die "GLOBUS_LOCATION needs to be set before running this script"
}
+#
+# modify the ld library path for when we call ssh executables
+#
+
+$oldldpath = $ENV{LD_LIBRARY_PATH};
+$newldpath = "$gpath/lib";
+if (length($oldldpath) > 0)
+{
+ $newldpath .= ":$oldldpath";
+}
+$ENV{LD_LIBRARY_PATH} = "$newldpath";
+
#
# i'm including this because other perl scripts in the gpt setup directories
# do so
$prefix = ${globusdir};
$exec_prefix = "${prefix}";
$bindir = "${exec_prefix}/bin";
+$sbindir = "${exec_prefix}/sbin";
$sysconfdir = "$prefix/etc/ssh";
$localsshdir = "/etc/ssh";
+$setupdir = "$prefix/setup/gsi_openssh_setup";
my $keyfiles = {
"dsa" => "ssh_host_dsa_key",
"rsa1" => "ssh_host_key",
};
-#
-# Check that we are running as root
-#
-
-$uid = $>;
-
-if ($uid != 0)
-{
- print "--> NOTE: You must be root to run this script! <--\n";
- exit 0;
-}
-
sub copyKeyFiles
{
my($copylist) = @_;
my($regex, $basename);
- print "Copying ssh host keys...\n";
-
- for my $f (@$copylist)
+ if (@$copylist)
{
- $f =~ s:/+:/:g;
+ print "Copying ssh host keys...\n";
- if (length($f) > 0)
+ for my $f (@$copylist)
{
- $keyfile = "$f";
- $pubkeyfile = "$f.pub";
+ $f =~ s:/+:/:g;
+
+ if (length($f) > 0)
+ {
+ $keyfile = "$f";
+ $pubkeyfile = "$f.pub";
- action("cp $localsshdir/$keyfile $sysconfdir/$keyfile");
- action("cp $localsshdir/$pubkeyfile $sysconfdir/$pubkeyfile");
+ action("cp $localsshdir/$keyfile $sysconfdir/$keyfile");
+ action("cp $localsshdir/$pubkeyfile $sysconfdir/$pubkeyfile");
+ }
}
}
}
}
}
+sub isPresent
+{
+ my($file) = @_;
+
+ if ( -e $file )
+ {
+ return 1;
+ }
+ else
+ {
+ return 0;
+ }
+}
+
sub determineKeys
{
my($keyhash, $keylist);
my($count);
+ #
+ # initialize our variables
+ #
+
$count = 0;
$keyhash = {};
$keyhash->{gen} = []; # a list of keytypes to generate
$keyhash->{copy} = []; # a list of files to copy from the
+
$genlist = $keyhash->{gen};
$copylist = $keyhash->{copy};
+ #
+ # loop over our keytypes and determine what we need to do for each of them
+ #
+
for my $keytype (keys %$keyfiles)
{
$basekeyfile = $keyfiles->{$keytype};
- $keyfile = "$localsshdir/$basekeyfile";
- $pubkeyfile = "$keyfile.pub";
- if ( !isReadable($keyfile) || !isReadable($pubkeyfile) )
+ #
+ # if the key's are already present, we don't need to bother with this rigamarole
+ #
+
+ $gkeyfile = "$sysconfdir/$basekeyfile";
+ $gpubkeyfile = "$sysconfdir/$basekeyfile.pub";
+
+ if ( isPresent($gkeyfile) && isPresent($gpubkeyfile) )
{
- push(@$genlist, $keytype);
- $count++;
+ next;
}
- }
- for my $keytype (keys %$keyfiles)
- {
- if ( !grep(/^$keytype$/, @$genlist) )
+ #
+ # if we can find a copy of the keys in /etc/ssh, we'll copy them to the user's
+ # globus location
+ #
+
+ $mainkeyfile = "$localsshdir/$basekeyfile";
+ $mainpubkeyfile = "$localsshdir/$basekeyfile.pub";
+
+ if ( isReadable($mainkeyfile) && isReadable($mainpubkeyfile) )
{
- $keyfile = $keyfiles->{$keytype};
- push(@$copylist, $keyfile);
+ push(@$copylist, $basekeyfile);
$count++;
+ next;
}
+
+ #
+ # otherwise, we need to generate the key
+ #
+
+ push(@$genlist, $keytype);
+ $count++;
}
if ($count > 0)
sub runKeyGen
{
my($gen_keys) = @_;
+ my $keygen = "$bindir/ssh-keygen";
- print "Generating ssh host keys...\n";
-
- for my $k (@$gen_keys)
+ if (@$gen_keys && -x $keygen)
{
- $keyfile = $keyfiles->{$k};
+ print "Generating ssh host keys...\n";
+
+ for my $k (@$gen_keys)
+ {
+ $keyfile = $keyfiles->{$k};
- # if $sysconfdir/$keyfile doesn't exist..
