1.1.1
by Colin Watson
Import upstream version 3.9p1 |
1 |
#!/bin/sh
|
2 |
#
|
|
3 |
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
|
|
4 |
#
|
|
5 |
# The following code has been provide under Public Domain License. I really
|
|
6 |
# don't care what you use it for. Just as long as you don't complain to me
|
|
7 |
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
|
|
8 |
#
|
|
9 |
umask 022 |
|
10 |
#
|
|
11 |
# Options for building the package
|
|
12 |
# You can create a openssh-config.local with your customized options
|
|
13 |
#
|
|
14 |
REMOVE_FAKE_ROOT_WHEN_DONE=yes |
|
15 |
#
|
|
16 |
# uncommenting TEST_DIR and using
|
|
17 |
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
|
|
18 |
# and
|
|
19 |
# PKGNAME=tOpenSSH should allow testing a package without interfering
|
|
20 |
# with a real OpenSSH package on a system. This is not needed on systems
|
|
21 |
# that support the -R option to pkgadd.
|
|
22 |
#TEST_DIR=/var/tmp # leave commented out for production build
|
|
23 |
PKGNAME=OpenSSH |
|
24 |
# revisions within the same version (REV=a)
|
|
25 |
#REV=
|
|
26 |
SYSVINIT_NAME=opensshd |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
27 |
AWK=${AWK:="nawk"} |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
28 |
MAKE=${MAKE:="make"} |
29 |
SSHDUID=67 # Default privsep uid |
|
30 |
SSHDGID=67 # Default privsep gid |
|
31 |
# uncomment these next three as needed
|
|
32 |
#PERMIT_ROOT_LOGIN=no
|
|
33 |
#X11_FORWARDING=yes
|
|
34 |
#USR_LOCAL_IS_SYMLINK=yes
|
|
35 |
# System V init run levels
|
|
36 |
SYSVINITSTART=S98 |
|
37 |
SYSVINITSTOPT=K30 |
|
38 |
# We will source these if they exist
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
39 |
POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
40 |
POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
41 |
# We'll be one level deeper looking for these
|
|
42 |
PKG_PREINSTALL_LOCAL=../pkg-preinstall.local |
|
43 |
PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local |
|
44 |
PKG_PREREMOVE_LOCAL=../pkg-preremove.local |
|
45 |
PKG_POSTREMOVE_LOCAL=../pkg-postremove.local |
|
46 |
PKG_REQUEST_LOCAL=../pkg-request.local |
|
47 |
# end of sourced files
|
|
48 |
#
|
|
49 |
OPENSSHD=opensshd.init |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
50 |
OPENSSH_MANIFEST=openssh.xml |
51 |
OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default |
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
52 |
SMF_METHOD_DIR=/lib/svc/method/site |
53 |
SMF_MANIFEST_DIR=/var/svc/manifest/site |
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
54 |
|
55 |
PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ |
|
56 |
PATH_USERADD_PROG=@PATH_USERADD_PROG@ |
|
57 |
PATH_PASSWD_PROG=@PATH_PASSWD_PROG@ |
|
58 |
#
|
|
59 |
# list of system directories we do NOT want to change owner/group/perms
|
|
60 |
# when installing our package
|
|
61 |
SYSTEM_DIR="/etc \ |
|
62 |
/etc/init.d \
|
|
63 |
/etc/rcS.d \
|
|
64 |
/etc/rc0.d \
|
|
65 |
/etc/rc1.d \
|
|
66 |
/etc/rc2.d \
|
|
67 |
/etc/opt \
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
68 |
/lib \
|
69 |
/lib/svc \
|
|
70 |
/lib/svc/method \
|
|
71 |
/lib/svc/method/site \
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
72 |
/opt \
|
73 |
/opt/bin \
|
|
74 |
/usr \
|
|
75 |
/usr/bin \
|
|
76 |
/usr/lib \
|
|
77 |
/usr/sbin \
|
|
78 |
/usr/share \
|
|
79 |
/usr/share/man \
|
|
80 |
/usr/share/man/man1 \
|
|
81 |
/usr/share/man/man8 \
|
|
82 |
/usr/local \
|
|
83 |
/usr/local/bin \
|
|
84 |
/usr/local/etc \
|
|
85 |
/usr/local/libexec \
