3 # Fake Root Solaris/SVR4/SVR5 Build System - Prototype
5 # The following code has been provide under Public Domain License. I really
6 # don't care what you use it for. Just as long as you don't complain to me
7 # nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
11 # Options for building the package
12 # You can create a openssh-config.local with your customized options
14 REMOVE_FAKE_ROOT_WHEN_DONE=yes
16 # uncommenting TEST_DIR and using
17 # configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
19 # PKGNAME=tOpenSSH should allow testing a package without interfering
20 # with a real OpenSSH package on a system. This is not needed on systems
21 # that support the -R option to pkgadd.
22 #TEST_DIR=/var/tmp # leave commented out for production build
24 SYSVINIT_NAME=opensshd
26 SSHDUID=67 # Default privsep uid
27 SSHDGID=67 # Default privsep gid
28 # uncomment these next three as needed
31 #USR_LOCAL_IS_SYMLINK=yes
32 # System V init run levels
35 # We will source these if they exist
36 POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh
37 POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
38 # We'll be one level deeper looking for these
39 PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
40 PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
41 PKG_PREREMOVE_LOCAL=../pkg-preremove.local
42 PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
43 PKG_REQUEST_LOCAL=../pkg-request.local
44 # end of sourced files
46 OPENSSHD_IN=@top_srcdir@/contrib/solaris/opensshd.in
48 PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
49 PATH_USERADD_PROG=@PATH_USERADD_PROG@
50 PATH_PASSWD_PROG=@PATH_PASSWD_PROG@
52 # list of system directories we do NOT want to change owner/group/perms
53 # when installing our package
86 # We may need to build as root so we make sure PATH is set up
87 # only set the path if it's not set already
89 echo $PATH | grep ":/opt/bin" > /dev/null 2>&1
90 [ $? -ne 0 ] && PATH=$PATH:/opt/bin
92 [ -d /usr/local/bin ] && {
93 echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
94 [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
96 [ -d /usr/ccs/bin ] && {
97 echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
98 [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
104 echo "Please run this script from your build directory"
108 # we will look for openssh-config.local to override the above options
109 [ -s ./openssh-config.local ] && . ./openssh-config.local
114 ## Fill in some details, like prefix and sysconfdir
115 for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
117 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
121 ## Collect value of privsep user
122 for confvar in SSH_PRIVSEP_USER
124 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
127 ## Set privsep defaults if not defined
128 if [ -z "$SSH_PRIVSEP_USER" ]
130 SSH_PRIVSEP_USER=sshd
133 ## Extract common info requires for the 'info' part of the package.
134 VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
139 SCRIPT_SHELL=/sbin/sh
142 SunOS) UNAME_S=Solaris
145 DEF_MSG="(default: n)"
147 SCO_SV) UNAME_S=OpenServer
148 OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
151 DEF_MSG="(default: n)"
155 case `basename $0` in
157 ## Start by faking root install
158 echo "Faking root install..."
159 [ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
161 ${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
164 echo "Fake root install failed, stopping."
168 ## Setup our run level stuff while we are at it.
169 mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
171 ## setup our initscript correctly
172 sed -e "s#%%configDir%%#${sysconfdir}#g" \
173 -e "s#%%openSSHDir%%#$prefix#g" \
174 -e "s#%%pidDir%%#${piddir}#g" \
175 ${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
176 chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
178 [ "${PERMIT_ROOT_LOGIN}" = no ] && \
179 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
180 $FAKE_ROOT/${sysconfdir}/sshd_config
181 [ "${X11_FORWARDING}" = yes ] && \
182 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
183 $FAKE_ROOT/${sysconfdir}/sshd_config
185 perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
186 $FAKE_ROOT/${sysconfdir}/sshd_config
188 # We don't want to overwrite config files on multiple installs
189 mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
190 mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
191 [ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
192 mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
195 [ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
199 ## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
202 PROTO_ARGS="$PROTO_ARGS $i=/$i";
206 echo "Building pkginfo file..."
207 cat > pkginfo << _EOF
209 NAME="OpenSSH Portable for ${UNAME_S}"
210 DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
211 VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
214 CATEGORY="Security,application"
217 PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
220 ## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
221 echo "Building depend file..."
225 echo "Building space file..."
227 # extra space required by start/stop links added by installf in postinstall
228 $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
229 $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
231 [ "$RC1_D" = no ] || \
232 echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
233 [ "$RCS_D" = yes ] && \
234 echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
236 ## Build preinstall file
237 echo "Building preinstall file..."
238 cat > preinstall << _EOF
243 # local preinstall changes here
244 [ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL}
246 cat >> preinstall << _EOF
248 [ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
252 ## Build postinstall file
253 echo "Building postinstall file..."
