3
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
5
# The following code has been provide under Public Domain License. I really
6
# don't care what you use it for. Just as long as you don't complain to me
7
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
11
# Options for building the package
12
# You can create a config.local with your customized options
14
# uncommenting TEST_DIR and using
15
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
17
# PKGNAME=tOpenSSH should allow testing a package without interfering
18
# with a real OpenSSH package on a system. This is not needed on systems
19
# that support the -R option to pkgadd.
20
#TEST_DIR=/var/tmp # leave commented out for production build
22
SYSVINIT_NAME=opensshd
24
SSHDUID=67 # Default privsep uid
25
SSHDGID=67 # Default privsep gid
26
# uncomment these next three as needed
29
#USR_LOCAL_IS_SYMLINK=yes
30
# list of system directories we do NOT want to change owner/group/perms
31
# when installing our package
64
# We may need to build as root so we make sure PATH is set up
65
# only set the path if it's not set already
66
[ -d /usr/local/bin ] && {
67
echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
68
[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
70
[ -d /usr/ccs/bin ] && {
71
echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
72
[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
78
echo "Please run this script from your build directory"
82
# we will look for config.local to override the above options
83
[ -s ./config.local ] && . ./config.local
85
## Start by faking root install
86
echo "Faking root install..."
88
OPENSSHD_IN=`dirname $0`/opensshd.in
89
FAKE_ROOT=$START/package
90
[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
92
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
95
echo "Fake root install failed, stopping."
99
## Fill in some details, like prefix and sysconfdir
100
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
102
eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
106
## Collect value of privsep user
107
for confvar in SSH_PRIVSEP_USER
109
eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
112
## Set privsep defaults if not defined
113
if [ -z "$SSH_PRIVSEP_USER" ]
115
SSH_PRIVSEP_USER=sshd
118
## Extract common info requires for the 'info' part of the package.
119
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
123
SunOS) UNAME_S=Solaris
126
DEF_MSG="(default: n)"
132
## Setup our run level stuff while we are at it.
133
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
135
## setup our initscript correctly
136
sed -e "s#%%configDir%%#${sysconfdir}#g" \
137
-e "s#%%openSSHDir%%#$prefix#g" \
138
-e "s#%%pidDir%%#${piddir}#g" \
139
${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
140
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
142
[ "${PERMIT_ROOT_LOGIN}" = no ] && \
143
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
144
$FAKE_ROOT/${sysconfdir}/sshd_config
145
[ "${X11_FORWARDING}" = yes ] && \
146
perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
147
$FAKE_ROOT/${sysconfdir}/sshd_config
149
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
150
$FAKE_ROOT/${sysconfdir}/sshd_config
152
# We don't want to overwrite config files on multiple installs
153
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
154
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
155
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
156
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
160
## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
163
PROTO_ARGS="$PROTO_ARGS $i=/$i";
167
echo "Building pkginfo file..."
168
cat > pkginfo << _EOF
170
NAME="OpenSSH Portable for ${UNAME_S}"
171
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
172
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
175
CATEGORY="Security,application"
180
## Build preinstall file
181
echo "Building preinstall file..."
182
cat > preinstall << _EOF
185
[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
189
## Build postinstall file
190
echo "Building postinstall file..."
191
cat > postinstall << _EOF
194
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
195
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
196
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
197
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
198
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
199
\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
200
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
201
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
202
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
203
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
206
# make rc?.d dirs only if we are doing a test install
207
[ -n "${TEST_DIR}" ] && {
208
[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
209
mkdir -p ${TEST_DIR}/etc/rc0.d
210
mkdir -p ${TEST_DIR}/etc/rc1.d
211
mkdir -p ${TEST_DIR}/etc/rc2.d
214
if [ "\${USE_SYM_LINKS}" = yes ]
216
[ "$RCS_D" = yes ] && \
217
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
218
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
219
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
220
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
222
[ "$RCS_D" = yes ] && \
223
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
224
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
225
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
226
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
229
# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
230
[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys
232
installf -f ${PKGNAME}
234
# Use chroot to handle PKG_INSTALL_ROOT
235
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
237
chroot="chroot \${PKG_INSTALL_ROOT}"
239
# If this is a test build, we will skip the groupadd/useradd/passwd commands
240
if [ ! -z "${TEST_DIR}" ]
245
if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
247
echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
250
echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
252
# create group if required
253
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
255
echo "PrivSep group $SSH_PRIVSEP_USER already exists."
257
# Use gid of 67 if possible
258
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
262
sshdgid="-g $SSHDGID"
264
echo "Creating PrivSep group $SSH_PRIVSEP_USER."
265
\$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
268
# Create user if required
269
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
271
echo "PrivSep user $SSH_PRIVSEP_USER already exists."
273
# Use uid of 67 if possible
274
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
278
sshduid="-u $SSHDUID"
280
echo "Creating PrivSep user $SSH_PRIVSEP_USER."
281
\$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
282
\$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
286
[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
290
## Build preremove file
291
echo "Building preremove file..."
292
cat > preremove << _EOF
295
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
299
## Build request file
300
echo "Building request file..."
301
cat > request << _EOF
306
# Use symbolic links?
308
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
310
[y,Y]*) USE_SYM_LINKS=yes ;;
313
# determine if should restart the daemon
314
if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
317
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
319
[y,Y]*) PRE_INS_STOP=yes
326
# determine if we should start sshd
328
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
330
[y,Y]*) POST_INS_START=yes ;;
334
# make parameters available to installation service,
335
# and so to any other packaging scripts
337
USE_SYM_LINKS='\$USE_SYM_LINKS'
338
PRE_INS_STOP='\$PRE_INS_STOP'
339
POST_INS_START='\$POST_INS_START'
346
echo "Building space file..."
348
# extra space required by start/stop links added by installf in postinstall
349
$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
350
$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
351
$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
353
[ "$RCS_D" = yes ] && \
354
echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space
356
## Next Build our prototype
357
echo "Building prototype file..."
358
cat >mk-proto.awk << _EOF
359
BEGIN { print "i pkginfo"; print "i preinstall"; \\
360
print "i postinstall"; print "i preremove"; \\
361
print "i request"; print "i space"; \\
362
split("$SYSTEM_DIR",sys_files); }
364
for (dir in sys_files) { if ( \$3 != sys_files[dir] )
365
{ \$5="root"; \$6="sys"; }
367
{ \$4="?"; \$5="?"; \$6="?"; break;}
371
find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
372
pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
374
# /usr/local is a symlink on some systems
375
[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
376
grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
377
mv prototype.new prototype
380
## Step back a directory and now build the package.
381
echo "Building package.."
383
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
384
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg