[openssh.git] / buildpkg.sh.in

#!/bin/sh
#
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
#
# The following code has been provide under Public Domain License.  I really
# don't care what you use it for.  Just as long as you don't complain to me
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
#
umask 022
#
# Options for building the package
# You can create a openssh-config.local with your customized options
#
REMOVE_FAKE_ROOT_WHEN_DONE=yes
#
# uncommenting TEST_DIR and using
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
# and
# PKGNAME=tOpenSSH should allow testing a package without interfering
# with a real OpenSSH package on a system. This is not needed on systems
# that support the -R option to pkgadd.
#TEST_DIR=/var/tmp	# leave commented out for production build
PKGNAME=OpenSSH
# revisions within the same version (REV=a)
#REV=
SYSVINIT_NAME=opensshd
MAKE=${MAKE:="make"}
SSHDUID=67	# Default privsep uid
SSHDGID=67	# Default privsep gid
# uncomment these next three as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
#USR_LOCAL_IS_SYMLINK=yes
# System V init run levels
SYSVINITSTART=S98
SYSVINITSTOPT=K30
# We will source these if they exist
POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
# We'll be one level deeper looking for these
PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
PKG_PREREMOVE_LOCAL=../pkg-preremove.local
PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
PKG_REQUEST_LOCAL=../pkg-request.local
# end of sourced files
#
OPENSSHD=opensshd.init
OPENSSH_MANIFEST=openssh.xml
OPENSSH_FMRI=svc:/site/openssh:default

PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
PATH_USERADD_PROG=@PATH_USERADD_PROG@
PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
#
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc	\
/etc/init.d		\
/etc/rcS.d		\
/etc/rc0.d		\
/etc/rc1.d		\
/etc/rc2.d		\
/etc/opt		\
/lib			\
/lib/svc		\
/lib/svc/method		\
/lib/svc/method/site	\
/opt			\
/opt/bin		\
/usr			\
/usr/bin		\
/usr/lib		\
/usr/sbin		\
/usr/share		\
/usr/share/man		\
/usr/share/man/man1	\
/usr/share/man/man8	\
/usr/local		\
/usr/local/bin		\
/usr/local/etc		\
/usr/local/libexec	\
/usr/local/man		\
/usr/local/man/man1	\
/usr/local/man/man8	\
/usr/local/sbin		\
/usr/local/share	\
/var			\
/var/opt		\
/var/run		\
/var/svc		\
/var/svc/manifest	\
/var/svc/manifest/site  \
/var/tmp		\
/tmp"

# We may need to build as root so we make sure PATH is set up
# only set the path if it's not set already
[ -d /opt/bin ]  &&  {
	echo $PATH | grep ":/opt/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
}
[ -d /usr/local/bin ]  &&  {
	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
}
[ -d /usr/ccs/bin ]  &&  {
	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
}
export PATH
#

[ -f Makefile ]  ||  {
	echo "Please run this script from your build directory"
	exit 1
}

# we will look for openssh-config.local to override the above options
[ -s ./openssh-config.local ]  &&  . ./openssh-config.local

START=`pwd`
FAKE_ROOT=$START/pkg

## Fill in some details, like prefix and sysconfdir
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
do
	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
done

## Are we using Solaris' SMF?
DO_SMF=0
if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
then
	DO_SMF=1
fi

## Collect value of privsep user
for confvar in SSH_PRIVSEP_USER
do
	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
done

## Set privsep defaults if not defined
if [ -z "$SSH_PRIVSEP_USER" ]
then
	SSH_PRIVSEP_USER=sshd
fi

## Extract common info requires for the 'info' part of the package.
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`

ARCH=`uname -m`
DEF_MSG="\n"
OS_VER=`uname -v`
SCRIPT_SHELL=/sbin/sh
UNAME_R=`uname -r`
UNAME_S=`uname -s`
case ${UNAME_S} in
	SunOS)	UNAME_S=Solaris
		OS_VER=${UNAME_R}
		ARCH=`uname -p`
		RCS_D=yes
		DEF_MSG="(default: n)"
		;;
	SCO_SV)	case ${UNAME_R} in
			3.2)	UNAME_S=OpenServer5
		OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
				;;
			5)	UNAME_S=OpenServer6
				;;
		esac
		SCRIPT_SHELL=/bin/sh
		RC1_D=no
		DEF_MSG="(default: n)"
		;;
esac

case `basename $0` in
	buildpkg.sh)
## Start by faking root install
echo "Faking root install..."
[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
mkdir $FAKE_ROOT
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
then
	echo "Fake root install failed, stopping."
	exit 1
fi

