Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 1 | #!/bin/sh |
| 2 | # |
| 3 | # Fake Root Solaris/SVR4/SVR5 Build System - Prototype |
| 4 | # |
| 5 | # The following code has been provide under Public Domain License. I really |
| 6 | # don't care what you use it for. Just as long as you don't complain to me |
| 7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) |
| 8 | # |
| 9 | umask 022 |
| 10 | # |
| 11 | # Options for building the package |
| 12 | # You can create a openssh-config.local with your customized options |
| 13 | # |
| 14 | REMOVE_FAKE_ROOT_WHEN_DONE=yes |
| 15 | # |
| 16 | # uncommenting TEST_DIR and using |
| 17 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty |
| 18 | # and |
| 19 | # PKGNAME=tOpenSSH should allow testing a package without interfering |
| 20 | # with a real OpenSSH package on a system. This is not needed on systems |
| 21 | # that support the -R option to pkgadd. |
| 22 | #TEST_DIR=/var/tmp # leave commented out for production build |
| 23 | PKGNAME=OpenSSH |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 24 | # revisions within the same version (REV=a) |
| 25 | #REV= |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 26 | SYSVINIT_NAME=opensshd |
Tim Rice | 77674b1 | 2006-10-06 18:49:36 -0700 | [diff] [blame] | 27 | AWK=${AWK:="nawk"} |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 28 | MAKE=${MAKE:="make"} |
| 29 | SSHDUID=67 # Default privsep uid |
| 30 | SSHDGID=67 # Default privsep gid |
| 31 | # uncomment these next three as needed |
| 32 | #PERMIT_ROOT_LOGIN=no |
| 33 | #X11_FORWARDING=yes |
| 34 | #USR_LOCAL_IS_SYMLINK=yes |
| 35 | # System V init run levels |
| 36 | SYSVINITSTART=S98 |
| 37 | SYSVINITSTOPT=K30 |
| 38 | # We will source these if they exist |
Tim Rice | bf209f5 | 2006-02-13 12:46:44 -0800 | [diff] [blame] | 39 | POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 40 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
| 41 | # We'll be one level deeper looking for these |
| 42 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local |
| 43 | PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local |
| 44 | PKG_PREREMOVE_LOCAL=../pkg-preremove.local |
| 45 | PKG_POSTREMOVE_LOCAL=../pkg-postremove.local |
| 46 | PKG_REQUEST_LOCAL=../pkg-request.local |
| 47 | # end of sourced files |
| 48 | # |
Tim Rice | 5af9db9 | 2004-06-19 19:31:06 -0700 | [diff] [blame] | 49 | OPENSSHD=opensshd.init |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 50 | OPENSSH_MANIFEST=openssh.xml |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 51 | OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default |
Tim Rice | ffe3a8e | 2007-07-24 21:16:07 -0700 | [diff] [blame] | 52 | SMF_METHOD_DIR=/lib/svc/method/site |
| 53 | SMF_MANIFEST_DIR=/var/svc/manifest/site |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 54 | |
| 55 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ |
| 56 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ |
| 57 | PATH_PASSWD_PROG=@PATH_PASSWD_PROG@ |
| 58 | # |
| 59 | # list of system directories we do NOT want to change owner/group/perms |
| 60 | # when installing our package |
| 61 | SYSTEM_DIR="/etc \ |
| 62 | /etc/init.d \ |
| 63 | /etc/rcS.d \ |
| 64 | /etc/rc0.d \ |
| 65 | /etc/rc1.d \ |
| 66 | /etc/rc2.d \ |
| 67 | /etc/opt \ |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 68 | /lib \ |
| 69 | /lib/svc \ |
| 70 | /lib/svc/method \ |
| 71 | /lib/svc/method/site \ |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 72 | /opt \ |
| 73 | /opt/bin \ |
| 74 | /usr \ |
| 75 | /usr/bin \ |
| 76 | /usr/lib \ |
| 77 | /usr/sbin \ |
| 78 | /usr/share \ |
| 79 | /usr/share/man \ |
| 80 | /usr/share/man/man1 \ |
| 81 | /usr/share/man/man8 \ |
| 82 | /usr/local \ |
| 83 | /usr/local/bin \ |
| 84 | /usr/local/etc \ |
| 85 | /usr/local/libexec \ |
| 86 | /usr/local/man \ |
| 87 | /usr/local/man/man1 \ |
| 88 | /usr/local/man/man8 \ |
| 89 | /usr/local/sbin \ |
| 90 | /usr/local/share \ |
| 91 | /var \ |
| 92 | /var/opt \ |
| 93 | /var/run \ |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 94 | /var/svc \ |
| 95 | /var/svc/manifest \ |
| 96 | /var/svc/manifest/site \ |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 97 | /var/tmp \ |
| 98 | /tmp" |
| 99 | |
| 100 | # We may need to build as root so we make sure PATH is set up |
| 101 | # only set the path if it's not set already |
| 102 | [ -d /opt/bin ] && { |
| 103 | echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 |
