3 # Adapts the installed gsi-ssh environment to the current machine,
4 # performing actions that originally occurred during the package's
5 # 'make install' phase.
7 # Large parts adapted from 'fixpath', a tool found in openssh-3.0.2p1.
9 # Send comments/fixes/suggestions to:
10 # Chase Phillips <cphillip@ncsa.uiuc.edu>
13 $gpath = $ENV{GLOBUS_LOCATION};
16 die "GLOBUS_LOCATION needs to be set before running this script"
20 # i'm including this because other perl scripts in the gpt setup directories
24 @INC = (@INC, "$gpath/lib/perl");
26 require Grid::GPT::Setup;
28 my $globusdir = $gpath;
29 my $setupdir = "$globusdir/setup/globus";
30 my $myname = "setup-openssh.pl";
33 # Set up path prefixes for use in the path translations
36 $prefix = ${globusdir};
37 $exec_prefix = "${prefix}";
38 $bindir = "${exec_prefix}/bin";
39 $sbindir = "${exec_prefix}/sbin";
40 $mandir = "${prefix}/man";
42 $libexecdir = "${exec_prefix}/libexec";
43 $sysconfdir = "/etc/ssh";
45 $xauth_path = "/usr/bin/X11/xauth";
48 # Backup-related variables
52 $backupdir = "globus_backup_${curr_time}";
53 $confbackupdir = "$backupdir/s1_conf";
54 $transbackupdir = "$backupdir/s2_trans";
57 # We need to make sure it's okay to copy our setup files (if some files are already
58 # present). If we do copy any files, we backup the old files so the user can (possibly)
66 print "\nPreparatory: checking for existence of critical directories\n";
69 # Remember to put in check for /etc
76 $composite = $sysconfdir;
77 if ( ! -d "$composite" )
79 print "Could not find directory: '${composite}'.. creating.\n";
80 mkdir($composite, 16877);
81 # 16877 should be 755, or drwxr-xr-x
85 # Test for /etc/ssh/globus_backup_<curr>
88 $composite = "$sysconfdir/$backupdir";
89 if ( ! -d "${composite}" )
91 print "Could not find directory: '${composite}'.. creating.\n";
92 mkdir($composite, 16877);
96 # Test for /etc/ssh/globus_backup_<curr>/s1_conf
99 $composite = "$sysconfdir/$confbackupdir";
100 if ( ! -d "${composite}" )
102 print "Could not find directory: '${composite}'.. creating.\n";
103 mkdir($composite, 16877);
107 # Test for /etc/ssh/globus_backup_<curr>/s2_trans
110 $composite = "$sysconfdir/$transbackupdir";
111 if ( ! -d "${composite}" )
113 print "Could not find directory: '${composite}'.. creating.\n";
114 mkdir($composite, 16877);
124 print "\nStage 1: Copying configuration files into '${sysconfdir}'.\n";
127 if ( -e "${sysconfdir}/ssh_config" )
129 $response = query_boolean("${sysconfdir}/ssh_config already exists. Overwrite? ", "n");
130 if ($response eq "y")
132 action("cp ${sysconfdir}/ssh_config ${sysconfdir}/${confbackupdir}/ssh_config");
136 if ($response eq "y")
138 action("cp ${globusdir}/setup/globus/ssh_config ${sysconfdir}/ssh_config");
142 # Reset response for our new query
146 if ( -e "${sysconfdir}/sshd_config" )
148 $response = query_boolean("${sysconfdir}/sshd_config already exists. Overwrite? ", "n");
149 if ($response eq "y")
151 action("cp ${sysconfdir}/sshd_config ${sysconfdir}/${confbackupdir}/sshd_config");
155 if ($response eq "y")
157 action("cp ${globusdir}/setup/globus/sshd_config ${sysconfdir}/sshd_config");
161 # Reset response for our new query
165 if ( -e "${sysconfdir}/moduli" )
167 $response = query_boolean("${sysconfdir}/moduli already exists. Overwrite? ", "n");
168 if ($response eq "y")
170 action("cp ${sysconfdir}/moduli ${sysconfdir}/${confbackupdir}/moduli");
174 if ($response eq "y")
176 action("cp ${globusdir}/setup/globus/moduli ${sysconfdir}/moduli");
182 print "\nStage 2: Generating host keys.\n";
184 if ( ! -d "${sysconfdir}" )
186 print "Could not find ${sysconfdir} directory... creating\n";
187 mkdir($sysconfdir, 16877);
188 # 16877 should be 755, or drwxr-xr-x
191 print "Generating ssh keys (if necessary)...\n";
192 if ( -e "${sysconfdir}/ssh_host_key" )
194 print "${sysconfdir}/ssh_host_key already exists, skipping.\n";
198 # if $sysconfdir/ssh_host_key doesn't exist..
