build: simplify code related to seccomp filters/man pages

.gitignore

@@ -6,9 +6,9 @@
 *.rpm
 *.gcda
 *.gcno
+*.gz
 *.DS_Store
 .directory
-*.man
 .vscode
 /firejail-*/
 autom4te.cache/
@@ -20,14 +20,6 @@ contrib/syntax/files/example
 contrib/syntax/files/firejail-profile.lang
 contrib/syntax/files/firejail.vim
 firejail-*.tar.xz
-firejail-login.5
-firejail-profile.5
-firejail-config.5
-firejail-users.5
-firejail.1
-firemon.1
-firecfg.1
-jailcheck.1
 src/fnettrace-dns/fnettrace-dns
 src/fnettrace-sni/fnettrace-sni
 src/fnettrace-icmp/fnettrace-icmp
@@ -68,10 +60,5 @@ __pycache__
 *.pyc
 *.pyo
 src/fnettrace/static-ip-map
-src/man/firecfg.1.gz
-src/man/firejail-login.5.gz
-src/man/firejail-profile.5.gz
-src/man/firejail-users.5.gz
-src/man/firejail.1.gz
-src/man/firemon.1.gz
-src/man/jailcheck.1.gz
+src/man/*.1
+src/man/*.5

Makefile

@@ -2,6 +2,10 @@
 ROOT = .
 -include config.mk
 
+ifneq ($(HAVE_MAN),no)
+MAN_TARGET = man
+endif
+
 ifneq ($(HAVE_CONTRIB_INSTALL),no)
 CONTRIB_TARGET = contrib
 endif
@@ -14,11 +18,16 @@ SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfil
 SBOX_APPS_NON_DUMPABLE += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp
 SBOX_APPS_NON_DUMPABLE += src/fnettrace/fnettrace src/fnettrace-dns/fnettrace-dns src/fnettrace-sni/fnettrace-sni
 SBOX_APPS_NON_DUMPABLE += src/fnettrace-icmp/fnettrace-icmp
-MYDIRS = src/lib src/man $(COMPLETIONDIRS)
+MYDIRS = src/lib $(COMPLETIONDIRS)
 MYLIBS = src/libpostexecseccomp/libpostexecseccomp.so src/libtrace/libtrace.so src/libtracelog/libtracelog.so
 COMPLETIONS = src/zsh_completion/_firejail src/bash_completion/firejail.bash_completion
 SECCOMP_FILTERS = seccomp seccomp.debug seccomp.32 seccomp.block_secondary seccomp.mdwx seccomp.mdwx.32 seccomp.namespaces seccomp.namespaces.32
 
+MANPAGES1_IN := $(sort $(wildcard src/man/*.1.in))
+MANPAGES5_IN := $(sort $(wildcard src/man/*.5.in))
+MANPAGES1_GZ := $(MANPAGES1_IN:.in=.gz)
+MANPAGES5_GZ := $(MANPAGES5_IN:.in=.gz)
+
 SYSCALL_HEADERS := $(sort $(wildcard src/include/syscall*.h))
 
 # Lists of keywords used in profiles; used for generating syntax files.
@@ -37,13 +46,13 @@ SYNTAX_FILES := $(SYNTAX_FILES_IN:.in=)
 ALL_ITEMS = $(APPS) $(SBOX_APPS) $(SBOX_APPS_NON_DUMPABLE) $(MYLIBS)
 
 .PHONY: all
-all: all_items mydirs $(CONTRIB_TARGET)
+all: all_items mydirs filters $(MAN_TARGET) $(CONTRIB_TARGET)
 
 config.mk config.sh:
 	@printf 'error: run ./configure to generate %s\n' "$@" >&2
 	@false
 
-.PHONY: all_items $(ALL_ITEMS)
+.PHONY: all_items
 all_items: $(ALL_ITEMS)
 $(ALL_ITEMS): $(MYDIRS)
 	$(MAKE) -C $(dir $@)
@@ -53,21 +62,38 @@ mydirs: $(MYDIRS)
 $(MYDIRS):
 	$(MAKE) -C $@
 
