Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # Fake Root Solaris/SVR4/SVR5 Build System - Prototype |
| 4 | # |
| 5 | # The following code has been provide under Public Domain License. I really |
| 6 | # don't care what you use it for. Just as long as you don't complain to me |
| 7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) |
| 8 | # |
| 9 | umask 022 |
| 10 | # |
| 11 | # Options for building the package |
| 12 | # You can create a openssh-config.local with your customized options |
| 13 | # |
| 14 | REMOVE_FAKE_ROOT_WHEN_DONE=yes |
| 15 | # |
| 16 | # uncommenting TEST_DIR and using |
| 17 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty |
| 18 | # and |
| 19 | # PKGNAME=tOpenSSH should allow testing a package without interfering |
| 20 | # with a real OpenSSH package on a system. This is not needed on systems |
| 21 | # that support the -R option to pkgadd. |
| 22 | #TEST_DIR=/var/tmp # leave commented out for production build |
| 23 | PKGNAME=OpenSSH |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 24 | # revisions within the same version (REV=a) |
| 25 | #REV= |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 26 | SYSVINIT_NAME=opensshd |
| 27 | MAKE=${MAKE:="make"} |
| 28 | SSHDUID=67 # Default privsep uid |
| 29 | SSHDGID=67 # Default privsep gid |
| 30 | # uncomment these next three as needed |
| 31 | #PERMIT_ROOT_LOGIN=no |
| 32 | #X11_FORWARDING=yes |
| 33 | #USR_LOCAL_IS_SYMLINK=yes |
| 34 | # System V init run levels |
| 35 | SYSVINITSTART=S98 |
| 36 | SYSVINITSTOPT=K30 |
| 37 | # We will source these if they exist |
Tim Rice | bf209f5 | 2006-02-13 12:46:44 -0800 | [diff] [blame] | 38 | POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 39 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
| 40 | # We'll be one level deeper looking for these |
| 41 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local |
| 42 | PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local |
| 43 | PKG_PREREMOVE_LOCAL=../pkg-preremove.local |
| 44 | PKG_POSTREMOVE_LOCAL=../pkg-postremove.local |
| 45 | PKG_REQUEST_LOCAL=../pkg-request.local |
| 46 | # end of sourced files |
| 47 | # |
Tim Rice | 5af9db9 | 2004-06-19 19:31:06 -0700 | [diff] [blame] | 48 | OPENSSHD=opensshd.init |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 49 | OPENSSH_MANIFEST=openssh.xml |
| 50 | OPENSSH_FMRI=svc:/site/openssh:default |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 51 | |
| 52 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ |
| 53 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ |
| 54 | PATH_PASSWD_PROG=@PATH_PASSWD_PROG@ |
| 55 | # |
| 56 | # list of system directories we do NOT want to change owner/group/perms |
| 57 | # when installing our package |
| 58 | SYSTEM_DIR="/etc \ |
| 59 | /etc/init.d \ |
| 60 | /etc/rcS.d \ |
| 61 | /etc/rc0.d \ |
| 62 | /etc/rc1.d \ |
| 63 | /etc/rc2.d \ |
| 64 | /etc/opt \ |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 65 | /lib \ |
| 66 | /lib/svc \ |
| 67 | /lib/svc/method \ |
| 68 | /lib/svc/method/site \ |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 69 | /opt \ |
| 70 | /opt/bin \ |
| 71 | /usr \ |
| 72 | /usr/bin \ |
| 73 | /usr/lib \ |
| 74 | /usr/sbin \ |
| 75 | /usr/share \ |
| 76 | /usr/share/man \ |
| 77 | /usr/share/man/man1 \ |
| 78 | /usr/share/man/man8 \ |
| 79 | /usr/local \ |
| 80 | /usr/local/bin \ |
| 81 | /usr/local/etc \ |
| 82 | /usr/local/libexec \ |
| 83 | /usr/local/man \ |
| 84 | /usr/local/man/man1 \ |
| 85 | /usr/local/man/man8 \ |
| 86 | /usr/local/sbin \ |
| 87 | /usr/local/share \ |
| 88 | /var \ |
| 89 | /var/opt \ |
| 90 | /var/run \ |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 91 | /var/svc \ |
| 92 | /var/svc/manifest \ |
| 93 | /var/svc/manifest/site \ |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 94 | /var/tmp \ |
| 95 | /tmp" |
| 96 | |
| 97 | # We may need to build as root so we make sure PATH is set up |
| 98 | # only set the path if it's not set already |
| 99 | [ -d /opt/bin ] && { |
| 100 | echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 |
| 101 | [ $? -ne 0 ] && PATH=$PATH:/opt/bin |
| 102 | } |
| 103 | [ -d /usr/local/bin ] && { |
| 104 | echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 |
