]>
Commit | Line | Data |
---|---|---|
9cefe228 | 1 | #!/bin/sh |
2 | # | |
3 | # Fake Root Solaris/SVR4/SVR5 Build System - Prototype | |
4 | # | |
5 | # The following code has been provide under Public Domain License. I really | |
6 | # don't care what you use it for. Just as long as you don't complain to me | |
7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) | |
8 | # | |
9 | umask 022 | |
10 | # | |
11 | # Options for building the package | |
12 | # You can create a openssh-config.local with your customized options | |
13 | # | |
14 | REMOVE_FAKE_ROOT_WHEN_DONE=yes | |
15 | # | |
16 | # uncommenting TEST_DIR and using | |
17 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty | |
18 | # and | |
19 | # PKGNAME=tOpenSSH should allow testing a package without interfering | |
20 | # with a real OpenSSH package on a system. This is not needed on systems | |
21 | # that support the -R option to pkgadd. | |
22 | #TEST_DIR=/var/tmp # leave commented out for production build | |
23 | PKGNAME=OpenSSH | |
d386a795 | 24 | # revisions within the same version (REV=a) |
25 | #REV= | |
9cefe228 | 26 | SYSVINIT_NAME=opensshd |
b18359f6 | 27 | AWK=${AWK:="nawk"} |
9cefe228 | 28 | MAKE=${MAKE:="make"} |
29 | SSHDUID=67 # Default privsep uid | |
30 | SSHDGID=67 # Default privsep gid | |
31 | # uncomment these next three as needed | |
32 | #PERMIT_ROOT_LOGIN=no | |
33 | #X11_FORWARDING=yes | |
34 | #USR_LOCAL_IS_SYMLINK=yes | |
35 | # System V init run levels | |
36 | SYSVINITSTART=S98 | |
37 | SYSVINITSTOPT=K30 | |
38 | # We will source these if they exist | |
103ff395 | 39 | POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
9cefe228 | 40 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
41 | # We'll be one level deeper looking for these | |
42 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local | |
43 | PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local | |
44 | PKG_PREREMOVE_LOCAL=../pkg-preremove.local | |
45 | PKG_POSTREMOVE_LOCAL=../pkg-postremove.local | |
46 | PKG_REQUEST_LOCAL=../pkg-request.local | |
47 | # end of sourced files | |
48 | # | |
ddd8c95b | 49 | OPENSSHD=opensshd.init |
29eadd7c | 50 | OPENSSH_MANIFEST=openssh.xml |
51 | OPENSSH_FMRI=svc:/site/openssh:default | |
9cefe228 | 52 | |
53 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ | |
54 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ | |
55 | PATH_PASSWD_PROG=@PATH_PASSWD_PROG@ | |
56 | # | |
57 | # list of system directories we do NOT want to change owner/group/perms | |
58 | # when installing our package | |
59 | SYSTEM_DIR="/etc \ | |
60 | /etc/init.d \ | |
61 | /etc/rcS.d \ | |
62 | /etc/rc0.d \ | |
63 | /etc/rc1.d \ | |
64 | /etc/rc2.d \ | |
65 | /etc/opt \ | |
29eadd7c | 66 | /lib \ |
67 | /lib/svc \ | |
68 | /lib/svc/method \ | |
69 | /lib/svc/method/site \ | |
9cefe228 | 70 | /opt \ |
71 | /opt/bin \ | |
72 | /usr \ | |
73 | /usr/bin \ | |
74 | /usr/lib \ | |
75 | /usr/sbin \ | |
76 | /usr/share \ | |
77 | /usr/share/man \ | |
78 | /usr/share/man/man1 \ | |
79 | /usr/share/man/man8 \ | |
80 | /usr/local \ | |
81 | /usr/local/bin \ | |
82 | /usr/local/etc \ | |
83 | /usr/local/libexec \ | |
84 | /usr/local/man \ | |
85 | /usr/local/man/man1 \ | |
86 | /usr/local/man/man8 \ | |
87 | /usr/local/sbin \ | |
88 | /usr/local/share \ | |
89 | /var \ | |
90 | /var/opt \ | |
91 | /var/run \ | |
29eadd7c | 92 | /var/svc \ |
93 | /var/svc/manifest \ | |
94 | /var/svc/manifest/site \ | |
9cefe228 | 95 | /var/tmp \ |
96 | /tmp" | |
97 | ||
98 | # We may need to build as root so we make sure PATH is set up | |
99 | # only set the path if it's not set already | |
100 | [ -d /opt/bin ] && { | |
101 | echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 | |
102 | [ $? -ne 0 ] && PATH=$PATH:/opt/bin | |
103 | } | |
104 | [ -d /usr/local/bin ] && { | |
105 | echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 | |
106 | [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin | |
107 | } | |
108 | [ -d /usr/ccs/bin ] && { | |
109 | echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 | |
110 | [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin | |
111 | } | |
112 | export PATH | |
113 | # | |
114 | ||
115 | [ -f Makefile ] || { | |
116 | echo "Please run this script from your build directory" | |
117 | exit 1 | |
118 | } | |
119 | ||
120 | # we will look for openssh-config.local to override the above options | |
121 | [ -s ./openssh-config.local ] && . ./openssh-config.local | |
122 | ||
123 | START=`pwd` | |
124 | FAKE_ROOT=$START/pkg | |
125 | ||
126 | ## Fill in some details, like prefix and sysconfdir | |
127 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir | |
128 | do | |
129 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` | |
130 | done | |
131 | ||
29eadd7c | 132 | ## Are we using Solaris' SMF? |
133 | DO_SMF=0 | |
134 | if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 | |
135 | then | |
136 | DO_SMF=1 | |
137 | fi | |
9cefe228 | 138 | |
139 | ## Collect value of privsep user | |
140 | for confvar in SSH_PRIVSEP_USER | |
141 | do | |
142 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` | |
143 | done | |
144 | ||
145 | ## Set privsep defaults if not defined | |
146 | if [ -z "$SSH_PRIVSEP_USER" ] | |
147 | then | |
148 | SSH_PRIVSEP_USER=sshd | |
149 | fi | |
150 | ||
151 | ## Extract common info requires for the 'info' part of the package. | |
152 | VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` | |
153 | ||
154 | ARCH=`uname -m` | |
155 | DEF_MSG="\n" | |
156 | OS_VER=`uname -v` | |
157 | SCRIPT_SHELL=/sbin/sh | |
1f231631 | 158 | UNAME_R=`uname -r` |
9cefe228 | 159 | UNAME_S=`uname -s` |
160 | case ${UNAME_S} in | |
161 | SunOS) UNAME_S=Solaris | |
1f231631 | 162 | OS_VER=${UNAME_R} |
9cefe228 | 163 | ARCH=`uname -p` |
164 | RCS_D=yes | |
165 | DEF_MSG="(default: n)" | |
166 | ;; | |
1f231631 | 167 | SCO_SV) case ${UNAME_R} in |
168 | 3.2) UNAME_S=OpenServer5 | |
9cefe228 | 169 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
1f231631 | 170 | ;; |
171 | 5) UNAME_S=OpenServer6 | |
172 | ;; | |
173 | esac | |
9cefe228 | 174 | SCRIPT_SHELL=/bin/sh |
175 | RC1_D=no | |
176 | DEF_MSG="(default: n)" | |
177 | ;; | |
178 | esac | |
179 | ||
180 | case `basename $0` in | |
181 | buildpkg.sh) | |
182 | ## Start by faking root install | |
183 | echo "Faking root install..." | |
184 | [ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT | |
185 | mkdir $FAKE_ROOT | |
186 | ${MAKE} install-nokeys DESTDIR=$FAKE_ROOT | |
187 | if [ $? -gt 0 ] | |
188 | then | |
189 | echo "Fake root install failed, stopping." | |
190 | exit 1 | |
191 | fi | |
192 | ||
193 | ## Setup our run level stuff while we are at it. | |
29eadd7c | 194 | if [ $DO_SMF -eq 1 ] |
195 | then | |
196 | # For Solaris' SMF, /lib/svc/method/site is the preferred place | |
197 | # for start/stop scripts that aren't supplied with the OS, and | |
198 | # similarly /var/svc/manifest/site for manifests. | |
199 | mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site | |
200 | mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site | |
201 | ||
202 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} | |
203 | chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} | |
204 | ||
205 | cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site | |
206 | chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST} | |
207 | else | |
208 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d | |
9cefe228 | 209 | |
29eadd7c | 210 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
211 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} | |
212 | fi | |
9cefe228 | 213 | |
214 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ | |
215 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ | |
216 | $FAKE_ROOT/${sysconfdir}/sshd_config | |
217 | [ "${X11_FORWARDING}" = yes ] && \ | |
