crypto/openssh/buildpkg.sh.in

137015Sdes#!/bin/sh
137015Sdes#
137015Sdes# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
137015Sdes#
137015Sdes# The following code has been provide under Public Domain License.  I really
137015Sdes# don't care what you use it for.  Just as long as you don't complain to me
137015Sdes# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
137015Sdes#
137015Sdesumask 022
137015Sdes#
137015Sdes# Options for building the package
137015Sdes# You can create a openssh-config.local with your customized options
137015Sdes#
137015SdesREMOVE_FAKE_ROOT_WHEN_DONE=yes
137015Sdes#
137015Sdes# uncommenting TEST_DIR and using
137015Sdes# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
137015Sdes# and
137015Sdes# PKGNAME=tOpenSSH should allow testing a package without interfering
137015Sdes# with a real OpenSSH package on a system. This is not needed on systems
137015Sdes# that support the -R option to pkgadd.
137015Sdes#TEST_DIR=/var/tmp	# leave commented out for production build
137015SdesPKGNAME=OpenSSH
137015Sdes# revisions within the same version (REV=a)
137015Sdes#REV=
137015SdesSYSVINIT_NAME=opensshd
137015SdesMAKE=${MAKE:="make"}
137015SdesSSHDUID=67	# Default privsep uid
137015SdesSSHDGID=67	# Default privsep gid
137015Sdes# uncomment these next three as needed
137015Sdes#PERMIT_ROOT_LOGIN=no
137015Sdes#X11_FORWARDING=yes
137015Sdes#USR_LOCAL_IS_SYMLINK=yes
137015Sdes# System V init run levels
137015SdesSYSVINITSTART=S98
137015SdesSYSVINITSTOPT=K30
137015Sdes# We will source these if they exist
162852SdesPOST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
137015SdesPOST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
137015Sdes# We'll be one level deeper looking for these
137015SdesPKG_PREINSTALL_LOCAL=../pkg-preinstall.local
137015SdesPKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
137015SdesPKG_PREREMOVE_LOCAL=../pkg-preremove.local
137015SdesPKG_POSTREMOVE_LOCAL=../pkg-postremove.local
137015SdesPKG_REQUEST_LOCAL=../pkg-request.local
137015Sdes# end of sourced files
137015Sdes#
137015SdesOPENSSHD=opensshd.init
162852SdesOPENSSH_MANIFEST=openssh.xml
162852SdesOPENSSH_FMRI=svc:/site/openssh:default
137015Sdes
137015SdesPATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
137015SdesPATH_USERADD_PROG=@PATH_USERADD_PROG@
137015SdesPATH_PASSWD_PROG=@PATH_PASSWD_PROG@
137015Sdes#
137015Sdes# list of system directories we do NOT want to change owner/group/perms
137015Sdes# when installing our package
137015SdesSYSTEM_DIR="/etc	\
137015Sdes/etc/init.d		\
137015Sdes/etc/rcS.d		\
137015Sdes/etc/rc0.d		\
137015Sdes/etc/rc1.d		\
137015Sdes/etc/rc2.d		\
137015Sdes/etc/opt		\
162852Sdes/lib			\
162852Sdes/lib/svc		\
162852Sdes/lib/svc/method		\
162852Sdes/lib/svc/method/site	\
137015Sdes/opt			\
137015Sdes/opt/bin		\
137015Sdes/usr			\
137015Sdes/usr/bin		\
137015Sdes/usr/lib		\
137015Sdes/usr/sbin		\
137015Sdes/usr/share		\
137015Sdes/usr/share/man		\
137015Sdes/usr/share/man/man1	\
137015Sdes/usr/share/man/man8	\
137015Sdes/usr/local		\
137015Sdes/usr/local/bin		\
137015Sdes/usr/local/etc		\
137015Sdes/usr/local/libexec	\
137015Sdes/usr/local/man		\
137015Sdes/usr/local/man/man1	\
137015Sdes/usr/local/man/man8	\
137015Sdes/usr/local/sbin		\
137015Sdes/usr/local/share	\
137015Sdes/var			\
137015Sdes/var/opt		\
137015Sdes/var/run		\
162852Sdes/var/svc		\
162852Sdes/var/svc/manifest	\
162852Sdes/var/svc/manifest/site  \
137015Sdes/var/tmp		\
137015Sdes/tmp"
137015Sdes
137015Sdes# We may need to build as root so we make sure PATH is set up
137015Sdes# only set the path if it's not set already
137015Sdes[ -d /opt/bin ]  &&  {
137015Sdes	echo $PATH | grep ":/opt/bin"  > /dev/null 2>&1
137015Sdes	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
137015Sdes}
137015Sdes[ -d /usr/local/bin ]  &&  {
137015Sdes	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
137015Sdes	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
137015Sdes}
137015Sdes[ -d /usr/ccs/bin ]  &&  {
137015Sdes	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
137015Sdes	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
137015Sdes}
137015Sdesexport PATH
137015Sdes#
137015Sdes
137015Sdes[ -f Makefile ]  ||  {
137015Sdes	echo "Please run this script from your build directory"
137015Sdes	exit 1
137015Sdes}
137015Sdes
137015Sdes# we will look for openssh-config.local to override the above options
137015Sdes[ -s ./openssh-config.local ]  &&  . ./openssh-config.local
137015Sdes
137015SdesSTART=`pwd`
137015SdesFAKE_ROOT=$START/pkg
137015Sdes
137015Sdes## Fill in some details, like prefix and sysconfdir
137015Sdesfor confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
137015Sdesdo
137015Sdes	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
137015Sdesdone
137015Sdes
162852Sdes## Are we using Solaris' SMF?
162852SdesDO_SMF=0
162852Sdesif egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
162852Sdesthen
162852Sdes	DO_SMF=1
162852Sdesfi
137015Sdes
137015Sdes## Collect value of privsep user
137015Sdesfor confvar in SSH_PRIVSEP_USER
137015Sdesdo
137015Sdes	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
137015Sdesdone
137015Sdes
137015Sdes## Set privsep defaults if not defined
137015Sdesif [ -z "$SSH_PRIVSEP_USER" ]
137015Sdesthen
137015Sdes	SSH_PRIVSEP_USER=sshd
137015Sdesfi
137015Sdes
137015Sdes## Extract common info requires for the 'info' part of the package.
137015SdesVERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
137015Sdes
137015SdesARCH=`uname -m`
137015SdesDEF_MSG="\n"
137015SdesOS_VER=`uname -v`
137015SdesSCRIPT_SHELL=/sbin/sh
137015SdesUNAME_S=`uname -s`
137015Sdescase ${UNAME_S} in
137015Sdes	SunOS)	UNAME_S=Solaris
137015Sdes		ARCH=`uname -p`
137015Sdes		RCS_D=yes
137015Sdes		DEF_MSG="(default: n)"
137015Sdes		;;
137015Sdes	SCO_SV)	UNAME_S=OpenServer
137015Sdes		OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
137015Sdes		SCRIPT_SHELL=/bin/sh
137015Sdes		RC1_D=no
137015Sdes		DEF_MSG="(default: n)"
137015Sdes		;;
137015Sdesesac
137015Sdes
137015Sdescase `basename $0` in
137015Sdes	buildpkg.sh)
137015Sdes## Start by faking root install
137015Sdesecho "Faking root install..."
137015Sdes[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
137015Sdesmkdir $FAKE_ROOT
137015Sdes${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
137015Sdesif [ $? -gt 0 ]
137015Sdesthen
137015Sdes	echo "Fake root install failed, stopping."
137015Sdes	exit 1
137015Sdesfi
137015Sdes
137015Sdes## Setup our run level stuff while we are at it.
162852Sdesif [ $DO_SMF -eq 1 ]
162852Sdesthen
162852Sdes	# For Solaris' SMF, /lib/svc/method/site is the preferred place
162852Sdes	# for start/stop scripts that aren't supplied with the OS, and
162852Sdes	# similarly /var/svc/manifest/site for manifests.
162852Sdes	mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
162852Sdes	mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
137015Sdes
162852Sdes	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
162852Sdes	chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
137015Sdes
162852Sdes	cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
162852Sdes	chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST}
162852Sdeselse
162852Sdes	mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
162852Sdes
162852Sdes	cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
162852Sdes	chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
162852Sdesfi
162852Sdes
137015Sdes[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
137015Sdes	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
137015Sdes		$FAKE_ROOT/${sysconfdir}/sshd_config
137015Sdes[ "${X11_FORWARDING}" = yes ]  &&  \
137015Sdes	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
137015Sdes		$FAKE_ROOT/${sysconfdir}/sshd_config
137015Sdes# fix PrintMotd
137015Sdesperl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
137015Sdes	$FAKE_ROOT/${sysconfdir}/sshd_config
137015Sdes
137015Sdes# We don't want to overwrite config files on multiple installs
137015Sdesmv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
137015Sdesmv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
137015Sdes[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
137015Sdesmv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
137015Sdes
137015Sdes# local tweeks here
137015Sdes[ -s "${POST_MAKE_INSTALL_FIXES}" ]  &&  . ${POST_MAKE_INSTALL_FIXES}
137015Sdes
137015Sdescd $FAKE_ROOT
137015Sdes
137015Sdes## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
137015Sdes## whining.
