2001-10-12 22:30:52 +02:00
|
|
|
#!/bin/sh
|
|
|
|
#
|
2002-03-12 05:55:53 +01:00
|
|
|
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
|
2001-10-12 22:30:52 +02:00
|
|
|
#
|
|
|
|
# The following code has been provide under Public Domain License. I really
|
|
|
|
# don't care what you use it for. Just as long as you don't complain to me
|
|
|
|
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
|
|
|
|
#
|
|
|
|
umask 022
|
2002-03-12 05:55:53 +01:00
|
|
|
#
|
|
|
|
# Options for building the package
|
|
|
|
# You can create a config.local with your customized options
|
|
|
|
#
|
2002-07-09 04:02:10 +02:00
|
|
|
# uncommenting TEST_DIR and using
|
|
|
|
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
|
|
|
|
# and
|
2002-03-12 05:55:53 +01:00
|
|
|
# PKGNAME=tOpenSSH should allow testing a package without interfering
|
|
|
|
# with a real OpenSSH package on a system.
|
|
|
|
#TEST_DIR=/var/tmp # leave commented out for production build
|
2001-10-12 22:30:52 +02:00
|
|
|
PKGNAME=OpenSSH
|
2002-03-12 05:55:53 +01:00
|
|
|
SYSVINIT_NAME=opensshd
|
|
|
|
MAKE=${MAKE:="make"}
|
|
|
|
# uncomment these next two as needed
|
|
|
|
#PERMIT_ROOT_LOGIN=no
|
|
|
|
#X11_FORWARDING=yes
|
|
|
|
# list of system directories we do NOT want to change owner/group/perms
|
|
|
|
# when installing our package
|
|
|
|
SYSTEM_DIR="/etc \
|
|
|
|
/etc/init.d \
|
|
|
|
/etc/rcS.d \
|
|
|
|
/etc/rc0.d \
|
|
|
|
/etc/rc1.d \
|
|
|
|
/etc/rc2.d \
|
2002-03-17 23:05:24 +01:00
|
|
|
/etc/opt \
|
2002-03-12 05:55:53 +01:00
|
|
|
/opt \
|
|
|
|
/opt/bin \
|
|
|
|
/usr \
|
|
|
|
/usr/bin \
|
|
|
|
/usr/lib \
|
|
|
|
/usr/sbin \
|
|
|
|
/usr/share \
|
|
|
|
/usr/share/man \
|
|
|
|
/usr/share/man/man1 \
|
|
|
|
/usr/share/man/man8 \
|
|
|
|
/usr/local \
|
|
|
|
/usr/local/bin \
|
|
|
|
/usr/local/etc \
|
|
|
|
/usr/local/libexec \
|
|
|
|
/usr/local/man \
|
|
|
|
/usr/local/man/man1 \
|
|
|
|
/usr/local/man/man8 \
|
|
|
|
/usr/local/sbin \
|
|
|
|
/usr/local/share \
|
|
|
|
/var \
|
2002-03-17 23:05:24 +01:00
|
|
|
/var/opt \
|
2002-03-12 05:55:53 +01:00
|
|
|
/var/run \
|
|
|
|
/var/tmp \
|
|
|
|
/tmp"
|
2001-10-12 22:30:52 +02:00
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
# We may need to buiild as root so we make sure PATH is set up
|
|
|
|
# only set the path if it's not set already
|
|
|
|
[ -d /usr/local/bin ] && {
|
|
|
|
echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
|
|
|
|
[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
|
|
|
|
}
|
|
|
|
[ -d /usr/ccs/bin ] && {
|
|
|
|
echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
|
|
|
|
[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
|
|
|
|
}
|
|
|
|
export PATH
|
|
|
|
#
|
|
|
|
|
|
|
|
[ -f Makefile ] || {
|
|
|
|
echo "Please run this script from your build directory"
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
# we will look for config.local to override the above options
|
|
|
|
[ -s ./config.local ] && . ./config.local
|
2001-10-12 22:30:52 +02:00
|
|
|
|
|
|
|
## Start by faking root install
|
|
|
|
echo "Faking root install..."