|
|
86 |
/usr/local/man \
|
|
87 |
/usr/local/man/man1 \
|
|
88 |
/usr/local/man/man8 \
|
|
89 |
/usr/local/sbin \
|
|
90 |
/usr/local/share \
|
|
91 |
/var \
|
|
92 |
/var/opt \
|
|
93 |
/var/run \
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
94 |
/var/svc \
|
95 |
/var/svc/manifest \
|
|
96 |
/var/svc/manifest/site \
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
97 |
/var/tmp \
|
98 |
/tmp"
|
|
99 |
||
100 |
# We may need to build as root so we make sure PATH is set up
|
|
101 |
# only set the path if it's not set already
|
|
102 |
[ -d /opt/bin ] && { |
|
103 |
echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 |
|
104 |
[ $? -ne 0 ] && PATH=$PATH:/opt/bin |
|
105 |
}
|
|
106 |
[ -d /usr/local/bin ] && { |
|
107 |
echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 |
|
108 |
[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin |
|
109 |
}
|
|
110 |
[ -d /usr/ccs/bin ] && { |
|
111 |
echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 |
|
112 |
[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin |
|
113 |
}
|
|
114 |
export PATH
|
|
115 |
#
|
|
116 |
||
117 |
[ -f Makefile ] || { |
|
118 |
echo "Please run this script from your build directory" |
|
119 |
exit 1 |
|
120 |
}
|
|
121 |
||
122 |
# we will look for openssh-config.local to override the above options
|
|
123 |
[ -s ./openssh-config.local ] && . ./openssh-config.local |
|
124 |
||
125 |
START=`pwd` |
|
126 |
FAKE_ROOT=$START/pkg |
|
127 |
||
128 |
## Fill in some details, like prefix and sysconfdir
|
|
129 |
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
|
|
130 |
do
|
|
131 |
eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` |
|
132 |
done
|
|
133 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
134 |
## Are we using Solaris' SMF?
|
135 |
DO_SMF=0 |
|
136 |
if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 |
|
137 |
then
|
|
138 |
DO_SMF=1 |
|
139 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
140 |
|
141 |
## Collect value of privsep user
|
|
142 |
for confvar in SSH_PRIVSEP_USER
|
|
143 |
do
|
|
144 |
eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` |
|
145 |
done
|
|
146 |
||
147 |
## Set privsep defaults if not defined
|
|
148 |
if [ -z "$SSH_PRIVSEP_USER" ] |
|
149 |
then
|
|
150 |
SSH_PRIVSEP_USER=sshd |
|
151 |
fi
|
|
152 |
||
153 |
## Extract common info requires for the 'info' part of the package.
|
|
154 |
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` |
|
155 |
||
156 |
ARCH=`uname -m` |
|
157 |
DEF_MSG="\n" |
|
158 |
OS_VER=`uname -v` |
|
159 |
SCRIPT_SHELL=/sbin/sh |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
160 |
UNAME_R=`uname -r` |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
161 |
UNAME_S=`uname -s` |
162 |
case ${UNAME_S} in |
|
163 |
SunOS) UNAME_S=Solaris |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
164 |
OS_VER=${UNAME_R} |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
165 |
ARCH=`uname -p` |
166 |
RCS_D=yes |
|
167 |
DEF_MSG="(default: n)" |
|
168 |
;;
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
169 |
SCO_SV) case ${UNAME_R} in |
170 |
3.2) UNAME_S=OpenServer5 |
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
171 |
OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
172 |
;;
|
173 |
5) UNAME_S=OpenServer6 |
|
174 |
;;
|
|
175 |
esac
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
176 |
SCRIPT_SHELL=/bin/sh |
177 |
RC1_D=no |
|
178 |
DEF_MSG="(default: n)" |
|
179 |
;;
|
|
180 |
esac
|
|
181 |
||
182 |
case `basename $0` in |
|
183 |
buildpkg.sh)
