yrutschle · yrutschle · Aug 15, 2024 · Jul 27, 2024 · yrutschle · Aug 15, 2024
diff --git a/Makefile.in b/Makefile.in
@@ -3,7 +3,9 @@ VERSION=$(shell ./genver.sh -r)
 
 # Configuration -- you probably need to `make clean` if you
 # change any of these
-# landlock is checked by `configure` and set in config.h
+
+# uncomment the following line to disable landlock
+# override undefine HAVE_LANDLOCK
 ENABLE_SANITIZER= # Enable ASAN/LSAN/UBSAN
 ENABLE_REGEX=1 # Enable regex probes
 USELIBCONFIG=1 # Use libconfig? (necessary to use configuration files)

diff --git a/doc/INSTALL.md b/doc/INSTALL.md
@@ -30,6 +30,8 @@ Dependencies
 * [libcap](http://packages.debian.org/source/unstable/libcap-dev), in package `libcap-dev`.
  You can compile with or without it using USELIBCAP in the Makefile
 
+* [libconfig++-dev](https://packages.debian.org/bookworm/libconfig++-dev), in package `lìbconfig++-dev`
+
 * libbsd, to enable to change the process name (as shown in `ps`,
  so each forked process shows what protocol and what connection it is serving),
  which requires `libbsd` at runtime, and `libbsd-dev` at compile-time.
@@ -59,13 +61,16 @@ The test scripts are written in Perl, and will require
 
 Compilation
 -----------
-
-After this, the Makefile should work:
-
- make install
+First you have to run `./configure` in the _**./sslh**_ directory. After this, 
+the Makefile is created, and you can do your configuration changes in the Makefile. 
+After each run of ./configure, those changes are gone and the Makefile is recreated.
 
 There are a couple of configuration options at the beginning of the Makefile: 
 
+* `# override undefine HAVE_LANDLOCK` if you uncomment this line, sslh will be compiled
+ without landlock. As an alternative ./configure creates a config.h file, 
+ which gives also the possibility, to comment that out.
+
 * `USELIBWRAP` compiles support for host access control (see `hosts_access(3)`),
  you will need `libwrap` headers and library to compile (`libwrap0-dev` in Debian).
 
@@ -77,6 +82,9 @@ There are a couple of configuration options at the beginning of the Makefile:
 
 * `USELIBBSD` compiles support for updating the process name (as shown by `ps`).
 
+Now you can do either a plain `make` to create the binaries, or you can do an 
+`make install` to create the binaries and install them.
+
 
 Generating the configuration parser
 -----------------------------------

diff --git a/doc/config.md b/doc/config.md
@@ -76,10 +76,10 @@ Configuration goes like this on the server side, using `stunnel3`:
 Capabilities support
 --------------------
 
-On Linux (only?), you can compile sslh with `USELIBCAP=1` to
-make use of POSIX capabilities; this will save the required
-capabilities needed for transparent proxying for unprivileged
-processes.
+On Linux (only?), you can compile sslh with `USELIBCAP=1` set 
+in the Makefile to make use of POSIX capabilities; this will 
+save the required capabilities needed for transparent proxying 
+for unprivileged processes.
 
 Alternatively, you may use filesystem capabilities instead
 of starting sslh as root and asking it to drop privileges.