199 action("$bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N \"\"");
202 if ( -e "${sysconfdir}/ssh_host_dsa_key" )
204 print "${sysconfdir}/ssh_host_dsa_key already exists, skipping.\n";
208 # if $sysconfdir/ssh_host_dsa_key doesn't exist..
209 action("$bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N \"\"");
212 if ( -e "${sysconfdir}/ssh_host_rsa_key" )
214 print "${sysconfdir}/ssh_host_rsa_key already exists, skipping.\n";
218 # if $sysconfdir/ssh_host_rsa_key doesn't exist..
219 action("$bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N \"\"");
230 # Set up path translations for the installation files
234 "/etc/ssh_config" => "${sysconfdir}/ssh_config",
235 "/etc/ssh_known_hosts" => "${sysconfdir}/ssh_known_hosts",
236 "/etc/sshd_config" => "${sysconfdir}/sshd_config",
237 "/usr/libexec" => "${libexecdir}",
238 "/etc/shosts.equiv" => "${sysconfdir}/shosts.equiv",
239 "/etc/ssh_host_key" => "${sysconfdir}/ssh_host_key",
240 "/etc/ssh_host_dsa_key" => "${sysconfdir}/ssh_host_dsa_key",
241 "/etc/ssh_host_rsa_key" => "${sysconfdir}/ssh_host_rsa_key",
242 "/var/run/sshd.pid" => "${piddir}/sshd.pid",
243 "/etc/moduli" => "${sysconfdir}/moduli",
244 "/etc/sshrc" => "${sysconfdir}/sshrc",
245 "/usr/X11R6/bin/xauth" => "${xauth_path}",
246 "/usr/bin:/bin:/usr/sbin:/sbin" => "/usr/bin:/bin:/usr/sbin:/sbin:${bindir}",
247 "(/path/to/scp.real)" => "${bindir}/scp.real",
248 "(/path/to/ssh)" => "${bindir}/ssh",
249 "(/path/to/sftp.real)" => "${bindir}/sftp.real",
250 "(/path/to/sshd.real)" => "${sbindir}/sshd.real",
251 "(/path/to/ssh_config)" => "${sysconfdir}/ssh_config",
252 "(/path/to/sshd_config)" => "${sysconfdir}/sshd_config",
256 # Files on which to perform path translations
260 "${bindir}/scp" => 0,
261 "${bindir}/sftp" => 0,
262 "${sbindir}/sshd" => 0,
263 "${sysconfdir}/ssh_config" => 1,
264 "${sysconfdir}/sshd_config" => 1,
265 "${sysconfdir}/moduli" => 1,
266 "${mandir}/${mansubdir}1/scp.1" => 0,
267 "${mandir}/${mansubdir}1/ssh-add.1" => 0,
268 "${mandir}/${mansubdir}1/ssh-agent.1" => 0,
269 "${mandir}/${mansubdir}1/ssh-keygen.1" => 0,
270 "${mandir}/${mansubdir}1/ssh-keyscan.1" => 0,
271 "${mandir}/${mansubdir}1/ssh.1" => 0,
272 "${mandir}/${mansubdir}8/sshd.8" => 0,
273 "${mandir}/${mansubdir}8/sftp-server.8" => 0,
274 "${mandir}/${mansubdir}1/sftp.1" => 0,
277 print "\nStage 3: Translating strings in config and man files...\n";
279 for my $f (keys %files)
281 $f =~ /(.*\/)*(.*)$/;
284 # we really should create a random filename and make sure that it
285 # doesn't already exist (based off current time_t or something)
291 # get the filename for $f and place it in $h.
298 # Grab the current mode/uid/gid for use later
301 $mode = (stat($f))[2];
302 $uid = (stat($f))[4];
303 $gid = (stat($f))[5];
309 action("cp $f ${sysconfdir}/${transbackupdir}/$h");
312 open(IN, "<$g") || die ("$0: input file $g missing!\n");
313 open(OUT, ">$f") || die ("$0: unable to open output file $f!\n");
330 # An attempt to revert the new file back to the original file's
335 chown($uid, $gid, $f);
341 print "$myname: Configuring package 'gsi_openssh'..\n";
342 print "NOTE: Run this as root for the intended effect.\n";
349 my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");
353 print "$myname: Finished configuring package 'gsi_openssh'.\n";
356 # Just need a minimal action() subroutine for now..
365 my $result = system("$command 2>&1");
367 if (($result or $?) and $command !~ m!patch!)
369 die "ERROR: Unable to execute command: $!\n";
375 my ($query_text, $default) = @_;
376 my $nondefault, $foo, $bar;
379 # Set $nondefault to the boolean opposite of $default.
391 print "${query_text} ";
395 ($bar) = split //, $foo;
397 printf "bar = '$bar'\n";
399 if ($bar ne $nondefault)