|
|
184 |
## Start by faking root install
|
|
185 |
echo "Faking root install..." |
|
186 |
[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT |
|
187 |
mkdir $FAKE_ROOT
|
|
188 |
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT |
|
189 |
if [ $? -gt 0 ] |
|
190 |
then
|
|
191 |
echo "Fake root install failed, stopping." |
|
192 |
exit 1 |
|
193 |
fi
|
|
194 |
||
195 |
## Setup our run level stuff while we are at it.
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
196 |
if [ $DO_SMF -eq 1 ] |
197 |
then
|
|
198 |
# For Solaris' SMF, /lib/svc/method/site is the preferred place
|
|
199 |
# for start/stop scripts that aren't supplied with the OS, and
|
|
200 |
# similarly /var/svc/manifest/site for manifests.
|
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
201 |
mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR} |
202 |
mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR} |
|
203 |
||
204 |
cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} |
|
205 |
chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} |
|
206 |
||
207 |
cat ${OPENSSH_MANIFEST} | \ |
|
208 |
sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \ |
|
209 |
-e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \ |
|
210 |
> $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml |
|
211 |
chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
212 |
else
|
213 |
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d |
|
214 |
||
215 |
cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
|
216 |
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
|
217 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
218 |
|
219 |
[ "${PERMIT_ROOT_LOGIN}" = no ] && \ |
|
220 |
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
221 |
$FAKE_ROOT${sysconfdir}/sshd_config |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
222 |
[ "${X11_FORWARDING}" = yes ] && \ |
223 |
perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ |
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
224 |
$FAKE_ROOT${sysconfdir}/sshd_config |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
225 |
# fix PrintMotd
|
226 |
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ |
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
227 |
$FAKE_ROOT${sysconfdir}/sshd_config |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
228 |
|
229 |
# We don't want to overwrite config files on multiple installs
|
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
230 |
mv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default |
231 |
mv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default |
|
232 |
[ -f $FAKE_ROOT${sysconfdir}/ssh_prng_cmds ] && \ |
|
233 |
mv $FAKE_ROOT${sysconfdir}/ssh_prng_cmds $FAKE_ROOT${sysconfdir}/ssh_prng_cmds.default |
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
234 |
|
235 |
# local tweeks here
|
|
236 |
[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} |
|
237 |
||
238 |
cd $FAKE_ROOT |
|
239 |
||
240 |
## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
|
|
241 |
## whining.
|
|
242 |
for i in *; do |
|
243 |
PROTO_ARGS="$PROTO_ARGS $i=/$i"; |
|
244 |
done
|
|
245 |
||
246 |
## Build info file
|
|
247 |
echo "Building pkginfo file..." |
|
248 |
cat > pkginfo << _EOF
|
|
249 |
PKG=$PKGNAME
|
|
250 |
NAME="OpenSSH Portable for ${UNAME_S}"
|
|
251 |
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
|
|
252 |
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
|
|
253 |
ARCH=$ARCH
|
|
254 |
VERSION=$VERSION$REV
|
|
255 |
CATEGORY="Security,application"
|
|
256 |
BASEDIR=/
|
|
257 |
CLASSES="none"
|
|
258 |
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
|
|
259 |
_EOF
|
|
260 |
||
261 |
## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
|
|
262 |
echo "Building depend file..." |
|
263 |
touch depend |
|
264 |
||
265 |
## Build space file
|
|
266 |
echo "Building space file..." |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
267 |
if [ $DO_SMF -eq 1 ] |
268 |
then
|
|
269 |
# XXX Is this necessary? If not, remove space line from mk-proto.awk.
|
|
270 |
touch space |
|
271 |
else
|
|
272 |
cat > space << _EOF
|
|
273 |
# extra space required by start/stop links added by installf
|
|
274 |
# in postinstall
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
275 |
$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
|
276 |
$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
|
|
277 |
_EOF
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
278 |
[ "$RC1_D" = no ] || \ |
279 |
echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
|
280 |
[ "$RCS_D" = yes ] && \ |
|
281 |
echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
|
282 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
283 |
|
284 |
## Build preinstall file
|
|
285 |
echo "Building preinstall file..." |
|
286 |
cat > preinstall << _EOF
|
|
287 |
#! ${SCRIPT_SHELL}
|
|
288 |
#
|
|
289 |
_EOF
|
|
290 |
||
291 |
# local preinstall changes here
|
|
292 |
[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} |
|
293 |
||
294 |
cat >> preinstall << _EOF
|
|
295 |
#
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
296 |
if [ "\${PRE_INS_STOP}" = "yes" ]
|
297 |
then
|
|
298 |
if [ $DO_SMF -eq 1 ]
|
|
299 |
then
|
|
300 |
svcadm disable $OPENSSH_FMRI
|
|
301 |
else
|
|
302 |
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
|
|
303 |
fi
|
|
304 |
fi
|
|
305 |
||
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
306 |
exit 0
|
307 |
_EOF
|
|
308 |
||
309 |
## Build postinstall file
|
|
310 |
echo "Building postinstall file..." |
|
311 |
cat > postinstall << _EOF
|
|
312 |
#! ${SCRIPT_SHELL}
|
|
313 |
#
|
|
314 |
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
|
|
315 |
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
|
|
316 |
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
|
|
317 |
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
|
|
318 |
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
|
|
319 |
\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
|
|
320 |
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
|
|
321 |
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
|
|
322 |
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
|
|
323 |
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
|
|
324 |
}
|
|
325 |
||
326 |
# make rc?.d dirs only if we are doing a test install
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
327 |
[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
328 |
[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
|
329 |
mkdir -p ${TEST_DIR}/etc/rc0.d
|
|
330 |
[ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d
|
|
331 |
mkdir -p ${TEST_DIR}/etc/rc2.d
|
|
332 |
}
|
|
333 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
334 |
if [ $DO_SMF -eq 1 ]
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
335 |
then
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
336 |
# Delete the existing service, if it exists, then import the
|
337 |
# new one.
|
|
338 |
if svcs $OPENSSH_FMRI > /dev/null 2>&1
|
|
339 |
then
|
|
340 |
svccfg delete -f $OPENSSH_FMRI
|
|
341 |
fi
|
|
342 |
# NOTE, The manifest disables sshd by default.
|
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
343 |
svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
344 |
else
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
345 |
if [ "\${USE_SYM_LINKS}" = yes ]
|
346 |
then
|
|
347 |
[ "$RCS_D" = yes ] && \
|
|
348 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
349 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
350 |
[ "$RC1_D" = no ] || \
|
|
351 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
352 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
353 |
else
|
|
354 |
[ "$RCS_D" = yes ] && \
|
|
355 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
356 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
357 |
[ "$RC1_D" = no ] || \
|
|
358 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
359 |
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
360 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
361 |
fi
|
362 |
||
363 |
# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
|
|
364 |
[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
|
|
365 |
||
366 |
_EOF
|
|
367 |
||
368 |
# local postinstall changes here
|
|
369 |
[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} |
|
370 |
||
371 |
cat >> postinstall << _EOF
|
|
372 |
installf -f ${PKGNAME}
|
|
373 |
||
374 |
# Use chroot to handle PKG_INSTALL_ROOT
|
|
375 |
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
|
|
376 |
then
|
|
377 |
chroot="chroot \${PKG_INSTALL_ROOT}"
|
|
378 |
fi
|
|
379 |
# If this is a test build, we will skip the groupadd/useradd/passwd commands
|
|
380 |
if [ ! -z "${TEST_DIR}" ]
|
|
381 |
then
|
|
382 |
chroot=echo
|
|
383 |
fi
|
|
384 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
385 |
echo "PrivilegeSeparation user always required."