137015Sdesfor i in *; do
137015Sdes  PROTO_ARGS="$PROTO_ARGS $i=/$i";
137015Sdesdone
137015Sdes
137015Sdes## Build info file
137015Sdesecho "Building pkginfo file..."
137015Sdescat > pkginfo << _EOF
137015SdesPKG=$PKGNAME
137015SdesNAME="OpenSSH Portable for ${UNAME_S}"
137015SdesDESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
137015SdesVENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
137015SdesARCH=$ARCH
137015SdesVERSION=$VERSION$REV
137015SdesCATEGORY="Security,application"
137015SdesBASEDIR=/
137015SdesCLASSES="none"
137015SdesPSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
137015Sdes_EOF
137015Sdes
137015Sdes## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
137015Sdesecho "Building depend file..."
137015Sdestouch depend
137015Sdes
137015Sdes## Build space file
137015Sdesecho "Building space file..."
162852Sdesif [ $DO_SMF -eq 1 ]
162852Sdesthen
162852Sdes	# XXX Is this necessary?  If not, remove space line from mk-proto.awk.
162852Sdes	touch space
162852Sdeselse
162852Sdes	cat > space << _EOF
162852Sdes# extra space required by start/stop links added by installf
162852Sdes# in postinstall
137015Sdes$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
137015Sdes$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
137015Sdes_EOF
162852Sdes	[ "$RC1_D" = no ]  ||  \
162852Sdes	echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
162852Sdes	[ "$RCS_D" = yes ]  &&  \
162852Sdes	echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
162852Sdesfi
137015Sdes
137015Sdes## Build preinstall file
137015Sdesecho "Building preinstall file..."
137015Sdescat > preinstall << _EOF
137015Sdes#! ${SCRIPT_SHELL}
137015Sdes#
137015Sdes_EOF
137015Sdes
137015Sdes# local preinstall changes here
137015Sdes[ -s "${PKG_PREINSTALL_LOCAL}" ]  &&  . ${PKG_PREINSTALL_LOCAL}
137015Sdes
137015Sdescat >> preinstall << _EOF
137015Sdes#
162852Sdesif [ "\${PRE_INS_STOP}" = "yes" ]
162852Sdesthen
162852Sdes	if [ $DO_SMF -eq 1 ]
162852Sdes	then
162852Sdes		svcadm disable $OPENSSH_FMRI
162852Sdes	else
162852Sdes		${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
162852Sdes	fi
162852Sdesfi
162852Sdes
137015Sdesexit 0
137015Sdes_EOF
137015Sdes
137015Sdes## Build postinstall file
137015Sdesecho "Building postinstall file..."
137015Sdescat > postinstall << _EOF
137015Sdes#! ${SCRIPT_SHELL}
137015Sdes#
137015Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
137015Sdes	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
137015Sdes		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
137015Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
137015Sdes	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
137015Sdes		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
137015Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
137015Sdes	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
137015Sdes	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
137015Sdes		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
137015Sdes}
137015Sdes
137015Sdes# make rc?.d dirs only if we are doing a test install
162852Sdes[ -n "${TEST_DIR}" ]  &&  [ $DO_SMF -ne 1 ] && {
137015Sdes	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
137015Sdes	mkdir -p ${TEST_DIR}/etc/rc0.d
137015Sdes	[ "$RC1_D" = no ]  ||  mkdir -p ${TEST_DIR}/etc/rc1.d
137015Sdes	mkdir -p ${TEST_DIR}/etc/rc2.d
137015Sdes}
137015Sdes
162852Sdesif [ $DO_SMF -eq 1 ]
137015Sdesthen
162852Sdes	# Delete the existing service, if it exists, then import the
162852Sdes	# new one.
162852Sdes	if svcs $OPENSSH_FMRI > /dev/null 2>&1
162852Sdes	then
162852Sdes		svccfg delete -f $OPENSSH_FMRI
162852Sdes	fi
162852Sdes	# NOTE, if manifest enables sshd by default, this will actually
162852Sdes	# start the daemon, which may not be what the user wants.
