o Since (1) along with the host keys we are installing the ssh config

     files into /etc/ssh, (2) you must be root to write to /etc/ssh, and
     (3) the fixpaths portion of setup-openssh.pl requires the config
     files to be present before it can do its magic, then I've decided
     to put everything back into one setup file.  This setup file must
     be run as root to work properly, and checks for the right environment
     are coming soon.  This is prelim.

diff --git a/setup/filelist b/setup/filelist
index c5cdd0b224fa4611ab7dd6176df72807dd1b939d..78eafeb1fa364446313de608ffe66ef018099107 100644 (file)
--- a/setup/filelist
+++ b/setup/filelist
@@ -1,4 +1,2 @@
 setup/globus/setup-openssh
 setup/globus/setup-openssh.pl
-setup/globus/setup-openssh-keys
-setup/globus/setup-openssh-keys.pl

diff --git a/setup/pkg_data_src.gpt b/setup/pkg_data_src.gpt
index 4c751ceb24d6ac6594e2812a18c3ebf7af1bf3d8..d9cbb7540de0021eeab29104ee41f3e25628044b 100644 (file)
--- a/setup/pkg_data_src.gpt
+++ b/setup/pkg_data_src.gpt
@@ -23,8 +23,6 @@
       <COMMENT> what happens if INSTALLDIR_GPTMACRO/setup doesn't exist? </COMMENT>
       <Build_Step>cp setup-openssh INSTALLDIR_GPTMACRO/setup/globus/setup-openssh</Build_Step>
       <Build_Step>cp setup-openssh.pl INSTALLDIR_GPTMACRO/setup/globus/setup-openssh.pl</Build_Step>
-      <Build_Step>cp setup-openssh-keys INSTALLDIR_GPTMACRO/setup/globus/setup-openssh-keys</Build_Step>
-      <Build_Step>cp setup-openssh-keys.pl INSTALLDIR_GPTMACRO/setup/globus/setup-openssh-keys.pl</Build_Step>
 
     </Build_Instructions>
 

diff --git a/setup/setup-openssh-keys b/setup/setup-openssh-keys
deleted file mode 100644 (file)
index b36b261..0000000
--- a/setup/setup-openssh-keys
+++ /dev/null
@@ -1,8 +0,0 @@
-#! /bin/sh
-
-if [ "$GLOBUS_LOCATION" = "" ]; then
-  echo "Set GLOBUS_LOCATION before running this script"
-  exit 1
-fi
-
-perl $GLOBUS_LOCATION/setup/globus/setup-openssh-keys.pl

diff --git a/setup/setup-openssh-keys.pl b/setup/setup-openssh-keys.pl
deleted file mode 100644 (file)
index 20f3aff..0000000
--- a/setup/setup-openssh-keys.pl
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# setup-openssh-keys.pl:
-#   Generates the host keys for the openssh install.
-#
-# Send comments/fixes/suggestions to:
-# Chase Phillips <cphillip@ncsa.uiuc.edu>
-#
-
-$gpath = $ENV{GLOBUS_LOCATION};
-if (!defined($gpath))
-{
-    die "GLOBUS_LOCATION needs to be set before running this script"
-}
-
-#
-# i'm including this because other perl scripts in the gpt setup directories
-# do so
-#
-
-@INC = (@INC, "$gpath/lib/perl");
-
-require Grid::GPT::Setup;
-
-my $globusdir = $gpath;
-my $setupdir = "$globusdir/setup/globus";
-my $myname = "setup-openssh-keys.pl";
-
-print "$myname: Configuring keys for package 'gsi_openssh'...\n";
-
-#
-# Set up path prefixes for use in the path translations
-#
-
-$prefix = ${globusdir};
-$exec_prefix = "${prefix}";
-$bindir = "${exec_prefix}/bin";
-$sysconfdir = "/etc";
-
-sub runkeygen
-{
-    print "Generating ssh keys (if necessary)...\n";
-    if ( -e "${sysconfdir}/ssh_host_key" )
-    {
-        print "${sysconfdir}/ssh_host_key already exists, skipping.\n";
-    }
-    else
-    {
-        # if $sysconfdir/ssh_host_key doesn't exist..
-        system("$bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N \"\"");
-    }
-
-    if ( -e "${sysconfdir}/ssh_host_dsa_key" )
-    {
-        print "${sysconfdir}/ssh_host_dsa_key already exists, skipping.\n";
-    }
-    else
-    {
-        # if $sysconfdir/ssh_host_dsa_key doesn't exist..
-        system("$bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N \"\"");
-    }
-
-    if ( -e "${sysconfdir}/ssh_host_rsa_key" )
-    {
-        print "${sysconfdir}/ssh_host_rsa_key already exists, skipping.\n";
-    }
-    else
-    {
-        # if $sysconfdir/ssh_host_rsa_key doesn't exist..
-        system("$bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N \"\"");
-    }
-
-    return 0;
-}
-
-runkeygen();

