blob: 4b842b3f70dab876373e1f078271e92b52c0cb97 [file] [log] [blame]
Tim Rice6f1f7582004-05-30 21:38:51 -07001#!/bin/sh
2#
3# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
4#
5# The following code has been provide under Public Domain License. I really
6# don't care what you use it for. Just as long as you don't complain to me
7# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
8#
9umask 022
10#
11# Options for building the package
12# You can create a openssh-config.local with your customized options
13#
14REMOVE_FAKE_ROOT_WHEN_DONE=yes
15#
16# uncommenting TEST_DIR and using
17# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
18# and
19# PKGNAME=tOpenSSH should allow testing a package without interfering
20# with a real OpenSSH package on a system. This is not needed on systems
21# that support the -R option to pkgadd.
22#TEST_DIR=/var/tmp # leave commented out for production build
23PKGNAME=OpenSSH
Tim Ricea5757f02004-07-01 20:41:15 -070024# revisions within the same version (REV=a)
25#REV=
Tim Rice6f1f7582004-05-30 21:38:51 -070026SYSVINIT_NAME=opensshd
Tim Rice77674b12006-10-06 18:49:36 -070027AWK=${AWK:="nawk"}
Tim Rice6f1f7582004-05-30 21:38:51 -070028MAKE=${MAKE:="make"}
29SSHDUID=67 # Default privsep uid
30SSHDGID=67 # Default privsep gid
31# uncomment these next three as needed
32#PERMIT_ROOT_LOGIN=no
33#X11_FORWARDING=yes
34#USR_LOCAL_IS_SYMLINK=yes
35# System V init run levels
36SYSVINITSTART=S98
37SYSVINITSTOPT=K30
38# We will source these if they exist
Tim Ricebf209f52006-02-13 12:46:44 -080039POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
Tim Rice6f1f7582004-05-30 21:38:51 -070040POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
41# We'll be one level deeper looking for these
42PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
43PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
44PKG_PREREMOVE_LOCAL=../pkg-preremove.local
45PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
46PKG_REQUEST_LOCAL=../pkg-request.local
47# end of sourced files
48#
Tim Rice5af9db92004-06-19 19:31:06 -070049OPENSSHD=opensshd.init
Damien Miller223897a2006-09-12 21:54:10 +100050OPENSSH_MANIFEST=openssh.xml
Tim Ricec3af6d42007-03-01 09:34:52 -080051OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default
Tim Riceffe3a8e2007-07-24 21:16:07 -070052SMF_METHOD_DIR=/lib/svc/method/site
53SMF_MANIFEST_DIR=/var/svc/manifest/site
Tim Rice6f1f7582004-05-30 21:38:51 -070054
55PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
56PATH_USERADD_PROG=@PATH_USERADD_PROG@
57PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
58#
59# list of system directories we do NOT want to change owner/group/perms
60# when installing our package
61SYSTEM_DIR="/etc \
62/etc/init.d \
63/etc/rcS.d \
64/etc/rc0.d \
65/etc/rc1.d \
66/etc/rc2.d \
67/etc/opt \
Damien Miller223897a2006-09-12 21:54:10 +100068/lib \
69/lib/svc \
70/lib/svc/method \
71/lib/svc/method/site \
Tim Rice6f1f7582004-05-30 21:38:51 -070072/opt \
73/opt/bin \
74/usr \
75/usr/bin \
76/usr/lib \
77/usr/sbin \
78/usr/share \
79/usr/share/man \
80/usr/share/man/man1 \
81/usr/share/man/man8 \
82/usr/local \
83/usr/local/bin \
84/usr/local/etc \
85/usr/local/libexec \
86/usr/local/man \
87/usr/local/man/man1 \
88/usr/local/man/man8 \
89/usr/local/sbin \
90/usr/local/share \
91/var \
92/var/opt \
93/var/run \
Damien Miller223897a2006-09-12 21:54:10 +100094/var/svc \
95/var/svc/manifest \
96/var/svc/manifest/site \
Tim Rice6f1f7582004-05-30 21:38:51 -070097/var/tmp \
98/tmp"
99
100# We may need to build as root so we make sure PATH is set up
101# only set the path if it's not set already
102[ -d /opt/bin ] && {
103 echo $PATH | grep ":/opt/bin" > /dev/null 2>&1
104 [ $? -ne 0 ] && PATH=$PATH:/opt/bin
105}
106[ -d /usr/local/bin ] && {
107 echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
108 [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
109}
110[ -d /usr/ccs/bin ] && {
111 echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
112 [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
113}
114export PATH
115#
116
117[ -f Makefile ] || {
118 echo "Please run this script from your build directory"
119 exit 1
120}
121
122# we will look for openssh-config.local to override the above options
123[ -s ./openssh-config.local ] && . ./openssh-config.local
124
125START=`pwd`
126FAKE_ROOT=$START/pkg
127
128## Fill in some details, like prefix and sysconfdir
129for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
130do
131 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
132done
133
Damien Miller223897a2006-09-12 21:54:10 +1000134## Are we using Solaris' SMF?