| 105 | [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin |
| 106 | } |
| 107 | [ -d /usr/ccs/bin ] && { |
| 108 | echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 |
| 109 | [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin |
| 110 | } |
| 111 | export PATH |
| 112 | # |
| 113 | |
| 114 | [ -f Makefile ] || { |
| 115 | echo "Please run this script from your build directory" |
| 116 | exit 1 |
| 117 | } |
| 118 | |
| 119 | # we will look for openssh-config.local to override the above options |
| 120 | [ -s ./openssh-config.local ] && . ./openssh-config.local |
| 121 | |
| 122 | START=`pwd` |
| 123 | FAKE_ROOT=$START/pkg |
| 124 | |
| 125 | ## Fill in some details, like prefix and sysconfdir |
| 126 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir |
| 127 | do |
| 128 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` |
| 129 | done |
| 130 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 131 | ## Are we using Solaris' SMF? |
| 132 | DO_SMF=0 |
| 133 | if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 |
| 134 | then |
| 135 | DO_SMF=1 |
| 136 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 137 | |
| 138 | ## Collect value of privsep user |
| 139 | for confvar in SSH_PRIVSEP_USER |
| 140 | do |
| 141 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` |
| 142 | done |
| 143 | |
| 144 | ## Set privsep defaults if not defined |
| 145 | if [ -z "$SSH_PRIVSEP_USER" ] |
| 146 | then |
| 147 | SSH_PRIVSEP_USER=sshd |
| 148 | fi |
| 149 | |
| 150 | ## Extract common info requires for the 'info' part of the package. |
| 151 | VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` |
| 152 | |
| 153 | ARCH=`uname -m` |
| 154 | DEF_MSG="\n" |
| 155 | OS_VER=`uname -v` |
| 156 | SCRIPT_SHELL=/sbin/sh |
| 157 | UNAME_S=`uname -s` |
| 158 | case ${UNAME_S} in |
| 159 | SunOS) UNAME_S=Solaris |
| 160 | ARCH=`uname -p` |
| 161 | RCS_D=yes |
| 162 | DEF_MSG="(default: n)" |
| 163 | ;; |
| 164 | SCO_SV) UNAME_S=OpenServer |
| 165 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
| 166 | SCRIPT_SHELL=/bin/sh |
| 167 | RC1_D=no |
| 168 | DEF_MSG="(default: n)" |
| 169 | ;; |
| 170 | esac |
| 171 | |
| 172 | case `basename $0` in |
| 173 | buildpkg.sh) |
| 174 | ## Start by faking root install |
| 175 | echo "Faking root install..." |
| 176 | [ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT |
| 177 | mkdir $FAKE_ROOT |
| 178 | ${MAKE} install-nokeys DESTDIR=$FAKE_ROOT |
| 179 | if [ $? -gt 0 ] |
| 180 | then |
| 181 | echo "Fake root install failed, stopping." |
| 182 | exit 1 |
| 183 | fi |
| 184 | |
| 185 | ## Setup our run level stuff while we are at it. |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 186 | if [ $DO_SMF -eq 1 ] |
| 187 | then |
| 188 | # For Solaris' SMF, /lib/svc/method/site is the preferred place |
| 189 | # for start/stop scripts that aren't supplied with the OS, and |
| 190 | # similarly /var/svc/manifest/site for manifests. |
| 191 | mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site |
| 192 | mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 193 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 194 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} |
| 195 | chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} |
| 196 | |
| 197 | cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site |
| 198 | chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST} |
| 199 | else |
| 200 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d |
| 201 | |
| 202 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
| 203 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
| 204 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 205 | |
| 206 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ |
| 207 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
| 208 | $FAKE_ROOT/${sysconfdir}/sshd_config |
| 209 | [ "${X11_FORWARDING}" = yes ] && \ |
| 210 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ |
| 211 | $FAKE_ROOT/${sysconfdir}/sshd_config |
| 212 | # fix PrintMotd |
| 213 | perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ |
| 214 | $FAKE_ROOT/${sysconfdir}/sshd_config |
| 215 | |
| 216 | # We don't want to overwrite config files on multiple installs |
| 217 | mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default |
| 218 | mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default |
| 219 | [ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \ |
| 220 | mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default |
| 221 | |
| 222 | # local tweeks here |
| 223 | [ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} |
| 224 | |
| 225 | cd $FAKE_ROOT |
| 226 | |
| 227 | ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk |
| 228 | ## whining. |
| 229 | for i in *; do |
| 230 | PROTO_ARGS="$PROTO_ARGS $i=/$i"; |
| 231 | done |
| 232 | |
| 233 | ## Build info file |
| 234 | echo "Building pkginfo file..." |
| 235 | cat > pkginfo << _EOF |
| 236 | PKG=$PKGNAME |
| 237 | NAME="OpenSSH Portable for ${UNAME_S}" |
| 238 | DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." |
| 239 | VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" |
| 240 | ARCH=$ARCH |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 241 | VERSION=$VERSION$REV |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 242 | CATEGORY="Security,application" |
| 243 | BASEDIR=/ |
| 244 | CLASSES="none" |
| 245 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" |
| 246 | _EOF |
| 247 | |
| 248 | ## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS |
| 249 | echo "Building depend file..." |
| 250 | touch depend |
| 251 | |
| 252 | ## Build space file |
| 253 | echo "Building space file..." |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 254 | if [ $DO_SMF -eq 1 ] |
| 255 | then |
| 256 | # XXX Is this necessary? If not, remove space line from mk-proto.awk. |
| 257 | touch space |
| 258 | else |
| 259 | cat > space << _EOF |
| 260 | # extra space required by start/stop links added by installf |
| 261 | # in postinstall |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 262 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 |
| 263 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 |
| 264 | _EOF |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 265 | [ "$RC1_D" = no ] || \ |
| 266 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
| 267 | [ "$RCS_D" = yes ] && \ |
| 268 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
| 269 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 270 | |
| 271 | ## Build preinstall file |
| 272 | echo "Building preinstall file..." |
| 273 | cat > preinstall << _EOF |
| 274 | #! ${SCRIPT_SHELL} |
| 275 | # |
| 276 | _EOF |
| 277 | |
| 278 | # local preinstall changes here |
| 279 | [ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} |
| 280 | |
| 281 | cat >> preinstall << _EOF |
| 282 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 283 | if [ "\${PRE_INS_STOP}" = "yes" ] |
| 284 | then |
| 285 | if [ $DO_SMF -eq 1 ] |
| 286 | then |
| 287 | svcadm disable $OPENSSH_FMRI |
| 288 | else |
| 289 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop |
| 290 | fi |
| 291 | fi |
| 292 | |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 293 | exit 0 |
| 294 | _EOF |
| 295 | |
| 296 | ## Build postinstall file |
| 297 | echo "Building postinstall file..." |
| 298 | cat > postinstall << _EOF |
| 299 | #! ${SCRIPT_SHELL} |
| 300 | # |
| 301 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ |
| 302 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ |
| 303 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config |
| 304 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ |
| 305 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ |
| 306 | \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config |
| 307 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && { |
| 308 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\ |
| 309 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\ |
| 310 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds |
| 311 | } |
| 312 | |
| 313 | # make rc?.d dirs only if we are doing a test install |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 314 | [ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 315 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d |
| 316 | mkdir -p ${TEST_DIR}/etc/rc0.d |
| 317 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d |
| 318 | mkdir -p ${TEST_DIR}/etc/rc2.d |
| 319 | } |
| 320 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 321 | if [ $DO_SMF -eq 1 ] |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 322 | then |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 323 | # Delete the existing service, if it exists, then import the |
| 324 | # new one. |
| 325 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
| 326 | then |
| 327 | svccfg delete -f $OPENSSH_FMRI |
| 328 | fi |
| 329 | # NOTE, if manifest enables sshd by default, this will actually |
| 330 | # start the daemon, which may not be what the user wants. |
| 331 | svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 332 | else |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 333 | if [ "\${USE_SYM_LINKS}" = yes ] |
| 334 | then |
| 335 | [ "$RCS_D" = yes ] && \ |
| 336 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 337 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 338 | [ "$RC1_D" = no ] || \ |
| 339 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 340 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 341 | else |
| 342 | [ "$RCS_D" = yes ] && \ |
| 343 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 344 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 345 | [ "$RC1_D" = no ] || \ |
| 346 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 347 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 348 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 349 | fi |
| 350 | |
| 351 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) |
| 352 | [ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys |
| 353 | |
| 354 | _EOF |
| 355 | |
| 356 | # local postinstall changes here |
| 357 | [ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} |
| 358 | |
| 359 | cat >> postinstall << _EOF |
| 360 | installf -f ${PKGNAME} |
| 361 | |
| 362 | # Use chroot to handle PKG_INSTALL_ROOT |
| 363 | if [ ! -z "\${PKG_INSTALL_ROOT}" ] |
| 364 | then |
| 365 | chroot="chroot \${PKG_INSTALL_ROOT}" |
| 366 | fi |
| 367 | # If this is a test build, we will skip the groupadd/useradd/passwd commands |
| 368 | if [ ! -z "${TEST_DIR}" ] |
| 369 | then |
| 370 | chroot=echo |
| 371 | fi |
| 372 | |
Darren Tucker | 733a292 | 2006-09-09 20:41:25 +1000 | [diff] [blame] | 373 | echo "PrivilegeSeparation user always required." |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 374 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 375 | then |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 376 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." |
| 377 | SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` |
| 378 | SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 379 | else |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 380 | DO_PASSWD=yes |
| 381 | fi |
| 382 | [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER |
| 383 | |
| 384 | # group required? |
| 385 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null |
| 386 | then |
| 387 | echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." |
| 388 | else |
| 389 | DO_GROUP=yes |
| 390 | fi |
| 391 | |
| 392 | # create group if required |
| 393 | [ "\$DO_GROUP" = yes ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 394 | # Use gid of 67 if possible |
| 395 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null |
| 396 | then |
| 397 | : |
| 398 | else |
| 399 | sshdgid="-g $SSHDGID" |
| 400 | fi |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 401 | echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." |
| 402 | \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP |
| 403 | } |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 404 | |
| 405 | # Create user if required |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 406 | [ "\$DO_PASSWD" = yes ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 407 | # Use uid of 67 if possible |
Tim Rice | 8db70e2 | 2005-12-28 14:28:08 -0800 | [diff] [blame] | 408 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 409 | then |
| 410 | : |
| 411 | else |
| 412 | sshduid="-u $SSHDUID" |
| 413 | fi |
| 414 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." |
