[openssh.git] / buildpkg.sh.in

#!/bin/sh
#
# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
#
# The following code has been provide under Public Domain License.  I really
# don't care what you use it for.  Just as long as you don't complain to me
# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
#
umask 022
#
# Options for building the package
# You can create a openssh-config.local with your customized options
#
REMOVE_FAKE_ROOT_WHEN_DONE=yes
#
# uncommenting TEST_DIR and using
# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
# and
# PKGNAME=tOpenSSH should allow testing a package without interfering
# with a real OpenSSH package on a system. This is not needed on systems
# that support the -R option to pkgadd.
#TEST_DIR=/var/tmp	# leave commented out for production build
PKGNAME=OpenSSH
SYSVINIT_NAME=opensshd
MAKE=${MAKE:="make"}
SSHDUID=67	# Default privsep uid
SSHDGID=67	# Default privsep gid
# uncomment these next three as needed
#PERMIT_ROOT_LOGIN=no
#X11_FORWARDING=yes
#USR_LOCAL_IS_SYMLINK=yes
# System V init run levels
SYSVINITSTART=S98
SYSVINITSTOPT=K30
# We will source these if they exist
POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh
POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
# We'll be one level deeper looking for these
PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
PKG_PREREMOVE_LOCAL=../pkg-preremove.local
PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
PKG_REQUEST_LOCAL=../pkg-request.local
# end of sourced files
#
OPENSSHD=opensshd.init

PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
PATH_USERADD_PROG=@PATH_USERADD_PROG@
PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
#
# list of system directories we do NOT want to change owner/group/perms
# when installing our package
SYSTEM_DIR="/etc	\
/etc/init.d		\
/etc/rcS.d		\
/etc/rc0.d		\
/etc/rc1.d		\
/etc/rc2.d		\
/etc/opt		\
/opt			\
/opt/bin		\
/usr			\
/usr/bin		\
/usr/lib		\
/usr/sbin		\
/usr/share		\
/usr/share/man		\
/usr/share/man/man1	\
/usr/share/man/man8	\
/usr/local		\
/usr/local/bin		\
/usr/local/etc		\
/usr/local/libexec	\
/usr/local/man		\
/usr/local/man/man1	\
/usr/local/man/man8	\
/usr/local/sbin		\
/usr/local/share	\
/var			\
/var/opt		\
/var/run		\
/var/tmp		\
/tmp"

# We may need to build as root so we make sure PATH is set up
# only set the path if it's not set already
[ -d /opt/bin ]  &&  {
	echo $PATH | grep ":/opt/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
}
[ -d /usr/local/bin ]  &&  {
	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
}
[ -d /usr/ccs/bin ]  &&  {
	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
}
export PATH
#

[ -f Makefile ]  ||  {
	echo "Please run this script from your build directory"
	exit 1
}

# we will look for openssh-config.local to override the above options
[ -s ./openssh-config.local ]  &&  . ./openssh-config.local

START=`pwd`
FAKE_ROOT=$START/pkg

## Fill in some details, like prefix and sysconfdir
for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
do
	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
done


## Collect value of privsep user
for confvar in SSH_PRIVSEP_USER
do
	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
done

## Set privsep defaults if not defined
if [ -z "$SSH_PRIVSEP_USER" ]
then
	SSH_PRIVSEP_USER=sshd
fi

## Extract common info requires for the 'info' part of the package.
VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`

ARCH=`uname -m`
DEF_MSG="\n"
OS_VER=`uname -v`
SCRIPT_SHELL=/sbin/sh
UNAME_S=`uname -s`
case ${UNAME_S} in
	SunOS)	UNAME_S=Solaris
		ARCH=`uname -p`
		RCS_D=yes
		DEF_MSG="(default: n)"
		;;
	SCO_SV)	UNAME_S=OpenServer
		OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
		SCRIPT_SHELL=/bin/sh
		RC1_D=no
		DEF_MSG="(default: n)"
		;;
esac

case `basename $0` in
	buildpkg.sh)
## Start by faking root install
echo "Faking root install..."
[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
mkdir $FAKE_ROOT
${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
if [ $? -gt 0 ]
then
	echo "Fake root install failed, stopping."
	exit 1
fi