## Setup our run level stuff while we are at it.
if [ $DO_SMF -eq 1 ]
then
	# For Solaris' SMF, /lib/svc/method/site is the preferred place
	# for start/stop scripts that aren't supplied with the OS, and
	# similarly /var/svc/manifest/site for manifests.
	mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
	mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site

	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
	chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}

	cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
	chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST}
else
	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d

	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
fi

[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ]  &&  \
	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	$FAKE_ROOT/${sysconfdir}/sshd_config

# We don't want to overwrite config files on multiple installs
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default

# local tweeks here
[ -s "${POST_MAKE_INSTALL_FIXES}" ]  &&  . ${POST_MAKE_INSTALL_FIXES}

cd $FAKE_ROOT

## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
## whining.
for i in *; do
  PROTO_ARGS="$PROTO_ARGS $i=/$i";
done

## Build info file
echo "Building pkginfo file..."
cat > pkginfo << _EOF
PKG=$PKGNAME
NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH
VERSION=$VERSION$REV
CATEGORY="Security,application"
BASEDIR=/
CLASSES="none"
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF

## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
echo "Building depend file..."
touch depend

## Build space file
echo "Building space file..."
if [ $DO_SMF -eq 1 ]
then
	# XXX Is this necessary?  If not, remove space line from mk-proto.awk.
	touch space
else
	cat > space << _EOF
# extra space required by start/stop links added by installf 
# in postinstall
$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
_EOF
	[ "$RC1_D" = no ]  ||  \
	echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	[ "$RCS_D" = yes ]  &&  \
	echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
fi

## Build preinstall file
echo "Building preinstall file..."
cat > preinstall << _EOF
#! ${SCRIPT_SHELL}
#
_EOF

# local preinstall changes here
[ -s "${PKG_PREINSTALL_LOCAL}" ]  &&  . ${PKG_PREINSTALL_LOCAL}

cat >> preinstall << _EOF
#
if [ "\${PRE_INS_STOP}" = "yes" ]
then
	if [ $DO_SMF -eq 1 ] 
	then
		svcadm disable $OPENSSH_FMRI
	else
		${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	fi
fi

exit 0
_EOF

## Build postinstall file
echo "Building postinstall file..."
cat > postinstall << _EOF
#! ${SCRIPT_SHELL}
#
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
}

# make rc?.d dirs only if we are doing a test install
[ -n "${TEST_DIR}" ]  &&  [ $DO_SMF -ne 1 ] && {
	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
	mkdir -p ${TEST_DIR}/etc/rc0.d
	[ "$RC1_D" = no ]  ||  mkdir -p ${TEST_DIR}/etc/rc1.d
	mkdir -p ${TEST_DIR}/etc/rc2.d
}

if [ $DO_SMF -eq 1 ]
then
	# Delete the existing service, if it exists, then import the 
	# new one.
	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	then
		svccfg delete -f $OPENSSH_FMRI
	fi
	# NOTE, if manifest enables sshd by default, this will actually
	# start the daemon, which may not be what the user wants.
	svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST
else
	if [ "\${USE_SYM_LINKS}" = yes ]
	then
		[ "$RCS_D" = yes ]  &&  \
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
		[ "$RC1_D" = no ]  ||  \
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	else
		[ "$RCS_D" = yes ]  &&  \
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
		[ "$RC1_D" = no ]  ||  \
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	fi
fi

# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys

_EOF

# local postinstall changes here
[ -s "${PKG_POSTINSTALL_LOCAL}" ]  &&  . ${PKG_POSTINSTALL_LOCAL}

cat >> postinstall << _EOF
installf -f ${PKGNAME}

# Use chroot to handle PKG_INSTALL_ROOT
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
then
	chroot="chroot \${PKG_INSTALL_ROOT}"
fi
# If this is a test build, we will skip the groupadd/useradd/passwd commands
if [ ! -z "${TEST_DIR}" ]
then
	chroot=echo
fi

	echo "PrivilegeSeparation user always required."
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
		SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
		SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
	else
		DO_PASSWD=yes
	fi
	[ -z "\$SSH_PRIVSEP_GROUP" ]  &&  SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER

	# group required?
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
	then
		echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
	else
		DO_GROUP=yes
	fi

	# create group if required
	[ "\$DO_GROUP" = yes ]  &&  {
		# Use gid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshdgid="-g $SSHDGID"
		fi
		echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
		\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
	}

	# Create user if required
	[ "\$DO_PASSWD" = yes ]  &&  {
		# Use uid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
		then
			:
		else
			sshduid="-u $SSHDUID"
		fi
		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
		\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
		\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
	}

if [ "\${POST_INS_START}" = "yes" ]
then
	if [ $DO_SMF -eq 1 ]
	then
		# See svccfg import note above.  The service may already
		# be started.
		svcadm enable $OPENSSH_FMRI
	else
		${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
	fi
fi
exit 0
_EOF

## Build preremove file
echo "Building preremove file..."
cat > preremove << _EOF
#! ${SCRIPT_SHELL}
#
if [ $DO_SMF -eq 1 ] 
then
	svcadm disable $OPENSSH_FMRI
else
	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
fi
_EOF

# local preremove changes here
[ -s "${PKG_PREREMOVE_LOCAL}" ]  &&  . ${PKG_PREREMOVE_LOCAL}

cat >> preremove << _EOF
exit 0
_EOF

## Build postremove file
echo "Building postremove file..."
cat > postremove << _EOF
#! ${SCRIPT_SHELL}
#
if [ $DO_SMF -eq 1 ]
then
	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	then
		svccfg delete -f $OPENSSH_FMRI
	fi
fi
_EOF

# local postremove changes here
[ -s "${PKG_POSTREMOVE_LOCAL}" ]  &&  . ${PKG_POSTREMOVE_LOCAL}

cat >> postremove << _EOF
exit 0
_EOF

## Build request file
echo "Building request file..."
cat > request << _EOF
trap 'exit 3' 15

_EOF

[ -x /usr/bin/ckyorn ]  ||  cat >> request << _EOF

ckyorn() {
# for some strange reason OpenServer5 has no ckyorn
# We build a striped down version here

DEFAULT=n
PROMPT="Yes or No [yes,no,?,quit]"
HELP_PROMPT="        Enter y or yes if your answer is yes; n or no if your answer is no."
USAGE="usage: ckyorn [options]
where options may include:
        -d default
        -h help
        -p prompt
"

if [ \$# != 0 ]
then
	while getopts d:p:h: c
	do
		case \$c in
			h)	HELP_PROMPT="\$OPTARG" ;;
			d)	DEFAULT=\$OPTARG ;;
			p)	PROMPT=\$OPTARG ;;
			\\?)	echo "\$USAGE" 1>&2
				exit 1 ;;
		esac
	done
	shift \`expr \$OPTIND - 1\`
fi

while true
do
	echo "\${PROMPT}\\c " 1>&2
	read key
	[ -z "\$key" ]  &&  key=\$DEFAULT
	case \$key in
		[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S])	echo "\${key}\\c"
			exit 0 ;;
		\\?)	echo \$HELP_PROMPT 1>&2 ;;
		q|quit)	echo "q\\c" 1>&2
			exit 3 ;;
	esac
done

}

_EOF

if [ $DO_SMF -eq 1 ]
then
	# This could get hairy, as the running sshd may not be under SMF.
	# We'll assume an earlier version of OpenSSH started via SMF.
	cat >> request << _EOF
PRE_INS_STOP=no
POST_INS_START=no
# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  ] && \
    /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!

_EOF
else
	cat >> request << _EOF
USE_SYM_LINKS=no
PRE_INS_STOP=no
POST_INS_START=no
# Use symbolic links?
ans=\`ckyorn -d n \
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
case \$ans in
	[y,Y]*)	USE_SYM_LINKS=yes ;;
esac

# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
USE_SYM_LINKS='\$USE_SYM_LINKS'
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!

_EOF
fi

# local request changes here
[ -s "${PKG_REQUEST_LOCAL}" ]  &&  . ${PKG_REQUEST_LOCAL}

cat >> request << _EOF
exit 0

_EOF

## Next Build our prototype
echo "Building prototype file..."
cat >mk-proto.awk << _EOF
	    BEGIN { print "i pkginfo"; print "i depend"; \\
		    print "i preinstall"; print "i postinstall"; \\
 		    print "i preremove"; print "i postremove"; \\
		    print "i request"; print "i space"; \\
		    split("$SYSTEM_DIR",sys_files); }
	    {
	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
		     { if ( \$1 == "s" )
			{ \$5=""; \$6=""; }
		     else
			{ \$5="root"; \$6="sys"; }
		     }
		else
		     { \$4="?"; \$5="?"; \$6="?"; break;}
	    } }
	    { print; }
_EOF

find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype

# /usr/local is a symlink on some systems
[ "${USR_LOCAL_IS_SYMLINK}" = yes ]  &&  {
	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
	mv prototype.new prototype
}

## Step back a directory and now build the package.
cd ..
# local prototype tweeks here
[ -s "${POST_PROTOTYPE_EDITS}" ]  &&  . ${POST_PROTOTYPE_EDITS}

echo "Building package.."
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
	;;

	justpkg.sh)
rm -fr ${FAKE_ROOT}/${PKGNAME}
grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
mv $$tmp $FAKE_ROOT/pkginfo
cat >> $FAKE_ROOT/pkginfo << _EOF
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
	;;

esac

[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ]  &&  rm -rf $FAKE_ROOT
exit 0
Commit	Line	Data
9cefe228	1	#!/bin/sh
	2	#
	3	# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
	4	#
	5	# The following code has been provide under Public Domain License. I really
	6	# don't care what you use it for. Just as long as you don't complain to me
	7	# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
	8	#
	9	umask 022
	10	#
	11	# Options for building the package
	12	# You can create a openssh-config.local with your customized options
	13	#
	14	REMOVE_FAKE_ROOT_WHEN_DONE=yes
	15	#
	16	# uncommenting TEST_DIR and using
	17	# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
	18	# and
	19	# PKGNAME=tOpenSSH should allow testing a package without interfering
	20	# with a real OpenSSH package on a system. This is not needed on systems
	21	# that support the -R option to pkgadd.
	22	#TEST_DIR=/var/tmp # leave commented out for production build
	23	PKGNAME=OpenSSH
d386a795	24	# revisions within the same version (REV=a)
d386a795	25	#REV=
9cefe228	26	SYSVINIT_NAME=opensshd
	27	MAKE=${MAKE:="make"}
	28	SSHDUID=67 # Default privsep uid
	29	SSHDGID=67 # Default privsep gid
	30	# uncomment these next three as needed
	31	#PERMIT_ROOT_LOGIN=no
	32	#X11_FORWARDING=yes
	33	#USR_LOCAL_IS_SYMLINK=yes
	34	# System V init run levels
	35	SYSVINITSTART=S98
	36	SYSVINITSTOPT=K30
	37	# We will source these if they exist
103ff395	38	POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
9cefe228	39	POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
	40	# We'll be one level deeper looking for these
	41	PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
	42	PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
	43	PKG_PREREMOVE_LOCAL=../pkg-preremove.local
	44	PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
	45	PKG_REQUEST_LOCAL=../pkg-request.local
	46	# end of sourced files
	47	#
ddd8c95b	48	OPENSSHD=opensshd.init
29eadd7c	49	OPENSSH_MANIFEST=openssh.xml
29eadd7c	50	OPENSSH_FMRI=svc:/site/openssh:default
9cefe228	51
	52	PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
	53	PATH_USERADD_PROG=@PATH_USERADD_PROG@
	54	PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
	55	#
	56	# list of system directories we do NOT want to change owner/group/perms
	57	# when installing our package
	58	SYSTEM_DIR="/etc \
	59	/etc/init.d \
	60	/etc/rcS.d \
	61	/etc/rc0.d \
	62	/etc/rc1.d \
	63	/etc/rc2.d \
	64	/etc/opt \
29eadd7c	65	/lib \
	66	/lib/svc \
	67	/lib/svc/method \
	68	/lib/svc/method/site \
9cefe228	69	/opt \
	70	/opt/bin \
	71	/usr \
	72	/usr/bin \
	73	/usr/lib \
	74	/usr/sbin \
	75	/usr/share \
	76	/usr/share/man \
	77	/usr/share/man/man1 \
	78	/usr/share/man/man8 \
	79	/usr/local \
	80	/usr/local/bin \
	81	/usr/local/etc \
	82	/usr/local/libexec \
	83	/usr/local/man \
	84	/usr/local/man/man1 \
	85	/usr/local/man/man8 \
	86	/usr/local/sbin \
	87	/usr/local/share \
	88	/var \
	89	/var/opt \
	90	/var/run \
29eadd7c	91	/var/svc \
	92	/var/svc/manifest \
	93	/var/svc/manifest/site \
9cefe228	94	/var/tmp \
	95	/tmp"
	96
	97	# We may need to build as root so we make sure PATH is set up
	98	# only set the path if it's not set already
	99	[ -d /opt/bin ] && {
	100	echo $PATH \| grep ":/opt/bin" > /dev/null 2>&1
	101	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
	102	}
	103	[ -d /usr/local/bin ] && {
	104	echo $PATH \| grep ":/usr/local/bin" > /dev/null 2>&1
	105	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
	106	}
	107	[ -d /usr/ccs/bin ] && {
	108	echo $PATH \| grep ":/usr/ccs/bin" > /dev/null 2>&1
	109	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
	110	}
	111	export PATH
	112	#
	113
	114	[ -f Makefile ] \|\| {
	115	echo "Please run this script from your build directory"
	116	exit 1
	117	}
	118
	119	# we will look for openssh-config.local to override the above options
	120	[ -s ./openssh-config.local ] && . ./openssh-config.local
	121
	122	START=`pwd`
	123	FAKE_ROOT=$START/pkg
	124
	125	## Fill in some details, like prefix and sysconfdir
	126	for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
	127	do
	128	eval $confvar=`grep "^$confvar=" Makefile \| cut -d = -f 2`
	129	done
	130
29eadd7c	131	## Are we using Solaris' SMF?
	132	DO_SMF=0
	133	if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
	134	then
	135	DO_SMF=1
	136	fi
9cefe228	137
	138	## Collect value of privsep user
	139	for confvar in SSH_PRIVSEP_USER
	140	do
	141	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
	142	done
	143
	144	## Set privsep defaults if not defined
	145	if [ -z "$SSH_PRIVSEP_USER" ]
	146	then
	147	SSH_PRIVSEP_USER=sshd
	148	fi
	149
	150	## Extract common info requires for the 'info' part of the package.
	151	VERSION=`./ssh -V 2>&1 \| sed -e 's/,.*//'`
	152
	153	ARCH=`uname -m`
	154	DEF_MSG="\n"
	155	OS_VER=`uname -v`
	156	SCRIPT_SHELL=/sbin/sh
1f231631	157	UNAME_R=`uname -r`
9cefe228	158	UNAME_S=`uname -s`
	159	case ${UNAME_S} in
	160	SunOS) UNAME_S=Solaris
1f231631	161	OS_VER=${UNAME_R}
9cefe228	162	ARCH=`uname -p`
	163	RCS_D=yes
	164	DEF_MSG="(default: n)"
	165	;;
1f231631	166	SCO_SV) case ${UNAME_R} in
1f231631	167	3.2) UNAME_S=OpenServer5
9cefe228	168	OS_VER=`uname -X \| grep Release \| sed -e 's/^Rel.*3.2v//'`
1f231631	169	;;
	170	5) UNAME_S=OpenServer6
	171	;;
	172	esac
9cefe228	173	SCRIPT_SHELL=/bin/sh
	174	RC1_D=no
	175	DEF_MSG="(default: n)"
	176	;;
	177	esac
	178
	179	case `basename $0` in
	180	buildpkg.sh)
	181	## Start by faking root install
	182	echo "Faking root install..."
	183	[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
	184	mkdir $FAKE_ROOT
	185	${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
	186	if [ $? -gt 0 ]
	187	then
	188	echo "Fake root install failed, stopping."
	189	exit 1
	190	fi
	191
	192	## Setup our run level stuff while we are at it.
29eadd7c	193	if [ $DO_SMF -eq 1 ]
	194	then
	195	# For Solaris' SMF, /lib/svc/method/site is the preferred place
	196	# for start/stop scripts that aren't supplied with the OS, and
	197	# similarly /var/svc/manifest/site for manifests.
	198	mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
	199	mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
	200
	201	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
	202	chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
	203
	204	cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
	205	chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST}
	206	else
	207	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
9cefe228	208
29eadd7c	209	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	210	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	211	fi
9cefe228	212
	213	[ "${PERMIT_ROOT_LOGIN}" = no ] && \
	214	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
	215	$FAKE_ROOT/${sysconfdir}/sshd_config
	216	[ "${X11_FORWARDING}" = yes ] && \
	217	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
	218	$FAKE_ROOT/${sysconfdir}/sshd_config
	219	# fix PrintMotd
	220	perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	221	$FAKE_ROOT/${sysconfdir}/sshd_config
	222
	223	# We don't want to overwrite config files on multiple installs
	224	mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
	225	mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
	226	[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
	227	mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
	228
	229	# local tweeks here
	230	[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
	231
	232	cd $FAKE_ROOT
	233
	234	## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
	235	## whining.
	236	for i in *; do
	237	PROTO_ARGS="$PROTO_ARGS $i=/$i";
	238	done
	239
	240	## Build info file
	241	echo "Building pkginfo file..."
	242	cat > pkginfo << _EOF
	243	PKG=$PKGNAME
	244	NAME="OpenSSH Portable for ${UNAME_S}"
	245	DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
	246	VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
	247	ARCH=$ARCH
d386a795	248	VERSION=$VERSION$REV
9cefe228	249	CATEGORY="Security,application"
	250	BASEDIR=/
	251	CLASSES="none"
	252	PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
	253	_EOF
	254
	255	## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
	256	echo "Building depend file..."
	257	touch depend
	258
	259	## Build space file
	260	echo "Building space file..."
29eadd7c	261	if [ $DO_SMF -eq 1 ]
	262	then
	263	# XXX Is this necessary? If not, remove space line from mk-proto.awk.
	264	touch space
	265	else
	266	cat > space << _EOF
	267	# extra space required by start/stop links added by installf
	268	# in postinstall
9cefe228	269	$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
	270	$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
	271	_EOF
29eadd7c	272	[ "$RC1_D" = no ] \|\| \
	273	echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	274	[ "$RCS_D" = yes ] && \
	275	echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	276	fi
9cefe228	277
	278	## Build preinstall file
	279	echo "Building preinstall file..."
	280	cat > preinstall << _EOF
	281	#! ${SCRIPT_SHELL}
	282	#
	283	_EOF
	284
	285	# local preinstall changes here
	286	[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
	287
	288	cat >> preinstall << _EOF
	289	#
29eadd7c	290	if [ "\${PRE_INS_STOP}" = "yes" ]
	291	then
	292	if [ $DO_SMF -eq 1 ]
	293	then
	294	svcadm disable $OPENSSH_FMRI
	295	else
	296	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	297	fi
	298	fi
	299
9cefe228	300	exit 0
	301	_EOF
	302
	303	## Build postinstall file
	304	echo "Building postinstall file..."
	305	cat > postinstall << _EOF
	306	#! ${SCRIPT_SHELL}
	307	#
	308	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] \|\| \\
	309	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
	310	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
	311	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] \|\| \\
	312	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
	313	\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
	314	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
	315	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] \|\| \\
	316	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
	317	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
	318	}
	319
	320	# make rc?.d dirs only if we are doing a test install
29eadd7c	321	[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
9cefe228	322	[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
	323	mkdir -p ${TEST_DIR}/etc/rc0.d
	324	[ "$RC1_D" = no ] \|\| mkdir -p ${TEST_DIR}/etc/rc1.d
	325	mkdir -p ${TEST_DIR}/etc/rc2.d
	326	}
	327
29eadd7c	328	if [ $DO_SMF -eq 1 ]
9cefe228	329	then
29eadd7c	330	# Delete the existing service, if it exists, then import the
	331	# new one.
	332	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	333	then
	334	svccfg delete -f $OPENSSH_FMRI
	335	fi
	336	# NOTE, if manifest enables sshd by default, this will actually
	337	# start the daemon, which may not be what the user wants.
	338	svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST
9cefe228	339	else
29eadd7c	340	if [ "\${USE_SYM_LINKS}" = yes ]
	341	then
	342	[ "$RCS_D" = yes ] && \
	343	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	344	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	345	[ "$RC1_D" = no ] \|\| \
	346	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	347	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	348	else
	349	[ "$RCS_D" = yes ] && \
	350	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	351	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	352	[ "$RC1_D" = no ] \|\| \
	353	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	354	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	355	fi
9cefe228	356	fi
	357
	358	# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
	359	[ -d $piddir ] \|\| installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
	360
	361	_EOF
	362
	363	# local postinstall changes here
	364	[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
	365
	366	cat >> postinstall << _EOF
	367	installf -f ${PKGNAME}
	368
	369	# Use chroot to handle PKG_INSTALL_ROOT
	370	if [ ! -z "\${PKG_INSTALL_ROOT}" ]
	371	then
	372	chroot="chroot \${PKG_INSTALL_ROOT}"
	373	fi
	374	# If this is a test build, we will skip the groupadd/useradd/passwd commands
	375	if [ ! -z "${TEST_DIR}" ]
	376	then
	377	chroot=echo
	378	fi
	379
16082eaa	380	echo "PrivilegeSeparation user always required."
d386a795	381	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	382	then
	383	echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	384	SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd \| awk -F: '{print \$4}'\`
	385	SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group \| awk -F: '{print \$1}'\`
	386	else
	387	DO_PASSWD=yes
	388	fi
	389	[ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
	390
	391	# group required?
	392	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
9cefe228	393	then
d386a795	394	echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
9cefe228	395	else
d386a795	396	DO_GROUP=yes
	397	fi
	398
	399	# create group if required
	400	[ "\$DO_GROUP" = yes ] && {
9cefe228	401	# Use gid of 67 if possible
	402	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSHDGID'\$' >/dev/null
	403	then
	404	:
	405	else
	406	sshdgid="-g $SSHDGID"
	407	fi
d386a795	408	echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
	409	\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
	410	}
9cefe228	411
9cefe228	412	# Create user if required
d386a795	413	[ "\$DO_PASSWD" = yes ] && {
9cefe228	414	# Use uid of 67 if possible
b5c428f0	415	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSHDUID'\$' >/dev/null
9cefe228	416	then
	417	:
	418	else
	419	sshduid="-u $SSHDUID"
	420	fi
	421	echo "Creating PrivSep user $SSH_PRIVSEP_USER."
	422	\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
	423	\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
d386a795	424	}
9cefe228	425
29eadd7c	426	if [ "\${POST_INS_START}" = "yes" ]
	427	then
	428	if [ $DO_SMF -eq 1 ]
	429	then
	430	# See svccfg import note above. The service may already
	431	# be started.
	432	svcadm enable $OPENSSH_FMRI
	433	else
	434	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
	435	fi
	436	fi
9cefe228	437	exit 0
	438	_EOF
	439
	440	## Build preremove file
	441	echo "Building preremove file..."
	442	cat > preremove << _EOF
	443	#! ${SCRIPT_SHELL}
	444	#
29eadd7c	445	if [ $DO_SMF -eq 1 ]
	446	then
	447	svcadm disable $OPENSSH_FMRI
	448	else
	449	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	450	fi
9cefe228	451	_EOF
	452
	453	# local preremove changes here
	454	[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
	455
	456	cat >> preremove << _EOF
	457	exit 0
	458	_EOF
	459
	460	## Build postremove file
	461	echo "Building postremove file..."
	462	cat > postremove << _EOF
	463	#! ${SCRIPT_SHELL}
	464	#
29eadd7c	465	if [ $DO_SMF -eq 1 ]
	466	then
	467	if svcs $OPENSSH_FMRI > /dev/null 2>&1
	468	then
	469	svccfg delete -f $OPENSSH_FMRI
	470	fi
	471	fi
9cefe228	472	_EOF
	473
	474	# local postremove changes here
	475	[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
	476
	477	cat >> postremove << _EOF
	478	exit 0
	479	_EOF
	480
	481	## Build request file
	482	echo "Building request file..."
	483	cat > request << _EOF
	484	trap 'exit 3' 15
	485
	486	_EOF
	487
	488	[ -x /usr/bin/ckyorn ] \|\| cat >> request << _EOF
	489
	490	ckyorn() {
1f231631	491	# for some strange reason OpenServer5 has no ckyorn
9cefe228	492	# We build a striped down version here
	493
	494	DEFAULT=n
	495	PROMPT="Yes or No [yes,no,?,quit]"
	496	HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
	497	USAGE="usage: ckyorn [options]
	498	where options may include:
	499	-d default
	500	-h help
	501	-p prompt
	502	"
	503
	504	if [ \$# != 0 ]
	505	then
	506	while getopts d:p:h: c
	507	do
	508	case \$c in
	509	h) HELP_PROMPT="\$OPTARG" ;;
	510	d) DEFAULT=\$OPTARG ;;
	511	p) PROMPT=\$OPTARG ;;
	512	\\?) echo "\$USAGE" 1>&2
	513	exit 1 ;;
	514	esac
	515	done
	516	shift \`expr \$OPTIND - 1\`
	517	fi
	518
	519	while true
	520	do
	521	echo "\${PROMPT}\\c " 1>&2
	522	read key
	523	[ -z "\$key" ] && key=\$DEFAULT
	524	case \$key in
	525	[n,N]\|[n,N][o,O]\|[y,Y]\|[y,Y][e,E][s,S]) echo "\${key}\\c"
	526	exit 0 ;;
	527	\\?) echo \$HELP_PROMPT 1>&2 ;;
	528	q\|quit) echo "q\\c" 1>&2
	529	exit 3 ;;
	530	esac
	531	done
	532
	533	}
	534
	535	_EOF
	536
29eadd7c	537	if [ $DO_SMF -eq 1 ]
	538	then
	539	# This could get hairy, as the running sshd may not be under SMF.
	540	# We'll assume an earlier version of OpenSSH started via SMF.
	541	cat >> request << _EOF
	542	PRE_INS_STOP=no
	543	POST_INS_START=no
	544	# determine if should restart the daemon
	545	if [ -s ${piddir}/sshd.pid ] && \
	546	/usr/bin/svcs $OPENSSH_FMRI 2>&1 \| egrep "^online" > /dev/null 2>&1
	547	then
	548	ans=\`ckyorn -d n \
	549	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
	550	case \$ans in
	551	[y,Y]*) PRE_INS_STOP=yes
	552	POST_INS_START=yes
	553	;;
	554	esac
	555
	556	else
	557
	558	# determine if we should start sshd
	559	ans=\`ckyorn -d n \
	560	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
	561	case \$ans in
	562	[y,Y]*) POST_INS_START=yes ;;
	563	esac
	564	fi
	565
	566	# make parameters available to installation service,
	567	# and so to any other packaging scripts
	568	cat >\$1 <<!
	569	PRE_INS_STOP='\$PRE_INS_STOP'
	570	POST_INS_START='\$POST_INS_START'
	571	!
	572
	573	_EOF
	574	else
	575	cat >> request << _EOF
9cefe228	576	USE_SYM_LINKS=no
	577	PRE_INS_STOP=no
	578	POST_INS_START=no
	579	# Use symbolic links?
	580	ans=\`ckyorn -d n \
	581	-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` \|\| exit \$?
	582	case \$ans in
	583	[y,Y]*) USE_SYM_LINKS=yes ;;
	584	esac
	585
	586	# determine if should restart the daemon
	587	if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
	588	then
	589	ans=\`ckyorn -d n \
	590	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
	591	case \$ans in
	592	[y,Y]*) PRE_INS_STOP=yes
	593	POST_INS_START=yes
	594	;;
	595	esac
	596
	597	else
	598
	599	# determine if we should start sshd
	600	ans=\`ckyorn -d n \
	601	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
	602	case \$ans in
	603	[y,Y]*) POST_INS_START=yes ;;
	604	esac
	605	fi
	606
	607	# make parameters available to installation service,
	608	# and so to any other packaging scripts
	609	cat >\$1 <<!
	610	USE_SYM_LINKS='\$USE_SYM_LINKS'
	611	PRE_INS_STOP='\$PRE_INS_STOP'
	612	POST_INS_START='\$POST_INS_START'
	613	!
	614
	615	_EOF
29eadd7c	616	fi
9cefe228	617
	618	# local request changes here
	619	[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
	620
	621	cat >> request << _EOF
	622	exit 0
	623
	624	_EOF
	625
	626	## Next Build our prototype
	627	echo "Building prototype file..."
	628	cat >mk-proto.awk << _EOF
	629	BEGIN { print "i pkginfo"; print "i depend"; \\
	630	print "i preinstall"; print "i postinstall"; \\
	631	print "i preremove"; print "i postremove"; \\
	632	print "i request"; print "i space"; \\
	633	split("$SYSTEM_DIR",sys_files); }
	634	{
	635	for (dir in sys_files) { if ( \$3 != sys_files[dir] )
	636	{ if ( \$1 == "s" )
	637	{ \$5=""; \$6=""; }
	638	else
	639	{ \$5="root"; \$6="sys"; }
	640	}
	641	else
	642	{ \$4="?"; \$5="?"; \$6="?"; break;}
	643	} }
	644	{ print; }
	645	_EOF
	646
	647	find . \| egrep -v "prototype\|pkginfo\|mk-proto.awk" \| sort \| \
	648	pkgproto $PROTO_ARGS \| nawk -f mk-proto.awk > prototype
	649
	650	# /usr/local is a symlink on some systems
	651	[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
	652	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
	653	mv prototype.new prototype
	654	}
	655
	656	## Step back a directory and now build the package.
	657	cd ..
	658	# local prototype tweeks here
	659	[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
	660
	661	echo "Building package.."
	662	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
d386a795	663	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
9cefe228	664	;;
	665
	666	justpkg.sh)
	667	rm -fr ${FAKE_ROOT}/${PKGNAME}
	668	grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
	669	mv $$tmp $FAKE_ROOT/pkginfo
	670	cat >> $FAKE_ROOT/pkginfo << _EOF
	671	PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
	672	_EOF
	673	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
d386a795	674	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
9cefe228	675	;;
	676
	677	esac
	678
	679	[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT
25616c13	680	exit 0
9cefe228	681