmd" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpncmd/vpncmd") + install_wrapper_script("vpncmd") endif() diff --git a/src/vpnserver/CMakeLists.txt b/src/vpnserver/CMakeLists.txt index dd17f3d6..d7d0b525 100644 --- a/src/vpnserver/CMakeLists.txt +++ b/src/vpnserver/CMakeLists.txt @@ -39,7 +39,7 @@ if(UNIX) PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ ) - install_wrapper_script("vpnserver" "${CMAKE_INSTALL_FULL_LIBEXECDIR}/softether/vpnserver/vpnserver") + install_wrapper_script("vpnserver") if(NOT "${CMAKE_INSTALL_SYSTEMD_UNITDIR}" STREQUAL "") configure_file(${TOP_DIRECTORY}/systemd/softether-vpnserver.service ${CMAKE_BINARY_DIR}/systemd/softether-vpnserver.service) install(FILES ${CMAKE_BINARY_DIR}/systemd/softether-vpnserver.service From eeaac4e78cf1e74e527738d86346131b75a6434b Mon Sep 17 00:00:00 2001 From: Ron Isaacson Date: Mon, 29 Jun 2020 23:11:05 -0400 Subject: [PATCH 3/4] When generating an RPM, attempt to exclude system directories --- CMakeLists.txt | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7a0c4a8d..32e9dec2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -87,5 +87,14 @@ if(UNIX) set(CPACK_RPM_PACKAGE_GROUP "Applications/Internet") set(CPACK_RPM_PACKAGE_LICENSE "ASL 2.0") + # Exclude system directories + if(CPACK_GENERATOR STREQUAL "RPM") + execute_process( + COMMAND rpm -ql filesystem + COMMAND tr \n \; + OUTPUT_VARIABLE CPACK_RPM_EXCLUDE_FROM_AUTO_FILELIST_ADDITION + ERROR_QUIET) + endif() + include(CPack) endif() From 40ed982079e9af7c5c1bfc84fc33a29698066e77 Mon Sep 17 00:00:00 2001 From: Ron Isaacson Date: Tue, 30 Jun 2020 01:22:37 -0400 Subject: [PATCH 4/4] Fix systemd unit file generation --- src/CMakeLists.txt | 18 ++++++++++++++++++ src/vpnbridge/CMakeLists.txt | 7 +------ src/vpnclient/CMakeLists.txt | 7 +------ src/vpnserver/CMakeLists.txt | 7 +------ systemd/softether-vpnbridge.service | 10 +++++----- systemd/softether-vpnclient.service | 10 +++++----- systemd/softether-vpnserver.service | 10 +++++----- 7 files changed, 36 insertions(+), 33 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 5568fe42..4d78ef5f 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -23,6 +23,24 @@ if(UNIX) RENAME ${component} ) endmacro(install_wrapper_script) + + # Same approach for systemd unit files + # + macro(install_unit_file component) + file(GENERATE OUTPUT ${BUILD_DIRECTORY}/softether-${component}.service + CONTENT "# placeholder\n" + ) + + install(CODE "set(DIR \"\${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBEXECDIR}\")\nconfigure_file(${TOP_DIRECTORY}/systemd/softether-${component}.service ${BUILD_DIRECTORY}/softether-${component}.service)" + COMPONENT ${component} + ) + + install(FILES ${BUILD_DIRECTORY}/softether-${component}.service + COMPONENT ${component} + DESTINATION ${CMAKE_INSTALL_SYSTEMD_UNITDIR} + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ + ) + endmacro(install_unit_file) endif() if(BUILD_TYPE STREQUAL "Debug") diff --git a/src/vpnbridge/CMakeLists.txt b/src/vpnbridge/CMakeLists.txt index 5a6da417..f0129f13 100644 --- a/src/vpnbridge/CMakeLists.txt +++ b/src/vpnbridge/CMakeLists.txt @@ -41,11 +41,6 @@ if(UNIX) install_wrapper_script("vpnbridge") if(NOT "${CMAKE_INSTALL_SYSTEMD_UNITDIR}" STREQUAL "") - configure_file(${TOP_DIRECTORY}/systemd/softether-vpnbridge.service ${CMAKE_BINARY_DIR}/systemd/softether-vpnbridge.service) - install(FILES ${CMAKE_BINARY_DIR}/systemd/softether-vpnbridge.service - COMPONENT "vpnbridge" - DESTINATION ${CMAKE_INSTALL_SYSTEMD_UNITDIR} - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ - ) + install_unit_file("vpnbridge") endif() endif() diff --git a/src/vpnclient/CMakeLists.txt b/src/vpnclient/CMakeLists.txt index 1cfa798e..71c5c351 100644 --- a/src/vpnclient/CMakeLists.txt +++ b/src/vpnclient/CMakeLists.txt @@ -41,11 +41,6 @@ if(UNIX) install_wrapper_script("vpnclient") if(NOT "${CMAKE_INSTALL_SYSTEMD_UNITDIR}" STREQUAL "") - configure_file(${TOP_DIRECTORY}/systemd/softether-vpnclient.service ${CMAKE_BINARY_DIR}/systemd/softether-vpnclient.service) - install(FILES ${CMAKE_BINARY_DIR}/systemd/softether-vpnclient.service - COMPONENT "vpnclient" - DESTINATION ${CMAKE_INSTALL_SYSTEMD_UNITDIR} - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ - ) + install_unit_file("vpnclient") endif() endif() diff --git a/src/vpnserver/CMakeLists.txt b/src/vpnserver/CMakeLists.txt index d7d0b525..e4caaed6 100644 --- a/src/vpnserver/CMakeLists.txt +++ b/src/vpnserver/CMakeLists.txt @@ -41,11 +41,6 @@ if(UNIX) install_wrapper_script("vpnserver") if(NOT "${CMAKE_INSTALL_SYSTEMD_UNITDIR}" STREQUAL "") - configure_file(${TOP_DIRECTORY}/systemd/softether-vpnserver.service ${CMAKE_BINARY_DIR}/systemd/softether-vpnserver.service) - install(FILES ${CMAKE_BINARY_DIR}/systemd/softether-vpnserver.service - COMPONENT "vpnserver" - DESTINATION ${CMAKE_INSTALL_SYSTEMD_UNITDIR} - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ - ) + install_unit_file("vpnserver") endif() endif() diff --git a/systemd/softether-vpnbridge.service b/systemd/softether-vpnbridge.service index c9fa2b73..b4d3cc8c 100644 --- a/systemd/softether-vpnbridge.service +++ b/systemd/softether-vpnbridge.service @@ -1,13 +1,13 @@ [Unit] Description=SoftEther VPN Bridge After=network.target auditd.service -ConditionPathExists=!${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnbridge/do_not_run +ConditionPathExists=!@DIR@/softether/vpnbridge/do_not_run [Service] Type=forking -EnvironmentFile=-${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnbridge -ExecStart=${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnbridge/vpnbridge start -ExecStop=${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnbridge/vpnbridge stop +EnvironmentFile=-@DIR@/softether/vpnbridge +ExecStart=@DIR@/softether/vpnbridge/vpnbridge start +ExecStop=@DIR@/softether/vpnbridge/vpnbridge stop KillMode=process Restart=on-failure @@ -16,7 +16,7 @@ PrivateTmp=yes ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ -ReadWriteDirectories=-${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnbridge +ReadWriteDirectories=-@DIR@/softether/vpnbridge CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYSLOG CAP_SETUID [Install] diff --git a/systemd/softether-vpnclient.service b/systemd/softether-vpnclient.service index ff47b2a4..6bac5267 100644 --- a/systemd/softether-vpnclient.service +++ b/systemd/softether-vpnclient.service @@ -1,13 +1,13 @@ [Unit] Description=SoftEther VPN Client After=network.target auditd.service -ConditionPathExists=!${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnclient/do_not_run +ConditionPathExists=!@DIR@/softether/vpnclient/do_not_run [Service] Type=forking -EnvironmentFile=-${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnclient -ExecStart=${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnclient/vpnclient start -ExecStop=${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnclient/vpnclient stop +EnvironmentFile=-@DIR@/softether/vpnclient +ExecStart=@DIR@/softether/vpnclient/vpnclient start +ExecStop=@DIR@/softether/vpnclient/vpnclient stop KillMode=process Restart=on-failure @@ -16,7 +16,7 @@ PrivateTmp=yes ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ -ReadWriteDirectories=-${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnclient +ReadWriteDirectories=-@DIR@/softether/vpnclient CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYSLOG CAP_SETUID [Install] diff --git a/systemd/softether-vpnserver.service b/systemd/softether-vpnserver.service index c22ca58e..15427ad6 100644 --- a/systemd/softether-vpnserver.service +++ b/systemd/softether-vpnserver.service @@ -1,14 +1,14 @@ [Unit] Description=SoftEther VPN Server After=network.target auditd.service -ConditionPathExists=!${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnserver/do_not_run +ConditionPathExists=!@DIR@/softether/vpnserver/do_not_run [Service] Type=forking TasksMax=16777216 -EnvironmentFile=-${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnserver -ExecStart=${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnserver/vpnserver start -ExecStop=${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnserver/vpnserver stop +EnvironmentFile=-@DIR@/softether/vpnserver +ExecStart=@DIR@/softether/vpnserver/vpnserver start +ExecStop=@DIR@/softether/vpnserver/vpnserver stop KillMode=process Restart=on-failure @@ -17,7 +17,7 @@ PrivateTmp=yes ProtectHome=yes ProtectSystem=full ReadOnlyDirectories=/ -ReadWriteDirectories=-${CPACK_PACKAGING_INSTALL_PREFIX}/libexec/softether/vpnserver +ReadWriteDirectories=-@DIR@/softether/vpnserver CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SYS_NICE CAP_SYSLOG CAP_SETUID [Install]