Convert to pandoc.

Because pandoc is relatively small, we now create man page output on the
fly on building, which makes pandoc a required build time dependency.

.gitignore

@@ -16,3 +16,4 @@ tallow-*/
 tallow.service
 *~
 DEADJOE
+man/*.[0-9]

Makefile.am

@@ -28,17 +28,20 @@ EXTRA_DIST = \
 	man/tallow.patterns.5.md \
 	man/tallow.1.md
 
-dist_man_MANS = man/tallow.1 man/tallow.conf.5 man/tallow.patterns.5
-
 dist_doc_DATA = tallow.conf
 
 DISTCHECK_CONFIGURE_FLAGS = \
 	--with-systemdsystemunitdir=$(DESTDIR)$(SYSTEMDSYSTEMUNITDIR)
 
-docs: $(dist_man_MANS)
+man_MANS = man/tallow.1 man/tallow.conf.5 man/tallow.patterns.5
+clean-local:
+	rm -f $(man_MANS)
+
 man/%.5: man/%.5.md
-	ronn -r $< --pipe > $@
+	@mkdir -p $$(dirname $@)
+	pandoc -s -f markdown -t man $< --output $@
 
 man/%.1: man/%.1.md
-	ronn -r $< --pipe > $@
+	@mkdir -p $$(dirname $@)
+	pandoc -s -f markdown -t man $< --output $@
 

configure.ac

@@ -11,6 +11,11 @@ AC_CONFIG_FILES([Makefile])
 AC_PROG_CC
 AC_PROG_INSTALL
 
+AC_CHECK_PROG([PANDOC],[pandoc],yes)
+if test x"${PANDOC}" != x"yes" ; then
+    AC_MSG_ERROR([Pandoc is required to create manual pages.])
+fi
+
 PKG_CHECK_MODULES(PCRE, libpcre)
 PKG_CHECK_MODULES(JSON_C, json-c)
 PKG_CHECK_MODULES(LIBSYSTEMD, libsystemd,, [PKG_CHECK_MODULES(LIBSYSTEMD, libsystemd-journal)])

man/tallow.1.md

@@ -1,13 +1,15 @@
+% TALLOW(1)
+% Auke Kok `<[email protected]>`
 
-## tallow 
+# tallow
 
 Reduce log clutter due to ssh login attempts.
 
-## SYNOPSIS
+# SYNOPSIS
 
 `/usr/sbin/tallow`
 
-## DESCRIPTION
+# DESCRIPTION
 
 `tallow` is a daemon that watches the systemd journal for messages
 from the `sshd` service. It parses the messages and looks for
@@ -35,27 +37,23 @@ blocked inadvertently. You may wish to list any valid IP address
 with the whitelist option in tallow.conf(5). Multiple addresses can
 be whitelisted.
 
-## OPTIONS
+# OPTIONS
 
 The `tallow` daemon itself has no runtime configuration. All
 configuration is done through the tallow.conf(5) config file.
 
-## SIGNALS
+# SIGNALS
 
 The `USR1` signal causes `tallow` to print out it's internal tracking
 table of IP addresses. This requires that tallow is compiled with
 the `-DDEBUG=1` symbol passed to the compiler.
 
-## SEE ALSO
+# SEE ALSO
 
 systemd-journald(1), iptables(1), ipset(1), tallow.conf(5), tallow.patterns(5)
 
-## BUGS
+# BUGS
 
 `tallow` is `NOT A SECURITY SOLUTION`, nor does it protect against
 random password logins. A attacker may still be able to logon to your
 systems if you allow password logins.
-
-## AUTHOR
-
-Auke Kok <[email protected]>

man/tallow.conf.5.md

@@ -1,23 +1,25 @@
+% TALLOW.CONF(5)
+% Auke Kok `<[email protected]>`
 
-## tallow.conf
+# tallow.conf
 
 The tallow configuration file
 
-## NAME
+# NAME
 
 tallow.conf - Tallow daemon configuration file
 
-## SYNOPSIS
+# SYNOPSIS
 
 `/etc/tallow.conf`
 
-## DESCRIPTION
+# DESCRIPTION
 
 This file is read on startup by the tallow(1) daemon, and can
 be used to provide options to the tallow daemon. If not present,
 tallow will operate with built-in defaults.
 
-## OPTIONS
+# OPTIONS
 
 `fwcmd_path`=`<string>`
 Specifies the location of the ipset(1) firewall-cmd(1) programs. By
@@ -79,16 +81,12 @@ Use the following commands if you're using firewalld(1):
 ```
   firewall-cmd --permanent --new-ipset=tallow --type=hash:ip --family=inet --option=timeout=3600
   firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 1 -m set --match-set tallow src -j DROP
-  
+
   firewall-cmd --permanent --new-ipset=tallow6 --type=hash:ip --family=inet6 --option=timeout=3600
   firewall-cmd --permanent --direct --add-rule ipv6 filter INPUT 1 -m set --match-set tallow6 src -j DROP
-  
+
   ```
 
-## SEE ALSO
+# SEE ALSO
 
 tallow(1), tallow.patterns(5)
-
-## AUTHOR
-
-Auke Kok <[email protected]>