Refactor of packaging files + migrate from sysvinit to systemd servic…

…e management

* Relocate all packaging files under linux/<distro>
* Use new specfile derived from the Fedora EPEL upstream
* Build with debugging symbols at all times, such that we can strip them into the associated devel/debuginfo package during packaging.
* Updates to README as needed
* Use native systemd units for service management

This commit implements both a user scoped systemd unit in order to support use cases where each user maintains one's own configuration file, running cNTLM as one's own user, as well as the traditional system scoped unit that is prevalent in most distribution packages. This is more compatible (as it does not require user scoped systemd instances) however less flexible.

Additionally, the behavior of both systemd units is designed to pass parameters specified in the OPTARGS parameter in /etc/sysconfig/cntlmd to both user as well as system instances of cntlm, for purposes of centralized management of configuration parameters, such as the proxy hostnames or PAC file, while still allowing users to maintain their credentials in a configuration file private to their homedir.

.gitignore

@@ -5,6 +5,7 @@ cntlm*.zip
 cntlm*.rpm
 cntlm*.deb
 cntlm*.tar.gz
+cntlm*.tar.bz2
 /configure-stamp
 /config/config.h
 /config/endian
@@ -17,6 +18,9 @@ cntlm*.tar.gz
 /config/memset_s
 /config/gss
 /config/*.exe
+/linux/debian/changelog
+/linux/rpm/BUILD*
+/linux/rpm/SPECS/cntlm.spec
 /win/*.exe
 /win/*.dll
 /win/setup.iss
@@ -26,4 +30,5 @@ cntlm*.tar.gz
 .vscode
 .cproject
 .project
-.settings/
+.settings/
+rpm/BUILD*

Makefile

@@ -6,6 +6,8 @@ DESTDIR    	:=
 PREFIX     	:= /usr/local
 SYSCONFDIR 	:= $(DESTDIR)/etc
 BINDIR     	:= $(DESTDIR)$(PREFIX)/sbin
+INST_BINDIR := $(PREFIX)/sbin
+LIBEXECDIR  := $(DESTDIR)$(PREFIX)/libexec
 MANDIR     	:= $(DESTDIR)$(PREFIX)/share/man
 
 STAMP	:= configure-stamp
@@ -27,7 +29,7 @@ LDFLAGS		:= -lpthread -lm $(OSLDFLAGS)
 CYGWIN_REQS	:= cygwin1.dll cygrunsrv.exe
 
 ifeq ($(CC),gcc)
-GCC_VER := $(shell ${CC} -dumpfullversion | sed -e 's/\.\([0-9][0-9]\)/\1/g' -e 's/\.\([0-9]\)/0\1/g' -e 's/^[0-9]\{3,4\}$$/&00/')
+GCC_VER := $(shell ${CC} -dumpfullversion -dumpversion | sed -e 's/\.\([0-9][0-9]\)/\1/g' -e 's/\.\([0-9]\)/0\1/g' -e 's/^[0-9]\{3,4\}$$/&00/')
 GCC_GTEQ_430 := $(shell expr ${GCC_VER} \>= 40300)
 GCC_GTEQ_450 := $(shell expr ${GCC_VER} \>= 40500)
 GCC_GTEQ_600 := $(shell expr ${GCC_VER} \>= 60000)
@@ -69,6 +71,10 @@ ifeq ($(COVERAGE),1)
 else ifeq ($(DEBUG),1)
 	# DEBUG
 	CFLAGS	+= -g -O0
+else ifeq ($(NOSTRIP),1)
+	# Packaging, therefore optimization enabled but build with debug symbols
+	# as RPM will strip these out into a -debuginfo package that can be optionally installed
+	CFLAGS	+= -g -O3
 else
 	# RELEASE
 	CFLAGS	+= -O3
@@ -126,22 +132,31 @@ win/resources.o: win/resources.rc
 	@echo Win64: adding ICON resource
 	@windres $^ -o $@
 