## Setup our run level stuff while we are at it.
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d

cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}

[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ]  &&  \
	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
		$FAKE_ROOT/${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	$FAKE_ROOT/${sysconfdir}/sshd_config

# We don't want to overwrite config files on multiple installs
mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default

# local tweeks here
[ -s "${POST_MAKE_INSTALL_FIXES}" ]  &&  . ${POST_MAKE_INSTALL_FIXES}

cd $FAKE_ROOT

## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
## whining.
for i in *; do
  PROTO_ARGS="$PROTO_ARGS $i=/$i";
done

## Build info file
echo "Building pkginfo file..."
cat > pkginfo << _EOF
PKG=$PKGNAME
NAME="OpenSSH Portable for ${UNAME_S}"
DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
ARCH=$ARCH
VERSION=$VERSION
CATEGORY="Security,application"
BASEDIR=/
CLASSES="none"
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF

## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
echo "Building depend file..."
touch depend

## Build space file
echo "Building space file..."
cat > space << _EOF
# extra space required by start/stop links added by installf in postinstall
$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
_EOF
[ "$RC1_D" = no ]  ||  \
echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
[ "$RCS_D" = yes ]  &&  \
echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space

## Build preinstall file
echo "Building preinstall file..."
cat > preinstall << _EOF
#! ${SCRIPT_SHELL}
#
_EOF

# local preinstall changes here
[ -s "${PKG_PREINSTALL_LOCAL}" ]  &&  . ${PKG_PREINSTALL_LOCAL}

cat >> preinstall << _EOF
#
[ "\${PRE_INS_STOP}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
exit 0
_EOF

## Build postinstall file
echo "Building postinstall file..."
cat > postinstall << _EOF
#! ${SCRIPT_SHELL}
#
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
}

# make rc?.d dirs only if we are doing a test install
[ -n "${TEST_DIR}" ]  &&  {
	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
	mkdir -p ${TEST_DIR}/etc/rc0.d
	[ "$RC1_D" = no ]  ||  mkdir -p ${TEST_DIR}/etc/rc1.d
	mkdir -p ${TEST_DIR}/etc/rc2.d
}

if [ "\${USE_SYM_LINKS}" = yes ]
then
	[ "$RCS_D" = yes ]  &&  \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	[ "$RC1_D" = no ]  ||  \
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
else
	[ "$RCS_D" = yes ]  &&  \
installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	[ "$RC1_D" = no ]  ||  \
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
fi

# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys

_EOF

# local postinstall changes here
[ -s "${PKG_POSTINSTALL_LOCAL}" ]  &&  . ${PKG_POSTINSTALL_LOCAL}

cat >> postinstall << _EOF
installf -f ${PKGNAME}

# Use chroot to handle PKG_INSTALL_ROOT
if [ ! -z "\${PKG_INSTALL_ROOT}" ]
then
	chroot="chroot \${PKG_INSTALL_ROOT}"
fi
# If this is a test build, we will skip the groupadd/useradd/passwd commands
if [ ! -z "${TEST_DIR}" ]
then
	chroot=echo
fi

if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
then
	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
	echo "or group."
else
	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."

	# create group if required
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep group $SSH_PRIVSEP_USER already exists."
	else
		# Use gid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshdgid="-g $SSHDGID"
		fi
		echo "Creating PrivSep group $SSH_PRIVSEP_USER."
		\$chroot ${PATH_GROUPADD_PROG} \$sshdgid $SSH_PRIVSEP_USER
	fi

	# Create user if required
	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
	then
		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
	else
		# Use uid of 67 if possible
		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
		then
			:
		else
			sshduid="-u $SSHDUID"
		fi
		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
		\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
		\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
	fi
fi

[ "\${POST_INS_START}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
exit 0
_EOF

## Build preremove file
echo "Building preremove file..."
cat > preremove << _EOF
#! ${SCRIPT_SHELL}
#
${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
_EOF

