Index: Makefile ================================================================== --- Makefile +++ Makefile @@ -1,24 +1,30 @@ -CC = gcc -CFLAGS = -I. -Wall -W -pthread -O3 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE $(FILED_EXTRA_CFLAGS) -LDFLAGS = -pthread $(FILED_EXTRA_LDFLAGS) -LIBS = -lpthread $(FILED_EXTRA_LIBS) -MIMETYPES = /etc/httpd/mime.types - -PREFIX = /usr/local -prefix = $(PREFIX) +CC := gcc +CFLAGS := -I. -Wall -W -pthread -O3 -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE $(FILED_EXTRA_CFLAGS) +LDFLAGS := -pthread $(FILED_EXTRA_LDFLAGS) +LIBS := -lpthread $(FILED_EXTRA_LIBS) +MIMETYPES := /etc/httpd/mime.types +FILED_ADDITIONAL_DEPS = + +PREFIX := /usr/local +prefix := $(PREFIX) bindir = $(prefix)/bin mandir = $(prefix)/share/man srcdir = . vpath %.c $(srcdir) + +ifeq ($(FILED_DO_SECCOMP),1) +CFLAGS += -DFILED_DO_SECCOMP=1 +FILED_ADDTIONAL_DEPS += filed.seccomp.h +endif all: filed filed: filed.o $(CC) $(CFLAGS) $(LDFLAGS) -o "$@" $^ $(LIBS) -filed.o: $(srcdir)/filed.c filed-mime-types.h filed.seccomp.h +filed.o: $(srcdir)/filed.c filed-mime-types.h $(FILED_ADDTIONAL_DEPS) filed-mime-types.h: $(srcdir)/generate-mime-types $(srcdir)/mime.types '$(srcdir)/generate-mime-types' '$(MIMETYPES)' > filed-mime-types.h.new || \ '$(srcdir)/generate-mime-types' '$(srcdir)/mime.types' > filed-mime-types.h.new mv filed-mime-types.h.new filed-mime-types.h Index: README ================================================================== --- README +++ README @@ -77,11 +77,11 @@ 5. Differing "index.html" handling (CFLAGS, -DFILED_DONT_REDIRECT_DIRECTORIES=1) Normally "filed" redirects users who request a directory to the index.html file in that directory so that no memory allocations are required; This option lets the server generate the new path. - 6. Enable seccomp (CFLAGS, -DFILED_DO_SECCOMP=1) + 6. Enable seccomp (make FILED_DO_SECCOMP=1) Linux supports limiting the system calls that a process can make. This is called seccomp (SECure COMPuting). Currently not all platforms have been tested with this so it is disabled by default. 6. MIME Types (MIMETYPES)