+ifneq ($(NOSTRIP),1)
+	STRIP="-s"
+	STRIPAIX="-S"
+else
+	STRIP=""
+	STRIPAIX="-S"
+endif
 install: $(NAME)
 	# Special handling for install(1)
 	if [ "`uname -s`" = "AIX" ]; then \
-		install -M 755 -S -f $(BINDIR) $(NAME); \
+		install -M 755 $(STRIPAIX) -f $(BINDIR) $(NAME); \
 		install -M 644 -f $(MANDIR)/man1 doc/$(NAME).1; \
 		install -M 600 -c $(SYSCONFDIR) doc/$(NAME).conf; \
 	elif [ "`uname -s`" = "Darwin" ]; then \
 		install -d $(BINDIR)/; \
-		install -m 755 -s $(NAME) $(BINDIR)/$(NAME); \
+		install -m 755 $(STRIP) $(NAME) $(BINDIR)/$(NAME); \
 		install -d $(MANDIR)/man1/; \
 		install -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \
 		[ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \
 			|| install -d $(SYSCONFDIR)/; \
 			   install -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \
 	else \
-		install -D -m 755 -s $(NAME) $(BINDIR)/$(NAME); \
+		install -D -m 755 $(STRIP) $(NAME) $(BINDIR)/$(NAME); \
+		sed "s#%BINDIR%#$(INST_BINDIR)#g" linux/cntlm-user.in > linux/cntlm-user; \
+		install -D -m 755 linux/$(NAME)-user $(LIBEXECDIR)/$(NAME)-user; \
 		install -D -m 644 doc/$(NAME).1 $(MANDIR)/man1/$(NAME).1; \
 		[ -f $(SYSCONFDIR)/$(NAME).conf -o -z "$(SYSCONFDIR)" ] \
 			|| install -D -m 600 doc/$(NAME).conf $(SYSCONFDIR)/$(NAME).conf; \
@@ -165,25 +180,22 @@ tbz2:
 	rmdir tmp 2>/dev/null || true
 
 deb:
-	sed -i "s/^\(cntlm *\)([^)]*)/\1($(VER))/g" debian/changelog
-	if [ `id -u` = 0 ]; then \
-		debian/rules binary; \
-		debian/rules clean; \
-	else \
-		fakeroot debian/rules binary; \
-		fakeroot debian/rules clean; \
+	ln -sf linux/debian
+	sed "s/^\(cntlm *\)([^)]*)/\1($(VER))/g" linux/debian/changelog.in > linux/debian/changelog
+	if [ `id -u` = 0 ] && [ -L debian ]; then \
+		linux/debian/rules binary; \
+		linux/debian/rules clean; \
+	elif [ -L debian ]; then \
+		fakeroot linux/debian/rules binary; \
+		fakeroot linux/debian/rules clean; \
 	fi
 	mv ../cntlm_$(VER)*.deb .
 
-rpm:
-	sed -i "s/^\(Version:[\t ]*\)\(.*\)/\1$(VER)/g" rpm/cntlm.spec
-	if [ `id -u` = 0 ]; then \
-		rpm/rules binary; \
-		rpm/rules clean; \
-	else \
-		fakeroot rpm/rules binary; \
-		fakeroot rpm/rules clean; \
-	fi
+rpm: tbz2
+	sed "s/^\(Version:[\t ]*\)\(.*\)/\1$(VER)/g" linux/rpm/SPECS/cntlm.spec.in > linux/rpm/SPECS/cntlm.spec
+	@cp $(NAME)-$(VER).tar.bz2 linux/rpm/SOURCES/
+	rpmbuild --define '_topdir $(CURDIR)/linux/rpm' -ba linux/rpm/SPECS/cntlm.spec
+	mv linux/rpm/RPMS/**/*.rpm .
 
 win: win/setup.iss $(NAME) win/cntlm_manual.pdf win/cntlm.ini win/LICENSE.txt $(NAME)-$(VER)-win64.exe $(NAME)-$(VER)-win64.zip
 
