buildpkg.sh.in revision 180739
1121985Sjhb#!/bin/sh 2121985Sjhb# 3121985Sjhb# Fake Root Solaris/SVR4/SVR5 Build System - Prototype 4121985Sjhb# 5121985Sjhb# The following code has been provide under Public Domain License. I really 6121985Sjhb# don't care what you use it for. Just as long as you don't complain to me 7121985Sjhb# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) 8121985Sjhb# 9121985Sjhbumask 022 10121985Sjhb# 11121985Sjhb# Options for building the package 12121985Sjhb# You can create a openssh-config.local with your customized options 13121985Sjhb# 14121985SjhbREMOVE_FAKE_ROOT_WHEN_DONE=yes 15121985Sjhb# 16121985Sjhb# uncommenting TEST_DIR and using 17121985Sjhb# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty 18121985Sjhb# and 19121985Sjhb# PKGNAME=tOpenSSH should allow testing a package without interfering 20121985Sjhb# with a real OpenSSH package on a system. This is not needed on systems 21121985Sjhb# that support the -R option to pkgadd. 22121985Sjhb#TEST_DIR=/var/tmp # leave commented out for production build 23121985SjhbPKGNAME=OpenSSH 24121985Sjhb# revisions within the same version (REV=a) 25121985Sjhb#REV= 26121985SjhbSYSVINIT_NAME=opensshd 27121985SjhbAWK=${AWK:="nawk"} 28121985SjhbMAKE=${MAKE:="make"} 29121985SjhbSSHDUID=67 # Default privsep uid 30121985SjhbSSHDGID=67 # Default privsep gid 31121985Sjhb# uncomment these next three as needed 32121985Sjhb#PERMIT_ROOT_LOGIN=no 33121985Sjhb#X11_FORWARDING=yes 34121985Sjhb#USR_LOCAL_IS_SYMLINK=yes 35121985Sjhb# System V init run levels 36121985SjhbSYSVINITSTART=S98 37121985SjhbSYSVINITSTOPT=K30 38121985Sjhb# We will source these if they exist 39121985SjhbPOST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh 40121985SjhbPOST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh 41121985Sjhb# We'll be one level deeper looking for these 42121985SjhbPKG_PREINSTALL_LOCAL=../pkg-preinstall.local 43121985SjhbPKG_POSTINSTALL_LOCAL=../pkg-postinstall.local 44121985SjhbPKG_PREREMOVE_LOCAL=../pkg-preremove.local 45121985SjhbPKG_POSTREMOVE_LOCAL=../pkg-postremove.local 46129876SphkPKG_REQUEST_LOCAL=../pkg-request.local 47121985Sjhb# end of sourced files 48121985Sjhb# 49121985SjhbOPENSSHD=opensshd.init 50121985SjhbOPENSSH_MANIFEST=openssh.xml 51121985SjhbOPENSSH_FMRI=svc:/site/openssh:default 52121985Sjhb 53121985SjhbPATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ 54121985SjhbPATH_USERADD_PROG=@PATH_USERADD_PROG@ 55121985SjhbPATH_PASSWD_PROG=@PATH_PASSWD_PROG@ 56124188Sjhb# 57121985Sjhb# list of system directories we do NOT want to change owner/group/perms 58122051Snyan# when installing our package 59146049SnyanSYSTEM_DIR="/etc \ 60122051Snyan/etc/init.d \ 61121985Sjhb/etc/rcS.d \ 62122051Snyan/etc/rc0.d \ 63121985Sjhb/etc/rc1.d \ 64121985Sjhb/etc/rc2.d \ 65121985Sjhb/etc/opt \ 66121985Sjhb/lib \ 67121985Sjhb/lib/svc \ 68124188Sjhb/lib/svc/method \ 69129131Sjhb/lib/svc/method/site \ 70129131Sjhb/opt \ 71129131Sjhb/opt/bin \ 72129131Sjhb/usr \ 73129131Sjhb/usr/bin \ 74129131Sjhb/usr/lib \ 75129131Sjhb/usr/sbin \ 76129131Sjhb/usr/share \ 77129131Sjhb/usr/share/man \ 78129131Sjhb/usr/share/man/man1 \ 79124188Sjhb/usr/share/man/man8 \ 80124188Sjhb/usr/local \ 81124188Sjhb/usr/local/bin \ 82121985Sjhb/usr/local/etc \ 83124188Sjhb/usr/local/libexec \ 84124188Sjhb/usr/local/man \ 85124188Sjhb/usr/local/man/man1 \ 86124188Sjhb/usr/local/man/man8 \ 87124188Sjhb/usr/local/sbin \ 88124188Sjhb/usr/local/share \ 89124188Sjhb/var \ 90121985Sjhb/var/opt \ 91124188Sjhb/var/run \ 92124188Sjhb/var/svc \ 93121985Sjhb/var/svc/manifest \ 94124188Sjhb/var/svc/manifest/site \ 95124188Sjhb/var/tmp \ 96121985Sjhb/tmp" 