[openssh.git] / buildpkg.sh.in

#!/bin/sh
#
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
#
# The following code has been provide under Public Domain License.  I really
# don't care what you use it for.  Just as long as you don't complain to me
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
#
umask 022
#
# Options for building the package
# You can create a openssh-config.local with your customized options
#
REMOVE_FAKE_ROOT_WHEN_DONE=yes
#
# uncommenting TEST_DIR and using
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
# and
# PKGNAME=tOpenSSH should allow testing a package without interfering
# with a real OpenSSH package on a system. This is not needed on systems
# that support the -R option to pkgadd.
#TEST_DIR=/var/tmp	# leave commented out for production build
PKGNAME=OpenSSH
# revisions within the same version (REV=a)
#REV=
SYSVINIT_NAME=opensshd
AWK=${AWK:="nawk"}
MAKE=${MAKE:="make"}
SSHDUID=67	# Default privsep uid
SSHDGID=67	# Default privsep gid
# uncomment these next three as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
#USR_LOCAL_IS_SYMLINK=yes
# System V init run levels
SYSVINITSTART=S98
SYSVINITSTOPT=K30
# We will source these if they exist
POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
# We'll be one level deeper looking for these
PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
PKG_PREREMOVE_LOCAL=../pkg-preremove.local
PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
PKG_REQUEST_LOCAL=../pkg-request.local
# end of sourced files
#
OPENSSHD=opensshd.init
OPENSSH_MANIFEST=openssh.xml
OPENSSH_FMRI=svc:/site/openssh:default

PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
PATH_USERADD_PROG=@PATH_USERADD_PROG@
PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
#
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc	\
/etc/init.d		\
/etc/rcS.d		\
/etc/rc0.d		\
/etc/rc1.d		\
/etc/rc2.d		\
/etc/opt		\
/lib			\
/lib/svc		\
/lib/svc/method		\
/lib/svc/method/site	\
/opt			\
/opt/bin		\
/usr			\
/usr/bin		\
/usr/lib		\
/usr/sbin		\
/usr/share		\
/usr/share/man		\
/usr/share/man/man1	\
/usr/share/man/man8	\
/usr/local		\
/usr/local/bin		\
/usr/local/etc		\
/usr/local/libexec	\
/usr/local/man		\
/usr/local/man/man1	\
/usr/local/man/man8	\
/usr/local/sbin		\
/usr/local/share	\
/var			\
/var/opt		\
/var/run		\
/var/svc		\
/var/svc/manifest	\
/var/svc/manifest/site  \
/var/tmp		\
/tmp"

# We may need to build as root so we make sure PATH is set up
# only set the path if it's not set already
[ -d /opt/bin ]  &&  {
	echo $PATH | grep ":/opt/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
}
[ -d /usr/local/bin ]  &&  {
	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
}
[ -d /usr/ccs/bin ]  &&  {
	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
}
export PATH
#

[ -f Makefile ]  ||  {
	echo "Please run this script from your build directory"
	exit 1
}

# we will look for openssh-config.local to override the above options
[ -s ./openssh-config.local ]  &&  . ./openssh-config.local

START=`pwd`
FAKE_ROOT=$START/pkg

## Fill in some details, like prefix and sysconfdir
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
do
	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
done

## Are we using Solaris' SMF?
DO_SMF=0
if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
then
	DO_SMF=1
fi

## Collect value of privsep user
for confvar in SSH_PRIVSEP_USER
do
	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
done

## Set privsep defaults if not defined
if [ -z "$SSH_PRIVSEP_USER" ]
then
	SSH_PRIVSEP_USER=sshd
fi

## Extract common info requires for the 'info' part of the package.
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`

ARCH=`uname -m`
DEF_MSG="\n"
OS_VER=`uname -v`
SCRIPT_SHELL=/sbin/sh
UNAME_R=`uname -r`
UNAME_S=`uname -s`
case ${UNAME_S} in
	SunOS)	UNAME_S=Solaris
		OS_VER=${UNAME_R}
		ARCH=`uname -p`
		RCS_D=yes
		DEF_MSG="(default: n)"
		;;
	SCO_SV)	case ${UNAME_R} in
			3.2)	UNAME_S=OpenServer5
		OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
				;;
			5)	UNAME_S=OpenServer6
				;;
		esac
		SCRIPT_SHELL=/bin/sh
		RC1_D=no
		DEF_MSG="(default: n)"
		;;
esac

case `basename $0` in
	buildpkg.sh)
## Start by faking root install
echo "Faking root install..."
[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
mkdir $FAKE_ROOT
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
then
	echo "Fake root install failed, stopping."
	exit 1
fi

## Setup our run level stuff while we are at it.
if [ $DO_SMF -eq 1 ]
then
	# For Solaris' SMF, /lib/svc/method/site is the preferred place
	# for start/stop scripts that aren't supplied with the OS, and
	# similarly /var/svc/manifest/site for manifests.
	mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
	mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site

	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
	chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}

	cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
	chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST}
else
	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d

	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
fi

[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ]  &&  \
	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	$FAKE_ROOT/${sysconfdir}/sshd_config

# We don't want to overwrite config files on multiple installs
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default

# local tweeks here
[ -s "${POST_MAKE_INSTALL_FIXES}" ]  &&  . ${POST_MAKE_INSTALL_FIXES}

cd $FAKE_ROOT

## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
## whining.
for i in *; do
  PROTO_ARGS="$PROTO_ARGS $i=/$i";
done

## Build info file
echo "Building pkginfo file..."
cat > pkginfo << _EOF
PKG=$PKGNAME
NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH
VERSION=$VERSION$REV
CATEGORY="Security,application"
BASEDIR=/
CLASSES="none"
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF

## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
echo "Building depend file..."
touch depend

## Build space file
echo "Building space file..."
if [ $DO_SMF -eq 1 ]
then
	# XXX Is this necessary?  If not, remove space line from mk-proto.awk.
	touch space
else
	cat > space << _EOF
# extra space required by start/stop links added by installf 
# in postinstall
$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
_EOF
	[ "$RC1_D" = no ]  ||  \
	echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	[ "$RCS_D" = yes ]  &&  \
	echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
fi

## Build preinstall file
echo "Building preinstall file..."
cat > preinstall << _EOF
#! ${SCRIPT_SHELL}
#
_EOF

# local preinstall changes here
[ -s "${PKG_PREINSTALL_LOCAL}" ]  &&  . ${PKG_PREINSTALL_LOCAL}

cat >> preinstall << _EOF
#
if [ "\${PRE_INS_STOP}" = "yes" ]
then
	if [ $DO_SMF -eq 1 ] 
	then
		svcadm disable $OPENSSH_FMRI
	else
		${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	fi
fi

exit 0
_EOF

## Build postinstall file
echo "Building postinstall file..."
cat > postinstall << _EOF
#! ${SCRIPT_SHELL}
#
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
}

# make rc?.d dirs only if we are doing a test install
[ -n "${TEST_DIR}" ]  &&  [ $DO_SMF -ne 1 ] && {
	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
	mkdir -p ${TEST_DIR}/etc/rc0.d
	[ "$RC1_D" = no ]  ||  mkdir -p ${TEST_DIR}/etc/rc1.d
	mkdir -p ${TEST_DIR}/etc/rc2.d
}

if [ $DO_SMF -eq 1 ]
then
	# Delete the existing service, if it exists, then import the 
	# new one.
	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	then
		svccfg delete -f $OPENSSH_FMRI
	fi
	# NOTE, if manifest enables sshd by default, this will actually
	# start the daemon, which may not be what the user wants.
	svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST
else
	if [ "\${USE_SYM_LINKS}" = yes ]
	then
		[ "$RCS_D" = yes ]  &&  \
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
		[ "$RC1_D" = no ]  ||  \
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	else
		[ "$RCS_D" = yes ]  &&  \
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
		[ "$RC1_D" = no ]  ||  \
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	fi
fi

# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys

_EOF

# local postinstall changes here
[ -s "${PKG_POSTINSTALL_LOCAL}" ]  &&  . ${PKG_POSTINSTALL_LOCAL}

cat >> postinstall << _EOF
installf -f ${PKGNAME}

# Use chroot to handle PKG_INSTALL_ROOT
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
then
	chroot="chroot \${PKG_INSTALL_ROOT}"
fi
# If this is a test build, we will skip the groupadd/useradd/passwd commands
if [ ! -z "${TEST_DIR}" ]
then
	chroot=echo
fi

	echo "PrivilegeSeparation user always required."
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
		SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
		SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
	else
		DO_PASSWD=yes
	fi
	[ -z "\$SSH_PRIVSEP_GROUP" ]  &&  SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER

	# group required?
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
	then
		echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
	else
		DO_GROUP=yes
	fi

	# create group if required
	[ "\$DO_GROUP" = yes ]  &&  {
		# Use gid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshdgid="-g $SSHDGID"
		fi
		echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
		\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
	}