# local preremove changes here
[ -s "${PKG_PREREMOVE_LOCAL}" ]  &&  . ${PKG_PREREMOVE_LOCAL}

cat >> preremove << _EOF
exit 0
_EOF

## Build postremove file
echo "Building postremove file..."
cat > postremove << _EOF
#! ${SCRIPT_SHELL}
#
_EOF

# local postremove changes here
[ -s "${PKG_POSTREMOVE_LOCAL}" ]  &&  . ${PKG_POSTREMOVE_LOCAL}

cat >> postremove << _EOF
exit 0
_EOF

## Build request file
echo "Building request file..."
cat > request << _EOF
trap 'exit 3' 15

_EOF

[ -x /usr/bin/ckyorn ]  ||  cat >> request << _EOF

ckyorn() {
# for some strange reason OpenServer has no ckyorn
# We build a striped down version here

DEFAULT=n
PROMPT="Yes or No [yes,no,?,quit]"
HELP_PROMPT="        Enter y or yes if your answer is yes; n or no if your answer is no."
USAGE="usage: ckyorn [options]
where options may include:
        -d default
        -h help
        -p prompt
"

if [ \$# != 0 ]
then
	while getopts d:p:h: c
	do
		case \$c in
			h)	HELP_PROMPT="\$OPTARG" ;;
			d)	DEFAULT=\$OPTARG ;;
			p)	PROMPT=\$OPTARG ;;
			\\?)	echo "\$USAGE" 1>&2
				exit 1 ;;
		esac
	done
	shift \`expr \$OPTIND - 1\`
fi

while true
do
	echo "\${PROMPT}\\c " 1>&2
	read key
	[ -z "\$key" ]  &&  key=\$DEFAULT
	case \$key in
		[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S])	echo "\${key}\\c"
			exit 0 ;;
		\\?)	echo \$HELP_PROMPT 1>&2 ;;
		q|quit)	echo "q\\c" 1>&2
			exit 3 ;;
	esac
done

}

_EOF

cat >> request << _EOF
USE_SYM_LINKS=no
PRE_INS_STOP=no
POST_INS_START=no
# Use symbolic links?
ans=\`ckyorn -d n \
-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
case \$ans in
	[y,Y]*)	USE_SYM_LINKS=yes ;;
esac

# determine if should restart the daemon
if [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
then
	ans=\`ckyorn -d n \
-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	PRE_INS_STOP=yes
			POST_INS_START=yes
			;;
	esac

else

# determine if we should start sshd
	ans=\`ckyorn -d n \
-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
	case \$ans in
		[y,Y]*)	POST_INS_START=yes ;;
	esac
fi

# make parameters available to installation service,
# and so to any other packaging scripts
cat >\$1 <<!
USE_SYM_LINKS='\$USE_SYM_LINKS'
PRE_INS_STOP='\$PRE_INS_STOP'
POST_INS_START='\$POST_INS_START'
!

_EOF

# local request changes here
[ -s "${PKG_REQUEST_LOCAL}" ]  &&  . ${PKG_REQUEST_LOCAL}

cat >> request << _EOF
exit 0

_EOF

## Next Build our prototype
echo "Building prototype file..."
cat >mk-proto.awk << _EOF
	    BEGIN { print "i pkginfo"; print "i depend"; \\
		    print "i preinstall"; print "i postinstall"; \\
 		    print "i preremove"; print "i postremove"; \\
		    print "i request"; print "i space"; \\
		    split("$SYSTEM_DIR",sys_files); }
	    {
	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
		     { if ( \$1 == "s" )
			{ \$5=""; \$6=""; }
		     else
			{ \$5="root"; \$6="sys"; }
		     }
		else
		     { \$4="?"; \$5="?"; \$6="?"; break;}
	    } }
	    { print; }
_EOF

find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype

# /usr/local is a symlink on some systems
[ "${USR_LOCAL_IS_SYMLINK}" = yes ]  &&  {
	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
	mv prototype.new prototype
}

## Step back a directory and now build the package.
cd ..
# local prototype tweeks here
[ -s "${POST_PROTOTYPE_EDITS}" ]  &&  . ${POST_PROTOTYPE_EDITS}

echo "Building package.."
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg
	;;

	justpkg.sh)
rm -fr ${FAKE_ROOT}/${PKGNAME}
grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
mv $$tmp $FAKE_ROOT/pkginfo
cat >> $FAKE_ROOT/pkginfo << _EOF
PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
_EOF
pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg
	;;

esac

[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ]  &&  rm -rf $FAKE_ROOT
exit 0
Commit	Line	Data
9cefe228	1	#!/bin/sh
	2	#
	3	# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
	4	#
	5	# The following code has been provide under Public Domain License. I really
	6	# don't care what you use it for. Just as long as you don't complain to me
	7	# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
	8	#
	9	umask 022
	10	#
	11	# Options for building the package
	12	# You can create a openssh-config.local with your customized options
	13	#
	14	REMOVE_FAKE_ROOT_WHEN_DONE=yes
	15	#
	16	# uncommenting TEST_DIR and using
	17	# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
	18	# and
	19	# PKGNAME=tOpenSSH should allow testing a package without interfering
	20	# with a real OpenSSH package on a system. This is not needed on systems
	21	# that support the -R option to pkgadd.
	22	#TEST_DIR=/var/tmp # leave commented out for production build
	23	PKGNAME=OpenSSH
	24	SYSVINIT_NAME=opensshd
	25	MAKE=${MAKE:="make"}
	26	SSHDUID=67 # Default privsep uid
	27	SSHDGID=67 # Default privsep gid
	28	# uncomment these next three as needed
	29	#PERMIT_ROOT_LOGIN=no
	30	#X11_FORWARDING=yes
	31	#USR_LOCAL_IS_SYMLINK=yes
	32	# System V init run levels
	33	SYSVINITSTART=S98
	34	SYSVINITSTOPT=K30
	35	# We will source these if they exist
	36	POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh
	37	POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
	38	# We'll be one level deeper looking for these
	39	PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
	40	PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
	41	PKG_PREREMOVE_LOCAL=../pkg-preremove.local
	42	PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
	43	PKG_REQUEST_LOCAL=../pkg-request.local
	44	# end of sourced files
	45	#
ddd8c95b	46	OPENSSHD=opensshd.init
9cefe228	47
	48	PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
	49	PATH_USERADD_PROG=@PATH_USERADD_PROG@
	50	PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
	51	#
	52	# list of system directories we do NOT want to change owner/group/perms
	53	# when installing our package
	54	SYSTEM_DIR="/etc \
	55	/etc/init.d \
	56	/etc/rcS.d \
	57	/etc/rc0.d \
	58	/etc/rc1.d \
	59	/etc/rc2.d \
	60	/etc/opt \
	61	/opt \
	62	/opt/bin \
	63	/usr \
	64	/usr/bin \
	65	/usr/lib \
	66	/usr/sbin \
	67	/usr/share \
	68	/usr/share/man \
	69	/usr/share/man/man1 \
	70	/usr/share/man/man8 \
	71	/usr/local \
	72	/usr/local/bin \
	73	/usr/local/etc \
	74	/usr/local/libexec \
	75	/usr/local/man \
	76	/usr/local/man/man1 \
	77	/usr/local/man/man8 \
	78	/usr/local/sbin \
	79	/usr/local/share \
	80	/var \
	81	/var/opt \
	82	/var/run \
	83	/var/tmp \
	84	/tmp"
	85
	86	# We may need to build as root so we make sure PATH is set up
	87	# only set the path if it's not set already
	88	[ -d /opt/bin ] && {
	89	echo $PATH \| grep ":/opt/bin" > /dev/null 2>&1
	90	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
	91	}
	92	[ -d /usr/local/bin ] && {
	93	echo $PATH \| grep ":/usr/local/bin" > /dev/null 2>&1
	94	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
	95	}
	96	[ -d /usr/ccs/bin ] && {
	97	echo $PATH \| grep ":/usr/ccs/bin" > /dev/null 2>&1
	98	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
	99	}
	100	export PATH
	101	#
	102
	103	[ -f Makefile ] \|\| {
	104	echo "Please run this script from your build directory"
	105	exit 1
	106	}
	107
	108	# we will look for openssh-config.local to override the above options
	109	[ -s ./openssh-config.local ] && . ./openssh-config.local
	110
111	START=`pwd`
112	FAKE_ROOT=$START/pkg
113
114	## Fill in some details, like prefix and sysconfdir
115	for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
116	do
117	eval $confvar=`grep "^$confvar=" Makefile \| cut -d = -f 2`
118	done
119
120
121	## Collect value of privsep user
122	for confvar in SSH_PRIVSEP_USER
123	do
124	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
125	done
126
127	## Set privsep defaults if not defined
128	if [ -z "$SSH_PRIVSEP_USER" ]
129	then
130	SSH_PRIVSEP_USER=sshd
131	fi
132
133	## Extract common info requires for the 'info' part of the package.
134	VERSION=`./ssh -V 2>&1 \| sed -e 's/,.*//'`
135
136	ARCH=`uname -m`
137	DEF_MSG="\n"
138	OS_VER=`uname -v`
139	SCRIPT_SHELL=/sbin/sh
140	UNAME_S=`uname -s`
141	case ${UNAME_S} in
142	SunOS) UNAME_S=Solaris
143	ARCH=`uname -p`
144	RCS_D=yes
145	DEF_MSG="(default: n)"
146	;;
147	SCO_SV) UNAME_S=OpenServer
148	OS_VER=`uname -X \| grep Release \| sed -e 's/^Rel.*3.2v//'`
149	SCRIPT_SHELL=/bin/sh
150	RC1_D=no
151	DEF_MSG="(default: n)"
152	;;
153	esac
154
155	case `basename $0` in
156	buildpkg.sh)
157	## Start by faking root install
158	echo "Faking root install..."
159	[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
160	mkdir $FAKE_ROOT
161	${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
162	if [ $? -gt 0 ]
163	then
164	echo "Fake root install failed, stopping."
165	exit 1
166	fi
167
168	## Setup our run level stuff while we are at it.
169	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
170
ddd8c95b	171	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
9cefe228	172	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
	173
	174	[ "${PERMIT_ROOT_LOGIN}" = no ] && \
	175	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
	176	$FAKE_ROOT/${sysconfdir}/sshd_config
	177	[ "${X11_FORWARDING}" = yes ] && \
	178	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
	179	$FAKE_ROOT/${sysconfdir}/sshd_config
	180	# fix PrintMotd
	181	perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
	182	$FAKE_ROOT/${sysconfdir}/sshd_config
	183
	184	# We don't want to overwrite config files on multiple installs
	185	mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
	186	mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
	187	[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
	188	mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
	189
	190	# local tweeks here
	191	[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
	192
	193	cd $FAKE_ROOT
	194
	195	## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
	196	## whining.
	197	for i in *; do
	198	PROTO_ARGS="$PROTO_ARGS $i=/$i";
	199	done
	200
	201	## Build info file
	202	echo "Building pkginfo file..."
	203	cat > pkginfo << _EOF
	204	PKG=$PKGNAME
	205	NAME="OpenSSH Portable for ${UNAME_S}"
	206	DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
	207	VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
	208	ARCH=$ARCH
	209	VERSION=$VERSION
	210	CATEGORY="Security,application"
	211	BASEDIR=/
	212	CLASSES="none"
	213	PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
	214	_EOF
	215
	216	## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
	217	echo "Building depend file..."
	218	touch depend
	219
	220	## Build space file
	221	echo "Building space file..."
	222	cat > space << _EOF
	223	# extra space required by start/stop links added by installf in postinstall
	224	$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
	225	$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
	226	_EOF
	227	[ "$RC1_D" = no ] \|\| \
	228	echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	229	[ "$RCS_D" = yes ] && \
	230	echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
	231
	232	## Build preinstall file
	233	echo "Building preinstall file..."
	234	cat > preinstall << _EOF
	235	#! ${SCRIPT_SHELL}
236	#
237	_EOF
238
239	# local preinstall changes here
240	[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
241
242	cat >> preinstall << _EOF
243	#
244	[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
245	exit 0
246	_EOF
247
248	## Build postinstall file
249	echo "Building postinstall file..."
250	cat > postinstall << _EOF
251	#! ${SCRIPT_SHELL}
252	#
253	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] \|\| \\
254	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
255	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
256	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] \|\| \\
257	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
258	\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
259	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
260	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] \|\| \\
261	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
262	\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
263	}
264
265	# make rc?.d dirs only if we are doing a test install
266	[ -n "${TEST_DIR}" ] && {
267	[ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
268	mkdir -p ${TEST_DIR}/etc/rc0.d
269	[ "$RC1_D" = no ] \|\| mkdir -p ${TEST_DIR}/etc/rc1.d
270	mkdir -p ${TEST_DIR}/etc/rc2.d
271	}
272
273	if [ "\${USE_SYM_LINKS}" = yes ]
274	then
275	[ "$RCS_D" = yes ] && \
276	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
277	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
278	[ "$RC1_D" = no ] \|\| \
279	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
280	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
281	else
282	[ "$RCS_D" = yes ] && \
283	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
284	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
285	[ "$RC1_D" = no ] \|\| \
286	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
287	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
288	fi
289
290	# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
291	[ -d $piddir ] \|\| installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
292
293	_EOF
294
295	# local postinstall changes here
296	[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
297
298	cat >> postinstall << _EOF
299	installf -f ${PKGNAME}
300
301	# Use chroot to handle PKG_INSTALL_ROOT
302	if [ ! -z "\${PKG_INSTALL_ROOT}" ]
303	then
304	chroot="chroot \${PKG_INSTALL_ROOT}"
305	fi
306	# If this is a test build, we will skip the groupadd/useradd/passwd commands
307	if [ ! -z "${TEST_DIR}" ]
308	then
309	chroot=echo
310	fi
311
312	if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
313	then
314	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
315	echo "or group."
316	else
317	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
318
319	# create group if required
320	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
321	then
322	echo "PrivSep group $SSH_PRIVSEP_USER already exists."
323	else
324	# Use gid of 67 if possible
325	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group \| egrep '^'$SSHDGID'\$' >/dev/null
326	then
327	:
328	else
329	sshdgid="-g $SSHDGID"
330	fi
331	echo "Creating PrivSep group $SSH_PRIVSEP_USER."
332	\$chroot ${PATH_GROUPADD_PROG} \$sshdgid $SSH_PRIVSEP_USER
333	fi
334
335	# Create user if required
336	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
337	then
338	echo "PrivSep user $SSH_PRIVSEP_USER already exists."
339	else
340	# Use uid of 67 if possible
341	if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd \| egrep '^'$SSHDGID'\$' >/dev/null
342	then
343	:
344	else
345	sshduid="-u $SSHDUID"
346	fi
347	echo "Creating PrivSep user $SSH_PRIVSEP_USER."
348	\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
349	\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
350	fi
351	fi
352
353	[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
354	exit 0
355	_EOF
356
357	## Build preremove file
358	echo "Building preremove file..."
359	cat > preremove << _EOF
360	#! ${SCRIPT_SHELL}
361	#
362	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
363	_EOF
364
365	# local preremove changes here
366	[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
367
368	cat >> preremove << _EOF
369	exit 0
370	_EOF
371
372	## Build postremove file
373	echo "Building postremove file..."
374	cat > postremove << _EOF
375	#! ${SCRIPT_SHELL}
376	#
377	_EOF
378
379	# local postremove changes here
380	[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
381
382	cat >> postremove << _EOF
383	exit 0
384	_EOF
385
386	## Build request file
387	echo "Building request file..."
388	cat > request << _EOF
389	trap 'exit 3' 15
390
391	_EOF
392
393	[ -x /usr/bin/ckyorn ] \|\| cat >> request << _EOF
394
395	ckyorn() {
396	# for some strange reason OpenServer has no ckyorn
397	# We build a striped down version here
398
399	DEFAULT=n
400	PROMPT="Yes or No [yes,no,?,quit]"
401	HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
402	USAGE="usage: ckyorn [options]
403	where options may include:
404	-d default
405	-h help
406	-p prompt
407	"
408
409	if [ \$# != 0 ]
410	then
411	while getopts d:p:h: c
412	do
413	case \$c in
414	h) HELP_PROMPT="\$OPTARG" ;;
415	d) DEFAULT=\$OPTARG ;;
416	p) PROMPT=\$OPTARG ;;
417	\\?) echo "\$USAGE" 1>&2
418	exit 1 ;;
419	esac
420	done
421	shift \`expr \$OPTIND - 1\`
422	fi
423
424	while true
425	do
426	echo "\${PROMPT}\\c " 1>&2
427	read key
428	[ -z "\$key" ] && key=\$DEFAULT
429	case \$key in
430	[n,N]\|[n,N][o,O]\|[y,Y]\|[y,Y][e,E][s,S]) echo "\${key}\\c"
431	exit 0 ;;
432	\\?) echo \$HELP_PROMPT 1>&2 ;;
433	q\|quit) echo "q\\c" 1>&2
434	exit 3 ;;
435	esac
436	done
437
438	}
439
440	_EOF
441
442	cat >> request << _EOF
443	USE_SYM_LINKS=no
444	PRE_INS_STOP=no
445	POST_INS_START=no
446	# Use symbolic links?
447	ans=\`ckyorn -d n \
448	-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` \|\| exit \$?
449	case \$ans in
450	[y,Y]*) USE_SYM_LINKS=yes ;;
451	esac
452
453	# determine if should restart the daemon
454	if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
455	then
456	ans=\`ckyorn -d n \
457	-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` \|\| exit \$?
458	case \$ans in
459	[y,Y]*) PRE_INS_STOP=yes
460	POST_INS_START=yes
461	;;
462	esac
463
464	else
465
466	# determine if we should start sshd
467	ans=\`ckyorn -d n \
468	-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` \|\| exit \$?
469	case \$ans in
470	[y,Y]*) POST_INS_START=yes ;;
471	esac
472	fi
473
474	# make parameters available to installation service,
475	# and so to any other packaging scripts
476	cat >\$1 <<!
477	USE_SYM_LINKS='\$USE_SYM_LINKS'
478	PRE_INS_STOP='\$PRE_INS_STOP'
479	POST_INS_START='\$POST_INS_START'
480	!
481
482	_EOF
483
484	# local request changes here
485	[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
486
487	cat >> request << _EOF
488	exit 0
489
490	_EOF
491
492	## Next Build our prototype
493	echo "Building prototype file..."
494	cat >mk-proto.awk << _EOF
495	BEGIN { print "i pkginfo"; print "i depend"; \\
496	print "i preinstall"; print "i postinstall"; \\
497	print "i preremove"; print "i postremove"; \\
498	print "i request"; print "i space"; \\
499	split("$SYSTEM_DIR",sys_files); }
500	{
501	for (dir in sys_files) { if ( \$3 != sys_files[dir] )
502	{ if ( \$1 == "s" )
503	{ \$5=""; \$6=""; }
504	else
505	{ \$5="root"; \$6="sys"; }
506	}
507	else
508	{ \$4="?"; \$5="?"; \$6="?"; break;}
509	} }
510	{ print; }
511	_EOF
512
513	find . \| egrep -v "prototype\|pkginfo\|mk-proto.awk" \| sort \| \
514	pkgproto $PROTO_ARGS \| nawk -f mk-proto.awk > prototype
515
516	# /usr/local is a symlink on some systems
517	[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
518	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
519	mv prototype.new prototype
520	}
521
522	## Step back a directory and now build the package.
523	cd ..
524	# local prototype tweeks here
525	[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
526
527	echo "Building package.."
528	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
529	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg
530	;;
531
532	justpkg.sh)
533	rm -fr ${FAKE_ROOT}/${PKGNAME}
534	grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
535	mv $$tmp $FAKE_ROOT/pkginfo
536	cat >> $FAKE_ROOT/pkginfo << _EOF
537	PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
538	_EOF
539	pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
540	echo \| pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg
541	;;
542
543	esac
544
545	[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT
25616c13	546	exit 0
9cefe228	547