| 415 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER |
| 416 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 417 | } |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 418 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 419 | if [ "\${POST_INS_START}" = "yes" ] |
| 420 | then |
| 421 | if [ $DO_SMF -eq 1 ] |
| 422 | then |
| 423 | # See svccfg import note above. The service may already |
| 424 | # be started. |
| 425 | svcadm enable $OPENSSH_FMRI |
| 426 | else |
| 427 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start |
| 428 | fi |
| 429 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 430 | exit 0 |
| 431 | _EOF |
| 432 | |
| 433 | ## Build preremove file |
| 434 | echo "Building preremove file..." |
| 435 | cat > preremove << _EOF |
| 436 | #! ${SCRIPT_SHELL} |
| 437 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 438 | if [ $DO_SMF -eq 1 ] |
| 439 | then |
| 440 | svcadm disable $OPENSSH_FMRI |
| 441 | else |
| 442 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop |
| 443 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 444 | _EOF |
| 445 | |
| 446 | # local preremove changes here |
| 447 | [ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} |
| 448 | |
| 449 | cat >> preremove << _EOF |
| 450 | exit 0 |
| 451 | _EOF |
| 452 | |
| 453 | ## Build postremove file |
| 454 | echo "Building postremove file..." |
| 455 | cat > postremove << _EOF |
| 456 | #! ${SCRIPT_SHELL} |
| 457 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 458 | if [ $DO_SMF -eq 1 ] |
| 459 | then |
| 460 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
| 461 | then |
| 462 | svccfg delete -f $OPENSSH_FMRI |
| 463 | fi |
| 464 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 465 | _EOF |
| 466 | |
| 467 | # local postremove changes here |
| 468 | [ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} |
| 469 | |
| 470 | cat >> postremove << _EOF |
| 471 | exit 0 |
| 472 | _EOF |
| 473 | |
| 474 | ## Build request file |
| 475 | echo "Building request file..." |
| 476 | cat > request << _EOF |
| 477 | trap 'exit 3' 15 |
| 478 | |
| 479 | _EOF |
| 480 | |
| 481 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF |
| 482 | |
| 483 | ckyorn() { |
| 484 | # for some strange reason OpenServer has no ckyorn |
| 485 | # We build a striped down version here |
| 486 | |
| 487 | DEFAULT=n |
| 488 | PROMPT="Yes or No [yes,no,?,quit]" |
| 489 | HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." |
| 490 | USAGE="usage: ckyorn [options] |
| 491 | where options may include: |
| 492 | -d default |
| 493 | -h help |
| 494 | -p prompt |
| 495 | " |
| 496 | |
| 497 | if [ \$# != 0 ] |
| 498 | then |
| 499 | while getopts d:p:h: c |
| 500 | do |
| 501 | case \$c in |
| 502 | h) HELP_PROMPT="\$OPTARG" ;; |
| 503 | d) DEFAULT=\$OPTARG ;; |
| 504 | p) PROMPT=\$OPTARG ;; |
| 505 | \\?) echo "\$USAGE" 1>&2 |
| 506 | exit 1 ;; |
| 507 | esac |
| 508 | done |
| 509 | shift \`expr \$OPTIND - 1\` |
| 510 | fi |
| 511 | |
| 512 | while true |
| 513 | do |
| 514 | echo "\${PROMPT}\\c " 1>&2 |
| 515 | read key |
| 516 | [ -z "\$key" ] && key=\$DEFAULT |
| 517 | case \$key in |
| 518 | [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" |
| 519 | exit 0 ;; |
| 520 | \\?) echo \$HELP_PROMPT 1>&2 ;; |
| 521 | q|quit) echo "q\\c" 1>&2 |
| 522 | exit 3 ;; |
| 523 | esac |
| 524 | done |
| 525 | |
| 526 | } |
| 527 | |
| 528 | _EOF |
| 529 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 530 | if [ $DO_SMF -eq 1 ] |
| 531 | then |
| 532 | # This could get hairy, as the running sshd may not be under SMF. |
| 533 | # We'll assume an earlier version of OpenSSH started via SMF. |
| 534 | cat >> request << _EOF |
| 535 | PRE_INS_STOP=no |
| 536 | POST_INS_START=no |
| 537 | # determine if should restart the daemon |
| 538 | if [ -s ${piddir}/sshd.pid ] && \ |
| 539 | /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 |
| 540 | then |
| 541 | ans=\`ckyorn -d n \ |
| 542 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? |
| 543 | case \$ans in |
| 544 | [y,Y]*) PRE_INS_STOP=yes |
| 545 | POST_INS_START=yes |
| 546 | ;; |
| 547 | esac |
| 548 | |
| 549 | else |
| 550 | |
| 551 | # determine if we should start sshd |
