Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # Fake Root Solaris/SVR4/SVR5 Build System - Prototype |
| 4 | # |
| 5 | # The following code has been provide under Public Domain License. I really |
| 6 | # don't care what you use it for. Just as long as you don't complain to me |
| 7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) |
| 8 | # |
| 9 | umask 022 |
| 10 | # |
| 11 | # Options for building the package |
| 12 | # You can create a openssh-config.local with your customized options |
| 13 | # |
| 14 | REMOVE_FAKE_ROOT_WHEN_DONE=yes |
| 15 | # |
| 16 | # uncommenting TEST_DIR and using |
| 17 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty |
| 18 | # and |
| 19 | # PKGNAME=tOpenSSH should allow testing a package without interfering |
| 20 | # with a real OpenSSH package on a system. This is not needed on systems |
| 21 | # that support the -R option to pkgadd. |
| 22 | #TEST_DIR=/var/tmp # leave commented out for production build |
| 23 | PKGNAME=OpenSSH |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 24 | # revisions within the same version (REV=a) |
| 25 | #REV= |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 26 | SYSVINIT_NAME=opensshd |
Tim Rice | 77674b1 | 2006-10-06 18:49:36 -0700 | [diff] [blame] | 27 | AWK=${AWK:="nawk"} |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 28 | MAKE=${MAKE:="make"} |
| 29 | SSHDUID=67 # Default privsep uid |
| 30 | SSHDGID=67 # Default privsep gid |
| 31 | # uncomment these next three as needed |
| 32 | #PERMIT_ROOT_LOGIN=no |
| 33 | #X11_FORWARDING=yes |
| 34 | #USR_LOCAL_IS_SYMLINK=yes |
| 35 | # System V init run levels |
| 36 | SYSVINITSTART=S98 |
| 37 | SYSVINITSTOPT=K30 |
| 38 | # We will source these if they exist |
Tim Rice | bf209f5 | 2006-02-13 12:46:44 -0800 | [diff] [blame] | 39 | POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 40 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
| 41 | # We'll be one level deeper looking for these |
| 42 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local |
| 43 | PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local |
| 44 | PKG_PREREMOVE_LOCAL=../pkg-preremove.local |
| 45 | PKG_POSTREMOVE_LOCAL=../pkg-postremove.local |
| 46 | PKG_REQUEST_LOCAL=../pkg-request.local |
| 47 | # end of sourced files |
| 48 | # |
Tim Rice | 5af9db9 | 2004-06-19 19:31:06 -0700 | [diff] [blame] | 49 | OPENSSHD=opensshd.init |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 50 | OPENSSH_MANIFEST=openssh.xml |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 51 | OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 52 | |
| 53 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ |
| 54 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ |
| 55 | PATH_PASSWD_PROG=@PATH_PASSWD_PROG@ |
| 56 | # |
| 57 | # list of system directories we do NOT want to change owner/group/perms |
| 58 | # when installing our package |
| 59 | SYSTEM_DIR="/etc \ |
| 60 | /etc/init.d \ |
| 61 | /etc/rcS.d \ |
| 62 | /etc/rc0.d \ |
| 63 | /etc/rc1.d \ |
| 64 | /etc/rc2.d \ |
| 65 | /etc/opt \ |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 66 | /lib \ |
| 67 | /lib/svc \ |
| 68 | /lib/svc/method \ |
| 69 | /lib/svc/method/site \ |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 70 | /opt \ |
| 71 | /opt/bin \ |
| 72 | /usr \ |
| 73 | /usr/bin \ |
| 74 | /usr/lib \ |
| 75 | /usr/sbin \ |
| 76 | /usr/share \ |
| 77 | /usr/share/man \ |
| 78 | /usr/share/man/man1 \ |
| 79 | /usr/share/man/man8 \ |
| 80 | /usr/local \ |
| 81 | /usr/local/bin \ |
| 82 | /usr/local/etc \ |
| 83 | /usr/local/libexec \ |
| 84 | /usr/local/man \ |
| 85 | /usr/local/man/man1 \ |
| 86 | /usr/local/man/man8 \ |
| 87 | /usr/local/sbin \ |
| 88 | /usr/local/share \ |
| 89 | /var \ |
| 90 | /var/opt \ |
| 91 | /var/run \ |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 92 | /var/svc \ |
| 93 | /var/svc/manifest \ |
| 94 | /var/svc/manifest/site \ |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 95 | /var/tmp \ |
| 96 | /tmp" |
| 97 | |
| 98 | # We may need to build as root so we make sure PATH is set up |
| 99 | # only set the path if it's not set already |
| 100 | [ -d /opt/bin ] && { |
| 101 | echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 |
| 102 | [ $? -ne 0 ] && PATH=$PATH:/opt/bin |
| 103 | } |
| 104 | [ -d /usr/local/bin ] && { |
| 105 | echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 |