-define build_filters
+.PHONY: filters
+filters: $(SECCOMP_FILTERS)
+seccomp: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
 	src/fseccomp/fseccomp default seccomp
 	src/fsec-optimize/fsec-optimize seccomp
+
+seccomp.debug: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
 	src/fseccomp/fseccomp default seccomp.debug allow-debuggers
 	src/fsec-optimize/fsec-optimize seccomp.debug
+
+seccomp.32: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
 	src/fseccomp/fseccomp secondary 32 seccomp.32
 	src/fsec-optimize/fsec-optimize seccomp.32
+
+seccomp.block_secondary: src/fseccomp/fseccomp
 	src/fseccomp/fseccomp secondary block seccomp.block_secondary
+
+seccomp.mdwx: src/fseccomp/fseccomp
 	src/fseccomp/fseccomp memory-deny-write-execute seccomp.mdwx
+
+seccomp.mdwx.32: src/fseccomp/fseccomp
 	src/fseccomp/fseccomp memory-deny-write-execute.32 seccomp.mdwx.32
+
+seccomp.namespaces: src/fseccomp/fseccomp
 	src/fseccomp/fseccomp restrict-namespaces seccomp.namespaces cgroup,ipc,net,mnt,pid,time,user,uts
-	src/fseccomp/fseccomp restrict-namespaces seccomp.namespaces.32 cgroup,ipc,net,mnt,pid,time,user,uts
-endef
 
+seccomp.namespaces.32: src/fseccomp/fseccomp
+	src/fseccomp/fseccomp restrict-namespaces seccomp.namespaces.32 cgroup,ipc,net,mnt,pid,time,user,uts
 
+.PHONY: man
+man:
+	$(MAKE) -C src/man
 
 # Makes all targets in contrib/
 .PHONY: contrib
@@ -137,6 +163,7 @@ clean:
 	for dir in $$(dirname $(ALL_ITEMS)) $(MYDIRS); do \
 		$(MAKE) -C $$dir clean; \
 	done
+	$(MAKE) -C src/man clean
 	$(MAKE) -C test clean
 	rm -f $(SECCOMP_FILTERS)
 	rm -f firejail*.rpm
@@ -180,7 +207,6 @@ endif
 	# libraries and plugins
 	install -m 0755 -d $(DESTDIR)$(libdir)/firejail
 	install -m 0755 -t $(DESTDIR)$(libdir)/firejail src/firecfg/firejail-welcome.sh
-	$(call build_filters)
 	install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS)
 	install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS)
 	install -m 0755 -t $(DESTDIR)$(libdir)/firejail src/profstats/profstats
@@ -230,13 +256,8 @@ endif
 ifneq ($(HAVE_MAN),no)
 	# man pages
 	install -m 0755 -d $(DESTDIR)$(mandir)/man1 $(DESTDIR)$(mandir)/man5
-	install -m 0644 src/man/firejail.1.gz $(DESTDIR)$(mandir)/man1/
-	install -m 0644 src/man/firemon.1.gz $(DESTDIR)$(mandir)/man1/
-	install -m 0644 src/man/firecfg.1.gz $(DESTDIR)$(mandir)/man1/
-	install -m 0644 src/man/jailcheck.1.gz $(DESTDIR)$(mandir)/man1/
-	install -m 0644 src/man/firejail-login.5.gz $(DESTDIR)$(mandir)/man5/
-	install -m 0644 src/man/firejail-users.5.gz $(DESTDIR)$(mandir)/man5/
-	install -m 0644 src/man/firejail-profile.5.gz $(DESTDIR)$(mandir)/man5/
+	install -m 0644 $(MANPAGES1_GZ) $(DESTDIR)$(mandir)/man1/
+	install -m 0644 $(MANPAGES5_GZ) $(DESTDIR)$(mandir)/man5/
 endif
 	# bash completion
 	install -m 0755 -d $(DESTDIR)$(datarootdir)/bash-completion/completions
@@ -264,10 +285,8 @@ uninstall: config.mk
 	rm -f $(DESTDIR)$(bindir)/jailcheck
 	rm -fr $(DESTDIR)$(libdir)/firejail
 	rm -fr $(DESTDIR)$(datarootdir)/doc/firejail
-	for man in $(MANPAGES); do \
-		rm -f $(DESTDIR)$(mandir)/man5/$$man*; \
-		rm -f $(DESTDIR)$(mandir)/man1/$$man*; \
-	done
+	rm -f $(addprefix $(DESTDIR)$(mandir)/man1/,$(notdir $(MANPAGES1_GZ)))
+	rm -f $(addprefix $(DESTDIR)$(mandir)/man5/,$(notdir $(MANPAGES5_GZ)))
 	rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/firejail
 	rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/firemon
 	rm -f $(DESTDIR)$(datarootdir)/bash-completion/completions/firecfg