135DO_SMF=0
136if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
137then
138 DO_SMF=1
139fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700140
141## Collect value of privsep user
142for confvar in SSH_PRIVSEP_USER
143do
144 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
145done
146
147## Set privsep defaults if not defined
148if [ -z "$SSH_PRIVSEP_USER" ]
149then
150 SSH_PRIVSEP_USER=sshd
151fi
152
153## Extract common info requires for the 'info' part of the package.
154VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
155
156ARCH=`uname -m`
157DEF_MSG="\n"
158OS_VER=`uname -v`
159SCRIPT_SHELL=/sbin/sh
Tim Rice09f10932006-10-06 14:58:38 -0700160UNAME_R=`uname -r`
Tim Rice6f1f7582004-05-30 21:38:51 -0700161UNAME_S=`uname -s`
162case ${UNAME_S} in
163 SunOS) UNAME_S=Solaris
Tim Rice09f10932006-10-06 14:58:38 -0700164 OS_VER=${UNAME_R}
Tim Rice6f1f7582004-05-30 21:38:51 -0700165 ARCH=`uname -p`
166 RCS_D=yes
167 DEF_MSG="(default: n)"
168 ;;
Tim Rice09f10932006-10-06 14:58:38 -0700169 SCO_SV) case ${UNAME_R} in
170 3.2) UNAME_S=OpenServer5
Tim Rice6f1f7582004-05-30 21:38:51 -0700171 OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
Tim Rice09f10932006-10-06 14:58:38 -0700172 ;;
173 5) UNAME_S=OpenServer6
174 ;;
175 esac
Tim Rice6f1f7582004-05-30 21:38:51 -0700176 SCRIPT_SHELL=/bin/sh
177 RC1_D=no
178 DEF_MSG="(default: n)"
179 ;;
180esac
181
182case `basename $0` in
183 buildpkg.sh)
184## Start by faking root install
185echo "Faking root install..."
186[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
187mkdir $FAKE_ROOT
188${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
189if [ $? -gt 0 ]
190then
191 echo "Fake root install failed, stopping."
192 exit 1
193fi
194
195## Setup our run level stuff while we are at it.
Damien Miller223897a2006-09-12 21:54:10 +1000196if [ $DO_SMF -eq 1 ]
197then
198 # For Solaris' SMF, /lib/svc/method/site is the preferred place
199 # for start/stop scripts that aren't supplied with the OS, and
200 # similarly /var/svc/manifest/site for manifests.