| 106 | [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin |
| 107 | } |
| 108 | [ -d /usr/ccs/bin ] && { |
| 109 | echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 |
| 110 | [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin |
| 111 | } |
| 112 | export PATH |
| 113 | # |
| 114 | |
| 115 | [ -f Makefile ] || { |
| 116 | echo "Please run this script from your build directory" |
| 117 | exit 1 |
| 118 | } |
| 119 | |
| 120 | # we will look for openssh-config.local to override the above options |
| 121 | [ -s ./openssh-config.local ] && . ./openssh-config.local |
| 122 | |
| 123 | START=`pwd` |
| 124 | FAKE_ROOT=$START/pkg |
| 125 | |
| 126 | ## Fill in some details, like prefix and sysconfdir |
| 127 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir |
| 128 | do |
| 129 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` |
| 130 | done |
| 131 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 132 | ## Are we using Solaris' SMF? |
| 133 | DO_SMF=0 |
| 134 | if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 |
| 135 | then |
| 136 | DO_SMF=1 |
| 137 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 138 | |
| 139 | ## Collect value of privsep user |
| 140 | for confvar in SSH_PRIVSEP_USER |
| 141 | do |
| 142 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` |
| 143 | done |
| 144 | |
| 145 | ## Set privsep defaults if not defined |
| 146 | if [ -z "$SSH_PRIVSEP_USER" ] |
| 147 | then |
| 148 | SSH_PRIVSEP_USER=sshd |
| 149 | fi |
| 150 | |
| 151 | ## Extract common info requires for the 'info' part of the package. |
| 152 | VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` |
| 153 | |
| 154 | ARCH=`uname -m` |
| 155 | DEF_MSG="\n" |
| 156 | OS_VER=`uname -v` |
| 157 | SCRIPT_SHELL=/sbin/sh |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 158 | UNAME_R=`uname -r` |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 159 | UNAME_S=`uname -s` |
| 160 | case ${UNAME_S} in |
| 161 | SunOS) UNAME_S=Solaris |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 162 | OS_VER=${UNAME_R} |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 163 | ARCH=`uname -p` |
| 164 | RCS_D=yes |
| 165 | DEF_MSG="(default: n)" |
| 166 | ;; |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 167 | SCO_SV) case ${UNAME_R} in |
| 168 | 3.2) UNAME_S=OpenServer5 |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 169 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 170 | ;; |
| 171 | 5) UNAME_S=OpenServer6 |
| 172 | ;; |
| 173 | esac |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 174 | SCRIPT_SHELL=/bin/sh |
| 175 | RC1_D=no |
| 176 | DEF_MSG="(default: n)" |
| 177 | ;; |
| 178 | esac |
| 179 | |
| 180 | case `basename $0` in |
| 181 | buildpkg.sh) |
| 182 | ## Start by faking root install |
| 183 | echo "Faking root install..." |
| 184 | [ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT |
| 185 | mkdir $FAKE_ROOT |
| 186 | ${MAKE} install-nokeys DESTDIR=$FAKE_ROOT |
| 187 | if [ $? -gt 0 ] |
| 188 | then |
| 189 | echo "Fake root install failed, stopping." |
| 190 | exit 1 |
| 191 | fi |
| 192 | |
| 193 | ## Setup our run level stuff while we are at it. |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 194 | if [ $DO_SMF -eq 1 ] |
| 195 | then |
| 196 | # For Solaris' SMF, /lib/svc/method/site is the preferred place |
| 197 | # for start/stop scripts that aren't supplied with the OS, and |
| 198 | # similarly /var/svc/manifest/site for manifests. |
| 199 | mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site |
| 200 | mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 201 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 202 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} |
| 203 | chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} |
| 204 | |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 205 | cat ${OPENSSH_MANIFEST} | sed "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \ |
| 206 | > $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml |
| 207 | chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 208 | else |
| 209 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d |
| 210 | |
| 211 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
| 212 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
| 213 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 214 | |
| 215 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ |
| 216 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
| 217 | $FAKE_ROOT/${sysconfdir}/sshd_config |
| 218 | [ "${X11_FORWARDING}" = yes ] && \ |
| 219 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ |
| 220 | $FAKE_ROOT/${sysconfdir}/sshd_config |
| 221 | # fix PrintMotd |
| 222 | perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ |
| 223 | $FAKE_ROOT/${sysconfdir}/sshd_config |
| 224 | |
| 225 | # We don't want to overwrite config files on multiple installs |
| 226 | mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default |
| 227 | mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default |
| 228 | [ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \ |
| 229 | mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default |
| 230 | |
| 231 | # local tweeks here |
| 232 | [ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} |
| 233 | |
| 234 | cd $FAKE_ROOT |
| 235 | |
| 236 | ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk |
| 237 | ## whining. |
| 238 | for i in *; do |
| 239 | PROTO_ARGS="$PROTO_ARGS $i=/$i"; |
| 240 | done |
| 241 | |
| 242 | ## Build info file |
| 243 | echo "Building pkginfo file..." |
| 244 | cat > pkginfo << _EOF |
| 245 | PKG=$PKGNAME |
| 246 | NAME="OpenSSH Portable for ${UNAME_S}" |
| 247 | DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." |
| 248 | VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" |
| 249 | ARCH=$ARCH |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 250 | VERSION=$VERSION$REV |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 251 | CATEGORY="Security,application" |
| 252 | BASEDIR=/ |
| 253 | CLASSES="none" |
| 254 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" |
| 255 | _EOF |
| 256 | |
| 257 | ## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS |
| 258 | echo "Building depend file..." |
| 259 | touch depend |
| 260 | |
| 261 | ## Build space file |
| 262 | echo "Building space file..." |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 263 | if [ $DO_SMF -eq 1 ] |
| 264 | then |
| 265 | # XXX Is this necessary? If not, remove space line from mk-proto.awk. |
| 266 | touch space |
| 267 | else |
| 268 | cat > space << _EOF |
| 269 | # extra space required by start/stop links added by installf |
| 270 | # in postinstall |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 271 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 |
| 272 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 |
| 273 | _EOF |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 274 | [ "$RC1_D" = no ] || \ |
| 275 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
| 276 | [ "$RCS_D" = yes ] && \ |
| 277 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
| 278 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 279 | |
| 280 | ## Build preinstall file |
| 281 | echo "Building preinstall file..." |
| 282 | cat > preinstall << _EOF |
| 283 | #! ${SCRIPT_SHELL} |
| 284 | # |
| 285 | _EOF |
| 286 | |
| 287 | # local preinstall changes here |
| 288 | [ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} |
| 289 | |
| 290 | cat >> preinstall << _EOF |
| 291 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 292 | if [ "\${PRE_INS_STOP}" = "yes" ] |
| 293 | then |
| 294 | if [ $DO_SMF -eq 1 ] |
| 295 | then |
| 296 | svcadm disable $OPENSSH_FMRI |
| 297 | else |
| 298 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop |
| 299 | fi |
| 300 | fi |
| 301 | |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 302 | exit 0 |
| 303 | _EOF |
| 304 | |
| 305 | ## Build postinstall file |
| 306 | echo "Building postinstall file..." |
| 307 | cat > postinstall << _EOF |
| 308 | #! ${SCRIPT_SHELL} |
| 309 | # |
| 310 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ |
| 311 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ |
| 312 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config |
| 313 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ |
| 314 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ |
| 315 | \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config |
| 316 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && { |
| 317 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\ |
| 318 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\ |
| 319 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds |
| 320 | } |
| 321 | |
| 322 | # make rc?.d dirs only if we are doing a test install |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 323 | [ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 324 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d |
| 325 | mkdir -p ${TEST_DIR}/etc/rc0.d |
| 326 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d |
| 327 | mkdir -p ${TEST_DIR}/etc/rc2.d |
| 328 | } |
| 329 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 330 | if [ $DO_SMF -eq 1 ] |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 331 | then |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 332 | # Delete the existing service, if it exists, then import the |
| 333 | # new one. |
| 334 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
| 335 | then |
| 336 | svccfg delete -f $OPENSSH_FMRI |
| 337 | fi |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 338 | # NOTE, The manifest disables sshd by default. |
| 339 | svccfg import ${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 340 | else |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 341 | if [ "\${USE_SYM_LINKS}" = yes ] |
| 342 | then |
| 343 | [ "$RCS_D" = yes ] && \ |
| 344 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 345 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 346 | [ "$RC1_D" = no ] || \ |
| 347 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 348 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 349 | else |
| 350 | [ "$RCS_D" = yes ] && \ |
| 351 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 352 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 353 | [ "$RC1_D" = no ] || \ |
| 354 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 355 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 356 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 357 | fi |
| 358 | |
| 359 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) |
| 360 | [ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys |
| 361 | |
| 362 | _EOF |
| 363 | |
| 364 | # local postinstall changes here |
| 365 | [ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} |
| 366 | |
| 367 | cat >> postinstall << _EOF |
| 368 | installf -f ${PKGNAME} |
| 369 | |
| 370 | # Use chroot to handle PKG_INSTALL_ROOT |
| 371 | if [ ! -z "\${PKG_INSTALL_ROOT}" ] |
| 372 | then |
| 373 | chroot="chroot \${PKG_INSTALL_ROOT}" |
| 374 | fi |
| 375 | # If this is a test build, we will skip the groupadd/useradd/passwd commands |
| 376 | if [ ! -z "${TEST_DIR}" ] |
| 377 | then |
| 378 | chroot=echo |
| 379 | fi |
| 380 | |
Darren Tucker | 733a292 | 2006-09-09 20:41:25 +1000 | [diff] [blame] | 381 | echo "PrivilegeSeparation user always required." |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 382 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 383 | then |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 384 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." |
| 385 | SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` |
| 386 | SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 387 | else |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 388 | DO_PASSWD=yes |
| 389 | fi |
| 390 | [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER |
| 391 | |
| 392 | # group required? |
| 393 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null |
| 394 | then |
| 395 | echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." |
| 396 | else |
| 397 | DO_GROUP=yes |
| 398 | fi |
| 399 | |
| 400 | # create group if required |
| 401 | [ "\$DO_GROUP" = yes ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 402 | # Use gid of 67 if possible |
| 403 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null |
| 404 | then |
| 405 | : |
| 406 | else |
| 407 | sshdgid="-g $SSHDGID" |
| 408 | fi |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 409 | echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." |
| 410 | \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP |
| 411 | } |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 412 | |
| 413 | # Create user if required |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 414 | [ "\$DO_PASSWD" = yes ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 415 | # Use uid of 67 if possible |
Tim Rice | 8db70e2 | 2005-12-28 14:28:08 -0800 | [diff] [blame] | 416 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 417 | then |