|
|
|
|
START=`pwd`
|
2002-03-12 05:55:53 +01:00
|
|
|
OPENSSHD_IN=`dirname $0`/opensshd.in
|
2001-10-12 22:30:52 +02:00
|
|
|
FAKE_ROOT=$START/package
|
2002-03-12 05:55:53 +01:00
|
|
|
[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
|
2001-10-12 22:30:52 +02:00
|
|
|
mkdir $FAKE_ROOT
|
2002-03-12 05:55:53 +01:00
|
|
|
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
|
|
|
|
if [ $? -gt 0 ]
|
|
|
|
then
|
|
|
|
echo "Fake root install failed, stopping."
|
|
|
|
exit 1
|
|
|
|
fi
|
2001-10-12 22:30:52 +02:00
|
|
|
|
|
|
|
## Fill in some details, like prefix and sysconfdir
|
2002-03-12 05:55:53 +01:00
|
|
|
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
|
|
|
|
do
|
|
|
|
eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
|
|
|
|
done
|
2001-10-12 22:30:52 +02:00
|
|
|
|
2002-07-15 20:49:20 +02:00
|
|
|
|
|
|
|
## Collect value of privsep user
|
|
|
|
for confvar in SSH_PRIVSEP_USER
|
|
|
|
do
|
|
|
|
eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
|
|
|
|
done
|
|
|
|
|
|
|
|
## Set privsep defaults if not defined
|
|
|
|
if [ -z "$SSH_PRIVSEP_USER" ]
|
|
|
|
then
|
|
|
|
SSH_PRIVSEP_USER=sshd
|
|
|
|
fi
|
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
## Extract common info requires for the 'info' part of the package.
|
|
|
|
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
|
2001-10-12 22:30:52 +02:00
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
UNAME_S=`uname -s`
|
|
|
|
case ${UNAME_S} in
|
|
|
|
SunOS) UNAME_S=Solaris
|
|
|
|
ARCH=`uname -p`
|
|
|
|
RCS_D=yes
|
|
|
|
DEF_MSG="(default: n)"
|
|
|
|
;;
|
2002-07-09 04:02:10 +02:00
|
|
|
*) ARCH=`uname -m`
|
|
|
|
DEF_MSG="\n" ;;
|
2002-03-12 05:55:53 +01:00
|
|
|
esac
|
|
|
|
|
|
|
|
## Setup our run level stuff while we are at it.
|
|
|
|
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
|
2001-10-12 22:30:52 +02:00
|
|
|
|
|
|
|
## setup our initscript correctly
|
2002-03-12 05:55:53 +01:00
|
|
|
sed -e "s#%%configDir%%#${sysconfdir}#g" \
|
|
|
|
-e "s#%%openSSHDir%%#$prefix#g" \
|
|
|
|
-e "s#%%pidDir%%#${piddir}#g" \
|
|
|
|
${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
|
|
|
|
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
|
2001-10-12 22:30:52 +02:00
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
[ "${PERMIT_ROOT_LOGIN}" = no ] && \
|
|
|
|
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
|
|
|
|
$FAKE_ROOT/${sysconfdir}/sshd_config
|
|
|
|
[ "${X11_FORWARDING}" = yes ] && \
|
|
|
|
perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
|
|
|
|
$FAKE_ROOT/${sysconfdir}/sshd_config
|
|
|
|
# fix PrintMotd
|
|
|
|
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
|
|
|
|
$FAKE_ROOT/${sysconfdir}/sshd_config
|
2001-10-12 22:30:52 +02:00
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
# We don't want to overwrite config files on multiple installs
|
|
|
|
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
|
|
|
|
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
|
|
|
|
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
|
|
|
|
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
|
|
|
|
|
|
|
|
cd $FAKE_ROOT
|
2001-10-12 22:30:52 +02:00
|
|
|
|
|
|
|
## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
|
|
|
|
## whining.
|
|
|
|
for i in *; do
|
|
|
|
PROTO_ARGS="$PROTO_ARGS $i=/$i";
|
|
|
|
done
|
|
|
|
|
|
|
|
## Build info file
|
|
|
|
echo "Building pkginfo file..."