218 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ | |
219 | $FAKE_ROOT/${sysconfdir}/sshd_config | |
220 | # fix PrintMotd | |
221 | perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ | |
222 | $FAKE_ROOT/${sysconfdir}/sshd_config | |
223 | ||
224 | # We don't want to overwrite config files on multiple installs | |
225 | mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default | |
226 | mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default | |
227 | [ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \ | |
228 | mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default | |
229 | ||
230 | # local tweeks here | |
231 | [ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} | |
232 | ||
233 | cd $FAKE_ROOT | |
234 | ||
235 | ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk | |
236 | ## whining. | |
237 | for i in *; do | |
238 | PROTO_ARGS="$PROTO_ARGS $i=/$i"; | |
239 | done | |
240 | ||
241 | ## Build info file | |
242 | echo "Building pkginfo file..." | |
243 | cat > pkginfo << _EOF | |
244 | PKG=$PKGNAME | |
245 | NAME="OpenSSH Portable for ${UNAME_S}" | |
246 | DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." | |
247 | VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" | |
248 | ARCH=$ARCH | |
d386a795 | 249 | VERSION=$VERSION$REV |
9cefe228 | 250 | CATEGORY="Security,application" |
251 | BASEDIR=/ | |
252 | CLASSES="none" | |
253 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" | |
254 | _EOF | |
255 | ||
256 | ## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS | |
257 | echo "Building depend file..." | |
258 | touch depend | |
259 | ||
260 | ## Build space file | |
261 | echo "Building space file..." | |
29eadd7c | 262 | if [ $DO_SMF -eq 1 ] |
263 | then | |
264 | # XXX Is this necessary? If not, remove space line from mk-proto.awk. | |
265 | touch space | |
266 | else | |
267 | cat > space << _EOF | |
268 | # extra space required by start/stop links added by installf | |
269 | # in postinstall | |
9cefe228 | 270 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 |
271 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 | |
272 | _EOF | |
29eadd7c | 273 | [ "$RC1_D" = no ] || \ |
274 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space | |
275 | [ "$RCS_D" = yes ] && \ | |
276 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space | |
277 | fi | |
9cefe228 | 278 | |
279 | ## Build preinstall file | |
280 | echo "Building preinstall file..." | |
281 | cat > preinstall << _EOF | |
282 | #! ${SCRIPT_SHELL} | |
283 | # | |
284 | _EOF | |
285 | ||
286 | # local preinstall changes here | |
287 | [ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} | |
288 | ||
289 | cat >> preinstall << _EOF | |
290 | # | |
29eadd7c | 291 | if [ "\${PRE_INS_STOP}" = "yes" ] |
292 | then | |
293 | if [ $DO_SMF -eq 1 ] | |
294 | then | |
295 | svcadm disable $OPENSSH_FMRI | |
296 | else | |
297 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | |
298 | fi | |
299 | fi | |
300 | ||
9cefe228 | 301 | exit 0 |
302 | _EOF | |
303 | ||
304 | ## Build postinstall file | |
305 | echo "Building postinstall file..." | |
306 | cat > postinstall << _EOF | |
307 | #! ${SCRIPT_SHELL} | |
308 | # | |
309 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ | |
310 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ | |
311 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config | |
312 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ | |
313 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ | |
314 | \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config | |
315 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && { | |
316 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\ | |
317 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\ | |
318 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds | |
319 | } | |
320 | ||
321 | # make rc?.d dirs only if we are doing a test install | |
