3 # Adapts the installed gsi-ssh environment to the current machine,
4 # performing actions that originally occurred during the package's
5 # 'make install' phase.
7 # Parts adapted from 'fixpath', a tool found in openssh-3.0.2p1.
9 # Send comments/fixes/suggestions to:
10 # Chase Phillips <cphillip@ncsa.uiuc.edu>
13 printf("setup-openssh.pl: Configuring gsi-openssh package\n");
16 # Get user's GPT_LOCATION since we may be installing this using a new(er)
20 $gptpath = $ENV{GPT_LOCATION};
23 # And the old standby..
26 $gpath = $ENV{GLOBUS_LOCATION};
29 die "GLOBUS_LOCATION needs to be set before running this script"
33 # i'm including this because other perl scripts in the gpt setup directories
37 if (defined($gptpath))
39 @INC = (@INC, "$gptpath/lib/perl", "$gpath/lib/perl");
43 @INC = (@INC, "$gpath/lib/perl");
46 require Grid::GPT::Setup;
48 my $globusdir = $gpath;
49 my $setupdir = "$globusdir/setup/globus";
50 my $myname = "setup-openssh.pl";
53 # Set up path prefixes for use in the path translations
56 $prefix = ${globusdir};
57 $exec_prefix = "${prefix}";
58 $bindir = "${exec_prefix}/bin";
59 $sbindir = "${exec_prefix}/sbin";
60 $mandir = "${prefix}/man";
62 $libexecdir = "${exec_prefix}/libexec";
63 $sysconfdir = "/etc/ssh";
65 $xauth_path = "/usr/bin/X11/xauth";
68 # Backup-related variables
72 $backupdir = "/etc/ssh/globus_backup_${curr_time}";
75 # Check that we are running as root
82 print "--> NOTE: You must be root to run this script! <--\n";
87 # We need to make sure it's okay to copy our setup files (if some files are already
88 # present). If we do copy any files, we backup the old files so the user can (possibly)
94 print "\nPreparatory: Checking for existence of critical directories..\n";
97 # Remember to put in check for /etc
104 if ( ! -d "$sysconfdir" )
106 print "Could not find directory: '${sysconfdir}'.. creating.\n";
107 mkdir($sysconfdir, 16877);
108 # 16877 should be 755, or drwxr-xr-x
112 # Test for /etc/ssh/globus_backup_<curr>
115 if ( ! -d "${backupdir}" )
117 print "Could not find directory: '${backupdir}'.. creating.\n";
118 mkdir($backupdir, 16877);
126 print "\nStage 1: Backing up configuration files to '${backupdir}/'..\n";
128 if ( -e "${sysconfdir}/ssh_config" )
130 action("cp ${sysconfdir}/ssh_config ${backupdir}/ssh_config");
134 print "${sysconfdir}/ssh_config does not exist.\n";
137 if ( -e "${sysconfdir}/sshd_config" )
139 action("cp ${sysconfdir}/sshd_config ${backupdir}/sshd_config");
143 print "${sysconfdir}/sshd_config does not exist.\n";
146 if ( -e "${sysconfdir}/moduli" )
148 action("cp ${sysconfdir}/moduli ${backupdir}/moduli");
152 print "${sysconfdir}/moduli does not exist.\n";
160 print "\nStage 2: Copying configuration files into '${sysconfdir}'..\n";
162 action("cp ${globusdir}/setup/globus/ssh_config ${sysconfdir}/ssh_config");
163 action("cp ${globusdir}/setup/globus/sshd_config ${sysconfdir}/sshd_config");
164 action("cp ${globusdir}/setup/globus/moduli ${sysconfdir}/moduli");
169 print "\nStage 3: Generating ssh host keys..\n";
171 if ( ! -d "${sysconfdir}" )
173 print "Could not find ${sysconfdir} directory... creating\n";
174 mkdir($sysconfdir, 16877);
175 # 16877 should be 755, or drwxr-xr-x
178 if ( -e "${sysconfdir}/ssh_host_key" )
180 print "${sysconfdir}/ssh_host_key already exists, skipping.\n";
184 # if $sysconfdir/ssh_host_key doesn't exist..
185 action("$bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N \"\"");
188 if ( -e "${sysconfdir}/ssh_host_dsa_key" )
190 print "${sysconfdir}/ssh_host_dsa_key already exists, skipping.\n";
194 # if $sysconfdir/ssh_host_dsa_key doesn't exist..
195 action("$bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N \"\"");
198 if ( -e "${sysconfdir}/ssh_host_rsa_key" )
200 print "${sysconfdir}/ssh_host_rsa_key already exists, skipping.\n";
204 # if $sysconfdir/ssh_host_rsa_key doesn't exist..