162852Sdes	svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST
137015Sdeselse
162852Sdes	if [ "\${USE_SYM_LINKS}" = yes ]
162852Sdes	then
162852Sdes		[ "$RCS_D" = yes ]  &&  \
162852Sdes	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
162852Sdes		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
162852Sdes		[ "$RC1_D" = no ]  ||  \
162852Sdes		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
162852Sdes		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
162852Sdes	else
162852Sdes		[ "$RCS_D" = yes ]  &&  \
162852Sdes	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
162852Sdes		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
162852Sdes		[ "$RC1_D" = no ]  ||  \
162852Sdes		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
162852Sdes		installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
162852Sdes	fi
137015Sdesfi
137015Sdes
137015Sdes# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
137015Sdes[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
137015Sdes
137015Sdes_EOF
137015Sdes
137015Sdes# local postinstall changes here
137015Sdes[ -s "${PKG_POSTINSTALL_LOCAL}" ]  &&  . ${PKG_POSTINSTALL_LOCAL}
137015Sdes
137015Sdescat >> postinstall << _EOF
137015Sdesinstallf -f ${PKGNAME}
137015Sdes
137015Sdes# Use chroot to handle PKG_INSTALL_ROOT
137015Sdesif [ ! -z "\${PKG_INSTALL_ROOT}" ]
137015Sdesthen
137015Sdes	chroot="chroot \${PKG_INSTALL_ROOT}"
137015Sdesfi
137015Sdes# If this is a test build, we will skip the groupadd/useradd/passwd commands
137015Sdesif [ ! -z "${TEST_DIR}" ]
137015Sdesthen
137015Sdes	chroot=echo
137015Sdesfi
137015Sdes
162852Sdes	echo "PrivilegeSeparation user always required."
137015Sdes	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
137015Sdes	then
137015Sdes		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
137015Sdes		SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
137015Sdes		SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
137015Sdes	else
137015Sdes		DO_PASSWD=yes
137015Sdes	fi
137015Sdes	[ -z "\$SSH_PRIVSEP_GROUP" ]  &&  SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
137015Sdes
137015Sdes	# group required?
137015Sdes	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
137015Sdes	then
137015Sdes		echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
137015Sdes	else
137015Sdes		DO_GROUP=yes
137015Sdes	fi
137015Sdes
137015Sdes	# create group if required
137015Sdes	[ "\$DO_GROUP" = yes ]  &&  {
137015Sdes		# Use gid of 67 if possible
137015Sdes		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
137015Sdes		then
137015Sdes			:
137015Sdes		else
137015Sdes			sshdgid="-g $SSHDGID"
137015Sdes		fi
137015Sdes		echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
137015Sdes		\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
137015Sdes	}
137015Sdes
137015Sdes	# Create user if required
137015Sdes	[ "\$DO_PASSWD" = yes ]  &&  {
137015Sdes		# Use uid of 67 if possible
157016Sdes		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
137015Sdes		then
137015Sdes			:
137015Sdes		else
137015Sdes			sshduid="-u $SSHDUID"
137015Sdes		fi
137015Sdes		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
137015Sdes		\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
137015Sdes		\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
137015Sdes	}
162852Sdes
162852Sdesif [ "\${POST_INS_START}" = "yes" ]
162852Sdesthen
162852Sdes	if [ $DO_SMF -eq 1 ]
162852Sdes	then
162852Sdes		# See svccfg import note above.  The service may already
162852Sdes		# be started.
162852Sdes		svcadm enable $OPENSSH_FMRI
162852Sdes	else
162852Sdes		${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
162852Sdes	fi
137015Sdesfi
137015Sdesexit 0
137015Sdes_EOF
137015Sdes
137015Sdes## Build preremove file
137015Sdesecho "Building preremove file..."
137015Sdescat > preremove << _EOF
137015Sdes#! ${SCRIPT_SHELL}
137015Sdes#
162852Sdesif [ $DO_SMF -eq 1 ]
162852Sdesthen
162852Sdes	svcadm disable $OPENSSH_FMRI
162852Sdeselse
162852Sdes	${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
162852Sdesfi
137015Sdes_EOF
137015Sdes
137015Sdes# local preremove changes here
137015Sdes[ -s "${PKG_PREREMOVE_LOCAL}" ]  &&  . ${PKG_PREREMOVE_LOCAL}
137015Sdes
137015Sdescat >> preremove << _EOF
137015Sdesexit 0
137015Sdes_EOF
137015Sdes
137015Sdes## Build postremove file
137015Sdesecho "Building postremove file..."
