blob: 22c66fbd420937383faba26336d2d0dc68911c5f [file] [log] [blame]
Tim Rice6f1f7582004-05-30 21:38:51 -07001#!/bin/sh
2#
3# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
4#
5# The following code has been provide under Public Domain License. I really
6# don't care what you use it for. Just as long as you don't complain to me
7# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
8#
9umask 022
10#
11# Options for building the package
12# You can create a openssh-config.local with your customized options
13#
14REMOVE_FAKE_ROOT_WHEN_DONE=yes
15#
16# uncommenting TEST_DIR and using
17# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
18# and
19# PKGNAME=tOpenSSH should allow testing a package without interfering
20# with a real OpenSSH package on a system. This is not needed on systems
21# that support the -R option to pkgadd.
22#TEST_DIR=/var/tmp # leave commented out for production build
23PKGNAME=OpenSSH
Tim Ricea5757f02004-07-01 20:41:15 -070024# revisions within the same version (REV=a)
25#REV=
Tim Rice6f1f7582004-05-30 21:38:51 -070026SYSVINIT_NAME=opensshd
Tim Rice77674b12006-10-06 18:49:36 -070027AWK=${AWK:="nawk"}
Tim Rice6f1f7582004-05-30 21:38:51 -070028MAKE=${MAKE:="make"}
29SSHDUID=67 # Default privsep uid
30SSHDGID=67 # Default privsep gid
31# uncomment these next three as needed
32#PERMIT_ROOT_LOGIN=no
33#X11_FORWARDING=yes
34#USR_LOCAL_IS_SYMLINK=yes
35# System V init run levels
36SYSVINITSTART=S98
37SYSVINITSTOPT=K30
38# We will source these if they exist
Tim Ricebf209f52006-02-13 12:46:44 -080039POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
Tim Rice6f1f7582004-05-30 21:38:51 -070040POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
41# We'll be one level deeper looking for these
42PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
43PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
44PKG_PREREMOVE_LOCAL=../pkg-preremove.local
45PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
46PKG_REQUEST_LOCAL=../pkg-request.local
47# end of sourced files
48#
Tim Rice5af9db92004-06-19 19:31:06 -070049OPENSSHD=opensshd.init
Damien Miller223897a2006-09-12 21:54:10 +100050OPENSSH_MANIFEST=openssh.xml
Tim Ricec3af6d42007-03-01 09:34:52 -080051OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default
Tim Riceffe3a8e2007-07-24 21:16:07 -070052SMF_METHOD_DIR=/lib/svc/method/site
53SMF_MANIFEST_DIR=/var/svc/manifest/site
Tim Rice6f1f7582004-05-30 21:38:51 -070054
55PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
56PATH_USERADD_PROG=@PATH_USERADD_PROG@
57PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
58#
59# list of system directories we do NOT want to change owner/group/perms
60# when installing our package
61SYSTEM_DIR="/etc \
62/etc/init.d \
63/etc/rcS.d \
64/etc/rc0.d \
65/etc/rc1.d \
66/etc/rc2.d \
67/etc/opt \
Damien Miller223897a2006-09-12 21:54:10 +100068/lib \
69/lib/svc \
70/lib/svc/method \
71/lib/svc/method/site \
Tim Rice6f1f7582004-05-30 21:38:51 -070072/opt \
73/opt/bin \
74/usr \
75/usr/bin \
76/usr/lib \
77/usr/sbin \
78/usr/share \
79/usr/share/man \
80/usr/share/man/man1 \
81/usr/share/man/man8 \
82/usr/local \
83/usr/local/bin \
84/usr/local/etc \
85/usr/local/libexec \
86/usr/local/man \
87/usr/local/man/man1 \
88/usr/local/man/man8 \
89/usr/local/sbin \
90/usr/local/share \
91/var \
92/var/opt \
93/var/run \
Damien Miller223897a2006-09-12 21:54:10 +100094/var/svc \
95/var/svc/manifest \
96/var/svc/manifest/site \
Tim Rice6f1f7582004-05-30 21:38:51 -070097/var/tmp \
98/tmp"
99
100# We may need to build as root so we make sure PATH is set up
101# only set the path if it's not set already
102[ -d /opt/bin ] && {
103 echo $PATH | grep ":/opt/bin" > /dev/null 2>&1
104 [ $? -ne 0 ] && PATH=$PATH:/opt/bin
105}
106[ -d /usr/local/bin ] && {
107 echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
108 [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
109}
110[ -d /usr/ccs/bin ] && {
111 echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
112 [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
113}
114export PATH
115#
116
117[ -f Makefile ] || {
118 echo "Please run this script from your build directory"
119 exit 1
120}
121
122# we will look for openssh-config.local to override the above options
123[ -s ./openssh-config.local ] && . ./openssh-config.local
124
125START=`pwd`
126FAKE_ROOT=$START/pkg
127
128## Fill in some details, like prefix and sysconfdir
129for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
130do
131 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
132done
133
Damien Miller223897a2006-09-12 21:54:10 +1000134## Are we using Solaris' SMF?
135DO_SMF=0
136if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
137then
138 DO_SMF=1
139fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700140
141## Collect value of privsep user
142for confvar in SSH_PRIVSEP_USER
143do
144 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
145done
146
147## Set privsep defaults if not defined
148if [ -z "$SSH_PRIVSEP_USER" ]
149then
150 SSH_PRIVSEP_USER=sshd
151fi
152
153## Extract common info requires for the 'info' part of the package.
154VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
155
156ARCH=`uname -m`
157DEF_MSG="\n"
158OS_VER=`uname -v`
159SCRIPT_SHELL=/sbin/sh
Tim Rice09f10932006-10-06 14:58:38 -0700160UNAME_R=`uname -r`
Tim Rice6f1f7582004-05-30 21:38:51 -0700161UNAME_S=`uname -s`
162case ${UNAME_S} in
163 SunOS) UNAME_S=Solaris
Tim Rice09f10932006-10-06 14:58:38 -0700164 OS_VER=${UNAME_R}
Tim Rice6f1f7582004-05-30 21:38:51 -0700165 ARCH=`uname -p`
166 RCS_D=yes
167 DEF_MSG="(default: n)"
168 ;;
Tim Rice09f10932006-10-06 14:58:38 -0700169 SCO_SV) case ${UNAME_R} in
170 3.2) UNAME_S=OpenServer5
Tim Rice6f1f7582004-05-30 21:38:51 -0700171 OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
Tim Rice09f10932006-10-06 14:58:38 -0700172 ;;
173 5) UNAME_S=OpenServer6
174 ;;
175 esac
Tim Rice6f1f7582004-05-30 21:38:51 -0700176 SCRIPT_SHELL=/bin/sh
177 RC1_D=no
178 DEF_MSG="(default: n)"
179 ;;
180esac
181
182case `basename $0` in
183 buildpkg.sh)
184## Start by faking root install
185echo "Faking root install..."
186[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
187mkdir $FAKE_ROOT
188${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
189if [ $? -gt 0 ]
190then
191 echo "Fake root install failed, stopping."
192 exit 1
193fi
194
195## Setup our run level stuff while we are at it.
Damien Miller223897a2006-09-12 21:54:10 +1000196if [ $DO_SMF -eq 1 ]
197then
198 # For Solaris' SMF, /lib/svc/method/site is the preferred place
199 # for start/stop scripts that aren't supplied with the OS, and
200 # similarly /var/svc/manifest/site for manifests.
Tim Riceffe3a8e2007-07-24 21:16:07 -0700201 mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}
202 mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}
Tim Rice6f1f7582004-05-30 21:38:51 -0700203
Tim Riceffe3a8e2007-07-24 21:16:07 -0700204 cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME}
205 chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME}
Damien Miller223897a2006-09-12 21:54:10 +1000206
Tim Riceffe3a8e2007-07-24 21:16:07 -0700207 cat ${OPENSSH_MANIFEST} | \
208 sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \
209 -e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \
210 > $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
211 chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
Damien Miller223897a2006-09-12 21:54:10 +1000212else
213 mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
214
215 cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
216 chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
217fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700218
219[ "${PERMIT_ROOT_LOGIN}" = no ] && \
220 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
Tim Ricecd22d302007-07-24 21:40:59 -0700221 $FAKE_ROOT${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700222[ "${X11_FORWARDING}" = yes ] && \
223 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
Tim Ricecd22d302007-07-24 21:40:59 -0700224 $FAKE_ROOT${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700225# fix PrintMotd
226perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
Tim Ricecd22d302007-07-24 21:40:59 -0700227 $FAKE_ROOT${sysconfdir}/sshd_config
Tim Rice6f1f7582004-05-30 21:38:51 -0700228
229# We don't want to overwrite config files on multiple installs
Tim Ricecd22d302007-07-24 21:40:59 -0700230mv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default
231mv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default
232[ -f $FAKE_ROOT${sysconfdir}/ssh_prng_cmds ] && \
233mv $FAKE_ROOT${sysconfdir}/ssh_prng_cmds $FAKE_ROOT${sysconfdir}/ssh_prng_cmds.default
Tim Rice6f1f7582004-05-30 21:38:51 -0700234
235# local tweeks here
236[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
237
238cd $FAKE_ROOT
239
240## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
241## whining.
242for i in *; do
243 PROTO_ARGS="$PROTO_ARGS $i=/$i";
244done
245
246## Build info file
247echo "Building pkginfo file..."
248cat > pkginfo << _EOF
249PKG=$PKGNAME
250NAME="OpenSSH Portable for ${UNAME_S}"
251DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
252VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
253ARCH=$ARCH
Tim Ricea5757f02004-07-01 20:41:15 -0700254VERSION=$VERSION$REV
Tim Rice6f1f7582004-05-30 21:38:51 -0700255CATEGORY="Security,application"
256BASEDIR=/
257CLASSES="none"
258PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
259_EOF
260
261## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
262echo "Building depend file..."
263touch depend
264
265## Build space file
266echo "Building space file..."
Damien Miller223897a2006-09-12 21:54:10 +1000267if [ $DO_SMF -eq 1 ]
268then
269 # XXX Is this necessary? If not, remove space line from mk-proto.awk.
270 touch space
271else
272 cat > space << _EOF
273# extra space required by start/stop links added by installf
274# in postinstall
Tim Rice6f1f7582004-05-30 21:38:51 -0700275$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
276$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
277_EOF
Damien Miller223897a2006-09-12 21:54:10 +1000278 [ "$RC1_D" = no ] || \
279 echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
280 [ "$RCS_D" = yes ] && \
281 echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
282fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700283
284## Build preinstall file
285echo "Building preinstall file..."
286cat > preinstall << _EOF
287#! ${SCRIPT_SHELL}
288#
289_EOF
290
291# local preinstall changes here
292[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
293
294cat >> preinstall << _EOF
295#
Damien Miller223897a2006-09-12 21:54:10 +1000296if [ "\${PRE_INS_STOP}" = "yes" ]
297then
298 if [ $DO_SMF -eq 1 ]
299 then
300 svcadm disable $OPENSSH_FMRI
301 else
302 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
303 fi
304fi
305
Tim Rice6f1f7582004-05-30 21:38:51 -0700306exit 0
307_EOF
308
309## Build postinstall file
310echo "Building postinstall file..."
311cat > postinstall << _EOF
312#! ${SCRIPT_SHELL}
313#
314[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
315 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
316 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
317[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
318 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
319 \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
320[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
321 [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
322 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
323 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
324}
325
326# make rc?.d dirs only if we are doing a test install
Damien Miller223897a2006-09-12 21:54:10 +1000327[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
Tim Rice6f1f7582004-05-30 21:38:51 -0700328 [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
329 mkdir -p ${TEST_DIR}/etc/rc0.d
330 [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d
331 mkdir -p ${TEST_DIR}/etc/rc2.d
332}
333
Damien Miller223897a2006-09-12 21:54:10 +1000334if [ $DO_SMF -eq 1 ]
Tim Rice6f1f7582004-05-30 21:38:51 -0700335then
Damien Miller223897a2006-09-12 21:54:10 +1000336 # Delete the existing service, if it exists, then import the
337 # new one.
338 if svcs $OPENSSH_FMRI > /dev/null 2>&1
339 then
340 svccfg delete -f $OPENSSH_FMRI
341 fi
Tim Ricec3af6d42007-03-01 09:34:52 -0800342 # NOTE, The manifest disables sshd by default.
Tim Riceffe3a8e2007-07-24 21:16:07 -0700343 svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
Tim Rice6f1f7582004-05-30 21:38:51 -0700344else
Damien Miller223897a2006-09-12 21:54:10 +1000345 if [ "\${USE_SYM_LINKS}" = yes ]
346 then
347 [ "$RCS_D" = yes ] && \
348 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
349 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
350 [ "$RC1_D" = no ] || \
351 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
352 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
353 else
354 [ "$RCS_D" = yes ] && \
355 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
356 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
357 [ "$RC1_D" = no ] || \
358 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
359 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
360 fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700361fi
362
363# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
364[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
365
366_EOF
367
368# local postinstall changes here
369[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
370
371cat >> postinstall << _EOF
372installf -f ${PKGNAME}
373
374# Use chroot to handle PKG_INSTALL_ROOT
375if [ ! -z "\${PKG_INSTALL_ROOT}" ]
376then
377 chroot="chroot \${PKG_INSTALL_ROOT}"
378fi
379# If this is a test build, we will skip the groupadd/useradd/passwd commands
380if [ ! -z "${TEST_DIR}" ]
381then
382 chroot=echo
383fi
384
Darren Tucker733a2922006-09-09 20:41:25 +1000385 echo "PrivilegeSeparation user always required."
Tim Ricea5757f02004-07-01 20:41:15 -0700386 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
Tim Rice6f1f7582004-05-30 21:38:51 -0700387 then
Tim Ricea5757f02004-07-01 20:41:15 -0700388 echo "PrivSep user $SSH_PRIVSEP_USER already exists."
389 SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
390 SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
Tim Rice6f1f7582004-05-30 21:38:51 -0700391 else
Tim Ricea5757f02004-07-01 20:41:15 -0700392 DO_PASSWD=yes
393 fi
394 [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
395
396 # group required?
397 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
398 then
399 echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
400 else
401 DO_GROUP=yes
402 fi
403
404 # create group if required
405 [ "\$DO_GROUP" = yes ] && {
Tim Rice6f1f7582004-05-30 21:38:51 -0700406 # Use gid of 67 if possible
407 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
408 then
409 :
410 else
411 sshdgid="-g $SSHDGID"
412 fi
Tim Ricea5757f02004-07-01 20:41:15 -0700413 echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
414 \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
415 }
Tim Rice6f1f7582004-05-30 21:38:51 -0700416
417 # Create user if required
Tim Ricea5757f02004-07-01 20:41:15 -0700418 [ "\$DO_PASSWD" = yes ] && {
Tim Rice6f1f7582004-05-30 21:38:51 -0700419 # Use uid of 67 if possible
Tim Rice8db70e22005-12-28 14:28:08 -0800420 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
Tim Rice6f1f7582004-05-30 21:38:51 -0700421 then
422 :
423 else
424 sshduid="-u $SSHDUID"
425 fi
426 echo "Creating PrivSep user $SSH_PRIVSEP_USER."
