5 # Adapts the installed gsi-openssh environment to the current machine,
6 # performing actions that originally occurred during the package's
7 # 'make install' phase.
9 # Send comments/fixes/suggestions to:
10 # Chase Phillips <cphillip@ncsa.uiuc.edu>
13 printf("setup-openssh.pl: Configuring gsi-openssh package\n");
16 # Get user's GPT_LOCATION since we may be installing this using a new(er)
20 $gptpath = $ENV{GPT_LOCATION};
23 # And the old standby..
26 $gpath = $ENV{GLOBUS_LOCATION};
29 die "GLOBUS_LOCATION needs to be set before running this script"
33 # modify the ld library path for when we call ssh executables
36 $oldldpath = $ENV{LD_LIBRARY_PATH};
37 $newldpath = "$gpath/lib";
38 if (length($oldldpath) > 0)
40 $newldpath .= ":$oldldpath";
42 $ENV{LD_LIBRARY_PATH} = "$newldpath";
45 # i'm including this because other perl scripts in the gpt setup directories
49 if (defined($gptpath))
51 @INC = (@INC, "$gptpath/lib/perl", "$gpath/lib/perl");
55 @INC = (@INC, "$gpath/lib/perl");
58 require Grid::GPT::Setup;
60 my $globusdir = $gpath;
61 my $myname = "setup-openssh.pl";
64 # Set up path prefixes for use in the path translations
67 $prefix = ${globusdir};
68 $exec_prefix = "${prefix}";
69 $bindir = "${exec_prefix}/bin";
70 $sysconfdir = "$prefix/etc/ssh";
71 $localsshdir = "/etc/ssh";
74 "dsa" => "ssh_host_dsa_key",
75 "rsa" => "ssh_host_rsa_key",
76 "rsa1" => "ssh_host_key",
82 my($regex, $basename);
86 print "Copying ssh host keys...\n";
88 for my $f (@$copylist)
95 $pubkeyfile = "$f.pub";
97 action("cp $localsshdir/$keyfile $sysconfdir/$keyfile");
98 action("cp $localsshdir/$pubkeyfile $sysconfdir/$pubkeyfile");
108 if ( ( -e $file ) && ( -r $file ) )
134 my($keyhash, $keylist);
138 # initialize our variables
144 $keyhash->{gen} = []; # a list of keytypes to generate
145 $keyhash->{copy} = []; # a list of files to copy from the
147 $genlist = $keyhash->{gen};
148 $copylist = $keyhash->{copy};
151 # loop over our keytypes and determine what we need to do for each of them
154 for my $keytype (keys %$keyfiles)
156 $basekeyfile = $keyfiles->{$keytype};
159 # if the key's are already present, we don't need to bother with this rigamarole
162 $gkeyfile = "$sysconfdir/$basekeyfile";
163 $gpubkeyfile = "$sysconfdir/$basekeyfile.pub";
165 if ( isPresent($gkeyfile) && isPresent($gpubkeyfile) )
171 # if we can find a copy of the keys in /etc/ssh, we'll copy them to the user's
175 $mainkeyfile = "$localsshdir/$basekeyfile";
176 $mainpubkeyfile = "$localsshdir/$basekeyfile.pub";
178 if ( isReadable($mainkeyfile) && isReadable($mainpubkeyfile) )
180 push(@$copylist, $basekeyfile);
186 # otherwise, we need to generate the key
189 push(@$genlist, $keytype);
195 if ( ! -d $sysconfdir )
197 print "Could not find ${sysconfdir} directory... creating\n";
198 action("mkdir -p $sysconfdir");
211 print "Generating ssh host keys...\n";
213 for my $k (@$gen_keys)
215 $keyfile = $keyfiles->{$k};
217 # if $sysconfdir/$keyfile doesn't exist..