205 action("$bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N \"\"");
215 print "\nStage 4: Translating strings in config and man files..\n";
218 # Set up path translations for the installation files
222 "/etc/ssh_config" => "${sysconfdir}/ssh_config",
223 "/etc/ssh_known_hosts" => "${sysconfdir}/ssh_known_hosts",
224 "/etc/sshd_config" => "${sysconfdir}/sshd_config",
225 "/usr/libexec" => "${libexecdir}",
226 "/etc/shosts.equiv" => "${sysconfdir}/shosts.equiv",
227 "/etc/ssh_host_key" => "${sysconfdir}/ssh_host_key",
228 "/etc/ssh_host_dsa_key" => "${sysconfdir}/ssh_host_dsa_key",
229 "/etc/ssh_host_rsa_key" => "${sysconfdir}/ssh_host_rsa_key",
230 "/var/run/sshd.pid" => "${piddir}/sshd.pid",
231 "/etc/moduli" => "${sysconfdir}/moduli",
232 "/etc/sshrc" => "${sysconfdir}/sshrc",
233 "/usr/X11R6/bin/xauth" => "${xauth_path}",
234 "/usr/bin:/bin:/usr/sbin:/sbin" => "/usr/bin:/bin:/usr/sbin:/sbin:${bindir}",
238 # Files on which to perform path translations
242 "${sysconfdir}/ssh_config",
243 "${sysconfdir}/sshd_config",
244 "${sysconfdir}/moduli",
245 "${mandir}/${mansubdir}1/scp.1",
246 "${mandir}/${mansubdir}1/ssh-add.1",
247 "${mandir}/${mansubdir}1/ssh-agent.1",
248 "${mandir}/${mansubdir}1/ssh-keygen.1",
249 "${mandir}/${mansubdir}1/ssh-keyscan.1",
250 "${mandir}/${mansubdir}1/ssh.1",
251 "${mandir}/${mansubdir}8/sshd.8",
252 "${mandir}/${mansubdir}8/sftp-server.8",
253 "${mandir}/${mansubdir}1/sftp.1",
258 $f =~ /(.*\/)*(.*)$/;
261 # we really should create a random filename and make sure that it
262 # doesn't already exist (based off current time_t or something)
268 # What is $f's filename? (taken from the qualified path)
275 # Grab the current mode/uid/gid for use later
278 $mode = (stat($f))[2];
279 $uid = (stat($f))[4];
280 $gid = (stat($f))[5];
283 # Move $f into a .tmp file for the translation step
286 $result = system("mv $f $g 2>&1");
289 die "ERROR: Unable to execute command: $!\n";
292 open(IN, "<$g") || die ("$0: input file $g missing!\n");
293 open(OUT, ">$f") || die ("$0: unable to open output file $f!\n");
308 # Remove the old .tmp file
311 $result = system("rm $g 2>&1");
315 die "ERROR: Unable to execute command: $!\n";
319 # An attempt to revert the new file back to the original file's
324 chown($uid, $gid, $f);
332 print "---------------------------------------------------------------\n";
333 print "$myname: Configuring package gsi_openssh..\n";
335 print "Hi, I'm the setup script for the gsi_openssh package! There\n";
336 print "are some last minute details that I've got to set straight\n";
337 print "in the config and man files, along with generating the ssh keys\n";
338 print "for this machine (if it doesn't already have them).\n";
340 print "I like to install my config-related files in:\n";
341 print " ${sysconfdir}/\n";
343 print "These files may overwrite your previously existing configuration\n";
344 print "files. If you choose to continue, you will find a backup of\n";
345 print "those original files in:\n";
346 print " ${backupdir}/\n";
348 print "Your host keys will remain untouched if they are already present.\n";
349 print "If they aren't present, this script will generate them for you.\n";
352 $response = query_boolean("Do you wish to continue with the setup package?","y");
354 if ($response eq "n")
357 print "Okay.. exiting gsi_openssh setup.\n";
368 my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");
373 print "$myname: Finished configuring package 'gsi_openssh'.\n";
375 print "I see that you have your GLOBUS_LOCATION environmental variable\n";
379 print "Remember to keep this variable set (correctly) when you want\n";
380 print "to use the executables that came with this package.\n";
381 print "---------------------------------------------------------------\n";
384 # Just need a minimal action() subroutine for now..
393 my $result = system("$command 2>&1");
395 if (($result or $?) and $command !~ m!patch!)
397 die "ERROR: Unable to execute command: $!\n";
403 my ($query_text, $default) = @_;
404 my $nondefault, $foo, $bar;
407 # Set $nondefault to the boolean opposite of $default.
419 print "${query_text} ";
423 ($bar) = split //, $foo;
425 if ( grep(/\s/, $bar) )
427 # this is debatable. all whitespace means 'default'
431 elsif ($bar ne $default)
433 # everything else means 'nondefault'.
439 # extraneous step. to get here, $bar should be eq to $default anyway.