427 \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
428 \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
Tim Ricea5757f02004-07-01 20:41:15 -0700429 }
Tim Rice6f1f7582004-05-30 21:38:51 -0700430
Damien Miller223897a2006-09-12 21:54:10 +1000431if [ "\${POST_INS_START}" = "yes" ]
432then
433 if [ $DO_SMF -eq 1 ]
434 then
Damien Miller223897a2006-09-12 21:54:10 +1000435 svcadm enable $OPENSSH_FMRI
436 else
437 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
438 fi
439fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700440exit 0
441_EOF
442
443## Build preremove file
444echo "Building preremove file..."
445cat > preremove << _EOF
446#! ${SCRIPT_SHELL}
447#
Damien Miller223897a2006-09-12 21:54:10 +1000448if [ $DO_SMF -eq 1 ]
449then
450 svcadm disable $OPENSSH_FMRI
451else
452 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
453fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700454_EOF
455
456# local preremove changes here
457[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
458
459cat >> preremove << _EOF
460exit 0
461_EOF
462
463## Build postremove file
464echo "Building postremove file..."
465cat > postremove << _EOF
466#! ${SCRIPT_SHELL}
467#
Damien Miller223897a2006-09-12 21:54:10 +1000468if [ $DO_SMF -eq 1 ]
469then
470 if svcs $OPENSSH_FMRI > /dev/null 2>&1
471 then
472 svccfg delete -f $OPENSSH_FMRI
473 fi
474fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700475_EOF
476
477# local postremove changes here
478[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
479
480cat >> postremove << _EOF
481exit 0
482_EOF
483
484## Build request file
485echo "Building request file..."
486cat > request << _EOF
487trap 'exit 3' 15
488
489_EOF
490
491[ -x /usr/bin/ckyorn ] || cat >> request << _EOF
492
493ckyorn() {
Tim Rice09f10932006-10-06 14:58:38 -0700494# for some strange reason OpenServer5 has no ckyorn
Tim Rice6f1f7582004-05-30 21:38:51 -0700495# We build a striped down version here
496
497DEFAULT=n
498PROMPT="Yes or No [yes,no,?,quit]"
499HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
500USAGE="usage: ckyorn [options]
501where options may include:
502 -d default
503 -h help
504 -p prompt
505"
506
507if [ \$# != 0 ]
508then
509 while getopts d:p:h: c
510 do
511 case \$c in
512 h) HELP_PROMPT="\$OPTARG" ;;
513 d) DEFAULT=\$OPTARG ;;
514 p) PROMPT=\$OPTARG ;;
515 \\?) echo "\$USAGE" 1>&2
516 exit 1 ;;
517 esac
518 done
519 shift \`expr \$OPTIND - 1\`
520fi
521
522while true
523do
524 echo "\${PROMPT}\\c " 1>&2
525 read key
526 [ -z "\$key" ] && key=\$DEFAULT
527 case \$key in
528 [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c"
529 exit 0 ;;
530 \\?) echo \$HELP_PROMPT 1>&2 ;;
531 q|quit) echo "q\\c" 1>&2
532 exit 3 ;;
533 esac
534done
535
536}
537
538_EOF
539
Damien Miller223897a2006-09-12 21:54:10 +1000540if [ $DO_SMF -eq 1 ]
541then
542 # This could get hairy, as the running sshd may not be under SMF.
543 # We'll assume an earlier version of OpenSSH started via SMF.
544 cat >> request << _EOF
545PRE_INS_STOP=no
546POST_INS_START=no
547# determine if should restart the daemon
548if [ -s ${piddir}/sshd.pid ] && \
Tim Ricec3af6d42007-03-01 09:34:52 -0800549 /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
Damien Miller223897a2006-09-12 21:54:10 +1000550then
551 ans=\`ckyorn -d n \
552-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
553 case \$ans in
554 [y,Y]*) PRE_INS_STOP=yes
555 POST_INS_START=yes
556 ;;
557 esac
558
559else
560
561# determine if we should start sshd
562 ans=\`ckyorn -d n \
563-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
564 case \$ans in
565 [y,Y]*) POST_INS_START=yes ;;
566 esac
567fi
568
569# make parameters available to installation service,
570# and so to any other packaging scripts
571cat >\$1 <<!