|
|
|
|
cat > pkginfo << _EOF
|
|
|
|
PKG=$PKGNAME
|
2002-03-12 05:55:53 +01:00
|
|
|
NAME="OpenSSH Portable for ${UNAME_S}"
|
2001-10-12 22:30:52 +02:00
|
|
|
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
|
|
|
|
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
|
|
|
|
ARCH=$ARCH
|
|
|
|
VERSION=$VERSION
|
2002-03-12 05:55:53 +01:00
|
|
|
CATEGORY="Security,application"
|
2001-10-12 22:30:52 +02:00
|
|
|
BASEDIR=/
|
2002-03-12 05:55:53 +01:00
|
|
|
CLASSES="none"
|
|
|
|
_EOF
|
|
|
|
|
|
|
|
## Build preinstall file
|
|
|
|
echo "Building preinstall file..."
|
|
|
|
cat > preinstall << _EOF
|
|
|
|
#! /sbin/sh
|
|
|
|
#
|
|
|
|
[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
|
|
|
|
exit 0
|
|
|
|
_EOF
|
|
|
|
|
|
|
|
## Build postinstall file
|
|
|
|
echo "Building postinstall file..."
|
|
|
|
cat > postinstall << _EOF
|
|
|
|
#! /sbin/sh
|
|
|
|
#
|
2002-07-09 04:02:10 +02:00
|
|
|
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
|
|
|
|
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
|
|
|
|
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
|
|
|
|
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
|
|
|
|
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
|
|
|
|
\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
|
|
|
|
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
|
|
|
|
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
|
|
|
|
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
|
|
|
|
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
|
2002-03-12 05:55:53 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
# make rc?.d dirs only if we are doing a test install
|
|
|
|
[ -n "${TEST_DIR}" ] && {
|
|
|
|
[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
|
|
|
|
mkdir -p ${TEST_DIR}/etc/rc0.d
|
|
|
|
mkdir -p ${TEST_DIR}/etc/rc1.d
|
|
|
|
mkdir -p ${TEST_DIR}/etc/rc2.d
|
|
|
|
}
|
|
|
|
|
|
|
|
if [ "\${USE_SYM_LINKS}" = yes ]
|
|
|
|
then
|
|
|
|
[ "$RCS_D" = yes ] && \
|
2002-07-09 04:02:10 +02:00
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
|
2002-03-12 05:55:53 +01:00
|
|
|
else
|
|
|
|
[ "$RCS_D" = yes ] && \
|
2002-07-09 04:02:10 +02:00
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
|
|
|
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
|
2002-03-12 05:55:53 +01:00
|
|
|
fi
|
|
|
|
|
2002-03-17 23:05:24 +01:00
|
|
|
# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
|
2002-07-09 04:02:10 +02:00
|
|
|
[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys
|
2002-03-17 23:05:24 +01:00
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
installf -f ${PKGNAME}
|
|
|
|
|
2002-07-15 20:49:20 +02:00
|
|
|
if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null
|
|
|
|
then
|
|
|
|
echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
|
|
|
|
echo "or group."
|
|
|
|
else
|
|
|
|
echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
|
|
|
|
|
|
|
|
# create group if required
|
|
|
|
if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
|
|
|
|
then
|
|
|
|
echo "PrivSep group $SSH_PRIVSEP_USER already exists."
|
|
|
|
else
|
|
|
|
echo "Creating PrivSep group $SSH_PRIVSEP_USER."
|
|
|
|
groupadd $SSH_PRIVSEP_USER
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Create user if required
|
|
|
|
if cut -f1 -d: /etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
|
|
|
|
then
|
|
|
|
echo "PrivSep user $SSH_PRIVSEP_USER already exists."
|
|
|
|
else
|
|
|
|
echo "Creating PrivSep user $SSH_PRIVSEP_USER."