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
386 |
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
|
387 |
then
|
|
388 |
echo "PrivSep user $SSH_PRIVSEP_USER already exists."
|
|
389 |
SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
|
|
390 |
SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
|
|
391 |
else
|
|
392 |
DO_PASSWD=yes
|
|
393 |
fi
|
|
394 |
[ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
|
|
395 |
||
396 |
# group required?
|
|
397 |
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
|
|
398 |
then
|
|
399 |
echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
|
|
400 |
else
|
|
401 |
DO_GROUP=yes
|
|
402 |
fi
|
|
403 |
||
404 |
# create group if required
|
|
405 |
[ "\$DO_GROUP" = yes ] && {
|
|
406 |
# Use gid of 67 if possible
|
|
407 |
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
|
|
408 |
then
|
|
409 |
:
|
|
410 |
else
|
|
411 |
sshdgid="-g $SSHDGID"
|
|
412 |
fi
|
|
413 |
echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
|
|
414 |
\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
|
|
415 |
}
|
|
416 |
||
417 |
# Create user if required
|
|
418 |
[ "\$DO_PASSWD" = yes ] && {
|
|
419 |
# Use uid of 67 if possible
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
420 |
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
421 |
then
|
422 |
:
|
|
423 |
else
|
|
424 |
sshduid="-u $SSHDUID"
|
|
425 |
fi
|
|
426 |
echo "Creating PrivSep user $SSH_PRIVSEP_USER."
|
|
427 |
\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
|
|
428 |
\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
|
|
429 |
}
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
430 |
|
431 |
if [ "\${POST_INS_START}" = "yes" ]
|
|
432 |
then
|
|
433 |
if [ $DO_SMF -eq 1 ]
|
|
434 |
then
|
|
435 |
svcadm enable $OPENSSH_FMRI
|
|
436 |
else
|
|
437 |
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
|
|
438 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
439 |
fi
|
440 |
exit 0
|
|
441 |
_EOF
|
|
442 |
||
443 |
## Build preremove file
|
|
444 |
echo "Building preremove file..." |
|
445 |
cat > preremove << _EOF
|
|
446 |
#! ${SCRIPT_SHELL}
|
|
447 |
#
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
448 |
if [ $DO_SMF -eq 1 ]
|
449 |
then
|
|
450 |
svcadm disable $OPENSSH_FMRI
|
|
451 |
else
|
|
452 |
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
|
|
453 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
454 |
_EOF
|
455 |
||
456 |
# local preremove changes here
|
|
457 |
[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} |
|
458 |
||
459 |
cat >> preremove << _EOF
|
|
460 |
exit 0
|
|
461 |
_EOF
|
|
462 |
||
463 |
## Build postremove file
|
|
464 |
echo "Building postremove file..." |
|
465 |
cat > postremove << _EOF
|
|
466 |
#! ${SCRIPT_SHELL}
|
|
467 |
#
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
468 |
if [ $DO_SMF -eq 1 ]
|
469 |
then
|
|
470 |
if svcs $OPENSSH_FMRI > /dev/null 2>&1
|
|
471 |
then
|
|
472 |
svccfg delete -f $OPENSSH_FMRI
|
|
473 |
fi
|
|
474 |
fi