@@ -231,19 +243,22 @@ uninstall:
 
 clean:
 	@rm -f config/endian config/gethostname config/socklen_t config/strdup config/arc4random_buf config/strlcat config/strlcpy config/memset_s config/gss config/*.exe
-	@rm -f *.o cntlm cntlm.exe configure-stamp build-stamp config/config.h
+	@rm -f *.o cntlm cntlm.exe configure-stamp build-stamp config/config.h cntlm-user
 	@rm -f $(patsubst %, win/%, $(CYGWIN_REQS) cntlm.exe cntlm.ini LICENSE.txt resources.o setup.iss cntlm_manual.pdf)
 
 distclean: clean
 ifeq ($(findstring CYGWIN,$(OS)),)
-	if [ `id -u` = 0 ]; then \
-		debian/rules clean; \
-		rpm/rules clean; \
-	else \
-		fakeroot debian/rules clean; \
-		fakeroot rpm/rules clean; \
+	if [ -L debian ]; then \
+	    if command -v dh_testdir && [ `id -u` = 0 ]; then \
+		    debian/rules clean; \
+	    elif command -v dh_testdir; then \
+		    fakeroot debian/rules clean; \
+	    fi \
 	fi
 endif
-	@rm -f *.exe *.deb *.rpm *.tgz *.tar.gz *.tar.bz2 *.zip *.exe tags ctags pid 2>/dev/null
+	@rm -f *.exe *.deb *.rpm *.tgz *.tar.gz *.tar.bz2 *.zip *.exe \
+	  linux/rpm/specs/cntlm.spec linux/cntlm-user linux/debian/changelog tags ctags pid 2>/dev/null
+	@rm -rf linux/rpm/BUILD linux/rpm/BUILDROOT 2>/dev/null
+
 
 .PHONY: all install tgz tbz2 deb rpm win uninstall clean distclean

README

@@ -115,11 +115,12 @@ $ ./configure
 $ make
 $ make install
 
-Cntlm does not require any dynamic libraries and there are no dependencies you
-have to satisfy before compilation, except for libpthreads. This library is
-required for all threaded applications and is very likely to be part of your
-system already, because it comes with libc. Next, install cntlm onto your
-system like so:
+Cntlm does not require any dynamic libraries unless kerberos support is enabled,
+and there are no dependencies you have to satisfy before compilation,
+except for libpthreads. This library is required for all threaded applications
+and is very likely to be part of your system already, because it comes with libc.
+
+Next, install cntlm onto your system like so:
 
 Default installation directories are /usr/local/sbin, /usr/local/share/man and /etc.
 Should you want to install cntlm into a different location, change the DESTDIR
@@ -132,7 +133,7 @@ $ make install SYSCONFDIR=/etc BINDIR=/usr/bin MANDIR=/usr/share/man
 
 Cntlm is compiled with system-wide configuration file by default. That means
 whenever you run cntlm, it looks into a hardcoded path (SYSCONFDIR) and tries
-to load cntml.conf. You cannot make it not to do so, unless you use -c with an
+to load cntlm.conf. You cannot make it not to do so, unless you use -c with an
 alternative file or /dev/null. This is standard behaviour and probably what you
 want. On the other hand, some of you might not want to use cntlm as a daemon
 started by init scripts and you would prefer setting up everything on the
@@ -149,17 +150,14 @@ among other things a file called "cntlmd". It can be used as an init.d script.
 Architectures
 ~~~~~~~~~~~~~
 The build system now has an autodetection of the build arch endianness. Every
-common CPU and OS out there is supported, including Windows, MacOS X, Linux,
+common CPU and OS out there is supported, including Windows, MacOS, Linux,
 *BSD, AIX.
 
 
 Compilers
 ~~~~~~~~~
-Cntlm is tested against GCC and IBM XL C/C++, other C compilers will work
+Cntlm is tested against GCC, Clang and IBM XL C/C++, other C compilers will work
 for you too. There are no compiler specific directives and options AFAIK.
-compilers might work for you (then again, they might not). Specific
-Makefiles for different compilers are supported by the ./configure script
-(e.g. Makefile.xlc)
 
 
 Contact

README.md

@@ -53,7 +53,7 @@ Compile:
     dpkg-buildpackage -b -rfakeroot
 
 Upon installation, the package takes care of creating a dedicated user for
-cntlm, init script integration, manages eventual configuration file updates
+cntlm, systemd unit integration, manages eventual configuration file updates
 with new upstream versions, things like restart of the daemon after future
 updates, etc. You can later revert all these changes with one command, should
 you decide to remove cntlm from your system.
@@ -62,12 +62,14 @@ you decide to remove cntlm from your system.
 
 ### 1) Quick way to create RPM
 
-    make rpm    # you'll need root privs. or fakeroot utility
+    make rpm
 
 ### 2) Detailed howto (or if make rpm doesn't work for you)
 
-To build an RPM package from scratch, as root change to
-/usr/src/[redhat|rpm|whatever]/SOURCES
+To build an RPM package from scratch:
+* Ensure that the rpmdevtools package is present
+* Execute `rpmdev-setuptree`
+* Change to `~/rpmbuild/SOURCES`
 
 Copy there all files from cntlm's rpm/ directory plus appropriate version of
 the source tar.bz2 (see Creating a SOURCE TARBALL section above) and type:
@@ -162,29 +164,28 @@ whenever you run cntlm, it looks into a hardcoded path (SYSCONFDIR) and tries
 to load cntml.conf. You cannot make it not to do so, unless you use -c with an
 alternative file or /dev/null. This is standard behavior and probably what you
 want. On the other hand, some of you might not want to use cntlm as a daemon
-started by init scripts and you would prefer setting up everything on the
+started by systemd units and you would prefer setting up everything on the
 command line. This is possible, just comment out SYSCONFDIR variable definition
 in the Makefile before you compile cntlm and it will remove this feature.
 
 Installation includes the main binary, the man page (see "man cntlm") and if
 the default config feature was not removed, it also installs a configuration
 template. Please note that unlike bin and man targets, existing configuration
-is never overwritten during installation. In the doc/ directory you can find
-among other things a file called "cntlmd". It can be used as an init.d script.
+is never overwritten during installation. In the linux/ directory you can find
+among other things a files with a suffix of ".service" which implement systemd
+unit files that can be used to manage cntlm, as either a system scoped or user
+scoped service.
 
 ## Architectures
 
 The build system now has an autodetection of the build arch endianness. Every
-common CPU and OS out there is supported, including Windows, MacOS X, Linux,
+common CPU and OS out there is supported, including Windows, MacOS, Linux,
 *BSD, AIX.
 
 ## Compilers
 
 Cntlm is tested against GCC, Clang and IBM XL C/C++, other C compilers will work
 for you too. There are no compiler specific directives and options AFAIK.
-compilers might work for you (then again, they might not). Specific
-Makefiles for different compilers are supported by the ./configure script
-(e.g. Makefile.xlc)
 
 ## Contact
 

VERSION

@@ -1 +1 @@
-0.94beta1
+0.95.0beta1

debian

@@ -0,0 +1 @@
+linux/debian

linux/cntlm-user.in

@@ -0,0 +1,13 @@
+#!/bin/bash
+# cNTLM per user launcher script
+USER_CONFIG_DIR="${XDG_CONFIG_HOME:-${HOME}/.config}"
+CNTLM_CONFIG_LOC="${USER_CONFIG_DIR}/cntlm/cntlm.conf"
+
+if [ ! -e "${CNTLM_CONFIG_LOC}" ] ; then
+  echo "${CNTLM_CONFIG_LOC} does not exist! Unable to run cNTLM for user ${USER}."
+  # Prevent systemd from restarting
+  # we are never going to succeed until the user adds a config
+  exit 0
+fi
+
+exec %BINDIR%/cntlm -f -c "${CNTLM_CONFIG_LOC}" "$@"