[gssapi-openssh.git] / openssh / contrib / solaris / buildpkg.sh

#!/bin/sh
#
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
#
# The following code has been provide under Public Domain License.  I really
# don't care what you use it for.  Just as long as you don't complain to me
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
#
umask 022
#
# Options for building the package
# You can create a config.local with your customized options
#
# uncommenting TEST_DIR and using
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
# and
# PKGNAME=tOpenSSH should allow testing a package without interfering
# with a real OpenSSH package on a system. This is not needed on systems
# that support the -R option to pkgadd.
#TEST_DIR=/var/tmp	# leave commented out for production build
PKGNAME=OpenSSH
SYSVINIT_NAME=opensshd
MAKE=${MAKE:="make"}
SSHDUID=67	# Default privsep uid
SSHDGID=67	# Default privsep gid
# uncomment these next two as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc	\
/etc/init.d		\
/etc/rcS.d		\
/etc/rc0.d		\
/etc/rc1.d		\
/etc/rc2.d		\
/etc/opt		\
/opt			\
/opt/bin		\
/usr			\
/usr/bin		\
/usr/lib		\
/usr/sbin		\
/usr/share		\
/usr/share/man		\
/usr/share/man/man1	\
/usr/share/man/man8	\
/usr/local		\
/usr/local/bin		\
/usr/local/etc		\
/usr/local/libexec	\
/usr/local/man		\
/usr/local/man/man1	\
/usr/local/man/man8	\
/usr/local/sbin		\
/usr/local/share	\
/var			\
/var/opt		\
/var/run		\
/var/tmp		\
/tmp"

# We may need to build as root so we make sure PATH is set up
# only set the path if it's not set already
[ -d /usr/local/bin ]  &&  {
	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
}
[ -d /usr/ccs/bin ]  &&  {
	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
}
export PATH
#

[ -f Makefile ]  ||  {
	echo "Please run this script from your build directory"
	exit 1
}

# we will look for config.local to override the above options
[ -s ./config.local ]  &&  . ./config.local

## Start by faking root install
echo "Faking root install..."
START=`pwd`
OPENSSHD_IN=`dirname $0`/opensshd.in
FAKE_ROOT=$START/package
[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
mkdir $FAKE_ROOT
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
then
	echo "Fake root install failed, stopping."
	exit 1
fi

## Fill in some details, like prefix and sysconfdir
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
do
	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
done


## Collect value of privsep user
for confvar in SSH_PRIVSEP_USER
do
	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
done

## Set privsep defaults if not defined
if [ -z "$SSH_PRIVSEP_USER" ]
then
	SSH_PRIVSEP_USER=sshd
fi

## Extract common info requires for the 'info' part of the package.
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`

UNAME_S=`uname -s`
case ${UNAME_S} in
	SunOS)	UNAME_S=Solaris
		ARCH=`uname -p`
		RCS_D=yes
		DEF_MSG="(default: n)"
		;;
	*)	ARCH=`uname -m`
		DEF_MSG="\n" ;;
esac

## Setup our run level stuff while we are at it.
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d

## setup our initscript correctly
sed -e "s#%%configDir%%#${sysconfdir}#g" 	\
    -e "s#%%openSSHDir%%#$prefix#g"		\
    -e "s#%%pidDir%%#${piddir}#g"		\
	${OPENSSHD_IN}	> $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}

[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ]  &&  \
	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	$FAKE_ROOT/${sysconfdir}/sshd_config

# We don't want to overwrite config files on multiple installs
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default

cd $FAKE_ROOT

## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
## whining.
for i in *; do
  PROTO_ARGS="$PROTO_ARGS $i=/$i";
done

## Build info file
echo "Building pkginfo file..."
cat > pkginfo << _EOF
PKG=$PKGNAME
NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH
VERSION=$VERSION
CATEGORY="Security,application"
BASEDIR=/
CLASSES="none"
_EOF

## Build preinstall file
echo "Building preinstall file..."
cat > preinstall << _EOF
#! /sbin/sh
#
[ "\${PRE_INS_STOP}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
exit 0
_EOF