| 418 | : |
| 419 | else |
| 420 | sshduid="-u $SSHDUID" |
| 421 | fi |
| 422 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." |
| 423 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER |
| 424 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 425 | } |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 426 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 427 | if [ "\${POST_INS_START}" = "yes" ] |
| 428 | then |
| 429 | if [ $DO_SMF -eq 1 ] |
| 430 | then |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 431 | svcadm enable $OPENSSH_FMRI |
| 432 | else |
| 433 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start |
| 434 | fi |
| 435 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 436 | exit 0 |
| 437 | _EOF |
| 438 | |
| 439 | ## Build preremove file |
| 440 | echo "Building preremove file..." |
| 441 | cat > preremove << _EOF |
| 442 | #! ${SCRIPT_SHELL} |
| 443 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 444 | if [ $DO_SMF -eq 1 ] |
| 445 | then |
| 446 | svcadm disable $OPENSSH_FMRI |
| 447 | else |
| 448 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop |
| 449 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 450 | _EOF |
| 451 | |
| 452 | # local preremove changes here |
| 453 | [ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} |
| 454 | |
| 455 | cat >> preremove << _EOF |
| 456 | exit 0 |
| 457 | _EOF |
| 458 | |
| 459 | ## Build postremove file |
| 460 | echo "Building postremove file..." |
| 461 | cat > postremove << _EOF |
| 462 | #! ${SCRIPT_SHELL} |
| 463 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 464 | if [ $DO_SMF -eq 1 ] |
| 465 | then |
| 466 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
| 467 | then |
| 468 | svccfg delete -f $OPENSSH_FMRI |
| 469 | fi |
| 470 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 471 | _EOF |
| 472 | |
| 473 | # local postremove changes here |
| 474 | [ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} |
| 475 | |
| 476 | cat >> postremove << _EOF |
| 477 | exit 0 |
| 478 | _EOF |
| 479 | |
| 480 | ## Build request file |
| 481 | echo "Building request file..." |
| 482 | cat > request << _EOF |
| 483 | trap 'exit 3' 15 |
| 484 | |
| 485 | _EOF |
| 486 | |
| 487 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF |
| 488 | |
| 489 | ckyorn() { |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 490 | # for some strange reason OpenServer5 has no ckyorn |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 491 | # We build a striped down version here |
| 492 | |
| 493 | DEFAULT=n |
| 494 | PROMPT="Yes or No [yes,no,?,quit]" |
| 495 | HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." |
| 496 | USAGE="usage: ckyorn [options] |
| 497 | where options may include: |
| 498 | -d default |
| 499 | -h help |
| 500 | -p prompt |
| 501 | " |
| 502 | |
| 503 | if [ \$# != 0 ] |
| 504 | then |
| 505 | while getopts d:p:h: c |
| 506 | do |
| 507 | case \$c in |
| 508 | h) HELP_PROMPT="\$OPTARG" ;; |
| 509 | d) DEFAULT=\$OPTARG ;; |
| 510 | p) PROMPT=\$OPTARG ;; |
| 511 | \\?) echo "\$USAGE" 1>&2 |
| 512 | exit 1 ;; |
| 513 | esac |
| 514 | done |
| 515 | shift \`expr \$OPTIND - 1\` |
| 516 | fi |
| 517 | |
| 518 | while true |
| 519 | do |
| 520 | echo "\${PROMPT}\\c " 1>&2 |
| 521 | read key |
| 522 | [ -z "\$key" ] && key=\$DEFAULT |
| 523 | case \$key in |
| 524 | [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" |
| 525 | exit 0 ;; |
| 526 | \\?) echo \$HELP_PROMPT 1>&2 ;; |
| 527 | q|quit) echo "q\\c" 1>&2 |
| 528 | exit 3 ;; |
| 529 | esac |
| 530 | done |
| 531 | |
| 532 | } |
| 533 | |
| 534 | _EOF |
| 535 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 536 | if [ $DO_SMF -eq 1 ] |
| 537 | then |
| 538 | # This could get hairy, as the running sshd may not be under SMF. |
| 539 | # We'll assume an earlier version of OpenSSH started via SMF. |
| 540 | cat >> request << _EOF |
| 541 | PRE_INS_STOP=no |
| 542 | POST_INS_START=no |
| 543 | # determine if should restart the daemon |
| 544 | if [ -s ${piddir}/sshd.pid ] && \ |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 545 | /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 546 | then |
| 547 | ans=\`ckyorn -d n \ |
| 548 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? |
| 549 | case \$ans in |
| 550 | [y,Y]*) PRE_INS_STOP=yes |
| 551 | POST_INS_START=yes |
| 552 | ;; |
| 553 | esac |
| 554 | |
| 555 | else |
| 556 | |
| 557 | # determine if we should start sshd |
| 558 | ans=\`ckyorn -d n \ |
| 559 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? |
| 560 | case \$ans in |
| 561 | [y,Y]*) POST_INS_START=yes ;; |
| 562 | esac |
| 563 | fi |
| 564 | |
| 565 | # make parameters available to installation service, |
| 566 | # and so to any other packaging scripts |
| 567 | cat >\$1 <<! |
| 568 | PRE_INS_STOP='\$PRE_INS_STOP' |
| 569 | POST_INS_START='\$POST_INS_START' |
| 570 | ! |
| 571 | |
| 572 | _EOF |
| 573 | else |
| 574 | cat >> request << _EOF |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 575 | USE_SYM_LINKS=no |
| 576 | PRE_INS_STOP=no |
| 577 | POST_INS_START=no |
| 578 | # Use symbolic links? |
| 579 | ans=\`ckyorn -d n \ |
| 580 | -p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? |
| 581 | case \$ans in |
| 582 | [y,Y]*) USE_SYM_LINKS=yes ;; |
| 583 | esac |
| 584 | |
| 585 | # determine if should restart the daemon |
| 586 | if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] |
| 587 | then |
| 588 | ans=\`ckyorn -d n \ |
| 589 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? |
| 590 | case \$ans in |
| 591 | [y,Y]*) PRE_INS_STOP=yes |
| 592 | POST_INS_START=yes |
| 593 | ;; |
| 594 | esac |
| 595 | |
| 596 | else |
| 597 | |
| 598 | # determine if we should start sshd |
| 599 | ans=\`ckyorn -d n \ |
| 600 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? |
| 601 | case \$ans in |
| 602 | [y,Y]*) POST_INS_START=yes ;; |
| 603 | esac |
| 604 | fi |
| 605 | |
| 606 | # make parameters available to installation service, |
| 607 | # and so to any other packaging scripts |
| 608 | cat >\$1 <<! |
| 609 | USE_SYM_LINKS='\$USE_SYM_LINKS' |
| 610 | PRE_INS_STOP='\$PRE_INS_STOP' |
| 611 | POST_INS_START='\$POST_INS_START' |
| 612 | ! |
| 613 | |
| 614 | _EOF |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 615 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 616 | |
| 617 | # local request changes here |
| 618 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} |
| 619 | |
| 620 | cat >> request << _EOF |
| 621 | exit 0 |
| 622 | |
| 623 | _EOF |
| 624 | |
| 625 | ## Next Build our prototype |
| 626 | echo "Building prototype file..." |
| 627 | cat >mk-proto.awk << _EOF |
| 628 | BEGIN { print "i pkginfo"; print "i depend"; \\ |
| 629 | print "i preinstall"; print "i postinstall"; \\ |
| 630 | print "i preremove"; print "i postremove"; \\ |
| 631 | print "i request"; print "i space"; \\ |
| 632 | split("$SYSTEM_DIR",sys_files); } |
| 633 | { |
| 634 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) |
| 635 | { if ( \$1 == "s" ) |
| 636 | { \$5=""; \$6=""; } |
| 637 | else |
| 638 | { \$5="root"; \$6="sys"; } |
| 639 | } |
| 640 | else |
| 641 | { \$4="?"; \$5="?"; \$6="?"; break;} |
| 642 | } } |
| 643 | { print; } |
| 644 | _EOF |
| 645 | |
| 646 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ |
Tim Rice | 77674b1 | 2006-10-06 18:49:36 -0700 | [diff] [blame] | 647 | pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 648 | |
| 649 | # /usr/local is a symlink on some systems |
| 650 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { |
| 651 | grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new |
| 652 | mv prototype.new prototype |
| 653 | } |
| 654 | |
| 655 | ## Step back a directory and now build the package. |
| 656 | cd .. |
| 657 | # local prototype tweeks here |
| 658 | [ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} |
| 659 | |
| 660 | echo "Building package.." |
| 661 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 662 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 663 | ;; |
| 664 | |
| 665 | justpkg.sh) |
| 666 | rm -fr ${FAKE_ROOT}/${PKGNAME} |
| 667 | grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp |
| 668 | mv $$tmp $FAKE_ROOT/pkginfo |
| 669 | cat >> $FAKE_ROOT/pkginfo << _EOF |
| 670 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" |
| 671 | _EOF |
| 672 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 673 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 674 | ;; |
| 675 | |
| 676 | esac |
| 677 | |
| 678 | [ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT |
Tim Rice | 2d2b9f7 | 2004-05-30 21:48:40 -0700 | [diff] [blame] | 679 | exit 0 |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 680 | |