137015Sdescat > postremove << _EOF
137015Sdes#! ${SCRIPT_SHELL}
137015Sdes#
162852Sdesif [ $DO_SMF -eq 1 ]
162852Sdesthen
162852Sdes	if svcs $OPENSSH_FMRI > /dev/null 2>&1
162852Sdes	then
162852Sdes		svccfg delete -f $OPENSSH_FMRI
162852Sdes	fi
162852Sdesfi
137015Sdes_EOF
137015Sdes
137015Sdes# local postremove changes here
137015Sdes[ -s "${PKG_POSTREMOVE_LOCAL}" ]  &&  . ${PKG_POSTREMOVE_LOCAL}
137015Sdes
137015Sdescat >> postremove << _EOF
137015Sdesexit 0
137015Sdes_EOF
137015Sdes
137015Sdes## Build request file
137015Sdesecho "Building request file..."
137015Sdescat > request << _EOF
137015Sdestrap 'exit 3' 15
137015Sdes
137015Sdes_EOF
137015Sdes
137015Sdes[ -x /usr/bin/ckyorn ]  ||  cat >> request << _EOF
137015Sdes
137015Sdesckyorn() {
137015Sdes# for some strange reason OpenServer has no ckyorn
137015Sdes# We build a striped down version here
137015Sdes
137015SdesDEFAULT=n
137015SdesPROMPT="Yes or No [yes,no,?,quit]"
137015SdesHELP_PROMPT="        Enter y or yes if your answer is yes; n or no if your answer is no."
137015SdesUSAGE="usage: ckyorn [options]
137015Sdeswhere options may include:
137015Sdes        -d default
137015Sdes        -h help
137015Sdes        -p prompt
137015Sdes"
137015Sdes
137015Sdesif [ \$# != 0 ]
137015Sdesthen
137015Sdes	while getopts d:p:h: c
137015Sdes	do
137015Sdes		case \$c in
137015Sdes			h)	HELP_PROMPT="\$OPTARG" ;;
137015Sdes			d)	DEFAULT=\$OPTARG ;;
137015Sdes			p)	PROMPT=\$OPTARG ;;
137015Sdes			\\?)	echo "\$USAGE" 1>&2
137015Sdes				exit 1 ;;
137015Sdes		esac
137015Sdes	done
137015Sdes	shift \`expr \$OPTIND - 1\`
137015Sdesfi
137015Sdes
137015Sdeswhile true
137015Sdesdo
137015Sdes	echo "\${PROMPT}\\c " 1>&2
137015Sdes	read key
137015Sdes	[ -z "\$key" ]  &&  key=\$DEFAULT
137015Sdes	case \$key in
137015Sdes		[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S])	echo "\${key}\\c"
137015Sdes			exit 0 ;;
137015Sdes		\\?)	echo \$HELP_PROMPT 1>&2 ;;
137015Sdes		q|quit)	echo "q\\c" 1>&2
137015Sdes			exit 3 ;;
137015Sdes	esac
137015Sdesdone
137015Sdes
137015Sdes}
137015Sdes
137015Sdes_EOF
137015Sdes
162852Sdesif [ $DO_SMF -eq 1 ]
162852Sdesthen
162852Sdes	# This could get hairy, as the running sshd may not be under SMF.
162852Sdes	# We'll assume an earlier version of OpenSSH started via SMF.
162852Sdes	cat >> request << _EOF
162852SdesPRE_INS_STOP=no
162852SdesPOST_INS_START=no
162852Sdes# determine if should restart the daemon
162852Sdesif [ -s ${piddir}/sshd.pid  ] && \
162852Sdes    /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
162852Sdesthen
162852Sdes	ans=\`ckyorn -d n \
162852Sdes-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
162852Sdes	case \$ans in
162852Sdes		[y,Y]*)	PRE_INS_STOP=yes
162852Sdes			POST_INS_START=yes
162852Sdes			;;
162852Sdes	esac
162852Sdes
162852Sdeselse
162852Sdes
162852Sdes# determine if we should start sshd
162852Sdes	ans=\`ckyorn -d n \
162852Sdes-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
162852Sdes	case \$ans in
162852Sdes		[y,Y]*)	POST_INS_START=yes ;;
162852Sdes	esac
162852Sdesfi
162852Sdes
162852Sdes# make parameters available to installation service,
162852Sdes# and so to any other packaging scripts
162852Sdescat >\$1 <<!
