3 # Adapts the installed gsi-ssh environment to the current machine,
4 # performing actions that originally occurred during the package's
5 # 'make install' phase.
7 # Large parts adapted from 'fixpath', a tool found in openssh-3.0.2p1.
9 # Send comments/fixes/suggestions to:
10 # Chase Phillips <cphillip@ncsa.uiuc.edu>
13 $gpath = $ENV{GLOBUS_LOCATION};
16 die "GLOBUS_LOCATION needs to be set before running this script"
20 # i'm including this because other perl scripts in the gpt setup directories
24 @INC = (@INC, "$gpath/lib/perl");
26 require Grid::GPT::Setup;
28 my $globusdir = $gpath;
29 my $setupdir = "$globusdir/setup/globus";
30 my $myname = "setup-openssh.pl";
33 # Set up path prefixes for use in the path translations
36 $prefix = ${globusdir};
37 $exec_prefix = "${prefix}";
38 $bindir = "${exec_prefix}/bin";
39 $sbindir = "${exec_prefix}/sbin";
40 $mandir = "${prefix}/man";
42 $libexecdir = "${exec_prefix}/libexec";
43 $sysconfdir = "/etc/ssh";
45 $xauth_path = "/usr/bin/X11/xauth";
48 # Backup-related variables
52 $backupdir = "globus_backup_${curr_time}";
53 $confbackupdir = "$backupdir/s1_conf";
54 $transbackupdir = "$backupdir/s3_trans";
57 # We need to make sure it's okay to copy our setup files (if some files are already
58 # present). If we do copy any files, we backup the old files so the user can (possibly)
66 print "\nPreparatory: checking for existence of critical directories\n";
69 # Remember to put in check for /etc
76 $composite = $sysconfdir;
77 if ( ! -d "$composite" )
79 print "Could not find directory: '${composite}'.. creating.\n";
80 mkdir($composite, 16877);
81 # 16877 should be 755, or drwxr-xr-x
85 # Test for /etc/ssh/globus_backup_<curr>
88 $composite = "$sysconfdir/$backupdir";
89 if ( ! -d "${composite}" )
91 print "Could not find directory: '${composite}'.. creating.\n";
92 mkdir($composite, 16877);
96 # Test for /etc/ssh/globus_backup_<curr>/s1_conf
99 $composite = "$sysconfdir/$confbackupdir";
100 if ( ! -d "${composite}" )
102 print "Could not find directory: '${composite}'.. creating.\n";
103 mkdir($composite, 16877);
107 # Test for /etc/ssh/globus_backup_<curr>/s2_trans
110 $composite = "$sysconfdir/$transbackupdir";
111 if ( ! -d "${composite}" )
113 print "Could not find directory: '${composite}'.. creating.\n";
114 mkdir($composite, 16877);
124 print "\nStage 1: Copying configuration files into '${sysconfdir}'..\n";
127 if ( -e "${sysconfdir}/ssh_config" )
129 $response = query_boolean("${sysconfdir}/ssh_config already exists. Overwrite?", "n");
130 if ($response eq "y")
132 action("cp ${sysconfdir}/ssh_config ${sysconfdir}/${confbackupdir}/ssh_config");
136 if ($response eq "y")
138 action("cp ${globusdir}/setup/globus/ssh_config ${sysconfdir}/ssh_config");
142 # Reset response for our new query
146 if ( -e "${sysconfdir}/sshd_config" )
148 $response = query_boolean("${sysconfdir}/sshd_config already exists. Overwrite?", "n");
149 if ($response eq "y")
151 action("cp ${sysconfdir}/sshd_config ${sysconfdir}/${confbackupdir}/sshd_config");
155 if ($response eq "y")
157 action("cp ${globusdir}/setup/globus/sshd_config ${sysconfdir}/sshd_config");
161 # Reset response for our new query
165 if ( -e "${sysconfdir}/moduli" )
167 $response = query_boolean("${sysconfdir}/moduli already exists. Overwrite?", "n");
168 if ($response eq "y")
170 action("cp ${sysconfdir}/moduli ${sysconfdir}/${confbackupdir}/moduli");
174 if ($response eq "y")
176 action("cp ${globusdir}/setup/globus/moduli ${sysconfdir}/moduli");
182 print "\nStage 2: Generating ssh host keys..\n";
184 if ( ! -d "${sysconfdir}" )
186 print "Could not find ${sysconfdir} directory... creating\n";
187 mkdir($sysconfdir, 16877);
188 # 16877 should be 755, or drwxr-xr-x
191 if ( -e "${sysconfdir}/ssh_host_key" )
193 print "${sysconfdir}/ssh_host_key already exists, skipping.\n";
197 # if $sysconfdir/ssh_host_key doesn't exist..
198 action("$bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N \"\"");
201 if ( -e "${sysconfdir}/ssh_host_dsa_key" )
203 print "${sysconfdir}/ssh_host_dsa_key already exists, skipping.\n";
207 # if $sysconfdir/ssh_host_dsa_key doesn't exist..
208 action("$bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N \"\"");
211 if ( -e "${sysconfdir}/ssh_host_rsa_key" )
213 print "${sysconfdir}/ssh_host_rsa_key already exists, skipping.\n";
217 # if $sysconfdir/ssh_host_rsa_key doesn't exist..
218 action("$bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N \"\"");
229 # Set up path translations for the installation files
233 "/etc/ssh_config" => "${sysconfdir}/ssh_config",
234 "/etc/ssh_known_hosts" => "${sysconfdir}/ssh_known_hosts",
235 "/etc/sshd_config" => "${sysconfdir}/sshd_config",
236 "/usr/libexec" => "${libexecdir}",
237 "/etc/shosts.equiv" => "${sysconfdir}/shosts.equiv",
238 "/etc/ssh_host_key" => "${sysconfdir}/ssh_host_key",
239 "/etc/ssh_host_dsa_key" => "${sysconfdir}/ssh_host_dsa_key",
240 "/etc/ssh_host_rsa_key" => "${sysconfdir}/ssh_host_rsa_key",
241 "/var/run/sshd.pid" => "${piddir}/sshd.pid",
242 "/etc/moduli" => "${sysconfdir}/moduli",
243 "/etc/sshrc" => "${sysconfdir}/sshrc",
244 "/usr/X11R6/bin/xauth" => "${xauth_path}",
245 "/usr/bin:/bin:/usr/sbin:/sbin" => "/usr/bin:/bin:/usr/sbin:/sbin:${bindir}",
249 # Files on which to perform path translations
253 "${sysconfdir}/ssh_config" => 1,
254 "${sysconfdir}/sshd_config" => 1,
255 "${sysconfdir}/moduli" => 1,
256 "${mandir}/${mansubdir}1/scp.1" => 0,
257 "${mandir}/${mansubdir}1/ssh-add.1" => 0,
258 "${mandir}/${mansubdir}1/ssh-agent.1" => 0,
259 "${mandir}/${mansubdir}1/ssh-keygen.1" => 0,
260 "${mandir}/${mansubdir}1/ssh-keyscan.1" => 0,
261 "${mandir}/${mansubdir}1/ssh.1" => 0,
262 "${mandir}/${mansubdir}8/sshd.8" => 0,
263 "${mandir}/${mansubdir}8/sftp-server.8" => 0,
264 "${mandir}/${mansubdir}1/sftp.1" => 0,
267 print "\nStage 3: Translating strings in config and man files...\n";
269 for my $f (keys %files)
271 $f =~ /(.*\/)*(.*)$/;
274 # we really should create a random filename and make sure that it
275 # doesn't already exist (based off current time_t or something)
281 # get the filename for $f and place it in $h.
288 # Grab the current mode/uid/gid for use later
291 $mode = (stat($f))[2];
292 $uid = (stat($f))[4];
293 $gid = (stat($f))[5];
296 # Move $f into a .tmp file for the translation step
299 $result = system("mv $f $g 2>&1");
302 die "ERROR: Unable to execute command: $!\n";
306 # Create a backup of this file if it's flagged
311 $result = system("cp $g ${sysconfdir}/${transbackupdir}/$h 2>&1");
315 die "ERROR: Unable to execute command: $!\n";
319 open(IN, "<$g") || die ("$0: input file $g missing!\n");
320 open(OUT, ">$f") || die ("$0: unable to open output file $f!\n");
335 # Remove the old .tmp file
338 $result = system("rm $g 2>&1");
342 die "ERROR: Unable to execute command: $!\n";
346 # An attempt to revert the new file back to the original file's
351 chown($uid, $gid, $f);
359 print "---------------------------------------------------------------\n";
360 print "$myname: Configuring package 'gsi_openssh'..\n";
362 print "--> NOTE: Run this as root for the intended effect. <--\n";
369 my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");
374 print "$myname: Finished configuring package 'gsi_openssh'.\n";
376 print "You are required to set the following variables in your environment\n";
377 print "to ensure that the gsi_ssh package works correctly:\n";
379 print "\GSI_SCP_LOC=\"${bindir}/scp.real\"\n";
380 print "\GSI_SFTP_LOC=\"${bindir}/sftp.real\"\n";
381 print "\GSI_SSH_LOC=\"${bindir}/ssh\"\n";
382 print "\GSI_SSHD_LOC=\"${sbindir}/sshd.real\"\n";
383 print "\GSI_SSH_CONFIG_LOC=\"${sysconfdir}/ssh_config\"\n";
384 print "\GSI_SSHD_CONFIG_LOC=\"${sysconfdir}/sshd_config\"\n";
385 print "---------------------------------------------------------------\n";
388 # Just need a minimal action() subroutine for now..
397 my $result = system("$command 2>&1");
399 if (($result or $?) and $command !~ m!patch!)
401 die "ERROR: Unable to execute command: $!\n";
407 my ($query_text, $default) = @_;
408 my $nondefault, $foo, $bar;
411 # Set $nondefault to the boolean opposite of $default.
423 print "${query_text} ";
427 ($bar) = split //, $foo;
429 if ($bar ne $nondefault)