diff --git a/setup/setup-openssh.pl b/setup/setup-openssh.pl
index 8ddef0212dc414ee00f1bc1a7036d4354dd211dd..c5360ac2333a889bb896761d2d45bb34d8f7fc1f 100644 (file)
--- a/setup/setup-openssh.pl
+++ b/setup/setup-openssh.pl
@@ -30,6 +30,7 @@ my $setupdir = "$globusdir/setup/globus";
 my $myname = "setup-openssh.pl";
 
 print "$myname: Configuring package 'gsi_openssh'...\n";
+print "Run this as root for the intended effect...\n";
 
 #
 # Set up path prefixes for use in the path translations
@@ -42,10 +43,91 @@ $sbindir = "${exec_prefix}/sbin";
 $mandir = "${prefix}/man";
 $mansubdir = "man";
 $libexecdir = "${exec_prefix}/libexec";
-$sysconfdir = "${prefix}/etc";
+$sysconfdir = "/etc/ssh";
 $piddir = "/var/run";
 $xauth_path = "/usr/bin/X11/xauth";
 
+#
+# Just need a minimal action() subroutine for now..
+#
+
+sub action
+{
+    my $command = @_;
+
+    printf "$command\n";
+
+    my $result = system("$command 2>&1");
+
+    if (($result or $?) and $command !~ m!patch!)
+    {
+        die "ERROR: Unable to execute command: $!\n";
+    }
+}
+
+sub copy_setup_files
+{
+    if ( -e "${sysconfdir}/ssh_config" )
+    {
+        print "${sysconfdir}/ssh_config already exists, skipping.\n";
+    }
+    else
+    {
+        action("cp ${globusdir}/setup/globus/ssh_config ${sysconfdir}/ssh_config");
+    }
+
+    if ( -e "${sysconfdir}/sshd_config" )
+    {
+        print "${sysconfdir}/sshd_config already exists, skipping.\n";
+    }
+    else
+    {
+        action("cp ${globusdir}/setup/globus/sshd_config ${sysconfdir}/sshd_config");
+    }
+}
+
+sub runkeygen
+{
+    if ( ! -d "${sysconfdir}" )
+    {
+        print "Could not find ${sysconfdir} directory... creating\n";
+        mkdir($sysconfdir, mode);
+    }
+
+    print "Generating ssh keys (if necessary)...\n";
+    if ( -e "${sysconfdir}/ssh_host_key" )
+    {
+        print "${sysconfdir}/ssh_host_key already exists, skipping.\n";
+    }
+    else
+    {
+        # if $sysconfdir/ssh_host_key doesn't exist..
+        system("$bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N \"\"");
+    }
+
+    if ( -e "${sysconfdir}/ssh_host_dsa_key" )
+    {
+        print "${sysconfdir}/ssh_host_dsa_key already exists, skipping.\n";
+    }
+    else
+    {
+        # if $sysconfdir/ssh_host_dsa_key doesn't exist..
+        system("$bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N \"\"");
+    }
+
+    if ( -e "${sysconfdir}/ssh_host_rsa_key" )
+    {
+        print "${sysconfdir}/ssh_host_rsa_key already exists, skipping.\n";
+    }
+    else
+    {
+        # if $sysconfdir/ssh_host_rsa_key doesn't exist..
+        system("$bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N \"\"");
+    }
+
+    return 0;
+}
+
 sub fixpaths
 {
     #
@@ -78,26 +160,26 @@ sub fixpaths
     # Files on which to perform path translations
     #
 
