tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (tim) [buildpkg.sh.in] Add $REV to bump the package revision within 

the same version. Handle the case where someone uses --with-privsep-user=
   and the user name does not match the group name. ok dtucker@
This commit is contained in:
Tim Rice 2004-07-01 20:41:15 -07:00
parent 1f7e40864f
commit a5757f0f28
2 changed files with 33 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -6,6 +6,9 @@
- (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK - (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK
to pam_authenticate for challenge-response auth too. Originally from to pam_authenticate for challenge-response auth too. Originally from
fcusack at fcusack.com, ok djm@ fcusack at fcusack.com, ok djm@
- (tim) [buildpkg.sh.in] Add $REV to bump the package revision within
the same version. Handle the case where someone uses --with-privsep-user=
and the user name does not match the group name. ok dtucker@
20040630 20040630
- (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL - (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL
@ -1474,4 +1477,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3466 2004/07/01 04:00:14 dtucker Exp $ $Id: ChangeLog,v 1.3467 2004/07/02 03:41:15 tim Exp $

43
buildpkg.sh.in
View File

@ -21,6 +21,8 @@ REMOVE_FAKE_ROOT_WHEN_DONE=yes
# that support the -R option to pkgadd. # that support the -R option to pkgadd.
#TEST_DIR=/var/tmp # leave commented out for production build #TEST_DIR=/var/tmp # leave commented out for production build
PKGNAME=OpenSSH PKGNAME=OpenSSH
# revisions within the same version (REV=a)
#REV=
SYSVINIT_NAME=opensshd SYSVINIT_NAME=opensshd
MAKE=${MAKE:="make"} MAKE=${MAKE:="make"}
SSHDUID=67 # Default privsep uid SSHDUID=67 # Default privsep uid
@ -206,7 +208,7 @@ NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH ARCH=$ARCH
VERSION=$VERSION VERSION=$VERSION$REV
CATEGORY="Security,application" CATEGORY="Security,application"
BASEDIR=/ BASEDIR=/
CLASSES="none" CLASSES="none"
@ -316,11 +318,27 @@ then
else else
echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
# create group if required # user required?
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
then then
echo "PrivSep group $SSH_PRIVSEP_USER already exists." echo "PrivSep user $SSH_PRIVSEP_USER already exists."
SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
else else
DO_PASSWD=yes
fi
[ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
# group required?
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
then
echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
else
DO_GROUP=yes
fi
# create group if required
[ "\$DO_GROUP" = yes ] && {
# Use gid of 67 if possible # Use gid of 67 if possible
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
then then
@ -328,15 +346,12 @@ else
else else
sshdgid="-g $SSHDGID" sshdgid="-g $SSHDGID"
fi fi
echo "Creating PrivSep group $SSH_PRIVSEP_USER." echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
\$chroot ${PATH_GROUPADD_PROG} \$sshdgid $SSH_PRIVSEP_USER \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
fi }
# Create user if required # Create user if required
if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null [ "\$DO_PASSWD" = yes ] && {
then
echo "PrivSep user $SSH_PRIVSEP_USER already exists."
else
# Use uid of 67 if possible # Use uid of 67 if possible
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
then then
@ -347,7 +362,7 @@ else
echo "Creating PrivSep user $SSH_PRIVSEP_USER." echo "Creating PrivSep user $SSH_PRIVSEP_USER."
\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
fi }
fi fi
[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
@ -526,7 +541,7 @@ cd ..
echo "Building package.." echo "Building package.."
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
;; ;;
justpkg.sh) justpkg.sh)
@ -537,7 +552,7 @@ cat >> $FAKE_ROOT/pkginfo << _EOF
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF _EOF
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
;; ;;
esac esac