## Build postinstall file
echo "Building postinstall file..."
cat > postinstall << _EOF
#! /sbin/sh
#
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
}

# make rc?.d dirs only if we are doing a test install
[ -n "${TEST_DIR}" ]  &&  {
	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
	mkdir -p ${TEST_DIR}/etc/rc0.d
	mkdir -p ${TEST_DIR}/etc/rc1.d
	mkdir -p ${TEST_DIR}/etc/rc2.d
}

if [ "\${USE_SYM_LINKS}" = yes ]
then
	[ "$RCS_D" = yes ]  &&  \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
else
	[ "$RCS_D" = yes ]  &&  \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
fi

# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys

installf -f ${PKGNAME}

# Use chroot to handle PKG_INSTALL_ROOT
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
then
	chroot="chroot \${PKG_INSTALL_ROOT}"
fi
# If this is a test build, we will skip the groupadd/useradd/passwd commands
if [ ! -z "${TEST_DIR}" ]
then
	chroot=echo
fi

if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
then
	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
	echo "or group."
else
	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."

	# create group if required
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep group $SSH_PRIVSEP_USER already exists."
	else
		# Use gid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshdgid="-g $SSHDGID"
		fi
		echo "Creating PrivSep group $SSH_PRIVSEP_USER."
		\$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
	fi

	# Create user if required
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	else
		# Use uid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshduid="-u $SSHDUID"
		fi
		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
		\$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
		\$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
	fi
fi

[ "\${POST_INS_START}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
exit 0
_EOF

## Build preremove file
echo "Building preremove file..."
cat > preremove << _EOF
#! /sbin/sh
#
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
exit 0
_EOF

## Build request file
echo "Building request file..."
cat > request << _EOF
trap 'exit 3' 15
USE_SYM_LINKS=no
PRE_INS_STOP=no
POST_INS_START=no
# Use symbolic links?
ans=\`ckyorn -d n \
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
case \$ans in
	[y,Y]*)	USE_SYM_LINKS=yes ;;
esac

# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
USE_SYM_LINKS='\$USE_SYM_LINKS'
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!
exit 0

_EOF

## Build space file
echo "Building space file..."
cat > space << _EOF
# extra space required by start/stop links added by installf in postinstall
$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
_EOF
[ "$RCS_D" = yes ]  &&  \
echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space

## Next Build our prototype
echo "Building prototype file..."
cat >mk-proto.awk << _EOF
	    BEGIN { print "i pkginfo"; print "i preinstall"; \\
		    print "i postinstall"; print "i preremove"; \\
		    print "i request"; print "i space"; \\
		    split("$SYSTEM_DIR",sys_files); }
	    {
	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
		     { \$5="root"; \$6="sys"; }
		else
		     { \$4="?"; \$5="?"; \$6="?"; break;}
	    } }
	    { print; }
_EOF
find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype

## Step back a directory and now build the package.
echo "Building package.."
cd ..
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
rm -rf $FAKE_ROOT
Commit	Line	Data
3c0ef626	1	#!/bin/sh
3c0ef626	2	#
700318f3	3	# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
3c0ef626	4	#
	5	# The following code has been provide under Public Domain License. I really
	6	# don't care what you use it for. Just as long as you don't complain to me
	7	# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
12408a1b	8	#
3c0ef626	9	umask 022
700318f3	10	#
	11	# Options for building the package
	12	# You can create a config.local with your customized options
	13	#
41b2f314	14	# uncommenting TEST_DIR and using
41b2f314	15	# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
12408a1b	16	# and
700318f3	17	# PKGNAME=tOpenSSH should allow testing a package without interfering
41b2f314	18	# with a real OpenSSH package on a system. This is not needed on systems
41b2f314	19	# that support the -R option to pkgadd.
700318f3	20	#TEST_DIR=/var/tmp # leave commented out for production build
3c0ef626	21	PKGNAME=OpenSSH
700318f3	22	SYSVINIT_NAME=opensshd
700318f3	23	MAKE=${MAKE:="make"}
41b2f314	24	SSHDUID=67 # Default privsep uid
41b2f314	25	SSHDGID=67 # Default privsep gid
700318f3	26	# uncomment these next two as needed
	27	#PERMIT_ROOT_LOGIN=no
	28	#X11_FORWARDING=yes
	29	# list of system directories we do NOT want to change owner/group/perms
	30	# when installing our package
	31	SYSTEM_DIR="/etc \
	32	/etc/init.d \
	33	/etc/rcS.d \
	34	/etc/rc0.d \
	35	/etc/rc1.d \
	36	/etc/rc2.d \
	37	/etc/opt \
	38	/opt \
	39	/opt/bin \
	40	/usr \
	41	/usr/bin \
	42	/usr/lib \
	43	/usr/sbin \
	44	/usr/share \
	45	/usr/share/man \
	46	/usr/share/man/man1 \
	47	/usr/share/man/man8 \
	48	/usr/local \
	49	/usr/local/bin \
	50	/usr/local/etc \
	51	/usr/local/libexec \
	52	/usr/local/man \
	53	/usr/local/man/man1 \
	54	/usr/local/man/man8 \
	55	/usr/local/sbin \
	56	/usr/local/share \
	57	/var \
	58	/var/opt \
	59	/var/run \
	60	/var/tmp \
	61	/tmp"
3c0ef626	62
41b2f314	63	# We may need to build as root so we make sure PATH is set up
700318f3	64	# only set the path if it's not set already
	65	[ -d /usr/local/bin ] && {
	66	echo $PATH \| grep ":/usr/local/bin" > /dev/null 2>&1
	67	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
	68	}
	69	[ -d /usr/ccs/bin ] && {
	70	echo $PATH \| grep ":/usr/ccs/bin" > /dev/null 2>&1
	71	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
	72	}
	73	export PATH
	74	#
	75
	76	[ -f Makefile ] \|\| {
	77	echo "Please run this script from your build directory"
	78	exit 1
	79	}
	80
	81	# we will look for config.local to override the above options
	82	[ -s ./config.local ] && . ./config.local
3c0ef626	83
12408a1b	84	## Start by faking root install
3c0ef626	85	echo "Faking root install..."
3c0ef626	86	START=`pwd`
700318f3	87	OPENSSHD_IN=`dirname $0`/opensshd.in
3c0ef626	88	FAKE_ROOT=$START/package
700318f3	89	[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
3c0ef626	90	mkdir $FAKE_ROOT
700318f3	91	${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
	92	if [ $? -gt 0 ]
	93	then
	94	echo "Fake root install failed, stopping."
	95	exit 1
	96	fi
3c0ef626	97
3c0ef626	98	## Fill in some details, like prefix and sysconfdir
700318f3	99	for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
700318f3	100	do
12408a1b	101	eval $confvar=`grep "^$confvar=" Makefile \| cut -d = -f 2`
700318f3	102	done
3c0ef626	103
41b2f314	104
	105	## Collect value of privsep user
	106	for confvar in SSH_PRIVSEP_USER
	107	do
12408a1b	108	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
41b2f314	109	done
	110
	111	## Set privsep defaults if not defined
	112	if [ -z "$SSH_PRIVSEP_USER" ]
	113	then
12408a1b	114	SSH_PRIVSEP_USER=sshd
41b2f314	115	fi
41b2f314	116
700318f3	117	## Extract common info requires for the 'info' part of the package.
700318f3	118	VERSION=`./ssh -V 2>&1 \| sed -e 's/,.*//'`
3c0ef626	119
700318f3	120	UNAME_S=`uname -s`
	121	case ${UNAME_S} in
	122	SunOS) UNAME_S=Solaris
	123	ARCH=`uname -p`
	124	RCS_D=yes
	125	DEF_MSG="(default: n)"
	126	;;
41b2f314	127	*) ARCH=`uname -m`
41b2f314	128	DEF_MSG="\n" ;;
700318f3	129	esac
	130
	131	## Setup our run level stuff while we are at it.