| 552 | ans=\`ckyorn -d n \ |
| 553 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? |
| 554 | case \$ans in |
| 555 | [y,Y]*) POST_INS_START=yes ;; |
| 556 | esac |
| 557 | fi |
| 558 | |
| 559 | # make parameters available to installation service, |
| 560 | # and so to any other packaging scripts |
| 561 | cat >\$1 <<! |
| 562 | PRE_INS_STOP='\$PRE_INS_STOP' |
| 563 | POST_INS_START='\$POST_INS_START' |
| 564 | ! |
| 565 | |
| 566 | _EOF |
| 567 | else |
| 568 | cat >> request << _EOF |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 569 | USE_SYM_LINKS=no |
| 570 | PRE_INS_STOP=no |
| 571 | POST_INS_START=no |
| 572 | # Use symbolic links? |
| 573 | ans=\`ckyorn -d n \ |
| 574 | -p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? |
| 575 | case \$ans in |
| 576 | [y,Y]*) USE_SYM_LINKS=yes ;; |
| 577 | esac |
| 578 | |
| 579 | # determine if should restart the daemon |
| 580 | if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] |
| 581 | then |
| 582 | ans=\`ckyorn -d n \ |
| 583 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? |
| 584 | case \$ans in |
| 585 | [y,Y]*) PRE_INS_STOP=yes |
| 586 | POST_INS_START=yes |
| 587 | ;; |
| 588 | esac |
| 589 | |
| 590 | else |
| 591 | |
| 592 | # determine if we should start sshd |
| 593 | ans=\`ckyorn -d n \ |
| 594 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? |
| 595 | case \$ans in |
| 596 | [y,Y]*) POST_INS_START=yes ;; |
| 597 | esac |
| 598 | fi |
| 599 | |
| 600 | # make parameters available to installation service, |
| 601 | # and so to any other packaging scripts |
| 602 | cat >\$1 <<! |
| 603 | USE_SYM_LINKS='\$USE_SYM_LINKS' |
| 604 | PRE_INS_STOP='\$PRE_INS_STOP' |
| 605 | POST_INS_START='\$POST_INS_START' |
| 606 | ! |
| 607 | |
| 608 | _EOF |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame^] | 609 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 610 | |
| 611 | # local request changes here |
| 612 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} |
| 613 | |
| 614 | cat >> request << _EOF |
| 615 | exit 0 |
| 616 | |
| 617 | _EOF |
| 618 | |
| 619 | ## Next Build our prototype |
| 620 | echo "Building prototype file..." |
| 621 | cat >mk-proto.awk << _EOF |
| 622 | BEGIN { print "i pkginfo"; print "i depend"; \\ |
| 623 | print "i preinstall"; print "i postinstall"; \\ |
| 624 | print "i preremove"; print "i postremove"; \\ |
| 625 | print "i request"; print "i space"; \\ |
| 626 | split("$SYSTEM_DIR",sys_files); } |
| 627 | { |
| 628 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) |
| 629 | { if ( \$1 == "s" ) |
| 630 | { \$5=""; \$6=""; } |
| 631 | else |
| 632 | { \$5="root"; \$6="sys"; } |
| 633 | } |
| 634 | else |
| 635 | { \$4="?"; \$5="?"; \$6="?"; break;} |
| 636 | } } |
| 637 | { print; } |
| 638 | _EOF |
| 639 | |
| 640 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ |
| 641 | pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype |
| 642 | |
| 643 | # /usr/local is a symlink on some systems |
| 644 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { |
| 645 | grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new |
| 646 | mv prototype.new prototype |
| 647 | } |
| 648 | |
| 649 | ## Step back a directory and now build the package. |
| 650 | cd .. |
| 651 | # local prototype tweeks here |
| 652 | [ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} |
| 653 | |
| 654 | echo "Building package.." |
| 655 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 656 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 657 | ;; |
| 658 | |
| 659 | justpkg.sh) |
| 660 | rm -fr ${FAKE_ROOT}/${PKGNAME} |
| 661 | grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp |
| 662 | mv $$tmp $FAKE_ROOT/pkginfo |
| 663 | cat >> $FAKE_ROOT/pkginfo << _EOF |
| 664 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" |
| 665 | _EOF |
| 666 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 667 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 668 | ;; |
| 669 | |
| 670 | esac |
| 671 | |
| 672 | [ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT |
Tim Rice | 2d2b9f7 | 2004-05-30 21:48:40 -0700 | [diff] [blame] | 673 | exit 0 |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 674 | |