29eadd7c | 322 | [ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { |
9cefe228 | 323 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d |
324 | mkdir -p ${TEST_DIR}/etc/rc0.d | |
325 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d | |
326 | mkdir -p ${TEST_DIR}/etc/rc2.d | |
327 | } | |
328 | ||
29eadd7c | 329 | if [ $DO_SMF -eq 1 ] |
9cefe228 | 330 | then |
29eadd7c | 331 | # Delete the existing service, if it exists, then import the |
332 | # new one. | |
333 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 | |
334 | then | |
335 | svccfg delete -f $OPENSSH_FMRI | |
336 | fi | |
337 | # NOTE, if manifest enables sshd by default, this will actually | |
338 | # start the daemon, which may not be what the user wants. | |
339 | svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST | |
9cefe228 | 340 | else |
29eadd7c | 341 | if [ "\${USE_SYM_LINKS}" = yes ] |
342 | then | |
343 | [ "$RCS_D" = yes ] && \ | |
344 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
345 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
346 | [ "$RC1_D" = no ] || \ | |
347 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
348 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
349 | else | |
350 | [ "$RCS_D" = yes ] && \ | |
351 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
352 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
353 | [ "$RC1_D" = no ] || \ | |
354 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
355 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
356 | fi | |
9cefe228 | 357 | fi |
358 | ||
359 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) | |
360 | [ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys | |
361 | ||
362 | _EOF | |
363 | ||
364 | # local postinstall changes here | |
365 | [ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} | |
366 | ||
367 | cat >> postinstall << _EOF | |
368 | installf -f ${PKGNAME} | |
369 | ||
370 | # Use chroot to handle PKG_INSTALL_ROOT | |
371 | if [ ! -z "\${PKG_INSTALL_ROOT}" ] | |
372 | then | |
373 | chroot="chroot \${PKG_INSTALL_ROOT}" | |
374 | fi | |
375 | # If this is a test build, we will skip the groupadd/useradd/passwd commands | |
376 | if [ ! -z "${TEST_DIR}" ] | |
377 | then | |
378 | chroot=echo | |
379 | fi | |
380 | ||
16082eaa | 381 | echo "PrivilegeSeparation user always required." |
d386a795 | 382 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
383 | then | |
384 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." | |
385 | SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` | |
386 | SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` | |
387 | else | |
388 | DO_PASSWD=yes | |
389 | fi | |
390 | [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER | |
391 | ||
392 | # group required? | |
393 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null | |
9cefe228 | 394 | then |
d386a795 | 395 | echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." |
9cefe228 | 396 | else |
d386a795 | 397 | DO_GROUP=yes |
398 | fi | |
399 | ||
400 | # create group if required | |
401 | [ "\$DO_GROUP" = yes ] && { | |
9cefe228 | 402 | # Use gid of 67 if possible |
403 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null | |
404 | then | |
405 | : | |
406 | else | |
407 | sshdgid="-g $SSHDGID" | |
408 | fi | |
d386a795 | 409 | echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." |
410 | \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP | |
411 | } | |
9cefe228 | 412 | |
413 | # Create user if required | |
d386a795 | 414 | [ "\$DO_PASSWD" = yes ] && { |
9cefe228 | 415 | # Use uid of 67 if possible |
b5c428f0 | 416 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null |
9cefe228 | 417 | then |
418 | : | |
419 | else | |
420 | sshduid="-u $SSHDUID" | |
421 | fi | |
422 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." | |
423 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER | |
424 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER | |
d386a795 | 425 | } |
9cefe228 | 426 | |
29eadd7c | 427 | if [ "\${POST_INS_START}" = "yes" ] |
428 | then | |
429 | if [ $DO_SMF -eq 1 ] | |
430 | then | |
431 | # See svccfg import note above. The service may already | |
432 | # be started. | |
433 | svcadm enable $OPENSSH_FMRI | |
434 | else | |
435 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start | |
436 | fi | |
437 | fi | |
9cefe228 | 438 | exit 0 |
439 | _EOF | |
440 | ||
441 | ## Build preremove file | |
442 | echo "Building preremove file..." | |
443 | cat > preremove << _EOF | |
444 | #! ${SCRIPT_SHELL} | |
445 | # | |
29eadd7c | 446 | if [ $DO_SMF -eq 1 ] |
447 | then | |
448 | svcadm disable $OPENSSH_FMRI | |
449 | else | |
450 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | |
451 | fi | |
9cefe228 | 452 | _EOF |
453 | ||
454 | # local preremove changes here | |
455 | [ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} | |
456 | ||
457 | cat >> preremove << _EOF | |
458 | exit 0 | |
459 | _EOF | |
460 | ||
461 | ## Build postremove file | |
462 | echo "Building postremove file..." | |
463 | cat > postremove << _EOF | |
464 | #! ${SCRIPT_SHELL} | |
465 | # | |
29eadd7c | 466 | if [ $DO_SMF -eq 1 ] |
467 | then | |
468 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 | |
469 | then | |
470 | svccfg delete -f $OPENSSH_FMRI | |
471 | fi | |
472 | fi | |
9cefe228 | 473 | _EOF |
474 | ||
475 | # local postremove changes here | |
476 | [ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} | |
477 | ||
478 | cat >> postremove << _EOF | |
479 | exit 0 | |
480 | _EOF | |
481 | ||
482 | ## Build request file | |
483 | echo "Building request file..." | |
484 | cat > request << _EOF | |
485 | trap 'exit 3' 15 | |
486 | ||
487 | _EOF | |
488 | ||
489 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF | |
490 | ||
491 | ckyorn() { | |
1f231631 | 492 | # for some strange reason OpenServer5 has no ckyorn |
9cefe228 | 493 | # We build a striped down version here |
494 | ||
495 | DEFAULT=n | |
496 | PROMPT="Yes or No [yes,no,?,quit]" | |
497 | HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." | |
498 | USAGE="usage: ckyorn [options] | |
499 | where options may include: | |
500 | -d default | |
501 | -h help | |
502 | -p prompt | |
503 | " | |
504 | ||
505 | if [ \$# != 0 ] | |
506 | then | |
507 | while getopts d:p:h: c | |
508 | do | |
509 | case \$c in | |
510 | h) HELP_PROMPT="\$OPTARG" ;; | |
511 | d) DEFAULT=\$OPTARG ;; | |
512 | p) PROMPT=\$OPTARG ;; | |
513 | \\?) echo "\$USAGE" 1>&2 | |
514 | exit 1 ;; | |
515 | esac | |
516 | done | |
517 | shift \`expr \$OPTIND - 1\` | |
518 | fi | |
519 | ||
520 | while true | |
521 | do | |
522 | echo "\${PROMPT}\\c " 1>&2 | |
523 | read key | |
524 | [ -z "\$key" ] && key=\$DEFAULT | |
525 | case \$key in | |
526 | [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" | |
527 | exit 0 ;; | |
528 | \\?) echo \$HELP_PROMPT 1>&2 ;; | |
529 | q|quit) echo "q\\c" 1>&2 | |
530 | exit 3 ;; | |
531 | esac | |
532 | done | |
533 | ||
534 | } | |
535 | ||
536 | _EOF | |
537 | ||
29eadd7c | 538 | if [ $DO_SMF -eq 1 ] |
539 | then | |
540 | # This could get hairy, as the running sshd may not be under SMF. | |
541 | # We'll assume an earlier version of OpenSSH started via SMF. | |
542 | cat >> request << _EOF | |
543 | PRE_INS_STOP=no | |
544 | POST_INS_START=no | |
545 | # determine if should restart the daemon | |
546 | if [ -s ${piddir}/sshd.pid ] && \ | |
547 | /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 | |
548 | then | |
549 | ans=\`ckyorn -d n \ | |
550 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? | |
551 | case \$ans in | |
552 | [y,Y]*) PRE_INS_STOP=yes | |
553 | POST_INS_START=yes | |
554 | ;; | |
555 | esac | |
556 | ||
557 | else | |
558 | ||
559 | # determine if we should start sshd | |
560 | ans=\`ckyorn -d n \ | |
561 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? | |
562 | case \$ans in | |
563 | [y,Y]*) POST_INS_START=yes ;; | |
564 | esac | |
565 | fi | |
566 | ||
567 | # make parameters available to installation service, | |
568 | # and so to any other packaging scripts | |
569 | cat >\$1 <<! | |
570 | PRE_INS_STOP='\$PRE_INS_STOP' | |
571 | POST_INS_START='\$POST_INS_START' | |
572 | ! | |
573 | ||
574 | _EOF | |
575 | else | |
576 | cat >> request << _EOF | |
9cefe228 | 577 | USE_SYM_LINKS=no |
578 | PRE_INS_STOP=no | |
579 | POST_INS_START=no | |
580 | # Use symbolic links? | |
581 | ans=\`ckyorn -d n \ | |
582 | -p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? | |
583 | case \$ans in | |
584 | [y,Y]*) USE_SYM_LINKS=yes ;; | |
585 | esac | |
586 | ||
587 | # determine if should restart the daemon | |
588 | if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] | |
589 | then | |
590 | ans=\`ckyorn -d n \ | |
591 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? | |
592 | case \$ans in | |
593 | [y,Y]*) PRE_INS_STOP=yes | |
594 | POST_INS_START=yes | |
595 | ;; | |
596 | esac | |
597 | ||
598 | else | |
599 | ||
600 | # determine if we should start sshd | |
601 | ans=\`ckyorn -d n \ | |
602 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? | |
603 | case \$ans in | |
604 | [y,Y]*) POST_INS_START=yes ;; | |
605 | esac | |
606 | fi | |
607 | ||
608 | # make parameters available to installation service, | |
609 | # and so to any other packaging scripts | |
610 | cat >\$1 <<! | |
611 | USE_SYM_LINKS='\$USE_SYM_LINKS' | |
612 | PRE_INS_STOP='\$PRE_INS_STOP' | |
613 | POST_INS_START='\$POST_INS_START' | |
614 | ! | |
615 | ||
616 | _EOF | |
29eadd7c | 617 | fi |
9cefe228 | 618 | |
619 | # local request changes here | |
620 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} | |
621 | ||
622 | cat >> request << _EOF | |
623 | exit 0 | |
624 | ||
625 | _EOF | |
626 | ||
627 | ## Next Build our prototype | |
628 | echo "Building prototype file..." | |
629 | cat >mk-proto.awk << _EOF | |
630 | BEGIN { print "i pkginfo"; print "i depend"; \\ | |
631 | print "i preinstall"; print "i postinstall"; \\ | |
632 | print "i preremove"; print "i postremove"; \\ | |
633 | print "i request"; print "i space"; \\ | |
634 | split("$SYSTEM_DIR",sys_files); } | |
635 | { | |
636 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) | |
637 | { if ( \$1 == "s" ) | |
638 | { \$5=""; \$6=""; } | |
639 | else | |
640 | { \$5="root"; \$6="sys"; } | |
641 | } | |
642 | else | |
643 | { \$4="?"; \$5="?"; \$6="?"; break;} | |
644 | } } | |
645 | { print; } | |
646 | _EOF | |
647 | ||
648 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ | |
b18359f6 | 649 | pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype |
9cefe228 | 650 | |
651 | # /usr/local is a symlink on some systems | |
652 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { | |
653 | grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new | |
654 | mv prototype.new prototype | |
655 | } | |
656 | ||
657 | ## Step back a directory and now build the package. | |
658 | cd .. | |
659 | # local prototype tweeks here | |
660 | [ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} | |
661 | ||
662 | echo "Building package.." | |
663 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o | |
d386a795 | 664 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
9cefe228 | 665 | ;; |
666 | ||
667 | justpkg.sh) | |
668 | rm -fr ${FAKE_ROOT}/${PKGNAME} | |
669 | grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp | |
670 | mv $$tmp $FAKE_ROOT/pkginfo | |
671 | cat >> $FAKE_ROOT/pkginfo << _EOF | |
672 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" | |
673 | _EOF | |
674 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o | |
d386a795 | 675 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
9cefe228 | 676 | ;; |
677 | ||
678 | esac | |
679 | ||
680 | [ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT | |
25616c13 | 681 | exit 0 |
9cefe228 | 682 |