	# Create user if required
	[ "\$DO_PASSWD" = yes ]  &&  {
		# Use uid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
		then
			:
		else
			sshduid="-u $SSHDUID"
		fi
		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
		\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
		\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
	}

if [ "\${POST_INS_START}" = "yes" ]
then
	if [ $DO_SMF -eq 1 ]
	then
		# See svccfg import note above.  The service may already
		# be started.
		svcadm enable $OPENSSH_FMRI
	else
		${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
	fi
fi
exit 0
_EOF

## Build preremove file
echo "Building preremove file..."
cat > preremove << _EOF
#! ${SCRIPT_SHELL}
#
if [ $DO_SMF -eq 1 ] 
then
	svcadm disable $OPENSSH_FMRI
else
	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
fi
_EOF

# local preremove changes here
[ -s "${PKG_PREREMOVE_LOCAL}" ]  &&  . ${PKG_PREREMOVE_LOCAL}

cat >> preremove << _EOF
exit 0
_EOF

## Build postremove file
echo "Building postremove file..."
cat > postremove << _EOF
#! ${SCRIPT_SHELL}
#
if [ $DO_SMF -eq 1 ]
then
	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	then
		svccfg delete -f $OPENSSH_FMRI
	fi
fi
_EOF

# local postremove changes here
[ -s "${PKG_POSTREMOVE_LOCAL}" ]  &&  . ${PKG_POSTREMOVE_LOCAL}

cat >> postremove << _EOF
exit 0
_EOF

## Build request file
echo "Building request file..."
cat > request << _EOF
trap 'exit 3' 15

_EOF

[ -x /usr/bin/ckyorn ]  ||  cat >> request << _EOF

ckyorn() {
# for some strange reason OpenServer5 has no ckyorn
# We build a striped down version here

DEFAULT=n
PROMPT="Yes or No [yes,no,?,quit]"
HELP_PROMPT="        Enter y or yes if your answer is yes; n or no if your answer is no."
USAGE="usage: ckyorn [options]
where options may include:
        -d default
        -h help
        -p prompt
"

if [ \$# != 0 ]
then
	while getopts d:p:h: c
	do
		case \$c in
			h)	HELP_PROMPT="\$OPTARG" ;;
			d)	DEFAULT=\$OPTARG ;;
			p)	PROMPT=\$OPTARG ;;
			\\?)	echo "\$USAGE" 1>&2
				exit 1 ;;
		esac
	done
	shift \`expr \$OPTIND - 1\`
fi

while true
do
	echo "\${PROMPT}\\c " 1>&2
	read key
	[ -z "\$key" ]  &&  key=\$DEFAULT
	case \$key in
		[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S])	echo "\${key}\\c"
			exit 0 ;;
		\\?)	echo \$HELP_PROMPT 1>&2 ;;
		q|quit)	echo "q\\c" 1>&2
			exit 3 ;;
	esac
done

}

_EOF

if [ $DO_SMF -eq 1 ]
then
	# This could get hairy, as the running sshd may not be under SMF.
	# We'll assume an earlier version of OpenSSH started via SMF.
	cat >> request << _EOF
PRE_INS_STOP=no
POST_INS_START=no
# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  ] && \
    /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!

_EOF
else
	cat >> request << _EOF
USE_SYM_LINKS=no
PRE_INS_STOP=no
POST_INS_START=no
# Use symbolic links?
ans=\`ckyorn -d n \
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
case \$ans in
	[y,Y]*)	USE_SYM_LINKS=yes ;;
esac

# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
USE_SYM_LINKS='\$USE_SYM_LINKS'
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!

_EOF
fi

# local request changes here
[ -s "${PKG_REQUEST_LOCAL}" ]  &&  . ${PKG_REQUEST_LOCAL}

cat >> request << _EOF
exit 0

_EOF

## Next Build our prototype
echo "Building prototype file..."
cat >mk-proto.awk << _EOF
	    BEGIN { print "i pkginfo"; print "i depend"; \\
		    print "i preinstall"; print "i postinstall"; \\
 		    print "i preremove"; print "i postremove"; \\
		    print "i request"; print "i space"; \\
		    split("$SYSTEM_DIR",sys_files); }
	    {
	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
		     { if ( \$1 == "s" )
			{ \$5=""; \$6=""; }
		     else
			{ \$5="root"; \$6="sys"; }
		     }
		else
		     { \$4="?"; \$5="?"; \$6="?"; break;}
	    } }
	    { print; }
_EOF

find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
	pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype

# /usr/local is a symlink on some systems
[ "${USR_LOCAL_IS_SYMLINK}" = yes ]  &&  {
	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
	mv prototype.new prototype
}

## Step back a directory and now build the package.
cd ..
# local prototype tweeks here
[ -s "${POST_PROTOTYPE_EDITS}" ]  &&  . ${POST_PROTOTYPE_EDITS}

echo "Building package.."
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
	;;

	justpkg.sh)
rm -fr ${FAKE_ROOT}/${PKGNAME}
grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
mv $$tmp $FAKE_ROOT/pkginfo
cat >> $FAKE_ROOT/pkginfo << _EOF
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
	;;

esac

[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ]  &&  rm -rf $FAKE_ROOT
exit 0
Commit	Line	Data
9cefe228	1	#!/bin/sh
	2	#
	3	# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
	4	#
	5	# The following code has been provide under Public Domain License. I really
	6	# don't care what you use it for. Just as long as you don't complain to me
	7	# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
	8	#
	9	umask 022
	10	#
	11	# Options for building the package
	12	# You can create a openssh-config.local with your customized options
	13	#
	14	REMOVE_FAKE_ROOT_WHEN_DONE=yes
	15	#
	16	# uncommenting TEST_DIR and using
	17	# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
	18	# and
	19	# PKGNAME=tOpenSSH should allow testing a package without interfering
	20	# with a real OpenSSH package on a system. This is not needed on systems
	21	# that support the -R option to pkgadd.
	22	#TEST_DIR=/var/tmp # leave commented out for production build
	23	PKGNAME=OpenSSH
d386a795	24	# revisions within the same version (REV=a)
d386a795	25	#REV=
9cefe228	26	SYSVINIT_NAME=opensshd
b18359f6	27	AWK=${AWK:="nawk"}
9cefe228	28	MAKE=${MAKE:="make"}
	29	SSHDUID=67 # Default privsep uid
	30	SSHDGID=67 # Default privsep gid
	31	# uncomment these next three as needed
	32	#PERMIT_ROOT_LOGIN=no
	33	#X11_FORWARDING=yes
	34	#USR_LOCAL_IS_SYMLINK=yes
	35	# System V init run levels
	36	SYSVINITSTART=S98
	37	SYSVINITSTOPT=K30
	38	# We will source these if they exist
103ff395	39	POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
9cefe228	40	POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
	41	# We'll be one level deeper looking for these
	42	PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
	43	PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
	44	PKG_PREREMOVE_LOCAL=../pkg-preremove.local
	45	PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
	46	PKG_REQUEST_LOCAL=../pkg-request.local
	47	# end of sourced files
	48	#
ddd8c95b	49	OPENSSHD=opensshd.init
29eadd7c	50	OPENSSH_MANIFEST=openssh.xml
29eadd7c	51	OPENSSH_FMRI=svc:/site/openssh:default
9cefe228	52
	53	PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
	54	PATH_USERADD_PROG=@PATH_USERADD_PROG@
	55	PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
	56	#
	57	# list of system directories we do NOT want to change owner/group/perms
	58	# when installing our package
	59	SYSTEM_DIR="/etc \
	60	/etc/init.d \
	61	/etc/rcS.d \
	62	/etc/rc0.d \
	63	/etc/rc1.d \
	64	/etc/rc2.d \
	65	/etc/opt \
29eadd7c	66	/lib \
	67	/lib/svc \
	68	/lib/svc/method \
	69	/lib/svc/method/site \
9cefe228	70	/opt \
	71	/opt/bin \
	72	/usr \
	73	/usr/bin \
	74	/usr/lib \
	75	/usr/sbin \
	76	/usr/share \
	77	/usr/share/man \
	78	/usr/share/man/man1 \
	79	/usr/share/man/man8 \
	80	/usr/local \
	81	/usr/local/bin \
	82	/usr/local/etc \
	83	/usr/local/libexec \
	84	/usr/local/man \
	85	/usr/local/man/man1 \
	86	/usr/local/man/man8 \
	87	/usr/local/sbin \
	88	/usr/local/share \
	89	/var \
	90	/var/opt \
	91	/var/run \
29eadd7c	92	/var/svc \
	93	/var/svc/manifest \
	94	/var/svc/manifest/site \
9cefe228	95	/var/tmp \
	96	/tmp"
	97
	98	# We may need to build as root so we make sure PATH is set up
	99	# only set the path if it's not set already
	100	[ -d /opt/bin ] && {
	101	echo $PATH \| grep ":/opt/bin" > /dev/null 2>&1
	102	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
	103	}
	104	[ -d /usr/local/bin ] && {
	105	echo $PATH \| grep ":/usr/local/bin" > /dev/null 2>&1
	106	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
	107	}
	108	[ -d /usr/ccs/bin ] && {
	109	echo $PATH \| grep ":/usr/ccs/bin" > /dev/null 2>&1
	110	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
	111	}
	112	export PATH
	113	#
	114
	115	[ -f Makefile ] \|\| {
	116	echo "Please run this script from your build directory"
	117	exit 1
	118	}
	119
	120	# we will look for openssh-config.local to override the above options
	121	[ -s ./openssh-config.local ] && . ./openssh-config.local
	122
	123	START=`pwd`
	124	FAKE_ROOT=$START/pkg
	125
	126	## Fill in some details, like prefix and sysconfdir
	127	for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
	128	do
	129	eval $confvar=`grep "^$confvar=" Makefile \| cut -d = -f 2`
	130	done
	131
29eadd7c	132	## Are we using Solaris' SMF?
	133	DO_SMF=0
	134	if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
	135	then
	136	DO_SMF=1
	137	fi
9cefe228	138
	139	## Collect value of privsep user
	140	for confvar in SSH_PRIVSEP_USER
	141	do
	142	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
	143	done
	144
	145	## Set privsep defaults if not defined
	146	if [ -z "$SSH_PRIVSEP_USER" ]
	147	then
	148	SSH_PRIVSEP_USER=sshd
	149	fi
	150
	151	## Extract common info requires for the 'info' part of the package.
	152	VERSION=`./ssh -V 2>&1 \| sed -e 's/,.*//'`
	153
	154	ARCH=`uname -m`
	155	DEF_MSG="\n"
	156	OS_VER=`uname -v`
	157	SCRIPT_SHELL=/sbin/sh
1f231631	158	UNAME_R=`uname -r`
9cefe228	159	UNAME_S=`uname -s`
	160	case ${UNAME_S} in
	161	SunOS) UNAME_S=Solaris
1f231631	162	OS_VER=${UNAME_R}
9cefe228	163	ARCH=`uname -p`
	164	RCS_D=yes
	165	DEF_MSG="(default: n)"
	166	;;
1f231631	167	SCO_SV) case ${UNAME_R} in
1f231631	168	3.2) UNAME_S=OpenServer5
9cefe228	169	OS_VER=`uname -X \| grep Release \| sed -e 's/^Rel.*3.2v//'`
1f231631	170	;;
	171	5) UNAME_S=OpenServer6
	172	;;
	173	esac
9cefe228	174	SCRIPT_SHELL=/bin/sh
	175	RC1_D=no
	176	DEF_MSG="(default: n)"
	177	;;
	178	esac
	179
	180	case `basename $0` in
	181	buildpkg.sh)
	182	## Start by faking root install
	183	echo "Faking root install..."
	184	[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
	185	mkdir $FAKE_ROOT
	186	${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
	187	if [ $? -gt 0 ]
	188	then
	189	echo "Fake root install failed, stopping."
	190	exit 1
	191	fi
	192
	193	## Setup our run level stuff while we are at it.
29eadd7c	194	if [ $DO_SMF -eq 1 ]
	195	then
	196	# For Solaris' SMF, /lib/svc/method/site is the preferred place
	197	# for start/stop scripts that aren't supplied with the OS, and
	198	# similarly /var/svc/manifest/site for manifests.
	199	mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
	200	mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
	201
	202	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
	203	chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
	204
	205	cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
	206	chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST}
	207	else
	208	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
9cefe228	209
29eadd7c	210	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	211	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	212	fi
9cefe228	213
	214	[ "${PERMIT_ROOT_LOGIN}" = no ] && \
	215	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
	216	$FAKE_ROOT/${sysconfdir}/sshd_config
	217	[ "${X11_FORWARDING}" = yes ] && \
	218	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
	219	$FAKE_ROOT/${sysconfdir}/sshd_config
	220	# fix PrintMotd
	221	perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	222	$FAKE_ROOT/${sysconfdir}/sshd_config
	223
	224	# We don't want to overwrite config files on multiple installs
	225	mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
	226	mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
	227	[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
	228	mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
	229
	230	# local tweeks here
	231	[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
	232
	233	cd $FAKE_ROOT
	234
	235	## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
	236	## whining.
	237	for i in *; do
	238	PROTO_ARGS="$PROTO_ARGS $i=/$i";
	239	done
	240
	241	## Build info file
	242	echo "Building pkginfo file..."
	243	cat > pkginfo << _EOF
	244	PKG=$PKGNAME
	245	NAME="OpenSSH Portable for ${UNAME_S}"
	246	DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
	247	VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
	248	ARCH=$ARCH
d386a795	249	VERSION=$VERSION$REV
9cefe228	250	CATEGORY="Security,application"
	251	BASEDIR=/
	252	CLASSES="none"
	253	PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
	254	_EOF
	255
	256	## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
	257	echo "Building depend file..."
	258	touch depend
	259
	260	## Build space file
	261	echo "Building space file..."
29eadd7c	262	if [ $DO_SMF -eq 1 ]
	263	then
	264	# XXX Is this necessary? If not, remove space line from mk-proto.awk.
	265	touch space
	266	else
	267	cat > space << _EOF
	268	# extra space required by start/stop links added by installf
	269	# in postinstall
9cefe228	270	$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
	271	$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
	272	_EOF
29eadd7c	273	[ "$RC1_D" = no ] \|\| \
	274	echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	275	[ "$RCS_D" = yes ] && \
	276	echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	277	fi
9cefe228	278
	279	## Build preinstall file
	280	echo "Building preinstall file..."
	281	cat > preinstall << _EOF
	282	#! ${SCRIPT_SHELL}
	283	#
	284	_EOF
	285
	286	# local preinstall changes here
	287	[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
	288
	289	cat >> preinstall << _EOF
	290	#
29eadd7c	291	if [ "\${PRE_INS_STOP}" = "yes" ]
	292	then
	293	if [ $DO_SMF -eq 1 ]
	294	then
	295	svcadm disable $OPENSSH_FMRI
	296	else
	297	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	298	fi
	299	fi
	300
9cefe228	301	exit 0
	302	_EOF
	303
	304	## Build postinstall file
	305	echo "Building postinstall file..."
	306	cat > postinstall << _EOF
	307	#! ${SCRIPT_SHELL}
	308	#
	309	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] \|\| \\
	310	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
	311	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
	312	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] \|\| \\
	313	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
	314	\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
	315	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
	316	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] \|\| \\
	317	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
	318	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
	319	}
	320
	321	# make rc?.d dirs only if we are doing a test install
29eadd7c	322	[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
9cefe228	323	[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
	324	mkdir -p ${TEST_DIR}/etc/rc0.d
	325	[ "$RC1_D" = no ] \|\| mkdir -p ${TEST_DIR}/etc/rc1.d
	326	mkdir -p ${TEST_DIR}/etc/rc2.d
	327	}
	328
29eadd7c	329	if [ $DO_SMF -eq 1 ]
9cefe228	330	then
29eadd7c	331	# Delete the existing service, if it exists, then import the
	332	# new one.
	333	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	334	then
	335	svccfg delete -f $OPENSSH_FMRI
	336	fi
	337	# NOTE, if manifest enables sshd by default, this will actually
	338	# start the daemon, which may not be what the user wants.
	339	svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST
9cefe228	340	else
29eadd7c	341	if [ "\${USE_SYM_LINKS}" = yes ]
	342	then
	343	[ "$RCS_D" = yes ] && \
	344	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	345	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	346	[ "$RC1_D" = no ] \|\| \
	347	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	348	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	349	else
	350	[ "$RCS_D" = yes ] && \
	351	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	352	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	353	[ "$RC1_D" = no ] \|\| \
	354	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	355	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	356	fi
9cefe228	357	fi
	358
	359	# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
	360	[ -d $piddir ] \|\| installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
	361
	362	_EOF
	363
	364	# local postinstall changes here
	365	[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
	366
	367	cat >> postinstall << _EOF
	368	installf -f ${PKGNAME}
	369
	370	# Use chroot to handle PKG_INSTALL_ROOT
	371	if [ ! -z "\${PKG_INSTALL_ROOT}" ]
	372	then
	373	chroot="chroot \${PKG_INSTALL_ROOT}"
	374	fi
	375	# If this is a test build, we will skip the groupadd/useradd/passwd commands
	376	if [ ! -z "${TEST_DIR}" ]
	377	then
	378	chroot=echo
	379	fi
	380
16082eaa	381	echo "PrivilegeSeparation user always required."
d386a795	382	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	383	then
	384	echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	385	SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd \| awk -F: '{print \$4}'\`
	386	SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group \| awk -F: '{print \$1}'\`
	387	else
	388	DO_PASSWD=yes
	389	fi
	390	[ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
	391
	392	# group required?
	393	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
9cefe228	394	then
d386a795	395	echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
9cefe228	396	else
d386a795	397	DO_GROUP=yes
	398	fi
	399
	400	# create group if required
	401	[ "\$DO_GROUP" = yes ] && {
9cefe228	402	# Use gid of 67 if possible
	403	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSHDGID'\$' >/dev/null
	404	then
	405	:
	406	else
	407	sshdgid="-g $SSHDGID"
	408	fi
d386a795	409	echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
	410	\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
	411	}
9cefe228	412
9cefe228	413	# Create user if required
d386a795	414	[ "\$DO_PASSWD" = yes ] && {
9cefe228	415	# Use uid of 67 if possible
b5c428f0	416	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSHDUID'\$' >/dev/null
9cefe228	417	then
	418	:
	419	else
	420	sshduid="-u $SSHDUID"
	421	fi
	422	echo "Creating PrivSep user $SSH_PRIVSEP_USER."
	423	\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
	424	\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
d386a795	425	}
9cefe228	426
29eadd7c	427	if [ "\${POST_INS_START}" = "yes" ]
	428	then
	429	if [ $DO_SMF -eq 1 ]
	430	then
	431	# See svccfg import note above. The service may already
	432	# be started.
	433	svcadm enable $OPENSSH_FMRI
	434	else
	435	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
	436	fi
	437	fi
9cefe228	438	exit 0
	439	_EOF
	440
	441	## Build preremove file
	442	echo "Building preremove file..."
	443	cat > preremove << _EOF
	444	#! ${SCRIPT_SHELL}
	445	#
29eadd7c	446	if [ $DO_SMF -eq 1 ]
	447	then
	448	svcadm disable $OPENSSH_FMRI
	449	else
	450	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	451	fi
9cefe228	452	_EOF
	453
	454	# local preremove changes here
	455	[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
	456
	457	cat >> preremove << _EOF
	458	exit 0
	459	_EOF
	460
	461	## Build postremove file
	462	echo "Building postremove file..."
	463	cat > postremove << _EOF
	464	#! ${SCRIPT_SHELL}
	465	#
29eadd7c	466	if [ $DO_SMF -eq 1 ]
	467	then
	468	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	469	then
	470	svccfg delete -f $OPENSSH_FMRI
	471	fi
	472	fi
9cefe228	473	_EOF
	474
	475	# local postremove changes here
	476	[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
	477
	478	cat >> postremove << _EOF
	479	exit 0
	480	_EOF
	481
	482	## Build request file
	483	echo "Building request file..."
	484	cat > request << _EOF
	485	trap 'exit 3' 15
	486
	487	_EOF
	488
	489	[ -x /usr/bin/ckyorn ] \|\| cat >> request << _EOF
	490
	491	ckyorn() {
1f231631	492	# for some strange reason OpenServer5 has no ckyorn
9cefe228	493	# We build a striped down version here
	494
	495	DEFAULT=n
	496	PROMPT="Yes or No [yes,no,?,quit]"
	497	HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
	498	USAGE="usage: ckyorn [options]
	499	where options may include:
	500	-d default
	501	-h help
	502	-p prompt
	503	"
	504
	505	if [ \$# != 0 ]
	506	then
	507	while getopts d:p:h: c
	508	do
	509	case \$c in
	510	h) HELP_PROMPT="\$OPTARG" ;;
	511	d) DEFAULT=\$OPTARG ;;
	512	p) PROMPT=\$OPTARG ;;
	513	\\?) echo "\$USAGE" 1>&2
	514	exit 1 ;;
	515	esac
	516	done
	517	shift \`expr \$OPTIND - 1\`
	518	fi
	519
	520	while true
	521	do
	522	echo "\${PROMPT}\\c " 1>&2
	523	read key
	524	[ -z "\$key" ] && key=\$DEFAULT
	525	case \$key in
	526	[n,N]\|[n,N][o,O]\|[y,Y]\|[y,Y][e,E][s,S]) echo "\${key}\\c"
	527	exit 0 ;;
	528	\\?) echo \$HELP_PROMPT 1>&2 ;;
	529	q\|quit) echo "q\\c" 1>&2
	530	exit 3 ;;
	531	esac
	532	done
	533
	534	}
	535
	536	_EOF
	537
29eadd7c	538	if [ $DO_SMF -eq 1 ]
	539	then
	540	# This could get hairy, as the running sshd may not be under SMF.
	541	# We'll assume an earlier version of OpenSSH started via SMF.
	542	cat >> request << _EOF
	543	PRE_INS_STOP=no
	544	POST_INS_START=no
	545	# determine if should restart the daemon
	546	if [ -s ${piddir}/sshd.pid ] && \
	547	/usr/bin/svcs $OPENSSH_FMRI 2>&1 \| egrep "^online" > /dev/null 2>&1
	548	then
	549	ans=\`ckyorn -d n \
	550	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
	551	case \$ans in
	552	[y,Y]*) PRE_INS_STOP=yes
	553	POST_INS_START=yes
	554	;;
	555	esac
	556
	557	else
	558
	559	# determine if we should start sshd
	560	ans=\`ckyorn -d n \
	561	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
	562	case \$ans in
	563	[y,Y]*) POST_INS_START=yes ;;
	564	esac
	565	fi
	566
	567	# make parameters available to installation service,
	568	# and so to any other packaging scripts
	569	cat >\$1 <<!
	570	PRE_INS_STOP='\$PRE_INS_STOP'
	571	POST_INS_START='\$POST_INS_START'
	572	!
	573
	574	_EOF
	575	else
	576	cat >> request << _EOF
9cefe228	577	USE_SYM_LINKS=no
	578	PRE_INS_STOP=no
	579	POST_INS_START=no
	580	# Use symbolic links?
	581	ans=\`ckyorn -d n \
	582	-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` \|\| exit \$?
	583	case \$ans in
	584	[y,Y]*) USE_SYM_LINKS=yes ;;
	585	esac
	586
	587	# determine if should restart the daemon
	588	if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
	589	then
	590	ans=\`ckyorn -d n \
	591	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
	592	case \$ans in
	593	[y,Y]*) PRE_INS_STOP=yes
	594	POST_INS_START=yes
	595	;;
	596	esac
	597
	598	else
	599
	600	# determine if we should start sshd
	601	ans=\`ckyorn -d n \
	602	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
	603	case \$ans in
	604	[y,Y]*) POST_INS_START=yes ;;
	605	esac
	606	fi
	607
	608	# make parameters available to installation service,
	609	# and so to any other packaging scripts
	610	cat >\$1 <<!
	611	USE_SYM_LINKS='\$USE_SYM_LINKS'
	612	PRE_INS_STOP='\$PRE_INS_STOP'
	613	POST_INS_START='\$POST_INS_START'
	614	!
	615
	616	_EOF
29eadd7c	617	fi
9cefe228	618
	619	# local request changes here
	620	[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
	621
	622	cat >> request << _EOF
	623	exit 0
	624
	625	_EOF
	626
	627	## Next Build our prototype
	628	echo "Building prototype file..."
	629	cat >mk-proto.awk << _EOF
	630	BEGIN { print "i pkginfo"; print "i depend"; \\
	631	print "i preinstall"; print "i postinstall"; \\
	632	print "i preremove"; print "i postremove"; \\
	633	print "i request"; print "i space"; \\
	634	split("$SYSTEM_DIR",sys_files); }
	635	{
	636	for (dir in sys_files) { if ( \$3 != sys_files[dir] )
	637	{ if ( \$1 == "s" )
	638	{ \$5=""; \$6=""; }
	639	else
	640	{ \$5="root"; \$6="sys"; }
	641	}
	642	else
	643	{ \$4="?"; \$5="?"; \$6="?"; break;}
	644	} }
	645	{ print; }
	646	_EOF
	647
	648	find . \| egrep -v "prototype\|pkginfo\|mk-proto.awk" \| sort \| \
b18359f6	649	pkgproto $PROTO_ARGS \| ${AWK} -f mk-proto.awk > prototype
9cefe228	650
	651	# /usr/local is a symlink on some systems
	652	[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
	653	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
	654	mv prototype.new prototype
	655	}
	656
	657	## Step back a directory and now build the package.
	658	cd ..
	659	# local prototype tweeks here
	660	[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
	661
	662	echo "Building package.."
	663	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
d386a795	664	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
9cefe228	665	;;
	666
	667	justpkg.sh)
	668	rm -fr ${FAKE_ROOT}/${PKGNAME}
	669	grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
	670	mv $$tmp $FAKE_ROOT/pkginfo
	671	cat >> $FAKE_ROOT/pkginfo << _EOF
	672	PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
	673	_EOF
	674	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
d386a795	675	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
9cefe228	676	;;
	677
	678	esac
	679
	680	[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT
25616c13	681	exit 0
9cefe228	682