RELNOTES

@@ -21,8 +21,6 @@ firejail (0.9.73) baseline; urgency=low
     #5618)
   * bugfix: fix --hostname and --hosts-file commands
   * bugfix: arp.c: ensure positive timeout on select(2) (#5806)
-  * build: fixed problem with seccomp filters and man pages built every
-     time when running make
   * build: auto-generate syntax files (#5627)
   * build: mark all phony targets as such (#5637)
   * build: mkdeb.sh: pass all arguments to ./configure (#5654)
@@ -32,6 +30,9 @@ firejail (0.9.73) baseline; urgency=low
   * build: remove -mretpoline and NO_EXTRA_CFLAGS (#5859)
   * build: disable all built-in implicit make rules (#5864)
   * build: organize and standardize make vars and targets (#5866)
+  * build: fix seccomp filters and man pages always being rebuilt when running
+    make
+  * build: simplify code related to man pages (#5898)
   * ci: always update the package db before installing packages (#5742)
   * ci: fix codeql unable to download its own bundle (#5783)
   * ci: split configure/build/install commands on gitlab (#5784)

src/man/Makefile

@@ -2,44 +2,25 @@
 ROOT = ../..
 -include $(ROOT)/config.mk
 
-all: firecfg.1.gz firejail.1.gz firejail-login.5.gz firejail-users.5.gz firejail-profile.5.gz firemon.1.gz jailcheck.1.gz
-
-#firecfg.1.gz: firecfg.txt
-#	gawk -f ./preproc.awk -- $(MANFLAGS) < $< > firecfg.1
-#	./mkman.sh $(VERSION) firecfg.1
-#	gzip -n9 firecfg.1
-
-# a small function to build a manpage
-define build
-	gawk -f ./preproc.awk -- $(MANFLAGS) < $1 > $2
-	./mkman.sh $(VERSION) ./$2
-	rm -f $2.gz
-	gzip -n9 $2
-endef
-
-firecfg.1.gz: firecfg.txt
-	$(call build,firecfg.txt,firecfg.1)
-
-firejail.1.gz: firejail.txt
-	$(call build,firejail.txt,firejail.1)
-
-firejail-login.5.gz: firejail-login.txt
-	$(call build,firejail-login.txt,firejail-login.5)
-
-firejail-users.5.gz: firejail-users.txt
-	$(call build,firejail-users.txt,firejail-users.5)
-
-firejail-profile.5.gz: firejail-profile.txt
-	$(call build,firejail-profile.txt,firejail-profile.5)
-
-firemon.1.gz: firemon.txt
-	$(call build,firemon.txt,firemon.1)
-
-jailcheck.1.gz: jailcheck.txt
-	$(call build,jailcheck.txt,jailcheck.1)
+MOD_DIR := $(ROOT)/src/man
+MANPAGES_IN := $(sort $(wildcard $(MOD_DIR)/*.in))
+MANPAGES_GZ := $(MANPAGES_IN:.in=.gz)
+TARGET = $(MANPAGES_GZ)
+
+.PHONY: all
+all: $(TARGET)
+
+# foo.1: foo.1.in
+$(MOD_DIR)/%: $(MOD_DIR)/%.in $(ROOT)/config.mk
+	@printf 'Generating %s from %s\n' $@ $<
+	@gawk -f $(MOD_DIR)/preproc.awk -- $(MANFLAGS) <$< | \
+	  $(MOD_DIR)/mkman.sh $(VERSION) >$@
+
+# foo.1.gz: foo.1
+$(MOD_DIR)/%.gz: $(MOD_DIR)/%
+	@printf 'Generating %s from %s\n' $@ $<
+	@rm -f $@
+	@gzip -n9 $<
 
 .PHONY: clean
-clean:; rm -fr *.1 *.5 *.gz
-
-.PHONY: distclean
-distclean: clean
+clean:; rm -f *.1 *.5 *.gz

src/man/mkman.sh

@@ -5,8 +5,10 @@
 
 set -e
 
-sed -i "s/VERSION/$1/g" "$2"
 MONTH="$(LC_ALL=C date -u --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%b)"
-sed -i "s/MONTH/$MONTH/g" "$2"
 YEAR="$(LC_ALL=C date -u --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y)"
-sed -i "s/YEAR/$YEAR/g" "$2"
+
+sed \
+  -e "s/VERSION/$1/g" \
+  -e "s/MONTH/$MONTH/g" \
+  -e "s/YEAR/$YEAR/g"