- action("$bindir/ssh-keygen -t $k -f $sysconfdir/$keyfile -N \"\"");
+ # if $sysconfdir/$keyfile doesn't exist..
+ action("$bindir/ssh-keygen -t $k -f $sysconfdir/$keyfile -N \"\"");
+ }
}
return 0;
if ( ! -f "$f" )
{
- die("Cannot find $f!");
+ printf("Cannot find $f!");
+ return;
}
#
while (<IN>)
{
- if ( /Subsystem\s+sftp\s+\S+/ )
+ #
+ # sorry for the whacky regex, but i need to verify a whole line
+ #
+
+ if ( /^\s*Subsystem\s+sftp\s+\S+\s*$/ )
{
$_ = "Subsystem\tsftp\t$gpath/libexec/sftp-server\n";
$_ =~ s:/+:/:g;
sub alterFileGlobusLocation
{
- my ($file) = @_;
+ my ($in, $out) = @_;
- $data = readFile($file);
- $data =~ s|\@GSI_OPENSSH_GLOBUS_LOCATION\@|$gpath|g;
- writeFile($file, $data);
+ if ( -r $in )
+ {
+ if ( ( -w $out ) || ( ! -e $out ) )
+ {
+ $data = readFile($in);
+ $data =~ s|\@GLOBUS_LOCATION\@|$gpath|g;
+ writeFile($out, $data);
+ action("chmod 755 $out");
+ }
+ }
}
sub alterFiles
{
- my (@files);
-
- @files = (
- "$gosharedir/contrib/caldera/sshd.init",
- );
+ alterFileGlobusLocation("$setupdir/SXXsshd.in", "$sbindir/SXXsshd");
}
### readFile( $filename )
print "\n";
$response = query_boolean("Do you wish to continue with the setup package?","y");
-
if ($response eq "n")
{
print "\n";
exit 0;
}
+print "\n";
+
$keyhash = determineKeys();
runKeyGen($keyhash->{gen});
copyKeyFiles($keyhash->{copy});
fixpaths();
+alterFiles();
my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");
$metadata->finish();
-print "---------------------------------------------------------------------\n";
-print "$myname: Finished configuring package 'gsi_openssh'.\n";
print "\n";
print "Additional Notes:\n";
print "\n";
print " \t\$ LD_LIBRARY_PATH=\"$gpath/lib:\$LD_LIBRARY_PATH\"; \\\n";
print " \t export LD_LIBRARY_PATH\n";
print "\n";
+print " If you wish, you may run, e.g.:\n";
+print "\n";
+print " \t\$ . \$GLOBUS_LOCATION/etc/globus-user-env.sh\n";
+print "\n";
+print " to prepare your environment for running the gsi_openssh\n";
+print " executables.\n";
+print "\n";
print "---------------------------------------------------------------------\n";
+print "$myname: Finished configuring package 'gsi_openssh'.\n";
#
# Just need a minimal action() subroutine for now..
printf "$command\n";
- my $result = system("$command 2>&1");
+ my $result = system("LD_LIBRARY_PATH=\"$gpath/lib:\$LD_LIBRARY_PATH\"; $command 2>&1");
if (($result or $?) and $command !~ m!patch!)
{
andersk / gssapi-openssh.git / blobdiff