|
|
|
|
useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER $SSH_PRIVSEP_USER
|
|
|
|
passwd -l $SSH_PRIVSEP_USER
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
|
|
|
|
exit 0
|
2001-10-12 22:30:52 +02:00
|
|
|
_EOF
|
|
|
|
|
2002-03-12 05:55:53 +01:00
|
|
|
## Build preremove file
|
|
|
|
echo "Building preremove file..."
|
|
|
|
cat > preremove << _EOF
|
|
|
|
#! /sbin/sh
|
|
|
|
#
|
|
|
|
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
|
|
|
|
exit 0
|
|
|
|
_EOF
|
|
|
|
|
|
|
|
## Build request file
|
|
|
|
echo "Building request file..."
|
|
|
|
cat > request << _EOF
|
|
|
|
trap 'exit 3' 15
|
|
|
|
USE_SYM_LINKS=no
|
|
|
|
PRE_INS_STOP=no
|
|
|
|
POST_INS_START=no
|
|
|
|
# Use symbolic links?
|
|
|
|
ans=\`ckyorn -d n \
|
|
|
|
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
|
|
|
|
case \$ans in
|
|
|
|
[y,Y]*) USE_SYM_LINKS=yes ;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
# determine if should restart the daemon
|
|
|
|
if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
|
|
|
|
then
|
|
|
|
ans=\`ckyorn -d n \
|
|
|
|
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
|
|
|
|
case \$ans in
|
|
|
|
[y,Y]*) PRE_INS_STOP=yes
|
|
|
|
POST_INS_START=yes
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
# determine if we should start sshd
|
|
|
|
ans=\`ckyorn -d n \
|
|
|
|
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
|
|
|
|
case \$ans in
|
|
|
|
[y,Y]*) POST_INS_START=yes ;;
|
|
|
|
esac
|
|
|
|
fi
|
|
|
|
|
|
|
|
# make parameters available to installation service,
|
|
|
|
# and so to any other packaging scripts
|
|
|
|
cat >\$1 <<!
|
|
|
|
USE_SYM_LINKS='\$USE_SYM_LINKS'
|
|
|
|
PRE_INS_STOP='\$PRE_INS_STOP'
|
|
|
|
POST_INS_START='\$POST_INS_START'
|
|
|
|
!
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
_EOF
|
|
|
|
|
|
|
|
## Build space file
|
|
|
|
echo "Building space file..."
|
|
|
|
cat > space << _EOF
|
|
|
|
# extra space required by start/stop links added by installf in postinstall
|
|
|
|
$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
|
|
|
|
$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
|
|
|
|
$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
|
|
|
|
_EOF
|
|
|
|
[ "$RCS_D" = yes ] && \
|
|
|
|
echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space
|
|
|
|
|
2001-10-12 22:30:52 +02:00
|
|
|
## Next Build our prototype
|
|
|
|
echo "Building prototype file..."
|
2002-03-12 05:55:53 +01:00
|
|
|
cat >mk-proto.awk << _EOF
|
|
|
|
BEGIN { print "i pkginfo"; print "i preinstall"; \\
|
|
|
|
print "i postinstall"; print "i preremove"; \\
|
|
|
|
print "i request"; print "i space"; \\
|
|
|
|
split("$SYSTEM_DIR",sys_files); }
|
|
|
|
{
|
|
|
|
for (dir in sys_files) { if ( \$3 != sys_files[dir] )
|
|
|
|
{ \$5="root"; \$6="sys"; }
|
|
|
|
else
|
|
|
|
{ \$4="?"; \$5="?"; \$6="?"; break;}
|
|
|
|
} }
|
|
|
|
{ print; }
|
|
|
|
_EOF
|
|
|
|
find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
|
|
|
|
pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
|
2001-10-12 22:30:52 +02:00
|
|
|
|
|
|
|
## Step back a directory and now build the package.
|
|
|
|
echo "Building package.."
|
|
|
|
cd ..
|
2002-03-12 05:55:53 +01:00
|
|
|
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
|
|
|
|
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
|
2001-10-12 22:30:52 +02:00
|
|
|
rm -rf $FAKE_ROOT
|
2002-03-12 05:55:53 +01:00
|
|
|
|