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
475 |
_EOF
|
476 |
||
477 |
# local postremove changes here
|
|
478 |
[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} |
|
479 |
||
480 |
cat >> postremove << _EOF
|
|
481 |
exit 0
|
|
482 |
_EOF
|
|
483 |
||
484 |
## Build request file
|
|
485 |
echo "Building request file..." |
|
486 |
cat > request << _EOF
|
|
487 |
trap 'exit 3' 15
|
|
488 |
||
489 |
_EOF
|
|
490 |
||
491 |
[ -x /usr/bin/ckyorn ] || cat >> request << _EOF |
|
492 |
||
493 |
ckyorn() {
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
494 |
# for some strange reason OpenServer5 has no ckyorn
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
495 |
# We build a striped down version here
|
496 |
||
497 |
DEFAULT=n
|
|
498 |
PROMPT="Yes or No [yes,no,?,quit]"
|
|
499 |
HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
|
|
500 |
USAGE="usage: ckyorn [options]
|
|
501 |
where options may include:
|
|
502 |
-d default
|
|
503 |
-h help
|
|
504 |
-p prompt
|
|
505 |
"
|
|
506 |
||
507 |
if [ \$# != 0 ]
|
|
508 |
then
|
|
509 |
while getopts d:p:h: c
|
|
510 |
do
|
|
511 |
case \$c in
|
|
512 |
h) HELP_PROMPT="\$OPTARG" ;;
|
|
513 |
d) DEFAULT=\$OPTARG ;;
|
|
514 |
p) PROMPT=\$OPTARG ;;
|
|
515 |
\\?) echo "\$USAGE" 1>&2
|
|
516 |
exit 1 ;;
|
|
517 |
esac
|
|
518 |
done
|
|
519 |
shift \`expr \$OPTIND - 1\`
|
|
520 |
fi
|
|
521 |
||
522 |
while true
|
|
523 |
do
|
|
524 |
echo "\${PROMPT}\\c " 1>&2
|
|
525 |
read key
|
|
526 |
[ -z "\$key" ] && key=\$DEFAULT
|
|
527 |
case \$key in
|
|
528 |
[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c"
|
|
529 |
exit 0 ;;
|
|
530 |
\\?) echo \$HELP_PROMPT 1>&2 ;;
|
|
531 |
q|quit) echo "q\\c" 1>&2
|
|
532 |
exit 3 ;;
|
|
533 |
esac
|
|
534 |
done
|
|
535 |
||
536 |
}
|
|
537 |
||
538 |
_EOF
|
|
539 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
540 |
if [ $DO_SMF -eq 1 ] |
541 |
then
|
|
542 |
# This could get hairy, as the running sshd may not be under SMF.
|
|
543 |
# We'll assume an earlier version of OpenSSH started via SMF.
|
|
544 |
cat >> request << _EOF
|
|
545 |
PRE_INS_STOP=no
|
|
546 |
POST_INS_START=no
|
|
547 |
# determine if should restart the daemon
|
|
548 |
if [ -s ${piddir}/sshd.pid ] && \
|
|
549 |
/usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
|
|
550 |
then
|
|
551 |
ans=\`ckyorn -d n \
|
|
552 |
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
|
|
553 |
case \$ans in
|
|
554 |
[y,Y]*) PRE_INS_STOP=yes
|
|
555 |
POST_INS_START=yes
|
|
556 |
;;
|
|
557 |
esac
|
|
558 |
||
559 |
else
|
|
560 |
||
561 |
# determine if we should start sshd
|
|
562 |
ans=\`ckyorn -d n \
|
|
563 |
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
|
|
564 |
case \$ans in
|
|
565 |
[y,Y]*) POST_INS_START=yes ;;
|
|
566 |
esac
|
|
567 |
fi
|
|
568 |
||
569 |
# make parameters available to installation service,
|
|
570 |
# and so to any other packaging scripts
|
|
571 |
cat >\$1 <<!
|
|
572 |
PRE_INS_STOP='\$PRE_INS_STOP'
|
|
573 |
POST_INS_START='\$POST_INS_START'
|
|
574 |
!
