[openssh.git] / contrib / solaris / buildpkg.sh

#!/bin/sh
#
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
#
# The following code has been provide under Public Domain License.  I really
# don't care what you use it for.  Just as long as you don't complain to me
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
#
umask 022
#
# Options for building the package
# You can create a config.local with your customized options
#
# uncommenting TEST_DIR and using
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
# and
# PKGNAME=tOpenSSH should allow testing a package without interfering
# with a real OpenSSH package on a system. This is not needed on systems
# that support the -R option to pkgadd.
#TEST_DIR=/var/tmp	# leave commented out for production build
PKGNAME=OpenSSH
SYSVINIT_NAME=opensshd
MAKE=${MAKE:="make"}
SSHDUID=67	# Default privsep uid
SSHDGID=67	# Default privsep gid
# uncomment these next two as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc	\
/etc/init.d		\
/etc/rcS.d		\
/etc/rc0.d		\
/etc/rc1.d		\
/etc/rc2.d		\
/etc/opt		\
/opt			\
/opt/bin		\
/usr			\
/usr/bin		\
/usr/lib		\
/usr/sbin		\
/usr/share		\
/usr/share/man		\
/usr/share/man/man1	\
/usr/share/man/man8	\
/usr/local		\
/usr/local/bin		\
/usr/local/etc		\
/usr/local/libexec	\
/usr/local/man		\
/usr/local/man/man1	\
/usr/local/man/man8	\
/usr/local/sbin		\
/usr/local/share	\
/var			\
/var/opt		\
/var/run		\
/var/tmp		\
/tmp"

# We may need to build as root so we make sure PATH is set up
# only set the path if it's not set already
[ -d /usr/local/bin ]  &&  {
	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
}
[ -d /usr/ccs/bin ]  &&  {
	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
}
export PATH
#

[ -f Makefile ]  ||  {
	echo "Please run this script from your build directory"
	exit 1
}

# we will look for config.local to override the above options
[ -s ./config.local ]  &&  . ./config.local

## Start by faking root install
echo "Faking root install..."
START=`pwd`
OPENSSHD_IN=`dirname $0`/opensshd.in
FAKE_ROOT=$START/package
[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
mkdir $FAKE_ROOT
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
then
	echo "Fake root install failed, stopping."
	exit 1
fi

## Fill in some details, like prefix and sysconfdir
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
do
	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
done


## Collect value of privsep user
for confvar in SSH_PRIVSEP_USER
do
	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
done

## Set privsep defaults if not defined
if [ -z "$SSH_PRIVSEP_USER" ]
then
	SSH_PRIVSEP_USER=sshd
fi

## Extract common info requires for the 'info' part of the package.
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`

UNAME_S=`uname -s`
case ${UNAME_S} in
	SunOS)	UNAME_S=Solaris
		ARCH=`uname -p`
		RCS_D=yes
		DEF_MSG="(default: n)"
		;;
	*)	ARCH=`uname -m`
		DEF_MSG="\n" ;;
esac

## Setup our run level stuff while we are at it.
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d

## setup our initscript correctly
sed -e "s#%%configDir%%#${sysconfdir}#g" 	\
    -e "s#%%openSSHDir%%#$prefix#g"		\
    -e "s#%%pidDir%%#${piddir}#g"		\
	${OPENSSHD_IN}	> $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}

[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ]  &&  \
	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	$FAKE_ROOT/${sysconfdir}/sshd_config

# We don't want to overwrite config files on multiple installs
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default

cd $FAKE_ROOT

## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
## whining.
for i in *; do
  PROTO_ARGS="$PROTO_ARGS $i=/$i";
done

## Build info file
echo "Building pkginfo file..."
cat > pkginfo << _EOF
PKG=$PKGNAME
NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH
VERSION=$VERSION
CATEGORY="Security,application"
BASEDIR=/
CLASSES="none"
_EOF

## Build preinstall file
echo "Building preinstall file..."
cat > preinstall << _EOF
#! /sbin/sh
#
[ "\${PRE_INS_STOP}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
exit 0
_EOF

## Build postinstall file
echo "Building postinstall file..."
cat > postinstall << _EOF
#! /sbin/sh
#
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
}

# make rc?.d dirs only if we are doing a test install
[ -n "${TEST_DIR}" ]  &&  {
	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
	mkdir -p ${TEST_DIR}/etc/rc0.d
	mkdir -p ${TEST_DIR}/etc/rc1.d
	mkdir -p ${TEST_DIR}/etc/rc2.d
}

if [ "\${USE_SYM_LINKS}" = yes ]
then
	[ "$RCS_D" = yes ]  &&  \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
else
	[ "$RCS_D" = yes ]  &&  \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
fi

# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys

installf -f ${PKGNAME}

# Use chroot to handle PKG_INSTALL_ROOT
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
then
	chroot="chroot \${PKG_INSTALL_ROOT}"
fi
# If this is a test build, we will skip the groupadd/useradd/passwd commands
if [ ! -z "${TEST_DIR}" ]
then
	chroot=echo
fi

if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
then
	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
	echo "or group."
else
	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."

	# create group if required
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep group $SSH_PRIVSEP_USER already exists."
	else
		# Use gid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshdgid="-g $SSHDGID"
		fi
		echo "Creating PrivSep group $SSH_PRIVSEP_USER."
		\$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
	fi

	# Create user if required
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	else
		# Use uid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshduid="-u $SSHDUID"
		fi
		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
		\$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
		\$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
	fi
fi

[ "\${POST_INS_START}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
exit 0
_EOF

## Build preremove file
echo "Building preremove file..."
cat > preremove << _EOF
#! /sbin/sh
#
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
exit 0
_EOF

## Build request file
echo "Building request file..."
cat > request << _EOF
trap 'exit 3' 15
USE_SYM_LINKS=no
PRE_INS_STOP=no
POST_INS_START=no
# Use symbolic links?
ans=\`ckyorn -d n \
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
case \$ans in
	[y,Y]*)	USE_SYM_LINKS=yes ;;
esac

# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
USE_SYM_LINKS='\$USE_SYM_LINKS'
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!
exit 0

_EOF

## Build space file
echo "Building space file..."
cat > space << _EOF
# extra space required by start/stop links added by installf in postinstall
$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
_EOF
[ "$RCS_D" = yes ]  &&  \
echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space

## Next Build our prototype
echo "Building prototype file..."
cat >mk-proto.awk << _EOF
	    BEGIN { print "i pkginfo"; print "i preinstall"; \\
		    print "i postinstall"; print "i preremove"; \\
		    print "i request"; print "i space"; \\
		    split("$SYSTEM_DIR",sys_files); }
	    {
	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
		     { \$5="root"; \$6="sys"; }
		else
		     { \$4="?"; \$5="?"; \$6="?"; break;}
	    } }
	    { print; }
_EOF
find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype

## Step back a directory and now build the package.
echo "Building package.."
cd ..
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
rm -rf $FAKE_ROOT
Commit	Line	Data
6e464960	1	#!/bin/sh
6e464960	2	#
e4abf75b	3	# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
6e464960	4	#
	5	# The following code has been provide under Public Domain License. I really
	6	# don't care what you use it for. Just as long as you don't complain to me
	7	# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
aff51935	8	#
6e464960	9	umask 022
e4abf75b	10	#
	11	# Options for building the package
	12	# You can create a config.local with your customized options
	13	#
4f9d6706	14	# uncommenting TEST_DIR and using
4f9d6706	15	# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
aff51935	16	# and
e4abf75b	17	# PKGNAME=tOpenSSH should allow testing a package without interfering
4379c0e5	18	# with a real OpenSSH package on a system. This is not needed on systems
4379c0e5	19	# that support the -R option to pkgadd.
e4abf75b	20	#TEST_DIR=/var/tmp # leave commented out for production build
6e464960	21	PKGNAME=OpenSSH
e4abf75b	22	SYSVINIT_NAME=opensshd
e4abf75b	23	MAKE=${MAKE:="make"}
4379c0e5	24	SSHDUID=67 # Default privsep uid
4379c0e5	25	SSHDGID=67 # Default privsep gid
e4abf75b	26	# uncomment these next two as needed
	27	#PERMIT_ROOT_LOGIN=no
	28	#X11_FORWARDING=yes
	29	# list of system directories we do NOT want to change owner/group/perms
	30	# when installing our package
	31	SYSTEM_DIR="/etc \
	32	/etc/init.d \
	33	/etc/rcS.d \
	34	/etc/rc0.d \
	35	/etc/rc1.d \
	36	/etc/rc2.d \
43e41c2c	37	/etc/opt \
e4abf75b	38	/opt \
	39	/opt/bin \
	40	/usr \
	41	/usr/bin \
	42	/usr/lib \
	43	/usr/sbin \
	44	/usr/share \
	45	/usr/share/man \
	46	/usr/share/man/man1 \
	47	/usr/share/man/man8 \
	48	/usr/local \
	49	/usr/local/bin \
	50	/usr/local/etc \
	51	/usr/local/libexec \
	52	/usr/local/man \
	53	/usr/local/man/man1 \
	54	/usr/local/man/man8 \
	55	/usr/local/sbin \
	56	/usr/local/share \
	57	/var \
43e41c2c	58	/var/opt \
e4abf75b	59	/var/run \
	60	/var/tmp \
	61	/tmp"
6e464960	62
4379c0e5	63	# We may need to build as root so we make sure PATH is set up
e4abf75b	64	# only set the path if it's not set already
	65	[ -d /usr/local/bin ] && {
	66	echo $PATH \| grep ":/usr/local/bin" > /dev/null 2>&1
	67	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
	68	}
	69	[ -d /usr/ccs/bin ] && {
	70	echo $PATH \| grep ":/usr/ccs/bin" > /dev/null 2>&1
	71	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
	72	}
	73	export PATH
	74	#
	75
	76	[ -f Makefile ] \|\| {
	77	echo "Please run this script from your build directory"
	78	exit 1
	79	}
	80
	81	# we will look for config.local to override the above options
	82	[ -s ./config.local ] && . ./config.local
6e464960	83
aff51935	84	## Start by faking root install
6e464960	85	echo "Faking root install..."
6e464960	86	START=`pwd`
e4abf75b	87	OPENSSHD_IN=`dirname $0`/opensshd.in
6e464960	88	FAKE_ROOT=$START/package
e4abf75b	89	[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
6e464960	90	mkdir $FAKE_ROOT
e4abf75b	91	${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
	92	if [ $? -gt 0 ]
	93	then
	94	echo "Fake root install failed, stopping."
	95	exit 1
	96	fi
6e464960	97
6e464960	98	## Fill in some details, like prefix and sysconfdir
e4abf75b	99	for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
e4abf75b	100	do
aff51935	101	eval $confvar=`grep "^$confvar=" Makefile \| cut -d = -f 2`
e4abf75b	102	done
6e464960	103
846be3f4	104
	105	## Collect value of privsep user
	106	for confvar in SSH_PRIVSEP_USER
	107	do
aff51935	108	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
846be3f4	109	done
	110
	111	## Set privsep defaults if not defined
	112	if [ -z "$SSH_PRIVSEP_USER" ]
	113	then
aff51935	114	SSH_PRIVSEP_USER=sshd
846be3f4	115	fi
846be3f4	116
e4abf75b	117	## Extract common info requires for the 'info' part of the package.
e4abf75b	118	VERSION=`./ssh -V 2>&1 \| sed -e 's/,.*//'`
6e464960	119
e4abf75b	120	UNAME_S=`uname -s`
	121	case ${UNAME_S} in
	122	SunOS) UNAME_S=Solaris
	123	ARCH=`uname -p`
	124	RCS_D=yes
	125	DEF_MSG="(default: n)"
	126	;;
4f9d6706	127	*) ARCH=`uname -m`
4f9d6706	128	DEF_MSG="\n" ;;
e4abf75b	129	esac
	130
	131	## Setup our run level stuff while we are at it.
	132	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
6e464960	133
6e464960	134	## setup our initscript correctly
e4abf75b	135	sed -e "s#%%configDir%%#${sysconfdir}#g" \
	136	-e "s#%%openSSHDir%%#$prefix#g" \
	137	-e "s#%%pidDir%%#${piddir}#g" \
	138	${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	139	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
6e464960	140
e4abf75b	141	[ "${PERMIT_ROOT_LOGIN}" = no ] && \
	142	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
	143	$FAKE_ROOT/${sysconfdir}/sshd_config
	144	[ "${X11_FORWARDING}" = yes ] && \
	145	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
	146	$FAKE_ROOT/${sysconfdir}/sshd_config
	147	# fix PrintMotd
	148	perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	149	$FAKE_ROOT/${sysconfdir}/sshd_config
6e464960	150
e4abf75b	151	# We don't want to overwrite config files on multiple installs
	152	mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
	153	mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
	154	[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
	155	mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
	156
	157	cd $FAKE_ROOT
6e464960	158
	159	## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
	160	## whining.
	161	for i in *; do
	162	PROTO_ARGS="$PROTO_ARGS $i=/$i";
	163	done
	164
	165	## Build info file
	166	echo "Building pkginfo file..."
	167	cat > pkginfo << _EOF
	168	PKG=$PKGNAME
e4abf75b	169	NAME="OpenSSH Portable for ${UNAME_S}"
6e464960	170	DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
6e464960	171	VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
6e464960	172	ARCH=$ARCH
6e464960	173	VERSION=$VERSION
e4abf75b	174	CATEGORY="Security,application"
6e464960	175	BASEDIR=/
e4abf75b	176	CLASSES="none"
	177	_EOF
	178
	179	## Build preinstall file
	180	echo "Building preinstall file..."
	181	cat > preinstall << _EOF
	182	#! /sbin/sh
	183	#
	184	[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	185	exit 0
	186	_EOF
	187
	188	## Build postinstall file
	189	echo "Building postinstall file..."
	190	cat > postinstall << _EOF
	191	#! /sbin/sh
	192	#
4f9d6706	193	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] \|\| \\
	194	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
	195	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
	196	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] \|\| \\
	197	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
	198	\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
	199	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
	200	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] \|\| \\
	201	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
	202	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
e4abf75b	203	}
	204
	205	# make rc?.d dirs only if we are doing a test install
	206	[ -n "${TEST_DIR}" ] && {
	207	[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
	208	mkdir -p ${TEST_DIR}/etc/rc0.d
	209	mkdir -p ${TEST_DIR}/etc/rc1.d
	210	mkdir -p ${TEST_DIR}/etc/rc2.d
	211	}
	212
	213	if [ "\${USE_SYM_LINKS}" = yes ]
	214	then
	215	[ "$RCS_D" = yes ] && \
4f9d6706	216	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	217	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	218	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	219	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
e4abf75b	220	else
e4abf75b	221	[ "$RCS_D" = yes ] && \
4f9d6706	222	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	223	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	224	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	225	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
e4abf75b	226	fi
e4abf75b	227
43e41c2c	228	# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
4f9d6706	229	[ -d $piddir ] \|\| installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys
43e41c2c	230
e4abf75b	231	installf -f ${PKGNAME}
e4abf75b	232
4379c0e5	233	# Use chroot to handle PKG_INSTALL_ROOT
	234	if [ ! -z "\${PKG_INSTALL_ROOT}" ]
	235	then
	236	chroot="chroot \${PKG_INSTALL_ROOT}"
	237	fi
	238	# If this is a test build, we will skip the groupadd/useradd/passwd commands
	239	if [ ! -z "${TEST_DIR}" ]
	240	then
	241	chroot=echo
	242	fi
	243
	244	if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
846be3f4	245	then
aff51935	246	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
aff51935	247	echo "or group."
846be3f4	248	else
aff51935	249	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
846be3f4	250
aff51935	251	# create group if required
	252	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	253	then
	254	echo "PrivSep group $SSH_PRIVSEP_USER already exists."
	255	else
4379c0e5	256	# Use gid of 67 if possible
	257	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSHDGID'\$' >/dev/null
	258	then
	259	:
	260	else
	261	sshdgid="-g $SSHDGID"
	262	fi
aff51935	263	echo "Creating PrivSep group $SSH_PRIVSEP_USER."
	264	\$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
	265	fi
	266
	267	# Create user if required
	268	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	269	then
	270	echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	271	else
4379c0e5	272	# Use uid of 67 if possible
	273	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSHDGID'\$' >/dev/null
	274	then
	275	:
	276	else
	277	sshduid="-u $SSHDUID"
	278	fi
aff51935	279	echo "Creating PrivSep user $SSH_PRIVSEP_USER."
4379c0e5	280	\$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
4379c0e5	281	\$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
aff51935	282	fi
846be3f4	283	fi
846be3f4	284
e4abf75b	285	[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
e4abf75b	286	exit 0
6e464960	287	_EOF
6e464960	288
e4abf75b	289	## Build preremove file
	290	echo "Building preremove file..."
	291	cat > preremove << _EOF
	292	#! /sbin/sh
	293	#
	294	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
	295	exit 0
	296	_EOF
	297
	298	## Build request file
	299	echo "Building request file..."
	300	cat > request << _EOF
	301	trap 'exit 3' 15
	302	USE_SYM_LINKS=no
	303	PRE_INS_STOP=no
	304	POST_INS_START=no
	305	# Use symbolic links?
	306	ans=\`ckyorn -d n \
	307	-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` \|\| exit \$?
	308	case \$ans in
	309	[y,Y]*) USE_SYM_LINKS=yes ;;
	310	esac
	311
	312	# determine if should restart the daemon
	313	if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
	314	then
	315	ans=\`ckyorn -d n \
	316	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
	317	case \$ans in
	318	[y,Y]*) PRE_INS_STOP=yes
	319	POST_INS_START=yes
	320	;;
	321	esac
	322
	323	else
	324
	325	# determine if we should start sshd
	326	ans=\`ckyorn -d n \
	327	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
	328	case \$ans in
	329	[y,Y]*) POST_INS_START=yes ;;
	330	esac
	331	fi
	332
	333	# make parameters available to installation service,
	334	# and so to any other packaging scripts
	335	cat >\$1 <<!
	336	USE_SYM_LINKS='\$USE_SYM_LINKS'
	337	PRE_INS_STOP='\$PRE_INS_STOP'
	338	POST_INS_START='\$POST_INS_START'
	339	!
	340	exit 0
	341
	342	_EOF
	343
	344	## Build space file
	345	echo "Building space file..."
	346	cat > space << _EOF
	347	# extra space required by start/stop links added by installf in postinstall
	348	$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
	349	$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
	350	$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
	351	_EOF
	352	[ "$RCS_D" = yes ] && \
353	echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space
354
6e464960	355	## Next Build our prototype
6e464960	356	echo "Building prototype file..."
e4abf75b	357	cat >mk-proto.awk << _EOF
	358	BEGIN { print "i pkginfo"; print "i preinstall"; \\
	359	print "i postinstall"; print "i preremove"; \\
	360	print "i request"; print "i space"; \\
aff51935	361	split("$SYSTEM_DIR",sys_files); }
e4abf75b	362	{
e4abf75b	363	for (dir in sys_files) { if ( \$3 != sys_files[dir] )
aff51935	364	{ \$5="root"; \$6="sys"; }
	365	else
	366	{ \$4="?"; \$5="?"; \$6="?"; break;}
e4abf75b	367	} }
	368	{ print; }
	369	_EOF
	370	find . \| egrep -v "prototype\|pkginfo\|mk-proto.awk" \| sort \| \
	371	pkgproto $PROTO_ARGS \| nawk -f mk-proto.awk > prototype
6e464960	372
	373	## Step back a directory and now build the package.
	374	echo "Building package.."
	375	cd ..
e4abf75b	376	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
e4abf75b	377	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
6e464960	378	rm -rf $FAKE_ROOT
e4abf75b	379