572PRE_INS_STOP='\$PRE_INS_STOP'
573POST_INS_START='\$POST_INS_START'
574!
575
576_EOF
577else
578 cat >> request << _EOF
Tim Rice6f1f7582004-05-30 21:38:51 -0700579USE_SYM_LINKS=no
580PRE_INS_STOP=no
581POST_INS_START=no
582# Use symbolic links?
583ans=\`ckyorn -d n \
584-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
585case \$ans in
586 [y,Y]*) USE_SYM_LINKS=yes ;;
587esac
588
589# determine if should restart the daemon
590if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
591then
592 ans=\`ckyorn -d n \
593-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
594 case \$ans in
595 [y,Y]*) PRE_INS_STOP=yes
596 POST_INS_START=yes
597 ;;
598 esac
599
600else
601
602# determine if we should start sshd
603 ans=\`ckyorn -d n \
604-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
605 case \$ans in
606 [y,Y]*) POST_INS_START=yes ;;
607 esac
608fi
609
610# make parameters available to installation service,
611# and so to any other packaging scripts
612cat >\$1 <<!
613USE_SYM_LINKS='\$USE_SYM_LINKS'
614PRE_INS_STOP='\$PRE_INS_STOP'
615POST_INS_START='\$POST_INS_START'
616!
617
618_EOF
Damien Miller223897a2006-09-12 21:54:10 +1000619fi
Tim Rice6f1f7582004-05-30 21:38:51 -0700620
621# local request changes here
622[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
623
624cat >> request << _EOF
625exit 0
626
627_EOF
628
629## Next Build our prototype
630echo "Building prototype file..."
631cat >mk-proto.awk << _EOF
632 BEGIN { print "i pkginfo"; print "i depend"; \\
633 print "i preinstall"; print "i postinstall"; \\
634 print "i preremove"; print "i postremove"; \\
635 print "i request"; print "i space"; \\
636 split("$SYSTEM_DIR",sys_files); }
637 {
638 for (dir in sys_files) { if ( \$3 != sys_files[dir] )
639 { if ( \$1 == "s" )
640 { \$5=""; \$6=""; }
641 else
642 { \$5="root"; \$6="sys"; }
643 }
644 else
645 { \$4="?"; \$5="?"; \$6="?"; break;}
646 } }
647 { print; }
648_EOF
649
650find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
Tim Rice77674b12006-10-06 18:49:36 -0700651 pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype
Tim Rice6f1f7582004-05-30 21:38:51 -0700652
653# /usr/local is a symlink on some systems
654[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
655 grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
656 mv prototype.new prototype
657}
658
659## Step back a directory and now build the package.
660cd ..
661# local prototype tweeks here
662[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
663
664echo "Building package.."
665pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
Tim Ricea5757f02004-07-01 20:41:15 -0700666echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
Tim Rice6f1f7582004-05-30 21:38:51 -0700667 ;;
668
669 justpkg.sh)
670rm -fr ${FAKE_ROOT}/${PKGNAME}
671grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
672mv $$tmp $FAKE_ROOT/pkginfo
673cat >> $FAKE_ROOT/pkginfo << _EOF
674PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
675_EOF
676pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
Tim Ricea5757f02004-07-01 20:41:15 -0700677echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
Tim Rice6f1f7582004-05-30 21:38:51 -0700678 ;;
679
680esac
681
682[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT
Tim Rice2d2b9f72004-05-30 21:48:40 -0700683exit 0
Tim Rice6f1f7582004-05-30 21:38:51 -0700684