162852SdesPRE_INS_STOP='\$PRE_INS_STOP'
162852SdesPOST_INS_START='\$POST_INS_START'
162852Sdes!
162852Sdes
162852Sdes_EOF
162852Sdeselse
162852Sdes	cat >> request << _EOF
137015SdesUSE_SYM_LINKS=no
137015SdesPRE_INS_STOP=no
137015SdesPOST_INS_START=no
137015Sdes# Use symbolic links?
137015Sdesans=\`ckyorn -d n \
137015Sdes-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
137015Sdescase \$ans in
137015Sdes	[y,Y]*)	USE_SYM_LINKS=yes ;;
137015Sdesesac
137015Sdes
137015Sdes# determine if should restart the daemon
137015Sdesif [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
137015Sdesthen
137015Sdes	ans=\`ckyorn -d n \
137015Sdes-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
137015Sdes	case \$ans in
137015Sdes		[y,Y]*)	PRE_INS_STOP=yes
137015Sdes			POST_INS_START=yes
137015Sdes			;;
137015Sdes	esac
137015Sdes
137015Sdeselse
137015Sdes
137015Sdes# determine if we should start sshd
137015Sdes	ans=\`ckyorn -d n \
137015Sdes-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
137015Sdes	case \$ans in
137015Sdes		[y,Y]*)	POST_INS_START=yes ;;
137015Sdes	esac
137015Sdesfi
137015Sdes
137015Sdes# make parameters available to installation service,
137015Sdes# and so to any other packaging scripts
137015Sdescat >\$1 <<!
137015SdesUSE_SYM_LINKS='\$USE_SYM_LINKS'
137015SdesPRE_INS_STOP='\$PRE_INS_STOP'
137015SdesPOST_INS_START='\$POST_INS_START'
137015Sdes!
137015Sdes
137015Sdes_EOF
162852Sdesfi
137015Sdes
137015Sdes# local request changes here
137015Sdes[ -s "${PKG_REQUEST_LOCAL}" ]  &&  . ${PKG_REQUEST_LOCAL}
137015Sdes
137015Sdescat >> request << _EOF
137015Sdesexit 0
137015Sdes
137015Sdes_EOF
137015Sdes
137015Sdes## Next Build our prototype
137015Sdesecho "Building prototype file..."
137015Sdescat >mk-proto.awk << _EOF
137015Sdes	    BEGIN { print "i pkginfo"; print "i depend"; \\
137015Sdes		    print "i preinstall"; print "i postinstall"; \\
137015Sdes 		    print "i preremove"; print "i postremove"; \\
137015Sdes		    print "i request"; print "i space"; \\
137015Sdes		    split("$SYSTEM_DIR",sys_files); }
137015Sdes	    {
137015Sdes	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
137015Sdes		     { if ( \$1 == "s" )
137015Sdes			{ \$5=""; \$6=""; }
137015Sdes		     else
137015Sdes			{ \$5="root"; \$6="sys"; }
137015Sdes		     }
137015Sdes		else
137015Sdes		     { \$4="?"; \$5="?"; \$6="?"; break;}
137015Sdes	    } }
137015Sdes	    { print; }
137015Sdes_EOF
137015Sdes
137015Sdesfind . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
137015Sdes	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
137015Sdes
137015Sdes# /usr/local is a symlink on some systems
137015Sdes[ "${USR_LOCAL_IS_SYMLINK}" = yes ]  &&  {
137015Sdes	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
137015Sdes	mv prototype.new prototype
137015Sdes}
137015Sdes
137015Sdes## Step back a directory and now build the package.
137015Sdescd ..
137015Sdes# local prototype tweeks here
137015Sdes[ -s "${POST_PROTOTYPE_EDITS}" ]  &&  . ${POST_PROTOTYPE_EDITS}
137015Sdes
137015Sdesecho "Building package.."
137015Sdespkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
137015Sdesecho | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
137015Sdes	;;
137015Sdes
137015Sdes	justpkg.sh)
137015Sdesrm -fr ${FAKE_ROOT}/${PKGNAME}
137015Sdesgrep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
137015Sdesmv $$tmp $FAKE_ROOT/pkginfo
137015Sdescat >> $FAKE_ROOT/pkginfo << _EOF
137015SdesPSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
137015Sdes_EOF
137015Sdespkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
137015Sdesecho | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
137015Sdes	;;
137015Sdes
137015Sdesesac
137015Sdes
137015Sdes[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ]  &&  rm -rf $FAKE_ROOT
137015Sdesexit 0
137015Sdes