-    @files = (
-        "${bindir}/scp",
-        "${bindir}/sftp",
-        "${sbindir}/sshd",
-        "${sysconfdir}/ssh_config",
-        "${sysconfdir}/sshd_config",
-        "${sysconfdir}/moduli",
-        "${mandir}/${mansubdir}1/scp.1",
-        "${mandir}/${mansubdir}1/ssh-add.1",
-        "${mandir}/${mansubdir}1/ssh-agent.1",
-        "${mandir}/${mansubdir}1/ssh-keygen.1",
-        "${mandir}/${mansubdir}1/ssh-keyscan.1",
-        "${mandir}/${mansubdir}1/ssh.1",
-        "${mandir}/${mansubdir}8/sshd.8",
-        "${mandir}/${mansubdir}8/sftp-server.8",
-        "${mandir}/${mansubdir}1/sftp.1",
+    %files = (
+        "${bindir}/scp", 0
+        "${bindir}/sftp", 0
+        "${sbindir}/sshd", 0
+        "${sysconfdir}/ssh_config", 1
+        "${sysconfdir}/sshd_config", 1
+        "${sysconfdir}/moduli", 1
+        "${mandir}/${mansubdir}1/scp.1", 0
+        "${mandir}/${mansubdir}1/ssh-add.1", 0
+        "${mandir}/${mansubdir}1/ssh-agent.1", 0
+        "${mandir}/${mansubdir}1/ssh-keygen.1", 0
+        "${mandir}/${mansubdir}1/ssh-keyscan.1", 0
+        "${mandir}/${mansubdir}1/ssh.1", 0
+        "${mandir}/${mansubdir}8/sshd.8", 0
+        "${mandir}/${mansubdir}8/sftp-server.8", 0
+        "${mandir}/${mansubdir}1/sftp.1", 0
         );
 
     print "Translating strings in config/man files...\n";
-    for $f (@files)
+    for my $f (keys %files)
     {
         $f =~ /(.*\/)*(.*)$/;
 
@@ -116,11 +198,7 @@ sub fixpaths
         $uid = (stat($f))[4];
         $gid = (stat($f))[5];
 
-        $result = system("mv $f $g");
-        if ($result != 0)
-        {
-            die "Failed to copy $f to $g!\n";
-        }
+        action("mv $f $g");
 
         open(IN, "<$g") || die ("$0: input file $g missing!\n");
         open(OUT, ">$f") || die ("$0: unable to open output file $f!\n");
@@ -137,10 +215,13 @@ sub fixpaths
         close(OUT);
         close(IN);
 
-        $result = system("rm $g");
-        if ($result != 0)
+        if ($file{$f} eq 0)
+        {
+            action("rm $g");
+        }
+        else
         {
-            die "Failed to remove $g\n";
+            print "Left backup config file '$g'\n";
         }
 
         #
@@ -156,16 +237,7 @@ sub fixpaths
 }
 
 fixpaths();
-
-print "---------------------------------------------------------------------\n";
-print "If you would also like to run the sshd binary that came with this\n";
-print "package and you do not have host keys located in /etc, run (as root):\n";
-print "\n";
-print "  $setupdir/setup-openssh-keys\n";
-print "\n";
-print "This script creates machine-specific host keys in /etc that are\n";
-print "required by sshd.\n";
-print "---------------------------------------------------------------------\n";
+runkeygen();
 
 my $metadata = new Grid::GPT::Setup(package_name => "gsi_openssh_setup");