	132	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
3c0ef626	133
3c0ef626	134	## setup our initscript correctly
700318f3	135	sed -e "s#%%configDir%%#${sysconfdir}#g" \
	136	-e "s#%%openSSHDir%%#$prefix#g" \
	137	-e "s#%%pidDir%%#${piddir}#g" \
	138	${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	139	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
3c0ef626	140
700318f3	141	[ "${PERMIT_ROOT_LOGIN}" = no ] && \
	142	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
	143	$FAKE_ROOT/${sysconfdir}/sshd_config
	144	[ "${X11_FORWARDING}" = yes ] && \
	145	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
	146	$FAKE_ROOT/${sysconfdir}/sshd_config
	147	# fix PrintMotd
	148	perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	149	$FAKE_ROOT/${sysconfdir}/sshd_config
3c0ef626	150
700318f3	151	# We don't want to overwrite config files on multiple installs
	152	mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
	153	mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
	154	[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
	155	mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
	156
	157	cd $FAKE_ROOT
3c0ef626	158
	159	## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
	160	## whining.
	161	for i in *; do
	162	PROTO_ARGS="$PROTO_ARGS $i=/$i";
	163	done
	164
	165	## Build info file
	166	echo "Building pkginfo file..."
	167	cat > pkginfo << _EOF
	168	PKG=$PKGNAME
700318f3	169	NAME="OpenSSH Portable for ${UNAME_S}"
3c0ef626	170	DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
3c0ef626	171	VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
3c0ef626	172	ARCH=$ARCH
3c0ef626	173	VERSION=$VERSION
700318f3	174	CATEGORY="Security,application"
3c0ef626	175	BASEDIR=/
700318f3	176	CLASSES="none"
	177	_EOF
	178
	179	## Build preinstall file
	180	echo "Building preinstall file..."
	181	cat > preinstall << _EOF
	182	#! /sbin/sh
	183	#
	184	[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	185	exit 0
3c0ef626	186	_EOF
3c0ef626	187
700318f3	188	## Build postinstall file
	189	echo "Building postinstall file..."
	190	cat > postinstall << _EOF
	191	#! /sbin/sh
	192	#
41b2f314	193	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] \|\| \\
	194	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
	195	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
	196	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] \|\| \\
	197	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
	198	\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
	199	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
	200	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] \|\| \\
	201	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
	202	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
700318f3	203	}
	204
	205	# make rc?.d dirs only if we are doing a test install
	206	[ -n "${TEST_DIR}" ] && {
	207	[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
	208	mkdir -p ${TEST_DIR}/etc/rc0.d
	209	mkdir -p ${TEST_DIR}/etc/rc1.d
	210	mkdir -p ${TEST_DIR}/etc/rc2.d
	211	}
	212
	213	if [ "\${USE_SYM_LINKS}" = yes ]
	214	then
	215	[ "$RCS_D" = yes ] && \
41b2f314	216	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	217	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	218	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	219	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
700318f3	220	else
700318f3	221	[ "$RCS_D" = yes ] && \
41b2f314	222	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	223	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	224	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	225	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
700318f3	226	fi
	227
	228	# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
41b2f314	229	[ -d $piddir ] \|\| installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys
700318f3	230
	231	installf -f ${PKGNAME}
	232
41b2f314	233	# Use chroot to handle PKG_INSTALL_ROOT
	234	if [ ! -z "\${PKG_INSTALL_ROOT}" ]
	235	then
	236	chroot="chroot \${PKG_INSTALL_ROOT}"
	237	fi
	238	# If this is a test build, we will skip the groupadd/useradd/passwd commands
	239	if [ ! -z "${TEST_DIR}" ]
	240	then
	241	chroot=echo
	242	fi
	243
	244	if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
	245	then
12408a1b	246	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
12408a1b	247	echo "or group."
41b2f314	248	else
12408a1b	249	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
41b2f314	250
12408a1b	251	# create group if required
	252	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	253	then
	254	echo "PrivSep group $SSH_PRIVSEP_USER already exists."
	255	else
41b2f314	256	# Use gid of 67 if possible
	257	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSHDGID'\$' >/dev/null
	258	then
	259	:
	260	else
	261	sshdgid="-g $SSHDGID"
	262	fi
12408a1b	263	echo "Creating PrivSep group $SSH_PRIVSEP_USER."
	264	\$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
	265	fi
	266
	267	# Create user if required
	268	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	269	then
	270	echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	271	else
41b2f314	272	# Use uid of 67 if possible
	273	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSHDGID'\$' >/dev/null
	274	then
	275	:
	276	else
	277	sshduid="-u $SSHDUID"
	278	fi
12408a1b	279	echo "Creating PrivSep user $SSH_PRIVSEP_USER."
41b2f314	280	\$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
41b2f314	281	\$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
12408a1b	282	fi
41b2f314	283	fi
41b2f314	284
700318f3	285	[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
	286	exit 0
	287	_EOF
	288
	289	## Build preremove file
	290	echo "Building preremove file..."
	291	cat > preremove << _EOF
	292	#! /sbin/sh
	293	#
	294	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	295	exit 0
	296	_EOF
	297
	298	## Build request file
	299	echo "Building request file..."
	300	cat > request << _EOF
	301	trap 'exit 3' 15
	302	USE_SYM_LINKS=no
	303	PRE_INS_STOP=no
	304	POST_INS_START=no
	305	# Use symbolic links?
	306	ans=\`ckyorn -d n \
	307	-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` \|\| exit \$?
	308	case \$ans in
	309	[y,Y]*) USE_SYM_LINKS=yes ;;
	310	esac
	311
	312	# determine if should restart the daemon
	313	if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
	314	then
	315	ans=\`ckyorn -d n \
	316	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
	317	case \$ans in
	318	[y,Y]*) PRE_INS_STOP=yes
	319	POST_INS_START=yes
	320	;;
	321	esac
	322
	323	else
	324
	325	# determine if we should start sshd
	326	ans=\`ckyorn -d n \
	327	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
	328	case \$ans in
	329	[y,Y]*) POST_INS_START=yes ;;
	330	esac
	331	fi
	332
	333	# make parameters available to installation service,
	334	# and so to any other packaging scripts
	335	cat >\$1 <<!
	336	USE_SYM_LINKS='\$USE_SYM_LINKS'
	337	PRE_INS_STOP='\$PRE_INS_STOP'
	338	POST_INS_START='\$POST_INS_START'
	339	!
	340	exit 0
	341
	342	_EOF
	343
	344	## Build space file
	345	echo "Building space file..."
	346	cat > space << _EOF
	347	# extra space required by start/stop links added by installf in postinstall
	348	$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
349	$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
350	$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
351	_EOF
352	[ "$RCS_D" = yes ] && \
353	echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space
354
3c0ef626	355	## Next Build our prototype
3c0ef626	356	echo "Building prototype file..."
700318f3	357	cat >mk-proto.awk << _EOF
	358	BEGIN { print "i pkginfo"; print "i preinstall"; \\
	359	print "i postinstall"; print "i preremove"; \\
	360	print "i request"; print "i space"; \\
12408a1b	361	split("$SYSTEM_DIR",sys_files); }
700318f3	362	{
700318f3	363	for (dir in sys_files) { if ( \$3 != sys_files[dir] )
12408a1b	364	{ \$5="root"; \$6="sys"; }
	365	else
	366	{ \$4="?"; \$5="?"; \$6="?"; break;}
700318f3	367	} }
	368	{ print; }
	369	_EOF
	370	find . \| egrep -v "prototype\|pkginfo\|mk-proto.awk" \| sort \| \
	371	pkgproto $PROTO_ARGS \| nawk -f mk-proto.awk > prototype
3c0ef626	372
	373	## Step back a directory and now build the package.
	374	echo "Building package.."
	375	cd ..
700318f3	376	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
700318f3	377	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
3c0ef626	378	rm -rf $FAKE_ROOT
700318f3	379