| 104 | [ $? -ne 0 ] && PATH=$PATH:/opt/bin |
| 105 | } |
| 106 | [ -d /usr/local/bin ] && { |
| 107 | echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 |
| 108 | [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin |
| 109 | } |
| 110 | [ -d /usr/ccs/bin ] && { |
| 111 | echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 |
| 112 | [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin |
| 113 | } |
| 114 | export PATH |
| 115 | # |
| 116 | |
| 117 | [ -f Makefile ] || { |
| 118 | echo "Please run this script from your build directory" |
| 119 | exit 1 |
| 120 | } |
| 121 | |
| 122 | # we will look for openssh-config.local to override the above options |
| 123 | [ -s ./openssh-config.local ] && . ./openssh-config.local |
| 124 | |
| 125 | START=`pwd` |
| 126 | FAKE_ROOT=$START/pkg |
| 127 | |
| 128 | ## Fill in some details, like prefix and sysconfdir |
| 129 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir |
| 130 | do |
| 131 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` |
| 132 | done |
| 133 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 134 | ## Are we using Solaris' SMF? |
| 135 | DO_SMF=0 |
| 136 | if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 |
| 137 | then |
| 138 | DO_SMF=1 |
| 139 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 140 | |
| 141 | ## Collect value of privsep user |
| 142 | for confvar in SSH_PRIVSEP_USER |
| 143 | do |
| 144 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` |
| 145 | done |
| 146 | |
| 147 | ## Set privsep defaults if not defined |
| 148 | if [ -z "$SSH_PRIVSEP_USER" ] |
| 149 | then |
| 150 | SSH_PRIVSEP_USER=sshd |
| 151 | fi |
| 152 | |
| 153 | ## Extract common info requires for the 'info' part of the package. |
| 154 | VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` |
| 155 | |
| 156 | ARCH=`uname -m` |
| 157 | DEF_MSG="\n" |
| 158 | OS_VER=`uname -v` |
| 159 | SCRIPT_SHELL=/sbin/sh |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 160 | UNAME_R=`uname -r` |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 161 | UNAME_S=`uname -s` |
| 162 | case ${UNAME_S} in |
| 163 | SunOS) UNAME_S=Solaris |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 164 | OS_VER=${UNAME_R} |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 165 | ARCH=`uname -p` |
| 166 | RCS_D=yes |
| 167 | DEF_MSG="(default: n)" |
| 168 | ;; |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 169 | SCO_SV) case ${UNAME_R} in |
| 170 | 3.2) UNAME_S=OpenServer5 |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 171 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 172 | ;; |
| 173 | 5) UNAME_S=OpenServer6 |
| 174 | ;; |
| 175 | esac |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 176 | SCRIPT_SHELL=/bin/sh |
| 177 | RC1_D=no |
| 178 | DEF_MSG="(default: n)" |
| 179 | ;; |
| 180 | esac |
| 181 | |
| 182 | case `basename $0` in |
| 183 | buildpkg.sh) |
| 184 | ## Start by faking root install |
| 185 | echo "Faking root install..." |
| 186 | [ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT |
| 187 | mkdir $FAKE_ROOT |
| 188 | ${MAKE} install-nokeys DESTDIR=$FAKE_ROOT |
| 189 | if [ $? -gt 0 ] |
| 190 | then |
| 191 | echo "Fake root install failed, stopping." |
| 192 | exit 1 |
| 193 | fi |
| 194 | |
| 195 | ## Setup our run level stuff while we are at it. |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 196 | if [ $DO_SMF -eq 1 ] |
| 197 | then |
| 198 | # For Solaris' SMF, /lib/svc/method/site is the preferred place |
| 199 | # for start/stop scripts that aren't supplied with the OS, and |
| 200 | # similarly /var/svc/manifest/site for manifests. |
Tim Rice | ffe3a8e | 2007-07-24 21:16:07 -0700 | [diff] [blame] | 201 | mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR} |
| 202 | mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR} |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 203 | |
Tim Rice | ffe3a8e | 2007-07-24 21:16:07 -0700 | [diff] [blame] | 204 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} |
| 205 | chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 206 | |
Tim Rice | ffe3a8e | 2007-07-24 21:16:07 -0700 | [diff] [blame] | 207 | cat ${OPENSSH_MANIFEST} | \ |
| 208 | sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \ |
| 209 | -e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \ |
| 210 | > $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml |
| 211 | chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 212 | else |
| 213 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d |
| 214 | |
| 215 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
| 216 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
| 217 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 218 | |
| 219 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ |
| 220 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
Tim Rice | cd22d30 | 2007-07-24 21:40:59 -0700 | [diff] [blame] | 221 | $FAKE_ROOT${sysconfdir}/sshd_config |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 222 | [ "${X11_FORWARDING}" = yes ] && \ |
| 223 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ |
Tim Rice | cd22d30 | 2007-07-24 21:40:59 -0700 | [diff] [blame] | 224 | $FAKE_ROOT${sysconfdir}/sshd_config |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 225 | # fix PrintMotd |
| 226 | perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ |
Tim Rice | cd22d30 | 2007-07-24 21:40:59 -0700 | [diff] [blame] | 227 | $FAKE_ROOT${sysconfdir}/sshd_config |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 228 | |
| 229 | # We don't want to overwrite config files on multiple installs |
Tim Rice | cd22d30 | 2007-07-24 21:40:59 -0700 | [diff] [blame] | 230 | mv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default |
| 231 | mv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 232 | |
| 233 | # local tweeks here |
| 234 | [ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} |
| 235 | |
| 236 | cd $FAKE_ROOT |
| 237 | |
| 238 | ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk |
| 239 | ## whining. |
| 240 | for i in *; do |
| 241 | PROTO_ARGS="$PROTO_ARGS $i=/$i"; |
| 242 | done |
| 243 | |
| 244 | ## Build info file |
| 245 | echo "Building pkginfo file..." |
| 246 | cat > pkginfo << _EOF |
| 247 | PKG=$PKGNAME |
| 248 | NAME="OpenSSH Portable for ${UNAME_S}" |
| 249 | DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." |
| 250 | VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" |
| 251 | ARCH=$ARCH |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 252 | VERSION=$VERSION$REV |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 253 | CATEGORY="Security,application" |
| 254 | BASEDIR=/ |
| 255 | CLASSES="none" |
| 256 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" |
| 257 | _EOF |
| 258 | |
| 259 | ## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS |
| 260 | echo "Building depend file..." |
| 261 | touch depend |
| 262 | |
| 263 | ## Build space file |
| 264 | echo "Building space file..." |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 265 | if [ $DO_SMF -eq 1 ] |
| 266 | then |
| 267 | # XXX Is this necessary? If not, remove space line from mk-proto.awk. |
| 268 | touch space |
| 269 | else |
| 270 | cat > space << _EOF |
| 271 | # extra space required by start/stop links added by installf |
| 272 | # in postinstall |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 273 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 |
| 274 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 |
| 275 | _EOF |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 276 | [ "$RC1_D" = no ] || \ |
| 277 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
| 278 | [ "$RCS_D" = yes ] && \ |
| 279 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
| 280 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 281 | |
| 282 | ## Build preinstall file |
| 283 | echo "Building preinstall file..." |
| 284 | cat > preinstall << _EOF |
| 285 | #! ${SCRIPT_SHELL} |
| 286 | # |
| 287 | _EOF |
| 288 | |
| 289 | # local preinstall changes here |
| 290 | [ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} |
| 291 | |
| 292 | cat >> preinstall << _EOF |
| 293 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 294 | if [ "\${PRE_INS_STOP}" = "yes" ] |
| 295 | then |
| 296 | if [ $DO_SMF -eq 1 ] |
| 297 | then |
| 298 | svcadm disable $OPENSSH_FMRI |
| 299 | else |
| 300 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop |
| 301 | fi |
| 302 | fi |
| 303 | |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 304 | exit 0 |
| 305 | _EOF |
| 306 | |
| 307 | ## Build postinstall file |
| 308 | echo "Building postinstall file..." |
| 309 | cat > postinstall << _EOF |
| 310 | #! ${SCRIPT_SHELL} |
| 311 | # |
| 312 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ |
| 313 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ |
| 314 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config |
| 315 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ |
| 316 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ |
| 317 | \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 318 | |
| 319 | # make rc?.d dirs only if we are doing a test install |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 320 | [ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 321 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d |
| 322 | mkdir -p ${TEST_DIR}/etc/rc0.d |
| 323 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d |
| 324 | mkdir -p ${TEST_DIR}/etc/rc2.d |
| 325 | } |
| 326 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 327 | if [ $DO_SMF -eq 1 ] |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 328 | then |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 329 | # Delete the existing service, if it exists, then import the |
| 330 | # new one. |
| 331 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
| 332 | then |
| 333 | svccfg delete -f $OPENSSH_FMRI |
| 334 | fi |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 335 | # NOTE, The manifest disables sshd by default. |
Tim Rice | ffe3a8e | 2007-07-24 21:16:07 -0700 | [diff] [blame] | 336 | svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 337 | else |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 338 | if [ "\${USE_SYM_LINKS}" = yes ] |
| 339 | then |
| 340 | [ "$RCS_D" = yes ] && \ |
| 341 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 342 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 343 | [ "$RC1_D" = no ] || \ |
| 344 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 345 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
| 346 | else |
| 347 | [ "$RCS_D" = yes ] && \ |
| 348 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 349 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 350 | [ "$RC1_D" = no ] || \ |
| 351 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 352 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l |
| 353 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 354 | fi |
| 355 | |
| 356 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) |
| 357 | [ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys |
| 358 | |
| 359 | _EOF |
| 360 | |
| 361 | # local postinstall changes here |
| 362 | [ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} |
| 363 | |
| 364 | cat >> postinstall << _EOF |
| 365 | installf -f ${PKGNAME} |
| 366 | |
| 367 | # Use chroot to handle PKG_INSTALL_ROOT |
| 368 | if [ ! -z "\${PKG_INSTALL_ROOT}" ] |
| 369 | then |
| 370 | chroot="chroot \${PKG_INSTALL_ROOT}" |
| 371 | fi |
| 372 | # If this is a test build, we will skip the groupadd/useradd/passwd commands |
| 373 | if [ ! -z "${TEST_DIR}" ] |
| 374 | then |
| 375 | chroot=echo |
| 376 | fi |
| 377 | |
Darren Tucker | 733a292 | 2006-09-09 20:41:25 +1000 | [diff] [blame] | 378 | echo "PrivilegeSeparation user always required." |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 379 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 380 | then |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 381 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." |
| 382 | SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` |
| 383 | SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 384 | else |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 385 | DO_PASSWD=yes |
| 386 | fi |
| 387 | [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER |
| 388 | |
| 389 | # group required? |
| 390 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null |
| 391 | then |
| 392 | echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." |
| 393 | else |
| 394 | DO_GROUP=yes |
| 395 | fi |
| 396 | |
| 397 | # create group if required |
| 398 | [ "\$DO_GROUP" = yes ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 399 | # Use gid of 67 if possible |
| 400 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null |
| 401 | then |
| 402 | : |
| 403 | else |
| 404 | sshdgid="-g $SSHDGID" |
| 405 | fi |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 406 | echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." |
| 407 | \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP |
| 408 | } |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 409 | |
| 410 | # Create user if required |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 411 | [ "\$DO_PASSWD" = yes ] && { |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 412 | # Use uid of 67 if possible |
Tim Rice | 8db70e2 | 2005-12-28 14:28:08 -0800 | [diff] [blame] | 413 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 414 | then |
| 415 | : |
| 416 | else |
| 417 | sshduid="-u $SSHDUID" |
| 418 | fi |
| 419 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." |
| 420 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER |
| 421 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 422 | } |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 423 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 424 | if [ "\${POST_INS_START}" = "yes" ] |
| 425 | then |
| 426 | if [ $DO_SMF -eq 1 ] |
| 427 | then |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 428 | svcadm enable $OPENSSH_FMRI |
| 429 | else |
| 430 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start |
| 431 | fi |
| 432 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 433 | exit 0 |
| 434 | _EOF |
| 435 | |
| 436 | ## Build preremove file |
| 437 | echo "Building preremove file..." |
| 438 | cat > preremove << _EOF |
| 439 | #! ${SCRIPT_SHELL} |
| 440 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 441 | if [ $DO_SMF -eq 1 ] |
| 442 | then |
| 443 | svcadm disable $OPENSSH_FMRI |
| 444 | else |
| 445 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop |
| 446 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 447 | _EOF |
| 448 | |
| 449 | # local preremove changes here |
| 450 | [ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} |
| 451 | |
| 452 | cat >> preremove << _EOF |
| 453 | exit 0 |
| 454 | _EOF |
| 455 | |
| 456 | ## Build postremove file |
| 457 | echo "Building postremove file..." |
| 458 | cat > postremove << _EOF |
| 459 | #! ${SCRIPT_SHELL} |
| 460 | # |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 461 | if [ $DO_SMF -eq 1 ] |
| 462 | then |
| 463 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
| 464 | then |
| 465 | svccfg delete -f $OPENSSH_FMRI |
| 466 | fi |
| 467 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 468 | _EOF |
| 469 | |
| 470 | # local postremove changes here |
| 471 | [ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} |
| 472 | |
| 473 | cat >> postremove << _EOF |
| 474 | exit 0 |
| 475 | _EOF |
| 476 | |
| 477 | ## Build request file |
| 478 | echo "Building request file..." |
| 479 | cat > request << _EOF |
| 480 | trap 'exit 3' 15 |
| 481 | |
| 482 | _EOF |
| 483 | |
| 484 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF |
| 485 | |
| 486 | ckyorn() { |
Tim Rice | 09f1093 | 2006-10-06 14:58:38 -0700 | [diff] [blame] | 487 | # for some strange reason OpenServer5 has no ckyorn |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 488 | # We build a striped down version here |
| 489 | |
| 490 | DEFAULT=n |
| 491 | PROMPT="Yes or No [yes,no,?,quit]" |
| 492 | HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." |
| 493 | USAGE="usage: ckyorn [options] |
| 494 | where options may include: |
| 495 | -d default |
| 496 | -h help |
| 497 | -p prompt |
| 498 | " |
| 499 | |
| 500 | if [ \$# != 0 ] |
| 501 | then |
| 502 | while getopts d:p:h: c |
| 503 | do |
| 504 | case \$c in |
| 505 | h) HELP_PROMPT="\$OPTARG" ;; |
| 506 | d) DEFAULT=\$OPTARG ;; |
| 507 | p) PROMPT=\$OPTARG ;; |
| 508 | \\?) echo "\$USAGE" 1>&2 |
| 509 | exit 1 ;; |
| 510 | esac |
| 511 | done |
| 512 | shift \`expr \$OPTIND - 1\` |
| 513 | fi |
| 514 | |
| 515 | while true |
| 516 | do |
| 517 | echo "\${PROMPT}\\c " 1>&2 |
| 518 | read key |
| 519 | [ -z "\$key" ] && key=\$DEFAULT |
| 520 | case \$key in |
| 521 | [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" |
| 522 | exit 0 ;; |
| 523 | \\?) echo \$HELP_PROMPT 1>&2 ;; |
| 524 | q|quit) echo "q\\c" 1>&2 |
| 525 | exit 3 ;; |
| 526 | esac |
| 527 | done |
| 528 | |
| 529 | } |
| 530 | |
| 531 | _EOF |
| 532 | |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 533 | if [ $DO_SMF -eq 1 ] |
| 534 | then |
| 535 | # This could get hairy, as the running sshd may not be under SMF. |
| 536 | # We'll assume an earlier version of OpenSSH started via SMF. |
| 537 | cat >> request << _EOF |
| 538 | PRE_INS_STOP=no |
| 539 | POST_INS_START=no |
| 540 | # determine if should restart the daemon |
| 541 | if [ -s ${piddir}/sshd.pid ] && \ |
Tim Rice | c3af6d4 | 2007-03-01 09:34:52 -0800 | [diff] [blame] | 542 | /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 543 | then |
| 544 | ans=\`ckyorn -d n \ |
| 545 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? |
| 546 | case \$ans in |
| 547 | [y,Y]*) PRE_INS_STOP=yes |
| 548 | POST_INS_START=yes |
| 549 | ;; |
| 550 | esac |
| 551 | |
| 552 | else |
| 553 | |
| 554 | # determine if we should start sshd |
| 555 | ans=\`ckyorn -d n \ |
| 556 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? |
| 557 | case \$ans in |
| 558 | [y,Y]*) POST_INS_START=yes ;; |
| 559 | esac |
| 560 | fi |
| 561 | |
| 562 | # make parameters available to installation service, |
| 563 | # and so to any other packaging scripts |
| 564 | cat >\$1 <<! |
| 565 | PRE_INS_STOP='\$PRE_INS_STOP' |
| 566 | POST_INS_START='\$POST_INS_START' |
| 567 | ! |
| 568 | |
| 569 | _EOF |
| 570 | else |
| 571 | cat >> request << _EOF |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 572 | USE_SYM_LINKS=no |
| 573 | PRE_INS_STOP=no |
| 574 | POST_INS_START=no |
| 575 | # Use symbolic links? |
| 576 | ans=\`ckyorn -d n \ |
| 577 | -p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? |
| 578 | case \$ans in |
| 579 | [y,Y]*) USE_SYM_LINKS=yes ;; |
| 580 | esac |
| 581 | |
| 582 | # determine if should restart the daemon |
| 583 | if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] |
| 584 | then |
| 585 | ans=\`ckyorn -d n \ |
| 586 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? |
| 587 | case \$ans in |
| 588 | [y,Y]*) PRE_INS_STOP=yes |
| 589 | POST_INS_START=yes |
| 590 | ;; |
| 591 | esac |
| 592 | |
| 593 | else |
| 594 | |
| 595 | # determine if we should start sshd |
| 596 | ans=\`ckyorn -d n \ |
| 597 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? |
| 598 | case \$ans in |
| 599 | [y,Y]*) POST_INS_START=yes ;; |
| 600 | esac |
| 601 | fi |
| 602 | |
| 603 | # make parameters available to installation service, |
| 604 | # and so to any other packaging scripts |
| 605 | cat >\$1 <<! |
| 606 | USE_SYM_LINKS='\$USE_SYM_LINKS' |
| 607 | PRE_INS_STOP='\$PRE_INS_STOP' |
| 608 | POST_INS_START='\$POST_INS_START' |
| 609 | ! |
| 610 | |
| 611 | _EOF |
Damien Miller | 223897a | 2006-09-12 21:54:10 +1000 | [diff] [blame] | 612 | fi |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 613 | |
| 614 | # local request changes here |
| 615 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} |
| 616 | |
| 617 | cat >> request << _EOF |
| 618 | exit 0 |
| 619 | |
| 620 | _EOF |
| 621 | |
| 622 | ## Next Build our prototype |
| 623 | echo "Building prototype file..." |
| 624 | cat >mk-proto.awk << _EOF |
| 625 | BEGIN { print "i pkginfo"; print "i depend"; \\ |
| 626 | print "i preinstall"; print "i postinstall"; \\ |
| 627 | print "i preremove"; print "i postremove"; \\ |
| 628 | print "i request"; print "i space"; \\ |
| 629 | split("$SYSTEM_DIR",sys_files); } |
| 630 | { |
| 631 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) |
| 632 | { if ( \$1 == "s" ) |
| 633 | { \$5=""; \$6=""; } |
| 634 | else |
| 635 | { \$5="root"; \$6="sys"; } |
| 636 | } |
| 637 | else |
| 638 | { \$4="?"; \$5="?"; \$6="?"; break;} |
| 639 | } } |
| 640 | { print; } |
| 641 | _EOF |
| 642 | |
| 643 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ |
Tim Rice | 77674b1 | 2006-10-06 18:49:36 -0700 | [diff] [blame] | 644 | pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 645 | |
| 646 | # /usr/local is a symlink on some systems |
| 647 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { |
| 648 | grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new |
| 649 | mv prototype.new prototype |
| 650 | } |
| 651 | |
| 652 | ## Step back a directory and now build the package. |
| 653 | cd .. |
| 654 | # local prototype tweeks here |
| 655 | [ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} |
| 656 | |
| 657 | echo "Building package.." |
| 658 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 659 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 660 | ;; |
| 661 | |
| 662 | justpkg.sh) |
| 663 | rm -fr ${FAKE_ROOT}/${PKGNAME} |
| 664 | grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp |
| 665 | mv $$tmp $FAKE_ROOT/pkginfo |
| 666 | cat >> $FAKE_ROOT/pkginfo << _EOF |
| 667 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" |
| 668 | _EOF |
| 669 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o |
Tim Rice | a5757f0 | 2004-07-01 20:41:15 -0700 | [diff] [blame] | 670 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 671 | ;; |
| 672 | |
| 673 | esac |
| 674 | |
| 675 | [ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT |
Tim Rice | 2d2b9f7 | 2004-05-30 21:48:40 -0700 | [diff] [blame] | 676 | exit 0 |
Tim Rice | 6f1f758 | 2004-05-30 21:38:51 -0700 | [diff] [blame] | 677 | |