Tim Riceffe3a8e2007-07-24 21:16:07 -0700201 mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}
202 mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}
Tim Rice6f1f7582004-05-30 21:38:51 -0700203
Tim Riceffe3a8e2007-07-24 21:16:07 -0700204 cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME}
205 chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME}
Damien Miller223897a2006-09-12 21:54:10 +1000206
Tim Riceffe3a8e2007-07-24 21:16:07 -0700207 cat ${OPENSSH_MANIFEST} | \
208 sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \
209 -e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \
210 > $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
211 chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
Damien Miller223897a2006-09-12 21:54:10 +1000212else
213 mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
214
215 cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
216 chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
217fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700218
219[ "${PERMIT_ROOT_LOGIN}" = no ] && \
220 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
Tim Ricecd22d302007-07-24 21:40:59 -0700221 $FAKE_ROOT${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700222[ "${X11_FORWARDING}" = yes ] && \
223 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
Tim Ricecd22d302007-07-24 21:40:59 -0700224 $FAKE_ROOT${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700225# fix PrintMotd
226perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
Tim Ricecd22d302007-07-24 21:40:59 -0700227 $FAKE_ROOT${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700228
229# We don't want to overwrite config files on multiple installs
Tim Ricecd22d302007-07-24 21:40:59 -0700230mv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default
231mv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default
Tim Rice6f1f7582004-05-30 21:38:51 -0700232
233# local tweeks here
234[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
235
236cd $FAKE_ROOT
237
238## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
239## whining.
240for i in *; do
241 PROTO_ARGS="$PROTO_ARGS $i=/$i";
242done
243
244## Build info file
245echo "Building pkginfo file..."
246cat > pkginfo << _EOF
247PKG=$PKGNAME
248NAME="OpenSSH Portable for ${UNAME_S}"
249DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
250VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
251ARCH=$ARCH
Tim Ricea5757f02004-07-01 20:41:15 -0700252VERSION=$VERSION$REV
Tim Rice6f1f7582004-05-30 21:38:51 -0700253CATEGORY="Security,application"
254BASEDIR=/
255CLASSES="none"
256PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
257_EOF
258
259## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
260echo "Building depend file..."
261touch depend
262
263## Build space file
264echo "Building space file..."
Damien Miller223897a2006-09-12 21:54:10 +1000265if [ $DO_SMF -eq 1 ]
266then
267 # XXX Is this necessary? If not, remove space line from mk-proto.awk.
268 touch space
269else
270 cat > space << _EOF
271# extra space required by start/stop links added by installf
272# in postinstall
Tim Rice6f1f7582004-05-30 21:38:51 -0700273$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
274$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
275_EOF
Damien Miller223897a2006-09-12 21:54:10 +1000276 [ "$RC1_D" = no ] || \
277 echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
278 [ "$RCS_D" = yes ] && \
279 echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
280fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700281
282## Build preinstall file
283echo "Building preinstall file..."
284cat > preinstall << _EOF
285#! ${SCRIPT_SHELL}
286#
287_EOF
288
289# local preinstall changes here
290[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
291
292cat >> preinstall << _EOF
293#
Damien Miller223897a2006-09-12 21:54:10 +1000294if [ "\${PRE_INS_STOP}" = "yes" ]
295then
296 if [ $DO_SMF -eq 1 ]
297 then
298 svcadm disable $OPENSSH_FMRI
299 else
300 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
301 fi
302fi
303
Tim Rice6f1f7582004-05-30 21:38:51 -0700304exit 0
305_EOF
306
307## Build postinstall file
308echo "Building postinstall file..."
309cat > postinstall << _EOF
310#! ${SCRIPT_SHELL}
311#
312[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
313 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
314 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
315[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
316 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
317 \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700318
319# make rc?.d dirs only if we are doing a test install
Damien Miller223897a2006-09-12 21:54:10 +1000320[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
Tim Rice6f1f7582004-05-30 21:38:51 -0700321 [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
322 mkdir -p ${TEST_DIR}/etc/rc0.d
323 [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d
324 mkdir -p ${TEST_DIR}/etc/rc2.d
325}
326
Damien Miller223897a2006-09-12 21:54:10 +1000327if [ $DO_SMF -eq 1 ]
Tim Rice6f1f7582004-05-30 21:38:51 -0700328then
Damien Miller223897a2006-09-12 21:54:10 +1000329 # Delete the existing service, if it exists, then import the
330 # new one.
331 if svcs $OPENSSH_FMRI > /dev/null 2>&1
332 then
333 svccfg delete -f $OPENSSH_FMRI
334 fi
Tim Ricec3af6d42007-03-01 09:34:52 -0800335 # NOTE, The manifest disables sshd by default.
Tim Riceffe3a8e2007-07-24 21:16:07 -0700336 svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
Tim Rice6f1f7582004-05-30 21:38:51 -0700337else
Damien Miller223897a2006-09-12 21:54:10 +1000338 if [ "\${USE_SYM_LINKS}" = yes ]
339 then
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700340 [ "$RCS_D" = yes ] && \\
Damien Miller223897a2006-09-12 21:54:10 +1000341 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
342 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700343 [ "$RC1_D" = no ] || \\
Damien Miller223897a2006-09-12 21:54:10 +1000344 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
345 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
346 else
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700347 [ "$RCS_D" = yes ] && \\
Damien Miller223897a2006-09-12 21:54:10 +1000348 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
349 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700350 [ "$RC1_D" = no ] || \\
Damien Miller223897a2006-09-12 21:54:10 +1000351 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
352 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
353 fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700354fi
355
356# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
357[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
358
359_EOF
360
361# local postinstall changes here
362[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
363
364cat >> postinstall << _EOF
365installf -f ${PKGNAME}
366
367# Use chroot to handle PKG_INSTALL_ROOT
368if [ ! -z "\${PKG_INSTALL_ROOT}" ]
369then
370 chroot="chroot \${PKG_INSTALL_ROOT}"
371fi
372# If this is a test build, we will skip the groupadd/useradd/passwd commands
373if [ ! -z "${TEST_DIR}" ]
374then
375 chroot=echo
376fi
377
Darren Tucker733a2922006-09-09 20:41:25 +1000378 echo "PrivilegeSeparation user always required."
Tim Ricea5757f02004-07-01 20:41:15 -0700379 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
Tim Rice6f1f7582004-05-30 21:38:51 -0700380 then
Tim Ricea5757f02004-07-01 20:41:15 -0700381 echo "PrivSep user $SSH_PRIVSEP_USER already exists."
382 SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
383 SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
Tim Rice6f1f7582004-05-30 21:38:51 -0700384 else
Tim Ricea5757f02004-07-01 20:41:15 -0700385 DO_PASSWD=yes
386 fi
387 [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
388
389 # group required?
390 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
391 then
392 echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
393 else
394 DO_GROUP=yes
395 fi
396
397 # create group if required
398 [ "\$DO_GROUP" = yes ] && {
Tim Rice6f1f7582004-05-30 21:38:51 -0700399 # Use gid of 67 if possible
400 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
401 then
402 :
403 else
404 sshdgid="-g $SSHDGID"
405 fi
Tim Ricea5757f02004-07-01 20:41:15 -0700406 echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
407 \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
408 }
Tim Rice6f1f7582004-05-30 21:38:51 -0700409
410 # Create user if required
Tim Ricea5757f02004-07-01 20:41:15 -0700411 [ "\$DO_PASSWD" = yes ] && {
Tim Rice6f1f7582004-05-30 21:38:51 -0700412 # Use uid of 67 if possible
Tim Rice8db70e22005-12-28 14:28:08 -0800413 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
Tim Rice6f1f7582004-05-30 21:38:51 -0700414 then
415 :
416 else
417 sshduid="-u $SSHDUID"
418 fi
419 echo "Creating PrivSep user $SSH_PRIVSEP_USER."