218 action("$bindir/ssh-keygen -t $k -f $sysconfdir/$keyfile -N \"\"");
229 print "Fixing sftp-server path in sshd_config...\n";
231 $f = "$gpath/etc/ssh/sshd_config";
236 die("Cannot find $f!");
240 # Grab the current mode/uid/gid for use later
243 $mode = (stat($f))[2];
244 $uid = (stat($f))[4];
245 $gid = (stat($f))[5];
248 # Move $f into a .tmp file for the translation step
251 $result = system("mv $f $g 2>&1");
254 die "ERROR: Unable to execute command: $!\n";
257 open(IN, "<$g") || die ("$0: input file $g missing!\n");
258 open(OUT, ">$f") || die ("$0: unable to open output file $f!\n");
263 # sorry for the whacky regex, but i need to verify a whole line
266 if ( /^\s*Subsystem\s+sftp\s+\S+\s*$/ )
268 $_ = "Subsystem\tsftp\t$gpath/libexec/sftp-server\n";
278 # Remove the old .tmp file
281 $result = system("rm $g 2>&1");
285 die "ERROR: Unable to execute command: $!\n";
289 # An attempt to revert the new file back to the original file's
294 chown($uid, $gid, $f);
299 sub alterFileGlobusLocation
303 $data = readFile($file);
304 $data =~ s|\@GSI_OPENSSH_GLOBUS_LOCATION\@|$gpath|g;
305 writeFile($file, $data);
313 "$gosharedir/contrib/caldera/sshd.init",
317 ### readFile( $filename )
319 # reads and returns $filename's contents
327 open (IN, "$filename") || die "Can't open '$filename': $!";
336 ### writeFile( $filename, $fileinput )
338 # create the inputs to the ssl program at $filename, appending the common name to the
339 # stream in the process
344 my ($filename, $fileinput) = @_;
347 # test for a valid $filename
350 if ( !defined($filename) || (length($filename) lt 1) )
352 die "Filename is undefined";
355 if ( ( -e "$filename" ) && ( ! -w "$filename" ) )
357 die "Cannot write to filename '$filename'";
361 # write the output to $filename
364 open(OUT, ">$filename");
365 print OUT "$fileinput";
369 print "---------------------------------------------------------------------\n";
370 print "Hi, I'm the setup script for the gsi_openssh package! There\n";
371 print "are some last minute details that I've got to set straight\n";
372 print "in the sshd config file, along with generating the ssh keys\n";
373 print "for this machine (if it doesn't already have them).\n";
375 print "If I find a pair of host keys in /etc/ssh, I will copy them into\n";
376 print "\$GLOBUS_LOCATION/etc/ssh. If they aren't present, I will generate\n";
377 print "them for you.\n";
380 $response = query_boolean("Do you wish to continue with the setup package?","y");
381 if ($response eq "n")
384 print "Okay.. exiting gsi_openssh setup.\n";
391 $keyhash = determineKeys();
392 runKeyGen($keyhash->{gen});
393 copyKeyFiles($keyhash->{copy});
396 my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");
401 print "Additional Notes:\n";
403 print " o I see that you have your GLOBUS_LOCATION environmental variable\n";
406 print " \t\"$gpath\"\n";
408 print " Remember to keep this variable set (correctly) when you want to\n";
409 print " use the executables that came with this package.\n";
411 print " o You may need to set LD_LIBRARY_PATH to point to the location in\n";
412 print " which your globus libraries reside. For example:\n";
414 print " \t\$ LD_LIBRARY_PATH=\"$gpath/lib:\$LD_LIBRARY_PATH\"; \\\n";
415 print " \t export LD_LIBRARY_PATH\n";
417 print " If you wish, you may run, e.g.:\n";
419 print " \t\$ . \$GLOBUS_LOCATION/etc/globus-user-env.sh\n";
421 print " to prepare your environment for running the gsi_openssh\n";
422 print " executables.\n";
424 print "---------------------------------------------------------------------\n";
425 print "$myname: Finished configuring package 'gsi_openssh'.\n";
428 # Just need a minimal action() subroutine for now..
437 my $result = system("LD_LIBRARY_PATH=\"$gpath/lib:\$LD_LIBRARY_PATH\"; $command 2>&1");
439 if (($result or $?) and $command !~ m!patch!)
441 die "ERROR: Unable to execute command: $!\n";
447 my ($query_text, $default) = @_;
448 my $nondefault, $foo, $bar;
451 # Set $nondefault to the boolean opposite of $default.
463 print "${query_text} ";
467 ($bar) = split //, $foo;
469 if ( grep(/\s/, $bar) )
471 # this is debatable. all whitespace means 'default'
475 elsif ($bar ne $default)
477 # everything else means 'nondefault'.
483 # extraneous step. to get here, $bar should be eq to $default anyway.