1 # PostInstall script for OPENssh
2 INSTALLF="/usr/sbin/installf"
7 $INSTALLF $PKGINST ${_DIRECTORY}/${_FILEBASE}
8 _SUFFIX=`/usr/bin/date +%Y-%m-%d-%H%M`
9 if [ -f ${_DIRECTORY}/${_FILEBASE} ]; then
10 echo " Backing up file ${_FILEBASE}..."
11 if [ -f ${_DIRECTORY}/${_FILEBASE}.orig ]; then
12 $INSTALLF $PKGINST ${_DIRECTORY}/${_FILEBASE}.orig.${_SUFFIX}
13 cp -p ${_DIRECTORY}/${_FILEBASE} ${_DIRECTORY}/${_FILEBASE}.orig.${_SUFFIX}
14 echo " Saved as ${_DIRECTORY}/${_FILEBASE}.orig.${_SUFFIX}."
16 $INSTALLF $PKGINST ${_DIRECTORY}/${_FILEBASE}.orig
17 cp -p ${_DIRECTORY}/${_FILEBASE} ${_DIRECTORY}/${_FILEBASE}.orig
18 echo " Saved as ${_DIRECTORY}/${_FILEBASE}.orig."
21 cp -p ${_DIRECTORY}/${_FILEBASE}.default ${_DIRECTORY}/${_FILEBASE}
22 echo "Installed new ${_DIRECTORY}/${_FILEBASE} configuration file."
25 ### Main body of script
28 echo "Beginning postinstall script--this script should leave you with a"
29 echo "functional and operational configuration of OpenSSH."
32 if [ ! "${UPDATE}" = "1" ]; then
33 echo "Performing a \"fresh\" installation of OpenSSH."
34 ### Install init script and create symlinks
35 $INSTALLF $PKGINST ${PKG_INSTALL_ROOT}/etc/init.d/sshd f 0500 root sys || exit 2
36 cp -p ${CONFDIR}/sshd-initscript ${PKG_INSTALL_ROOT}/etc/init.d/sshd
37 $INSTALLF $PKGINST ${PKG_INSTALL_ROOT}/etc/rc2.d/S72local_sshd=/etc/init.d/sshd s || exit 2
38 $INSTALLF $PKGINST ${PKG_INSTALL_ROOT}/etc/rc1.d/K30local_sshd=/etc/init.d/sshd s || exit 2
39 $INSTALLF $PKGINST ${PKG_INSTALL_ROOT}/etc/rc0.d/K30local_sshd=/etc/init.d/sshd s || exit 2
41 ### The initial package installation leaves default versions of
42 ### ssh_prng_cmds, ssh_config, and sshd_config in ${CONFDIR}. Now
43 ### we need to decide whether to install them. Since this is *not*
44 ### an update install, we don't ask, but simply back up the old ones
45 ### and put the new ones in their place.
46 instbackup ${CONFDIR} ssh_prng_cmds
47 instbackup ${CONFDIR} ssh_config
48 instbackup ${CONFDIR} sshd_config
49 instbackup ${CONFDIR} primes
51 ### If no existing sshd_config and host key, then create
52 if [ ! -f "${CONFDIR}/ssh_host_key" ]; then
53 echo "Creating new RSA public/private host key pair for SSH-1."
54 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_key
55 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_key.pub
56 ### If there is *anything* there then leave it, otherwise look
57 ### in some reasonable alternate locations before giving up.
58 ### It's worth spending some extra time looking for the old one
59 ### to avoid a bunch of "host identification has changed" warnings.
60 ### Note that some old keys from the commercial SSH might not
61 ### be compatible, but we don't test for that.
62 if [ -f "${PKG_INSTALL_ROOT}/etc/ssh_host_key" ]; then
63 mv ${PKG_INSTALL_ROOT}/etc/ssh_host_key ${CONFDIR}
64 elif [ -f "${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_key" ]; then
65 mv ${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_key ${CONFDIR}
67 ${DESTBIN}/ssh-keygen -b 1024 -f ${CONFDIR}/ssh_host_key -N ''
70 echo "Using existing RSA public/private host key pair for SSH-1."
72 if [ ! -f "${CONFDIR}/ssh_host_dsa_key" ]; then
73 echo "Creating new DSA public/private host key pair for SSH-2."
74 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_dsa_key
75 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_dsa_key.pub
76 ### If there is *anything* there then leave it, otherwise look
77 ### in some reasonable alternate locations before giving up.
78 ### It's worth spending some extra time looking for the old one
79 ### to avoid a bunch of "host identification has changed" warnings.
80 ### Note that some old keys from the commercial SSH2 might not
81 ### be compatible, but we don't test for that.
82 if [ -f "${PKG_INSTALL_ROOT}/etc/ssh_host_dsa_key" ]; then
83 mv ${PKG_INSTALL_ROOT}/etc/ssh_host_dsa_key ${CONFDIR}
84 elif [ -f "${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_dsa_key" ]; then
85 mv ${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_dsa_key ${CONFDIR}
87 ${DESTBIN}/ssh-keygen -d -f ${CONFDIR}/ssh_host_dsa_key -N ''
90 echo "Using existing DSA public/private host key pair for SSH-2."
93 echo "Performing an \"update\" installation of OpenSSH."
94 ### Okay, this part *is* an update install...so we need to ensure
95 ### we don't overwrite any of the existing files.
97 ### Install init script and create symlinks
98 if [ ! -f ${PKG_INSTALL_ROOT}/etc/init.d/sshd ]; then
99 echo "Installing init script in ${PKG_INSTALL_ROOT}/etc/init.d/sshd"
100 $INSTALLF $PKGINST ${PKG_INSTALL_ROOT}/etc/init.d/sshd || exit 2
101 cp -p ${CONFDIR}/sshd-initscript ${PKG_INSTALL_ROOT}/etc/init.d/sshd
102 chown root:root ${PKG_INSTALL_ROOT}/etc/init.d/sshd
103 chmod 500 ${PKG_INSTALL_ROOT}/etc/init.d/sshd
105 if [ ! -r ${PKG_INSTALL_ROOT}/etc/rc2.d/S72local_sshd ]; then
106 $INSTALLF $PKGINST ${PKG_INSTALL_ROOT}/etc/rc2.d/S72local_sshd=/etc/init.d/sshd s || exit 2
108 if [ ! -r ${PKG_INSTALL_ROOT}/etc/rc2.d/K30local_sshd ]; then
109 $INSTALLF $PKGINST /etc/rc0.d/K30local_sshd=/etc/init.d/sshd s || exit 2
112 ### The initial package installation leaves default versions of
113 ### ssh_prng_cmds, ssh_config, and sshd_config in ${CONFDIR}. Now
114 ### we need to decide whether to install them. Since this is
115 ### an update install, we only install the new files if the old
116 ### files somehow don't exist.
118 if [ ! -r "${CONFDIR}/ssh_prng_cmds" ]; then
119 instbackup ${CONFDIR} ssh_prng_cmds
122 if [ ! -r "${CONFDIR}/ssh_config" ]; then
123 instbackup ${CONFDIR} ssh_config
126 if [ ! -r "${CONFDIR}/ssh_config" ]; then
127 instbackup ${CONFDIR} sshd_config
130 if [ ! -r "${CONFDIR}/primes" ]; then
131 instbackup ${CONFDIR} primes
134 if [ $NEWCONF -eq 0 ]; then
135 echo "Your existing SSH configuration files have not been altered."
137 echo "Your other existing SSH configuration files have not been altered."
140 ### If no existing sshd_config and host key, then create
141 if [ ! -f "${CONFDIR}/ssh_host_key" ]; then
142 echo "Creating new RSA public/private host key pair for SSH-1."
143 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_key
144 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_key.pub
145 ### If there is *anything* there then leave it, otherwise look
146 ### in some reasonable alternate locations before giving up.
147 ### It's worth spending some extra time looking for the old one
148 ### to avoid a bunch of "host identification has changed" warnings.
149 ### Note that some old keys from the commercial SSH might not
150 ### be compatible, but we don't test for that.
151 if [ -f "${PKG_INSTALL_ROOT}/etc/ssh_host_key" ]; then
152 mv ${PKG_INSTALL_ROOT}/etc/ssh_host_key ${CONFDIR}
153 elif [ -f "${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_key" ]; then
154 mv ${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_key ${CONFDIR}
156 ${DESTBIN}/ssh-keygen -b 1024 -f ${CONFDIR}/ssh_host_key -N ''
159 echo "Using existing RSA public/private host key pair for SSH-1."
161 if [ ! -f "${CONFDIR}/ssh_host_dsa_key" ]; then
162 echo "Creating new DSA public/private host key pair for SSH-2."
163 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_dsa_key
164 $INSTALLF $PKGINST ${CONFDIR}/ssh_host_dsa_key.pub
165 ### If there is *anything* there then leave it, otherwise look
166 ### in some reasonable alternate locations before giving up.
167 ### It's worth spending some extra time looking for the old one
168 ### to avoid a bunch of "host identification has changed" warnings.
169 ### Note that some old keys from the commercial SSH2 might not
170 ### be compatible, but we don't test for that.
171 if [ -f "${PKG_INSTALL_ROOT}/etc/ssh_host_dsa_key" ]; then
172 mv ${PKG_INSTALL_ROOT}/etc/ssh_host_dsa_key ${CONFDIR}
173 elif [ -f "${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_dsa_key" ]; then
174 mv ${PKG_INSTALL_ROOT}/usr/local/etc/ssh_host_dsa_key ${CONFDIR}
176 ${DESTBIN}/ssh-keygen -d -f ${CONFDIR}/ssh_host_dsa_key -N ''
179 echo "Using existing DSA public/private host key pair for SSH-2."
183 if [ ! -d %%PIDDIR%% ]; then
184 $INSTALLF $PKGINST %%PIDDIR%%
186 chown root:sys %%PIDDIR%%
190 $INSTALLF -f $PKGINST || exit 2
192 if [ "X${PKG_INSTALL_ROOT}" = "X" ]; then
193 ### We're doing a local install, rather than an install for
194 ### old-style diskless clients.
195 echo "Stopping any current sshd process, and then starting the new sshd."
196 /etc/init.d/sshd stop
197 /etc/init.d/sshd start
199 echo "Not restarting sshd, since this appears to be a remote install"
200 echo "for support of diskless clients."