97124188Sjhb 98121985Sjhb# We may need to build as root so we make sure PATH is set up 99124188Sjhb# only set the path if it's not set already 100121985Sjhb[ -d /opt/bin ] && { 101121985Sjhb echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 102124188Sjhb [ $? -ne 0 ] && PATH=$PATH:/opt/bin 103121985Sjhb} 104124188Sjhb[ -d /usr/local/bin ] && { 105121985Sjhb echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 106121985Sjhb [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin 107129131Sjhb} 108129131Sjhb[ -d /usr/ccs/bin ] && { 109128875Sjhb echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 110128875Sjhb [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin 111128875Sjhb} 112121985Sjhbexport PATH 113121985Sjhb# 114121985Sjhb 115121985Sjhb[ -f Makefile ] || { 116121985Sjhb echo "Please run this script from your build directory" 117121985Sjhb exit 1 118121985Sjhb} 119121985Sjhb 120121985Sjhb# we will look for openssh-config.local to override the above options 121121985Sjhb[ -s ./openssh-config.local ] && . ./openssh-config.local 122121985Sjhb 123121985SjhbSTART=`pwd` 124121985SjhbFAKE_ROOT=$START/pkg 125121985Sjhb 126128929Sjhb## Fill in some details, like prefix and sysconfdir 127121985Sjhbfor confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir 128121985Sjhbdo 129128931Sjhb eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` 130128931Sjhbdone 131121985Sjhb 132121985Sjhb## Are we using Solaris' SMF? 133128929SjhbDO_SMF=0 134128929Sjhbif egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 135121985Sjhbthen 136121985Sjhb DO_SMF=1 137121985Sjhbfi 138121985Sjhb 139121985Sjhb## Collect value of privsep user 140121985Sjhbfor confvar in SSH_PRIVSEP_USER 141121985Sjhbdo 142121985Sjhb eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` 143121985Sjhbdone 144121985Sjhb 145121985Sjhb## Set privsep defaults if not defined 146121985Sjhbif [ -z "$SSH_PRIVSEP_USER" ] 147128929Sjhbthen 148128929Sjhb SSH_PRIVSEP_USER=sshd 149122897Sjhbfi 150122897Sjhb 151121985Sjhb## Extract common info requires for the 'info' part of the package. 152121985SjhbVERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` 153121985Sjhb 154133017SscottlARCH=`uname -m` 155121985SjhbDEF_MSG="\n" 156121985SjhbOS_VER=`uname -v` 157121985SjhbSCRIPT_SHELL=/sbin/sh 158121985SjhbUNAME_R=`uname -r` 159121985SjhbUNAME_S=`uname -s` 160121985Sjhbcase ${UNAME_S} in 161128931Sjhb SunOS) UNAME_S=Solaris 162128931Sjhb OS_VER=${UNAME_R} 163121985Sjhb ARCH=`uname -p` 164121985Sjhb RCS_D=yes 165121985Sjhb DEF_MSG="(default: n)" 166121985Sjhb ;; 167121985Sjhb SCO_SV) case ${UNAME_R} in 168121985Sjhb 3.2) UNAME_S=OpenServer5 169121985Sjhb OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` 170121985Sjhb ;; 171121985Sjhb 5) UNAME_S=OpenServer6 172121985Sjhb ;; 173121985Sjhb esac 174121985Sjhb SCRIPT_SHELL=/bin/sh 175121985Sjhb RC1_D=no 176121985Sjhb DEF_MSG="(default: n)" 177121985Sjhb ;; 178121985Sjhbesac 179121985Sjhb 180121985Sjhbcase `basename $0` in 181121985Sjhb buildpkg.sh) 182121985Sjhb## Start by faking root install 183121985Sjhbecho "Faking root install..." 184121985Sjhb[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT 185121985Sjhbmkdir $FAKE_ROOT 186121985Sjhb${MAKE} install-nokeys DESTDIR=$FAKE_ROOT 187121985Sjhbif [ $? -gt 0 ] 188121985Sjhbthen 189129095Sjhb echo "Fake root install failed, stopping." 190128875Sjhb exit 1 191133017Sscottlfi 192133017Sscottl 193133017Sscottl## Setup our run level stuff while we are at it. 194133017Sscottlif [ $DO_SMF -eq 1 ] 195133017Sscottlthen 196133017Sscottl # For Solaris' SMF, /lib/svc/method/site is the preferred place 197133017Sscottl # for start/stop scripts that aren't supplied with the OS, and 198133017Sscottl # similarly /var/svc/manifest/site for manifests. 199133017Sscottl mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site 200133017Sscottl mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site 201133017Sscottl 202133017Sscottl cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} 203133017Sscottl chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} 204133017Sscottl 205133017Sscottl cp ${OPENSSH_MANIFEST} $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site 206133017Sscottl chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${OPENSSH_MANIFEST} 207133017Sscottlelse 208133017Sscottl mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d 209133017Sscottl 210133017Sscottl cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 211133017Sscottl chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 212133017Sscottlfi 213133017Sscottl 214133017Sscottl[ "${PERMIT_ROOT_LOGIN}" = no ] && \ 215133017Sscottl perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 216133017Sscottl $FAKE_ROOT/${sysconfdir}/sshd_config 217133017Sscottl[ "${X11_FORWARDING}" = yes ] && \ 218133017Sscottl perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ 219133017Sscottl $FAKE_ROOT/${sysconfdir}/sshd_config 220121985Sjhb# fix PrintMotd 221121985Sjhbperl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ 222121985Sjhb $FAKE_ROOT/${sysconfdir}/sshd_config 223121985Sjhb 224121985Sjhb# We don't want to overwrite config files on multiple installs 225121985Sjhbmv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default 226121985Sjhbmv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default 227128875Sjhb[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \ 228128875Sjhbmv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default 229128875Sjhb 230128875Sjhb# local tweeks here 231121985Sjhb[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} 232121985Sjhb 233121985Sjhbcd $FAKE_ROOT 234121985Sjhb 235133017Sscottl## Ok, this is outright wrong, but it will work. I'm tired of pkgmk 236121985Sjhb## whining. 237121985Sjhbfor i in *; do 238121985Sjhb PROTO_ARGS="$PROTO_ARGS $i=/$i"; 239121985Sjhbdone 240121985Sjhb 241133017Sscottl## Build info file 242133017Sscottlecho "Building pkginfo file..." 243133017Sscottlcat > pkginfo << _EOF 244133017SscottlPKG=$PKGNAME 245133017SscottlNAME="OpenSSH Portable for ${UNAME_S}" 246133017SscottlDESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." 247133017SscottlVENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" 248133017SscottlARCH=$ARCH 249133017SscottlVERSION=$VERSION$REV 250133017SscottlCATEGORY="Security,application" 251133017SscottlBASEDIR=/ 252133017SscottlCLASSES="none" 253133017SscottlPSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" 254133017Sscottl_EOF 255133017Sscottl 256133017Sscottl## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS 257133017Sscottlecho "Building depend file..." 258121985Sjhbtouch depend 259121985Sjhb 260121985Sjhb## Build space file 261121985Sjhbecho "Building space file..." 262121985Sjhbif [ $DO_SMF -eq 1 ] 263121985Sjhbthen 264121985Sjhb # XXX Is this necessary? If not, remove space line from mk-proto.awk. 265121985Sjhb touch space 266133017Sscottlelse 267121985Sjhb cat > space << _EOF 268121985Sjhb# extra space required by start/stop links added by installf 269121985Sjhb# in postinstall 270121985Sjhb$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 271121985Sjhb$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 272121985Sjhb_EOF 273121985Sjhb [ "$RC1_D" = no ] || \ 