420 \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
421 \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
Tim Ricea5757f02004-07-01 20:41:15 -0700422 }
Tim Rice6f1f7582004-05-30 21:38:51 -0700423
Damien Miller223897a2006-09-12 21:54:10 +1000424if [ "\${POST_INS_START}" = "yes" ]
425then
426 if [ $DO_SMF -eq 1 ]
427 then
Damien Miller223897a2006-09-12 21:54:10 +1000428 svcadm enable $OPENSSH_FMRI
429 else
430 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
431 fi
432fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700433exit 0
434_EOF
435
436## Build preremove file
437echo "Building preremove file..."
438cat > preremove << _EOF
439#! ${SCRIPT_SHELL}
440#
Damien Miller223897a2006-09-12 21:54:10 +1000441if [ $DO_SMF -eq 1 ]
442then
443 svcadm disable $OPENSSH_FMRI
444else
445 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
446fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700447_EOF
448
449# local preremove changes here
450[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
451
452cat >> preremove << _EOF
453exit 0
454_EOF
455
456## Build postremove file
457echo "Building postremove file..."
458cat > postremove << _EOF
459#! ${SCRIPT_SHELL}
460#
Damien Miller223897a2006-09-12 21:54:10 +1000461if [ $DO_SMF -eq 1 ]
462then
463 if svcs $OPENSSH_FMRI > /dev/null 2>&1
464 then
465 svccfg delete -f $OPENSSH_FMRI
466 fi
467fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700468_EOF
469
470# local postremove changes here
471[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
472
473cat >> postremove << _EOF
474exit 0
475_EOF
476
477## Build request file
478echo "Building request file..."
479cat > request << _EOF
480trap 'exit 3' 15
481
482_EOF
483
484[ -x /usr/bin/ckyorn ] || cat >> request << _EOF
485
486ckyorn() {
Tim Rice09f10932006-10-06 14:58:38 -0700487# for some strange reason OpenServer5 has no ckyorn
Tim Rice6f1f7582004-05-30 21:38:51 -0700488# We build a striped down version here
489
490DEFAULT=n
491PROMPT="Yes or No [yes,no,?,quit]"
492HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
493USAGE="usage: ckyorn [options]
494where options may include:
495 -d default
496 -h help
497 -p prompt
498"
499
500if [ \$# != 0 ]
501then
502 while getopts d:p:h: c
503 do
504 case \$c in
505 h) HELP_PROMPT="\$OPTARG" ;;
506 d) DEFAULT=\$OPTARG ;;
507 p) PROMPT=\$OPTARG ;;
508 \\?) echo "\$USAGE" 1>&2
509 exit 1 ;;
510 esac
511 done
512 shift \`expr \$OPTIND - 1\`
513fi
514
515while true
516do
517 echo "\${PROMPT}\\c " 1>&2
518 read key
519 [ -z "\$key" ] && key=\$DEFAULT
520 case \$key in
521 [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c"
522 exit 0 ;;
523 \\?) echo \$HELP_PROMPT 1>&2 ;;
524 q|quit) echo "q\\c" 1>&2
525 exit 3 ;;
526 esac
527done
528
529}
530
531_EOF
532
Damien Miller223897a2006-09-12 21:54:10 +1000533if [ $DO_SMF -eq 1 ]
534then
535 # This could get hairy, as the running sshd may not be under SMF.
536 # We'll assume an earlier version of OpenSSH started via SMF.
537 cat >> request << _EOF
538PRE_INS_STOP=no
539POST_INS_START=no
540# determine if should restart the daemon
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700541if [ -s ${piddir}/sshd.pid ] && \\
Tim Ricec3af6d42007-03-01 09:34:52 -0800542 /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
Damien Miller223897a2006-09-12 21:54:10 +1000543then
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700544 ans=\`ckyorn -d n \\
Damien Miller223897a2006-09-12 21:54:10 +1000545-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
546 case \$ans in
547 [y,Y]*) PRE_INS_STOP=yes
548 POST_INS_START=yes
549 ;;
550 esac
551
552else
553
554# determine if we should start sshd
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700555 ans=\`ckyorn -d n \\
Damien Miller223897a2006-09-12 21:54:10 +1000556-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
557 case \$ans in
558 [y,Y]*) POST_INS_START=yes ;;
559 esac
560fi
561
562# make parameters available to installation service,
563# and so to any other packaging scripts
564cat >\$1 <<!
565PRE_INS_STOP='\$PRE_INS_STOP'
566POST_INS_START='\$POST_INS_START'
567!
568
569_EOF
570else
571 cat >> request << _EOF
Tim Rice6f1f7582004-05-30 21:38:51 -0700572USE_SYM_LINKS=no
573PRE_INS_STOP=no
574POST_INS_START=no
575# Use symbolic links?
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700576ans=\`ckyorn -d n \\
Tim Rice6f1f7582004-05-30 21:38:51 -0700577-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
578case \$ans in
579 [y,Y]*) USE_SYM_LINKS=yes ;;
580esac
581
582# determine if should restart the daemon
583if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
584then
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700585 ans=\`ckyorn -d n \\
Tim Rice6f1f7582004-05-30 21:38:51 -0700586-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
587 case \$ans in
588 [y,Y]*) PRE_INS_STOP=yes
589 POST_INS_START=yes
590 ;;
591 esac
592
593else
594
595# determine if we should start sshd
Tim Ricec0e5cbe2012-10-18 21:38:58 -0700596 ans=\`ckyorn -d n \\
Tim Rice6f1f7582004-05-30 21:38:51 -0700597-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
598 case \$ans in
599 [y,Y]*) POST_INS_START=yes ;;
600 esac
601fi
602
603# make parameters available to installation service,
604# and so to any other packaging scripts
605cat >\$1 <<!
606USE_SYM_LINKS='\$USE_SYM_LINKS'
607PRE_INS_STOP='\$PRE_INS_STOP'
608POST_INS_START='\$POST_INS_START'
609!
610
611_EOF
Damien Miller223897a2006-09-12 21:54:10 +1000612fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700613
614# local request changes here
615[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
616
617cat >> request << _EOF
618exit 0
619
620_EOF
621
622## Next Build our prototype
623echo "Building prototype file..."
624cat >mk-proto.awk << _EOF
625 BEGIN { print "i pkginfo"; print "i depend"; \\
626 print "i preinstall"; print "i postinstall"; \\
627 print "i preremove"; print "i postremove"; \\
628 print "i request"; print "i space"; \\
629 split("$SYSTEM_DIR",sys_files); }
630 {
631 for (dir in sys_files) { if ( \$3 != sys_files[dir] )
632 { if ( \$1 == "s" )
633 { \$5=""; \$6=""; }
634 else
635 { \$5="root"; \$6="sys"; }
636 }
637 else
638 { \$4="?"; \$5="?"; \$6="?"; break;}
639 } }
640 { print; }
641_EOF
642
643find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
Tim Rice77674b12006-10-06 18:49:36 -0700644 pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype
Tim Rice6f1f7582004-05-30 21:38:51 -0700645
646# /usr/local is a symlink on some systems
647[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
648 grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
649 mv prototype.new prototype
650}
651
652## Step back a directory and now build the package.
653cd ..
654# local prototype tweeks here
655[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
656
657echo "Building package.."
658pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
Tim Ricea5757f02004-07-01 20:41:15 -0700659echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
Tim Rice6f1f7582004-05-30 21:38:51 -0700660 ;;
661
662 justpkg.sh)
663rm -fr ${FAKE_ROOT}/${PKGNAME}
664grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
665mv $$tmp $FAKE_ROOT/pkginfo
666cat >> $FAKE_ROOT/pkginfo << _EOF
667PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
668_EOF
669pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
Tim Ricea5757f02004-07-01 20:41:15 -0700670echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
Tim Rice6f1f7582004-05-30 21:38:51 -0700671 ;;
672
673esac
674
675[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT
Tim Rice2d2b9f72004-05-30 21:48:40 -0700676exit 0
Tim Rice6f1f7582004-05-30 21:38:51 -0700677