|
|
575 |
||
576 |
_EOF
|
|
577 |
else
|
|
578 |
cat >> request << _EOF
|
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
579 |
USE_SYM_LINKS=no
|
580 |
PRE_INS_STOP=no
|
|
581 |
POST_INS_START=no
|
|
582 |
# Use symbolic links?
|
|
583 |
ans=\`ckyorn -d n \
|
|
584 |
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
|
|
585 |
case \$ans in
|
|
586 |
[y,Y]*) USE_SYM_LINKS=yes ;;
|
|
587 |
esac
|
|
588 |
||
589 |
# determine if should restart the daemon
|
|
590 |
if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
|
|
591 |
then
|
|
592 |
ans=\`ckyorn -d n \
|
|
593 |
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
|
|
594 |
case \$ans in
|
|
595 |
[y,Y]*) PRE_INS_STOP=yes
|
|
596 |
POST_INS_START=yes
|
|
597 |
;;
|
|
598 |
esac
|
|
599 |
||
600 |
else
|
|
601 |
||
602 |
# determine if we should start sshd
|
|
603 |
ans=\`ckyorn -d n \
|
|
604 |
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
|
|
605 |
case \$ans in
|
|
606 |
[y,Y]*) POST_INS_START=yes ;;
|
|
607 |
esac
|
|
608 |
fi
|
|
609 |
||
610 |
# make parameters available to installation service,
|
|
611 |
# and so to any other packaging scripts
|
|
612 |
cat >\$1 <<!
|
|
613 |
USE_SYM_LINKS='\$USE_SYM_LINKS'
|
|
614 |
PRE_INS_STOP='\$PRE_INS_STOP'
|
|
615 |
POST_INS_START='\$POST_INS_START'
|
|
616 |
!
|
|
617 |
||
618 |
_EOF
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
619 |
fi
|
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
620 |
|
621 |
# local request changes here
|
|
622 |
[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} |
|
623 |
||
624 |
cat >> request << _EOF
|
|
625 |
exit 0
|
|
626 |
||
627 |
_EOF
|
|
628 |
||
629 |
## Next Build our prototype
|
|
630 |
echo "Building prototype file..." |
|
631 |
cat >mk-proto.awk << _EOF
|
|
632 |
BEGIN { print "i pkginfo"; print "i depend"; \\
|
|
633 |
print "i preinstall"; print "i postinstall"; \\
|
|
634 |
print "i preremove"; print "i postremove"; \\
|
|
635 |
print "i request"; print "i space"; \\
|
|
636 |
split("$SYSTEM_DIR",sys_files); }
|
|
637 |
{
|
|
638 |
for (dir in sys_files) { if ( \$3 != sys_files[dir] )
|
|
639 |
{ if ( \$1 == "s" )
|
|
640 |
{ \$5=""; \$6=""; }
|
|
641 |
else
|
|
642 |
{ \$5="root"; \$6="sys"; }
|
|
643 |
}
|
|
644 |
else
|
|
645 |
{ \$4="?"; \$5="?"; \$6="?"; break;}
|
|
646 |
} }
|
|
647 |
{ print; }
|
|
648 |
_EOF
|
|
649 |
||
650 |
find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
651 |
pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype |
1.1.1
by Colin Watson
Import upstream version 3.9p1 |
652 |
|
653 |
# /usr/local is a symlink on some systems
|
|
654 |
[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { |
|
655 |
grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new |
|
656 |
mv prototype.new prototype |
|
657 |
}
|
|
658 |
||
659 |
## Step back a directory and now build the package.
|
|
660 |
cd ..
|
|
661 |
# local prototype tweeks here
|
|
662 |
[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} |
|
663 |
||
664 |
echo "Building package.." |
|
665 |
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
|
666 |
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
|
667 |
;;
|
|
668 |
||
669 |
justpkg.sh)
|
|
670 |
rm -fr ${FAKE_ROOT}/${PKGNAME} |
|
671 |
grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp |
|
672 |
mv $$tmp $FAKE_ROOT/pkginfo |
|
673 |
cat >> $FAKE_ROOT/pkginfo << _EOF |
|
674 |
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
|
|
675 |
_EOF
|
|
676 |
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
|
677 |
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
|
678 |
;;
|
|
679 |
||
680 |
esac
|
|
681 |
||
682 |
[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT |
|
683 |
exit 0 |
|
684 |