274121985Sjhb echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 275121985Sjhb [ "$RCS_D" = yes ] && \ 276133017Sscottl echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 277121985Sjhbfi 278121985Sjhb 279121985Sjhb## Build preinstall file 280121985Sjhbecho "Building preinstall file..." 281121985Sjhbcat > preinstall << _EOF 282121985Sjhb#! ${SCRIPT_SHELL} 283121985Sjhb# 284121985Sjhb_EOF 285121985Sjhb 286121985Sjhb# local preinstall changes here 287121985Sjhb[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} 288121985Sjhb 289121985Sjhbcat >> preinstall << _EOF 290121985Sjhb# 291121985Sjhbif [ "\${PRE_INS_STOP}" = "yes" ] 292121985Sjhbthen 293121985Sjhb if [ $DO_SMF -eq 1 ] 294121985Sjhb then 295121985Sjhb svcadm disable $OPENSSH_FMRI 296121985Sjhb else 297121985Sjhb ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 298121985Sjhb fi 299121985Sjhbfi 300121985Sjhb 301128875Sjhbexit 0 302121985Sjhb_EOF 303121985Sjhb 304121985Sjhb## Build postinstall file 305121985Sjhbecho "Building postinstall file..." 306121985Sjhbcat > postinstall << _EOF 307121985Sjhb#! ${SCRIPT_SHELL} 308121985Sjhb# 309121985Sjhb[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ 310128929Sjhb cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ 311121985Sjhb \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config 312129009Snyan[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ 313140451Sjhb cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ 314128929Sjhb \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config 315129009Snyan[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && { 316128929Sjhb [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\ 317121985Sjhb cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\ 318121985Sjhb \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds 319128931Sjhb} 320128931Sjhb 321128931Sjhb# make rc?.d dirs only if we are doing a test install 322128931Sjhb[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { 323128931Sjhb [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d 324128931Sjhb mkdir -p ${TEST_DIR}/etc/rc0.d 325128931Sjhb [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d 326128931Sjhb mkdir -p ${TEST_DIR}/etc/rc2.d 327128931Sjhb} 328128931Sjhb 329128931Sjhbif [ $DO_SMF -eq 1 ] 330128931Sjhbthen 331128931Sjhb # Delete the existing service, if it exists, then import the 332128931Sjhb # new one. 333128931Sjhb if svcs $OPENSSH_FMRI > /dev/null 2>&1 334128931Sjhb then 335128931Sjhb svccfg delete -f $OPENSSH_FMRI 336128931Sjhb fi 337128931Sjhb # NOTE, if manifest enables sshd by default, this will actually 338128931Sjhb # start the daemon, which may not be what the user wants. 339128931Sjhb svccfg import ${TEST_DIR}/var/svc/manifest/site/$OPENSSH_MANIFEST 340128931Sjhbelse 341128931Sjhb if [ "\${USE_SYM_LINKS}" = yes ] 342128931Sjhb then 343128931Sjhb [ "$RCS_D" = yes ] && \ 344128931Sjhb installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 345129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 346129009Snyan [ "$RC1_D" = no ] || \ 347129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 348129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 349129009Snyan else 350129009Snyan [ "$RCS_D" = yes ] && \ 351129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 352129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 353129009Snyan [ "$RC1_D" = no ] || \ 354129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 355129009Snyan installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 356128931Sjhb fi 357128931Sjhbfi 358128931Sjhb 359128931Sjhb# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) 360128931Sjhb[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys 361128931Sjhb 362128931Sjhb_EOF 363128931Sjhb 364128931Sjhb# local postinstall changes here 365128931Sjhb[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} 366128931Sjhb 367128931Sjhbcat >> postinstall << _EOF 368128931Sjhbinstallf -f ${PKGNAME} 369140451Sjhb 370128931Sjhb# Use chroot to handle PKG_INSTALL_ROOT 371128931Sjhbif [ ! -z "\${PKG_INSTALL_ROOT}" ] 372128931Sjhbthen 373128931Sjhb chroot="chroot \${PKG_INSTALL_ROOT}" 374128931Sjhbfi 375128931Sjhb# If this is a test build, we will skip the groupadd/useradd/passwd commands 376128931Sjhbif [ ! -z "${TEST_DIR}" ] 377128931Sjhbthen 378128931Sjhb chroot=echo 379128931Sjhbfi 380128931Sjhb 381128931Sjhb echo "PrivilegeSeparation user always required." 382128931Sjhb if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 383128931Sjhb then 384129009Snyan echo "PrivSep user $SSH_PRIVSEP_USER already exists." 385128931Sjhb SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` 386128931Sjhb SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` 387121985Sjhb else 388121985Sjhb DO_PASSWD=yes 389121985Sjhb fi 390121985Sjhb [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER 391121985Sjhb 392121985Sjhb # group required? 393121985Sjhb if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null 394121985Sjhb then 395122692Sjhb echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." 396121985Sjhb else 397122692Sjhb DO_GROUP=yes 398121985Sjhb fi 399121985Sjhb 400122692Sjhb # create group if required 401121985Sjhb [ "\$DO_GROUP" = yes ] && { 402121985Sjhb # Use gid of 67 if possible 403121985Sjhb if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null 404121985Sjhb then 405121985Sjhb : 406121985Sjhb else 407121985Sjhb sshdgid="-g $SSHDGID" 408121985Sjhb fi 409121985Sjhb echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." 410121985Sjhb \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP 411121985Sjhb } 412129131Sjhb 413121985Sjhb # Create user if required 414129131Sjhb [ "\$DO_PASSWD" = yes ] && { 415121985Sjhb # Use uid of 67 if possible 416121985Sjhb if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null 417121985Sjhb then 418121985Sjhb : 419121985Sjhb else 420121985Sjhb sshduid="-u $SSHDUID" 421121985Sjhb fi 422121985Sjhb echo "Creating PrivSep user $SSH_PRIVSEP_USER." 423121985Sjhb \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER 424121985Sjhb \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER 425121985Sjhb } 426122692Sjhb 427121985Sjhbif [ "\${POST_INS_START}" = "yes" ] 428121985Sjhbthen 429122692Sjhb if [ $DO_SMF -eq 1 ] 430121985Sjhb then 431122692Sjhb # See svccfg import note above. The service may already 432121985Sjhb # be started. 433121985Sjhb svcadm enable $OPENSSH_FMRI 434121985Sjhb else 435121985Sjhb ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start 436121985Sjhb fi 437121985Sjhbfi 438121985Sjhbexit 0 439122897Sjhb_EOF 440122897Sjhb 441121985Sjhb## Build preremove file 442121985Sjhbecho "Building preremove file..." 443121985Sjhbcat > preremove << _EOF 444121985Sjhb#! ${SCRIPT_SHELL} 445121985Sjhb# 446121985Sjhbif [ $DO_SMF -eq 1 ] 447122897Sjhbthen 448122897Sjhb svcadm disable $OPENSSH_FMRI 449128875Sjhbelse 450122897Sjhb ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 451122897Sjhbfi 452122897Sjhb_EOF 453122897Sjhb 454122897Sjhb# local preremove changes here 455122897Sjhb[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} 456122897Sjhb 457122897Sjhbcat >> preremove << _EOF 458128929Sjhbexit 0 459128929Sjhb_EOF 460128929Sjhb 461128929Sjhb## Build postremove file 462128929Sjhbecho "Building postremove file..." 463128929Sjhbcat > postremove << _EOF 464128929Sjhb#! ${SCRIPT_SHELL} 465128929Sjhb# 466128929Sjhbif [ $DO_SMF -eq 1 ] 467129009Snyanthen 468129009Snyan if svcs $OPENSSH_FMRI > /dev/null 2>&1 469129009Snyan then 470129009Snyan svccfg delete -f $OPENSSH_FMRI 471129009Snyan fi 472129009Snyanfi 473129009Snyan_EOF 474129009Snyan 475129009Snyan# local postremove changes here 476129009Snyan[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} 477129009Snyan 478129009Snyancat >> postremove << _EOF 479129009Snyanexit 0 480129009Snyan_EOF 481128929Sjhb 482128929Sjhb## Build request file 483128929Sjhbecho "Building request file..." 484128929Sjhbcat > request << _EOF 485128929Sjhbtrap 'exit 3' 15 486128929Sjhb 487128929Sjhb_EOF 488128929Sjhb 489129095Sjhb[ -x /usr/bin/ckyorn ] || cat >> request << _EOF 490129095Sjhb 491128929Sjhbckyorn() { 492140451Sjhb# for some strange reason OpenServer5 has no ckyorn 493128929Sjhb# We build a striped down version here 494128929Sjhb 495128929SjhbDEFAULT=n 496128929SjhbPROMPT="Yes or No [yes,no,?,quit]" 497128929SjhbHELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." 498128929SjhbUSAGE="usage: ckyorn [options] 499128929Sjhbwhere options may include: 500128929Sjhb -d default 501128929Sjhb -h help 502128929Sjhb -p prompt 503128929Sjhb" 504128929Sjhb 505128929Sjhbif [ \$# != 0 ] 506128929Sjhbthen 507128929Sjhb while getopts d:p:h: c 508128929Sjhb do 509128929Sjhb case \$c in 510129009Snyan h) HELP_PROMPT="\$OPTARG" ;; 511121985Sjhb d) DEFAULT=\$OPTARG ;; 512121985Sjhb p) PROMPT=\$OPTARG ;; 513121985Sjhb \\?) echo "\$USAGE" 1>&2 514121985Sjhb exit 1 ;; 515121985Sjhb esac 516128875Sjhb done 517121985Sjhb shift \`expr \$OPTIND - 1\` 518121985Sjhbfi 519153136Sjhb 520153136Sjhbwhile true 521153136Sjhbdo 522153136Sjhb echo "\${PROMPT}\\c " 1>&2 523153136Sjhb read key 524153136Sjhb [ -z "\$key" ] && key=\$DEFAULT 525153136Sjhb case \$key in 526153136Sjhb [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" 527153136Sjhb exit 0 ;; 528153136Sjhb \\?) echo \$HELP_PROMPT 1>&2 ;; 529153136Sjhb q|quit) echo "q\\c" 1>&2 530153136Sjhb exit 3 ;; 531153136Sjhb esac 532153136Sjhbdone 533153136Sjhb 534121985Sjhb} 535128875Sjhb 536121985Sjhb_EOF 537121985Sjhb 538128875Sjhbif [ $DO_SMF -eq 1 ] 539121985Sjhbthen 540121985Sjhb # This could get hairy, as the running sshd may not be under SMF. 541121985Sjhb # We'll assume an earlier version of OpenSSH started via SMF. 542121985Sjhb cat >> request << _EOF 543121985SjhbPRE_INS_STOP=no 544153146SjhbPOST_INS_START=no 545121985Sjhb# determine if should restart the daemon 546121985Sjhbif [ -s ${piddir}/sshd.pid ] && \ 547121985Sjhb /usr/bin/svcs $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 548153146Sjhbthen 549153146Sjhb ans=\`ckyorn -d n \ 550153146Sjhb-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? 551122898Sjhb case \$ans in 552122898Sjhb [y,Y]*) PRE_INS_STOP=yes 553151658Sjhb POST_INS_START=yes 554122898Sjhb ;; 555122898Sjhb esac 556153146Sjhb 557122898Sjhbelse 558122898Sjhb 559122898Sjhb# determine if we should start sshd 560122898Sjhb ans=\`ckyorn -d n \ 561122898Sjhb-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? 562122898Sjhb case \$ans in 563122898Sjhb [y,Y]*) POST_INS_START=yes ;; 564122898Sjhb esac 565122898Sjhbfi 566122898Sjhb 567122898Sjhb# make parameters available to installation service, 568122898Sjhb# and so to any other packaging scripts 569129131Sjhbcat >\$1 <<! 570122898SjhbPRE_INS_STOP='\$PRE_INS_STOP' 571122898SjhbPOST_INS_START='\$POST_INS_START' 572153146Sjhb! 573121985Sjhb 574121985Sjhb_EOF 575121985Sjhbelse 576121985Sjhb cat >> request << _EOF 577121985SjhbUSE_SYM_LINKS=no 578121985SjhbPRE_INS_STOP=no 579121985SjhbPOST_INS_START=no 580121985Sjhb# Use symbolic links? 581121985Sjhbans=\`ckyorn -d n \ 582121985Sjhb-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? 583121985Sjhbcase \$ans in 584121985Sjhb [y,Y]*) USE_SYM_LINKS=yes ;; 585121985Sjhbesac 586121985Sjhb 587121985Sjhb# determine if should restart the daemon 588121985Sjhbif [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] 589121985Sjhbthen 590121985Sjhb ans=\`ckyorn -d n \ 591121985Sjhb-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? 592121985Sjhb case \$ans in 593121985Sjhb [y,Y]*) PRE_INS_STOP=yes 594121985Sjhb POST_INS_START=yes 595121985Sjhb ;; 596121985Sjhb esac 597121985Sjhb 598121985Sjhbelse 599121985Sjhb 600121985Sjhb# determine if we should start sshd 601121985Sjhb ans=\`ckyorn -d n \ 602121985Sjhb-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? 603121985Sjhb case \$ans in 604121985Sjhb [y,Y]*) POST_INS_START=yes ;; 605121985Sjhb esac 606121985Sjhbfi 607121985Sjhb 608121985Sjhb# make parameters available to installation service, 609121985Sjhb# and so to any other packaging scripts 610121985Sjhbcat >\$1 <<! 611121985SjhbUSE_SYM_LINKS='\$USE_SYM_LINKS' 612127135SnjlPRE_INS_STOP='\$PRE_INS_STOP' 613121985SjhbPOST_INS_START='\$POST_INS_START' 614121985Sjhb! 615121985Sjhb 616121985Sjhb_EOF 617121985Sjhbfi 618121985Sjhb 619121985Sjhb# local request changes here 620121985Sjhb[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} 621121985Sjhb 622121985Sjhbcat >> request << _EOF 623121985Sjhbexit 0 624121985Sjhb 625121985Sjhb_EOF 626121985Sjhb 627121985Sjhb## Next Build our prototype 628121985Sjhbecho "Building prototype file..." 629121985Sjhbcat >mk-proto.awk << _EOF 630121985Sjhb BEGIN { print "i pkginfo"; print "i depend"; \\ 631121985Sjhb print "i preinstall"; print "i postinstall"; \\ 632121985Sjhb print "i preremove"; print "i postremove"; \\ 633121985Sjhb print "i request"; print "i space"; \\ 634121985Sjhb split("$SYSTEM_DIR",sys_files); } 635121985Sjhb { 636121985Sjhb for (dir in sys_files) { if ( \$3 != sys_files[dir] ) 637121985Sjhb { if ( \$1 == "s" ) 638122051Snyan { \$5=""; \$6=""; } 639121985Sjhb else 640122051Snyan { \$5="root"; \$6="sys"; } 641121985Sjhb } 642121985Sjhb else 643121985Sjhb { \$4="?"; \$5="?"; \$6="?"; break;} 644121985Sjhb } } 645121985Sjhb { print; } 646121985Sjhb_EOF 647121985Sjhb 648121985Sjhbfind . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ 649121985Sjhb pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype 650121985Sjhb 651121985Sjhb# /usr/local is a symlink on some systems 652121985Sjhb[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { 653121985Sjhb grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new 654121985Sjhb mv prototype.new prototype 655121985Sjhb} 656121985Sjhb 657## Step back a directory and now build the package. 658cd .. 659# local prototype tweeks here 660[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} 661 662echo "Building package.." 663pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o 664echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg 665 ;; 666 667 justpkg.sh) 668rm -fr ${FAKE_ROOT}/${PKGNAME} 669grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp 670mv $$tmp $FAKE_ROOT/pkginfo 671cat >> $FAKE_ROOT/pkginfo << _EOF 672PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" 673_EOF 674pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o 675echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg 676 ;; 677 678esac 679 680[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT 681exit 0 682 683