]>
Commit | Line | Data |
---|---|---|
9cefe228 | 1 | #!/bin/sh |
2 | # | |
3 | # Fake Root Solaris/SVR4/SVR5 Build System - Prototype | |
4 | # | |
5 | # The following code has been provide under Public Domain License. I really | |
6 | # don't care what you use it for. Just as long as you don't complain to me | |
7 | # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) | |
8 | # | |
9 | umask 022 | |
10 | # | |
11 | # Options for building the package | |
12 | # You can create a openssh-config.local with your customized options | |
13 | # | |
14 | REMOVE_FAKE_ROOT_WHEN_DONE=yes | |
15 | # | |
16 | # uncommenting TEST_DIR and using | |
17 | # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty | |
18 | # and | |
19 | # PKGNAME=tOpenSSH should allow testing a package without interfering | |
20 | # with a real OpenSSH package on a system. This is not needed on systems | |
21 | # that support the -R option to pkgadd. | |
22 | #TEST_DIR=/var/tmp # leave commented out for production build | |
23 | PKGNAME=OpenSSH | |
d386a795 | 24 | # revisions within the same version (REV=a) |
25 | #REV= | |
9cefe228 | 26 | SYSVINIT_NAME=opensshd |
27 | MAKE=${MAKE:="make"} | |
28 | SSHDUID=67 # Default privsep uid | |
29 | SSHDGID=67 # Default privsep gid | |
30 | # uncomment these next three as needed | |
31 | #PERMIT_ROOT_LOGIN=no | |
32 | #X11_FORWARDING=yes | |
33 | #USR_LOCAL_IS_SYMLINK=yes | |
34 | # System V init run levels | |
35 | SYSVINITSTART=S98 | |
36 | SYSVINITSTOPT=K30 | |
37 | # We will source these if they exist | |
103ff395 | 38 | POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
9cefe228 | 39 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
40 | # We'll be one level deeper looking for these | |
41 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local | |
42 | PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local | |
43 | PKG_PREREMOVE_LOCAL=../pkg-preremove.local | |
44 | PKG_POSTREMOVE_LOCAL=../pkg-postremove.local | |
45 | PKG_REQUEST_LOCAL=../pkg-request.local | |
46 | # end of sourced files | |
47 | # | |
ddd8c95b | 48 | OPENSSHD=opensshd.init |
29eadd7c | 49 | OPENSSH_MANIFEST=openssh.xml |
50 | OPENSSH_FMRI=svc:/site/openssh:default | |
9cefe228 | 51 | |
52 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ | |
53 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ | |
54 | PATH_PASSWD_PROG=@PATH_PASSWD_PROG@ | |
55 | # | |
56 | # list of system directories we do NOT want to change owner/group/perms | |
57 | # when installing our package | |
58 | SYSTEM_DIR="/etc \ | |
59 | /etc/init.d \ | |
60 | /etc/rcS.d \ | |
61 | /etc/rc0.d \ | |
62 | /etc/rc1.d \ | |
63 | /etc/rc2.d \ | |
64 | /etc/opt \ | |
29eadd7c | 65 | /lib \ |
66 | /lib/svc \ | |
67 | /lib/svc/method \ | |
68 | /lib/svc/method/site \ | |
9cefe228 | 69 | /opt \ |
70 | /opt/bin \ | |
71 | /usr \ | |
72 | /usr/bin \ | |
73 | /usr/lib \ | |
74 | /usr/sbin \ | |
75 | /usr/share \ | |
76 | /usr/share/man \ | |
77 | /usr/share/man/man1 \ | |
78 | /usr/share/man/man8 \ | |
79 | /usr/local \ | |
80 | /usr/local/bin \ | |
81 | /usr/local/etc \ | |
82 | /usr/local/libexec \ | |
83 | /usr/local/man \ | |
84 | /usr/local/man/man1 \ | |
85 | /usr/local/man/man8 \ | |
86 | /usr/local/sbin \ | |
87 | /usr/local/share \ | |
88 | /var \ | |
89 | /var/opt \ | |
90 | /var/run \ | |
29eadd7c | 91 | /var/svc \ |
92 | /var/svc/manifest \ | |
93 | /var/svc/manifest/site \ | |
9cefe228 | 94 | /var/tmp \ |
95 | /tmp" | |
96 | ||
97 | # We may need to build as root so we make sure PATH is set up | |
98 | # only set the path if it's not set already | |
99 | [ -d /opt/bin ] && { | |
100 | echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 | |
101 | [ $? -ne 0 ] && PATH=$PATH:/opt/bin | |
102 | } | |
103 | [ -d /usr/local/bin ] && { | |
104 | echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 | |
105 | [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin | |
106 | } | |
107 | [ -d /usr/ccs/bin ] && { | |
108 | echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 | |
109 | [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin | |
110 | } | |
111 | export PATH | |
112 | # | |
113 | ||
114 | [ -f Makefile ] || { | |
115 | echo "Please run this script from your build directory" | |
116 | exit 1 | |
117 | } | |
118 | ||
119 | # we will look for openssh-config.local to override the above options | |
120 | [ -s ./openssh-config.local ] && . ./openssh-config.local | |
121 | ||
122 | START=`pwd` | |
123 | FAKE_ROOT=$START/pkg | |
124 | ||
125 | ## Fill in some details, like prefix and sysconfdir | |
126 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir | |
127 | do | |
128 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` | |
129 | done | |
130 | ||
29eadd7c | 131 | ## Are we using Solaris' SMF? |
132 | DO_SMF=0 | |
133 | if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 | |
134 | then | |
135 | DO_SMF=1 | |
136 | fi | |
9cefe228 | 137 | |
138 | ## Collect value of privsep user | |
139 | for confvar in SSH_PRIVSEP_USER | |
140 | do | |
141 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` | |
142 | done | |
143 | ||
144 | ## Set privsep defaults if not defined | |
145 | if [ -z "$SSH_PRIVSEP_USER" ] | |
146 | then | |
147 | SSH_PRIVSEP_USER=sshd | |
148 | fi | |
149 | ||
150 | ## Extract common info requires for the 'info' part of the package. | |
151 | VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` | |
152 | ||
153 | ARCH=`uname -m` | |
154 | DEF_MSG="\n" | |
155 | OS_VER=`uname -v` | |
156 | SCRIPT_SHELL=/sbin/sh | |
1f231631 | 157 | UNAME_R=`uname -r` |
9cefe228 | 158 | UNAME_S=`uname -s` |
159 | case ${UNAME_S} in | |
160 | SunOS) UNAME_S=Solaris | |
1f231631 | 161 | OS_VER=${UNAME_R} |
9cefe228 | 162 | ARCH=`uname -p` |
163 | RCS_D=yes | |
164 | DEF_MSG="(default: n)" | |
165 | ;; | |
1f231631 | 166 | SCO_SV) case ${UNAME_R} in |
167 | 3.2) UNAME_S=OpenServer5 | |
9cefe228 | 168 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
1f231631 | 169 | ;; |
170 | 5) UNAME_S=OpenServer6 | |
171 | ;; | |
172 | esac | |
9cefe228 | 173 | SCRIPT_SHELL=/bin/sh |
174 | RC1_D=no | |
175 | DEF_MSG="(default: n)" | |
176 | ;; | |
177 | esac | |
178 | ||
179 | case `basename $0` in | |
180 | buildpkg.sh) | |
181 | ## Start by faking root install | |
182 | echo "Faking root install..." | |
183 | [ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT | |
184 | mkdir $FAKE_ROOT | |
185 | ${MAKE} install-nokeys DESTDIR=$FAKE_ROOT | |
186 | if [ $? -gt 0 ] | |
187 | then | |
188 | echo "Fake root install failed, stopping." | |
189 | exit 1 | |
190 | fi | |
191 | ||
192 | ## Setup our run level stuff while we are at it. | |
29eadd7c | 193 | if [ $DO_SMF -eq 1 ] |
194 | then | |
195 | # For Solaris' SMF, /lib/svc/method/site is the preferred place | |
196 | # for start/stop scripts that aren't supplied with the OS, and | |
197 | # similarly /var/svc/manifest/site for manifests. | |
198 | mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site | |
199 | mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site | |
200 | ||
201 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} | |
202 | chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} | |
203 | ||
204 | cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site | |
205 | chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST} | |
206 | else | |
207 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d | |
9cefe228 | 208 | |
29eadd7c | 209 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
210 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} | |
211 | fi | |
9cefe228 | 212 | |
213 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ | |
214 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ | |
215 | $FAKE_ROOT/${sysconfdir}/sshd_config | |
216 | [ "${X11_FORWARDING}" = yes ] && \ | |
217 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ | |
218 | $FAKE_ROOT/${sysconfdir}/sshd_config | |
219 | # fix PrintMotd | |
220 | perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ | |
221 | $FAKE_ROOT/${sysconfdir}/sshd_config | |
222 | ||
223 | # We don't want to overwrite config files on multiple installs | |
224 | mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default | |
225 | mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default | |
226 | [ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \ | |
227 | mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default | |
228 | ||
229 | # local tweeks here | |
230 | [ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} | |
231 | ||
232 | cd $FAKE_ROOT | |
233 | ||
234 | ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk | |
235 | ## whining. | |
236 | for i in *; do | |
237 | PROTO_ARGS="$PROTO_ARGS $i=/$i"; | |
238 | done | |
239 | ||
240 | ## Build info file | |
241 | echo "Building pkginfo file..." | |
242 | cat > pkginfo << _EOF | |
243 | PKG=$PKGNAME | |
244 | NAME="OpenSSH Portable for ${UNAME_S}" | |
245 | DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." | |
246 | VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" | |
247 | ARCH=$ARCH | |
d386a795 | 248 | VERSION=$VERSION$REV |
9cefe228 | 249 | CATEGORY="Security,application" |
250 | BASEDIR=/ | |
251 | CLASSES="none" | |
252 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" | |
253 | _EOF | |
254 | ||
255 | ## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS | |
256 | echo "Building depend file..." | |
257 | touch depend | |
258 | ||
259 | ## Build space file | |
260 | echo "Building space file..." | |
29eadd7c | 261 | if [ $DO_SMF -eq 1 ] |
262 | then | |
263 | # XXX Is this necessary? If not, remove space line from mk-proto.awk. | |
264 | touch space | |
265 | else | |
266 | cat > space << _EOF | |
267 | # extra space required by start/stop links added by installf | |
268 | # in postinstall | |
9cefe228 | 269 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 |
270 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 | |
271 | _EOF | |
29eadd7c | 272 | [ "$RC1_D" = no ] || \ |
273 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space | |
274 | [ "$RCS_D" = yes ] && \ | |
275 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space | |
276 | fi | |
9cefe228 | 277 | |
278 | ## Build preinstall file | |
279 | echo "Building preinstall file..." | |
280 | cat > preinstall << _EOF | |
281 | #! ${SCRIPT_SHELL} | |
282 | # | |
283 | _EOF | |
284 | ||
285 | # local preinstall changes here | |
286 | [ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} | |
287 | ||
288 | cat >> preinstall << _EOF | |
289 | # | |
29eadd7c | 290 | if [ "\${PRE_INS_STOP}" = "yes" ] |
291 | then | |
292 | if [ $DO_SMF -eq 1 ] | |
293 | then | |
294 | svcadm disable $OPENSSH_FMRI | |
295 | else | |
296 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | |
297 | fi | |
298 | fi | |
299 | ||
9cefe228 | 300 | exit 0 |
301 | _EOF | |
302 | ||
303 | ## Build postinstall file | |
304 | echo "Building postinstall file..." | |
305 | cat > postinstall << _EOF | |
306 | #! ${SCRIPT_SHELL} | |
307 | # | |
308 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ | |
309 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ | |
310 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config | |
311 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ | |
312 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ | |
313 | \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config | |
314 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && { | |
315 | [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\ | |
316 | cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\ | |
317 | \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds | |
318 | } | |
319 | ||
320 | # make rc?.d dirs only if we are doing a test install | |
29eadd7c | 321 | [ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { |
9cefe228 | 322 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d |
323 | mkdir -p ${TEST_DIR}/etc/rc0.d | |
324 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d | |
325 | mkdir -p ${TEST_DIR}/etc/rc2.d | |
326 | } | |
327 | ||
29eadd7c | 328 | if [ $DO_SMF -eq 1 ] |
9cefe228 | 329 | then |
29eadd7c | 330 | # Delete the existing service, if it exists, then import the |
331 | # new one. | |
332 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 | |
333 | then | |
334 | svccfg delete -f $OPENSSH_FMRI | |
335 | fi | |
336 | # NOTE, if manifest enables sshd by default, this will actually | |
337 | # start the daemon, which may not be what the user wants. | |
338 | svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST | |
9cefe228 | 339 | else |
29eadd7c | 340 | if [ "\${USE_SYM_LINKS}" = yes ] |
341 | then | |
342 | [ "$RCS_D" = yes ] && \ | |
343 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
344 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
345 | [ "$RC1_D" = no ] || \ | |
346 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
347 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | |
348 | else | |
349 | [ "$RCS_D" = yes ] && \ | |
350 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
351 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
352 | [ "$RC1_D" = no ] || \ | |
353 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
354 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | |
355 | fi | |
9cefe228 | 356 | fi |
357 | ||
358 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) | |
359 | [ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys | |
360 | ||
361 | _EOF | |
362 | ||
363 | # local postinstall changes here | |
364 | [ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} | |
365 | ||
366 | cat >> postinstall << _EOF | |
367 | installf -f ${PKGNAME} | |
368 | ||
369 | # Use chroot to handle PKG_INSTALL_ROOT | |
370 | if [ ! -z "\${PKG_INSTALL_ROOT}" ] | |
371 | then | |
372 | chroot="chroot \${PKG_INSTALL_ROOT}" | |
373 | fi | |
374 | # If this is a test build, we will skip the groupadd/useradd/passwd commands | |
375 | if [ ! -z "${TEST_DIR}" ] | |
376 | then | |
377 | chroot=echo | |
378 | fi | |
379 | ||
16082eaa | 380 | echo "PrivilegeSeparation user always required." |
d386a795 | 381 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
382 | then | |
383 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." | |
384 | SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` | |
385 | SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` | |
386 | else | |
387 | DO_PASSWD=yes | |
388 | fi | |
389 | [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER | |
390 | ||
391 | # group required? | |
392 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null | |
9cefe228 | 393 | then |
d386a795 | 394 | echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." |
9cefe228 | 395 | else |
d386a795 | 396 | DO_GROUP=yes |
397 | fi | |
398 | ||
399 | # create group if required | |
400 | [ "\$DO_GROUP" = yes ] && { | |
9cefe228 | 401 | # Use gid of 67 if possible |
402 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null | |
403 | then | |
404 | : | |
405 | else | |
406 | sshdgid="-g $SSHDGID" | |
407 | fi | |
d386a795 | 408 | echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." |
409 | \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP | |
410 | } | |
9cefe228 | 411 | |
412 | # Create user if required | |
d386a795 | 413 | [ "\$DO_PASSWD" = yes ] && { |
9cefe228 | 414 | # Use uid of 67 if possible |
b5c428f0 | 415 | if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null |
9cefe228 | 416 | then |
417 | : | |
418 | else | |
419 | sshduid="-u $SSHDUID" | |
420 | fi | |
421 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." | |
422 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER | |
423 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER | |
d386a795 | 424 | } |
9cefe228 | 425 | |
29eadd7c | 426 | if [ "\${POST_INS_START}" = "yes" ] |
427 | then | |
428 | if [ $DO_SMF -eq 1 ] | |
429 | then | |
430 | # See svccfg import note above. The service may already | |
431 | # be started. | |
432 | svcadm enable $OPENSSH_FMRI | |
433 | else | |
434 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start | |
435 | fi | |
436 | fi | |
9cefe228 | 437 | exit 0 |
438 | _EOF | |
439 | ||
440 | ## Build preremove file | |
441 | echo "Building preremove file..." | |
442 | cat > preremove << _EOF | |
443 | #! ${SCRIPT_SHELL} | |
444 | # | |
29eadd7c | 445 | if [ $DO_SMF -eq 1 ] |
446 | then | |
447 | svcadm disable $OPENSSH_FMRI | |
448 | else | |
449 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | |
450 | fi | |
9cefe228 | 451 | _EOF |
452 | ||
453 | # local preremove changes here | |
454 | [ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} | |
455 | ||
456 | cat >> preremove << _EOF | |
457 | exit 0 | |
458 | _EOF | |
459 | ||
460 | ## Build postremove file | |
461 | echo "Building postremove file..." | |
462 | cat > postremove << _EOF | |
463 | #! ${SCRIPT_SHELL} | |
464 | # | |
29eadd7c | 465 | if [ $DO_SMF -eq 1 ] |
466 | then | |
467 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 | |
468 | then | |
469 | svccfg delete -f $OPENSSH_FMRI | |
470 | fi | |
471 | fi | |
9cefe228 | 472 | _EOF |
473 | ||
474 | # local postremove changes here | |
475 | [ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} | |
476 | ||
477 | cat >> postremove << _EOF | |
478 | exit 0 | |
479 | _EOF | |
480 | ||
481 | ## Build request file | |
482 | echo "Building request file..." | |
483 | cat > request << _EOF | |
484 | trap 'exit 3' 15 | |
485 | ||
486 | _EOF | |
487 | ||
488 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF | |
489 | ||
490 | ckyorn() { | |
1f231631 | 491 | # for some strange reason OpenServer5 has no ckyorn |
9cefe228 | 492 | # We build a striped down version here |
493 | ||
494 | DEFAULT=n | |
495 | PROMPT="Yes or No [yes,no,?,quit]" | |
496 | HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." | |
497 | USAGE="usage: ckyorn [options] | |
498 | where options may include: | |
499 | -d default | |
500 | -h help | |
501 | -p prompt | |
502 | " | |
503 | ||
504 | if [ \$# != 0 ] | |
505 | then | |
506 | while getopts d:p:h: c | |
507 | do | |
508 | case \$c in | |
509 | h) HELP_PROMPT="\$OPTARG" ;; | |
510 | d) DEFAULT=\$OPTARG ;; | |
511 | p) PROMPT=\$OPTARG ;; | |
512 | \\?) echo "\$USAGE" 1>&2 | |
513 | exit 1 ;; | |
514 | esac | |
515 | done | |
516 | shift \`expr \$OPTIND - 1\` | |
517 | fi | |
518 | ||
519 | while true | |
520 | do | |
521 | echo "\${PROMPT}\\c " 1>&2 | |
522 | read key | |
523 | [ -z "\$key" ] && key=\$DEFAULT | |
524 | case \$key in | |
525 | [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" | |
526 | exit 0 ;; | |
527 | \\?) echo \$HELP_PROMPT 1>&2 ;; | |
528 | q|quit) echo "q\\c" 1>&2 | |
529 | exit 3 ;; | |
530 | esac | |
531 | done | |
532 | ||
533 | } | |
534 | ||
535 | _EOF | |
536 | ||
29eadd7c | 537 | if [ $DO_SMF -eq 1 ] |
538 | then | |
539 | # This could get hairy, as the running sshd may not be under SMF. | |
540 | # We'll assume an earlier version of OpenSSH started via SMF. | |
541 | cat >> request << _EOF | |
542 | PRE_INS_STOP=no | |
543 | POST_INS_START=no | |
544 | # determine if should restart the daemon | |
545 | if [ -s ${piddir}/sshd.pid ] && \ | |
546 | /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 | |
547 | then | |
548 | ans=\`ckyorn -d n \ | |
549 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? | |
550 | case \$ans in | |
551 | [y,Y]*) PRE_INS_STOP=yes | |
552 | POST_INS_START=yes | |
553 | ;; | |
554 | esac | |
555 | ||
556 | else | |
557 | ||
558 | # determine if we should start sshd | |
559 | ans=\`ckyorn -d n \ | |
560 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? | |
561 | case \$ans in | |
562 | [y,Y]*) POST_INS_START=yes ;; | |
563 | esac | |
564 | fi | |
565 | ||
566 | # make parameters available to installation service, | |
567 | # and so to any other packaging scripts | |
568 | cat >\$1 <<! | |
569 | PRE_INS_STOP='\$PRE_INS_STOP' | |
570 | POST_INS_START='\$POST_INS_START' | |
571 | ! | |
572 | ||
573 | _EOF | |
574 | else | |
575 | cat >> request << _EOF | |
9cefe228 | 576 | USE_SYM_LINKS=no |
577 | PRE_INS_STOP=no | |
578 | POST_INS_START=no | |
579 | # Use symbolic links? | |
580 | ans=\`ckyorn -d n \ | |
581 | -p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? | |
582 | case \$ans in | |
583 | [y,Y]*) USE_SYM_LINKS=yes ;; | |
584 | esac | |
585 | ||
586 | # determine if should restart the daemon | |
587 | if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] | |
588 | then | |
589 | ans=\`ckyorn -d n \ | |
590 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? | |
591 | case \$ans in | |
592 | [y,Y]*) PRE_INS_STOP=yes | |
593 | POST_INS_START=yes | |
594 | ;; | |
595 | esac | |
596 | ||
597 | else | |
598 | ||
599 | # determine if we should start sshd | |
600 | ans=\`ckyorn -d n \ | |
601 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? | |
602 | case \$ans in | |
603 | [y,Y]*) POST_INS_START=yes ;; | |
604 | esac | |
605 | fi | |
606 | ||
607 | # make parameters available to installation service, | |
608 | # and so to any other packaging scripts | |
609 | cat >\$1 <<! | |
610 | USE_SYM_LINKS='\$USE_SYM_LINKS' | |
611 | PRE_INS_STOP='\$PRE_INS_STOP' | |
612 | POST_INS_START='\$POST_INS_START' | |
613 | ! | |
614 | ||
615 | _EOF | |
29eadd7c | 616 | fi |
9cefe228 | 617 | |
618 | # local request changes here | |
619 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} | |
620 | ||
621 | cat >> request << _EOF | |
622 | exit 0 | |
623 | ||
624 | _EOF | |
625 | ||
626 | ## Next Build our prototype | |
627 | echo "Building prototype file..." | |
628 | cat >mk-proto.awk << _EOF | |
629 | BEGIN { print "i pkginfo"; print "i depend"; \\ | |
630 | print "i preinstall"; print "i postinstall"; \\ | |
631 | print "i preremove"; print "i postremove"; \\ | |
632 | print "i request"; print "i space"; \\ | |
633 | split("$SYSTEM_DIR",sys_files); } | |
634 | { | |
635 | for (dir in sys_files) { if ( \$3 != sys_files[dir] ) | |
636 | { if ( \$1 == "s" ) | |
637 | { \$5=""; \$6=""; } | |
638 | else | |
639 | { \$5="root"; \$6="sys"; } | |
640 | } | |
641 | else | |
642 | { \$4="?"; \$5="?"; \$6="?"; break;} | |
643 | } } | |
644 | { print; } | |
645 | _EOF | |
646 | ||
647 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ | |
648 | pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype | |
649 | ||
650 | # /usr/local is a symlink on some systems | |
651 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { | |
652 | grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new | |
653 | mv prototype.new prototype | |
654 | } | |
655 | ||
656 | ## Step back a directory and now build the package. | |
657 | cd .. | |
658 | # local prototype tweeks here | |
659 | [ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} | |
660 | ||
661 | echo "Building package.." | |
662 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o | |
d386a795 | 663 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
9cefe228 | 664 | ;; |
665 | ||
666 | justpkg.sh) | |
667 | rm -fr ${FAKE_ROOT}/${PKGNAME} | |
668 | grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp | |
669 | mv $$tmp $FAKE_ROOT/pkginfo | |
670 | cat >> $FAKE_ROOT/pkginfo << _EOF | |
671 | PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" | |
672 | _EOF | |
673 | pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o | |
d386a795 | 674 | echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg |
9cefe228 | 675 | ;; |
676 | ||
677 | esac | |
678 | ||
679 | [ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT | |
25616c13 | 680 | exit 0 |
9cefe228 | 681 |