254 cat > postinstall << _EOF
257 [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
258 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
259 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
260 [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
261 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
262 \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
263 [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
264 [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
265 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
266 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
269 # make rc?.d dirs only if we are doing a test install
270 [ -n "${TEST_DIR}" ] && {
271 [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
272 mkdir -p ${TEST_DIR}/etc/rc0.d
273 [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d
274 mkdir -p ${TEST_DIR}/etc/rc2.d
277 if [ "\${USE_SYM_LINKS}" = yes ]
279 [ "$RCS_D" = yes ] && \
280 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
281 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
282 [ "$RC1_D" = no ] || \
283 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
284 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
286 [ "$RCS_D" = yes ] && \
287 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
288 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
289 [ "$RC1_D" = no ] || \
290 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
291 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
294 # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
295 [ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
299 # local postinstall changes here
300 [ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL}
302 cat >> postinstall << _EOF
303 installf -f ${PKGNAME}
305 # Use chroot to handle PKG_INSTALL_ROOT
306 if [ ! -z "\${PKG_INSTALL_ROOT}" ]
308 chroot="chroot \${PKG_INSTALL_ROOT}"
310 # If this is a test build, we will skip the groupadd/useradd/passwd commands
311 if [ ! -z "${TEST_DIR}" ]
316 if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
318 echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
321 echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
323 # create group if required
324 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
326 echo "PrivSep group $SSH_PRIVSEP_USER already exists."
328 # Use gid of 67 if possible
329 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
333 sshdgid="-g $SSHDGID"
335 echo "Creating PrivSep group $SSH_PRIVSEP_USER."
336 \$chroot ${PATH_GROUPADD_PROG} \$sshdgid $SSH_PRIVSEP_USER
339 # Create user if required
340 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
342 echo "PrivSep user $SSH_PRIVSEP_USER already exists."
344 # Use uid of 67 if possible
345 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
349 sshduid="-u $SSHDUID"
351 echo "Creating PrivSep user $SSH_PRIVSEP_USER."
352 \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
353 \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
357 [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
361 ## Build preremove file
362 echo "Building preremove file..."
363 cat > preremove << _EOF
366 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
369 # local preremove changes here
370 [ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL}
372 cat >> preremove << _EOF
376 ## Build postremove file
377 echo "Building postremove file..."
378 cat > postremove << _EOF
383 # local postremove changes here
384 [ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL}
386 cat >> postremove << _EOF
390 ## Build request file
391 echo "Building request file..."
392 cat > request << _EOF
397 [ -x /usr/bin/ckyorn ] || cat >> request << _EOF
400 # for some strange reason OpenServer has no ckyorn
401 # We build a striped down version here
404 PROMPT="Yes or No [yes,no,?,quit]"
405 HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no."
406 USAGE="usage: ckyorn [options]
407 where options may include:
415 while getopts d:p:h: c
418 h) HELP_PROMPT="\$OPTARG" ;;
419 d) DEFAULT=\$OPTARG ;;
420 p) PROMPT=\$OPTARG ;;
421 \\?) echo "\$USAGE" 1>&2
425 shift \`expr \$OPTIND - 1\`
430 echo "\${PROMPT}\\c " 1>&2
432 [ -z "\$key" ] && key=\$DEFAULT
434 [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c"
436 \\?) echo \$HELP_PROMPT 1>&2 ;;
437 q|quit) echo "q\\c" 1>&2
446 cat >> request << _EOF
450 # Use symbolic links?
452 -p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
454 [y,Y]*) USE_SYM_LINKS=yes ;;
457 # determine if should restart the daemon
458 if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
461 -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
463 [y,Y]*) PRE_INS_STOP=yes
470 # determine if we should start sshd
472 -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
474 [y,Y]*) POST_INS_START=yes ;;
478 # make parameters available to installation service,
479 # and so to any other packaging scripts
481 USE_SYM_LINKS='\$USE_SYM_LINKS'
482 PRE_INS_STOP='\$PRE_INS_STOP'
483 POST_INS_START='\$POST_INS_START'
488 # local request changes here
489 [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
491 cat >> request << _EOF
496 ## Next Build our prototype
497 echo "Building prototype file..."
498 cat >mk-proto.awk << _EOF
499 BEGIN { print "i pkginfo"; print "i depend"; \\
500 print "i preinstall"; print "i postinstall"; \\
501 print "i preremove"; print "i postremove"; \\
502 print "i request"; print "i space"; \\
503 split("$SYSTEM_DIR",sys_files); }
505 for (dir in sys_files) { if ( \$3 != sys_files[dir] )
509 { \$5="root"; \$6="sys"; }
512 { \$4="?"; \$5="?"; \$6="?"; break;}
517 find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
518 pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
520 # /usr/local is a symlink on some systems
521 [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
522 grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
523 mv prototype.new prototype
526 ## Step back a directory and now build the package.
528 # local prototype tweeks here
529 [ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS}
531 echo "Building package.."
532 pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
533 echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg
537 rm -fr ${FAKE_ROOT}/${PKGNAME}
538 grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
539 mv $$tmp $FAKE_ROOT/pkginfo
540 cat >> $FAKE_ROOT/pkginfo << _EOF
541 PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
543 pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
544 echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION-$UNAME_S-$ARCH.pkg
549 [ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT