buildpkg.sh.in revision 248613
1124208Sdes#!/bin/sh 2124208Sdes# 3204861Sdes# Fake Root Solaris/SVR4/SVR5 Build System - Prototype 4180744Sdes# 5124208Sdes# The following code has been provide under Public Domain License. I really 6180744Sdes# don't care what you use it for. Just as long as you don't complain to me 7124208Sdes# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) 8124208Sdes# 9124208Sdesumask 022 10124208Sdes# 11124208Sdes# Options for building the package 12124208Sdes# You can create a openssh-config.local with your customized options 13124208Sdes# 14124208SdesREMOVE_FAKE_ROOT_WHEN_DONE=yes 15124208Sdes# 16124208Sdes# uncommenting TEST_DIR and using 17124208Sdes# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty 18124208Sdes# and 19124208Sdes# PKGNAME=tOpenSSH should allow testing a package without interfering 20124208Sdes# with a real OpenSSH package on a system. This is not needed on systems 21124208Sdes# that support the -R option to pkgadd. 22124208Sdes#TEST_DIR=/var/tmp # leave commented out for production build 23124208SdesPKGNAME=OpenSSH 24124208Sdes# revisions within the same version (REV=a) 25124208Sdes#REV= 26124208SdesSYSVINIT_NAME=opensshd 27124208SdesAWK=${AWK:="nawk"} 28124208SdesMAKE=${MAKE:="make"} 29124208SdesSSHDUID=67 # Default privsep uid 30124208SdesSSHDGID=67 # Default privsep gid 31124208Sdes# uncomment these next three as needed 32124208Sdes#PERMIT_ROOT_LOGIN=no 33124208Sdes#X11_FORWARDING=yes 34124208Sdes#USR_LOCAL_IS_SYMLINK=yes 35124208Sdes# System V init run levels 36124208SdesSYSVINITSTART=S98 37124208SdesSYSVINITSTOPT=K30 38137015Sdes# We will source these if they exist 39124208SdesPOST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh 40124208SdesPOST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh 41124208Sdes# We'll be one level deeper looking for these 42124208SdesPKG_PREINSTALL_LOCAL=../pkg-preinstall.local 43124208SdesPKG_POSTINSTALL_LOCAL=../pkg-postinstall.local 44124208SdesPKG_PREREMOVE_LOCAL=../pkg-preremove.local 45124208SdesPKG_POSTREMOVE_LOCAL=../pkg-postremove.local 46124208SdesPKG_REQUEST_LOCAL=../pkg-request.local 47124208Sdes# end of sourced files 48124208Sdes# 49124208SdesOPENSSHD=opensshd.init 50124208SdesOPENSSH_MANIFEST=openssh.xml 51124208SdesOPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default 52124208SdesSMF_METHOD_DIR=/lib/svc/method/site 53124208SdesSMF_MANIFEST_DIR=/var/svc/manifest/site 54124208Sdes 55124208SdesPATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ 56124208SdesPATH_USERADD_PROG=@PATH_USERADD_PROG@ 57124208SdesPATH_PASSWD_PROG=@PATH_PASSWD_PROG@ 58124208Sdes# 59124208Sdes# list of system directories we do NOT want to change owner/group/perms 60124208Sdes# when installing our package 61124208SdesSYSTEM_DIR="/etc \ 62124208Sdes/etc/init.d \ 63124208Sdes/etc/rcS.d \ 64124208Sdes/etc/rc0.d \ 65124208Sdes/etc/rc1.d \ 66124208Sdes/etc/rc2.d \ 67124208Sdes/etc/opt \ 68124208Sdes/lib \ 69124208Sdes/lib/svc \ 70124208Sdes/lib/svc/method \ 71124208Sdes/lib/svc/method/site \ 72124208Sdes/opt \ 73124208Sdes/opt/bin \ 74124208Sdes/usr \ 75124208Sdes/usr/bin \ 76124208Sdes/usr/lib \ 77124208Sdes/usr/sbin \ 78124208Sdes/usr/share \ 79124208Sdes/usr/share/man \ 80124208Sdes/usr/share/man/man1 \ 81124208Sdes/usr/share/man/man8 \ 82124208Sdes/usr/local \ 83126274Sdes/usr/local/bin \ 84124208Sdes/usr/local/etc \ 85124208Sdes/usr/local/libexec \ 86124208Sdes/usr/local/man \ 87124208Sdes/usr/local/man/man1 \ 88126274Sdes/usr/local/man/man8 \ 89124208Sdes/usr/local/sbin \ 90124208Sdes/usr/local/share \ 91124208Sdes/var \ 92124208Sdes/var/opt \ 93126274Sdes/var/run \ 94126274Sdes/var/svc \ 95126274Sdes/var/svc/manifest \ 96124208Sdes/var/svc/manifest/site \ 97124208Sdes/var/tmp \ 98124208Sdes/tmp" 99124208Sdes 100124208Sdes# We may need to build as root so we make sure PATH is set up 101124208Sdes# only set the path if it's not set already 102124208Sdes[ -d /opt/bin ] && { 103126274Sdes echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 104124208Sdes [ $? -ne 0 ] && PATH=$PATH:/opt/bin 105124208Sdes} 106124208Sdes[ -d /usr/local/bin ] && { 107124208Sdes echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 108124208Sdes [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin 109124208Sdes} 110124208Sdes[ -d /usr/ccs/bin ] && { 111124208Sdes echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 112124208Sdes [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin 113124208Sdes} 114126274Sdesexport PATH 115124208Sdes# 116124208Sdes 117126274Sdes[ -f Makefile ] || { 118124208Sdes echo "Please run this script from your build directory" 119124208Sdes exit 1 120124208Sdes} 121124208Sdes 122126274Sdes# we will look for openssh-config.local to override the above options 123124208Sdes[ -s ./openssh-config.local ] && . ./openssh-config.local 124124208Sdes 125124208SdesSTART=`pwd` 126124208SdesFAKE_ROOT=$START/pkg 127126274Sdes 128124208Sdes## Fill in some details, like prefix and sysconfdir 129124208Sdesfor confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir 130124208Sdesdo 131124208Sdes eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` 132124208Sdesdone 133124208Sdes 134124208Sdes## Are we using Solaris' SMF? 135124208SdesDO_SMF=0 136126274Sdesif egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 137124208Sdesthen 138126274Sdes DO_SMF=1 139124208Sdesfi 140124208Sdes 141180744Sdes## Collect value of privsep user 142180744Sdesfor confvar in SSH_PRIVSEP_USER 143180744Sdesdo 144180744Sdes eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` 145180744Sdesdone 146180744Sdes 147124208Sdes## Set privsep defaults if not defined 148124208Sdesif [ -z "$SSH_PRIVSEP_USER" ] 149124208Sdesthen 150124208Sdes SSH_PRIVSEP_USER=sshd 151124208Sdesfi 152204861Sdes 153204861Sdes## Extract common info requires for the 'info' part of the package. 154204861SdesVERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` 155149749Sdes 156149749SdesARCH=`uname -m` 157149749SdesDEF_MSG="\n" 158124208SdesOS_VER=`uname -v` 159124208SdesSCRIPT_SHELL=/sbin/sh 160124208SdesUNAME_R=`uname -r` 161124208SdesUNAME_S=`uname -s` 162124208Sdescase ${UNAME_S} in 163124208Sdes SunOS) UNAME_S=Solaris 164124208Sdes OS_VER=${UNAME_R} 165124208Sdes ARCH=`uname -p` 166124208Sdes RCS_D=yes 167124208Sdes DEF_MSG="(default: n)" 168124208Sdes ;; 169124208Sdes SCO_SV) case ${UNAME_R} in 170124208Sdes 3.2) UNAME_S=OpenServer5 171124208Sdes OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` 172180744Sdes ;; 173124208Sdes 5) UNAME_S=OpenServer6 174124208Sdes ;; 175124208Sdes esac 176124208Sdes SCRIPT_SHELL=/bin/sh 177124208Sdes RC1_D=no 178126274Sdes DEF_MSG="(default: n)" 179126274Sdes ;; 180126274Sdesesac 181124208Sdes 182124208Sdescase `basename $0` in 183126274Sdes buildpkg.sh) 184180744Sdes## Start by faking root install 185180744Sdesecho "Faking root install..." 186180744Sdes[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT 187124208Sdesmkdir $FAKE_ROOT 188126274Sdes${MAKE} install-nokeys DESTDIR=$FAKE_ROOT 189180744Sdesif [ $? -gt 0 ] 190180744Sdesthen 191180744Sdes echo "Fake root install failed, stopping." 192124208Sdes exit 1 193126274Sdesfi 194124208Sdes 195126274Sdes## Setup our run level stuff while we are at it. 196124208Sdesif [ $DO_SMF -eq 1 ] 197124208Sdesthen 198124208Sdes # For Solaris' SMF, /lib/svc/method/site is the preferred place 199124208Sdes # for start/stop scripts that aren't supplied with the OS, and 200124208Sdes # similarly /var/svc/manifest/site for manifests. 201126274Sdes mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR} 202126274Sdes mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR} 203126274Sdes 204124208Sdes cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} 205124208Sdes chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} 206124208Sdes 207124208Sdes cat ${OPENSSH_MANIFEST} | \ 208180744Sdes sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \ 209124208Sdes -e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \ 210124208Sdes > $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml 211126274Sdes chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml 212126274Sdeselse 213124208Sdes mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d 214124208Sdes 215124208Sdes cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 216126274Sdes chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 217124208Sdesfi 218126274Sdes 219124208Sdes[ "${PERMIT_ROOT_LOGIN}" = no ] && \ 220124208Sdes perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 221126274Sdes $FAKE_ROOT${sysconfdir}/sshd_config 222124208Sdes[ "${X11_FORWARDING}" = yes ] && \ 223124208Sdes perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ 224124208Sdes $FAKE_ROOT${sysconfdir}/sshd_config 225124208Sdes# fix PrintMotd 226124208Sdesperl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ 227126274Sdes $FAKE_ROOT${sysconfdir}/sshd_config 228124208Sdes 229124208Sdes# We don't want to overwrite config files on multiple installs 230124208Sdesmv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default 231126274Sdesmv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default 232124208Sdes 233126274Sdes# local tweeks here 234126274Sdes[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} 235126274Sdes 236124208Sdescd $FAKE_ROOT 237124208Sdes 238126274Sdes## Ok, this is outright wrong, but it will work. I'm tired of pkgmk 239124208Sdes## whining. 240124208Sdesfor i in *; do 241124208Sdes PROTO_ARGS="$PROTO_ARGS $i=/$i"; 242126274Sdesdone 243124208Sdes 244124208Sdes## Build info file 245124208Sdesecho "Building pkginfo file..." 246126274Sdescat > pkginfo << _EOF 247124208SdesPKG=$PKGNAME 248124208SdesNAME="OpenSSH Portable for ${UNAME_S}" 249124208SdesDESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." 250124208SdesVENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html" 251124208SdesARCH=$ARCH 252124208SdesVERSION=$VERSION$REV 253124208SdesCATEGORY="Security,application" 254124208SdesBASEDIR=/ 255124208SdesCLASSES="none" 256124208SdesPSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" 257124208Sdes_EOF 258126274Sdes 259124208Sdes## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS 260124208Sdesecho "Building depend file..." 261126274Sdestouch depend 262124208Sdes 263124208Sdes## Build space file 264124208Sdesecho "Building space file..." 265124208Sdesif [ $DO_SMF -eq 1 ] 266124208Sdesthen 267124208Sdes # XXX Is this necessary? If not, remove space line from mk-proto.awk. 268124208Sdes touch space 269124208Sdeselse 270124208Sdes cat > space << _EOF 271124208Sdes# extra space required by start/stop links added by installf 272124208Sdes# in postinstall 273124208Sdes$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 274124208Sdes$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 275124208Sdes_EOF 276124208Sdes [ "$RC1_D" = no ] || \ 277124208Sdes echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 278124208Sdes [ "$RCS_D" = yes ] && \ 279124208Sdes echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 280126274Sdesfi 281126274Sdes 282126274Sdes## Build preinstall file 283126274Sdesecho "Building preinstall file..." 284126274Sdescat > preinstall << _EOF 285126274Sdes#! ${SCRIPT_SHELL} 286126274Sdes# 287126274Sdes_EOF 288126274Sdes 289126274Sdes# local preinstall changes here 290126274Sdes[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} 291126274Sdes 292126274Sdescat >> preinstall << _EOF 293126274Sdes# 294126274Sdesif [ "\${PRE_INS_STOP}" = "yes" ] 295126274Sdesthen 296126274Sdes if [ $DO_SMF -eq 1 ] 297126274Sdes then 298126274Sdes svcadm disable $OPENSSH_FMRI 299126274Sdes else 300126274Sdes ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 301126274Sdes fi 302126274Sdesfi 303126274Sdes 304124208Sdesexit 0 305124208Sdes_EOF 306124208Sdes 307126274Sdes## Build postinstall file 308124208Sdesecho "Building postinstall file..." 309124208Sdescat > postinstall << _EOF 310124208Sdes#! ${SCRIPT_SHELL} 311126274Sdes# 312124208Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ 313126274Sdes cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ 314126274Sdes \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config 315124208Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ 316126274Sdes cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ 317124208Sdes \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config 318126274Sdes 319124208Sdes# make rc?.d dirs only if we are doing a test install 320126274Sdes[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { 321124208Sdes [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d 322124208Sdes mkdir -p ${TEST_DIR}/etc/rc0.d 323124208Sdes [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d 324137015Sdes mkdir -p ${TEST_DIR}/etc/rc2.d 325137015Sdes} 326137015Sdes 327137015Sdesif [ $DO_SMF -eq 1 ] 328137015Sdesthen 329137015Sdes # Delete the existing service, if it exists, then import the 330137015Sdes # new one. 331124208Sdes if svcs $OPENSSH_FMRI > /dev/null 2>&1 332124208Sdes then 333126274Sdes svccfg delete -f $OPENSSH_FMRI 334124208Sdes fi 335126274Sdes # NOTE, The manifest disables sshd by default. 336124208Sdes svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml 337126274Sdeselse 338126274Sdes if [ "\${USE_SYM_LINKS}" = yes ] 339137015Sdes then 340126274Sdes [ "$RCS_D" = yes ] && \\ 341126274Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 342126274Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 343124208Sdes [ "$RC1_D" = no ] || \\ 344126274Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 345124208Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 346124208Sdes else 347126274Sdes [ "$RCS_D" = yes ] && \\ 348124208Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 349126274Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 350124208Sdes [ "$RC1_D" = no ] || \\ 351124208Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 352124208Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 353124208Sdes fi 354124208Sdesfi 355124208Sdes 356124208Sdes# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) 357124208Sdes[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys 358124208Sdes 359124208Sdes_EOF 360124208Sdes 361124208Sdes# local postinstall changes here 362124208Sdes[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} 363124208Sdes 364124208Sdescat >> postinstall << _EOF 365124208Sdesinstallf -f ${PKGNAME} 366124208Sdes 367124208Sdes# Use chroot to handle PKG_INSTALL_ROOT 368124208Sdesif [ ! -z "\${PKG_INSTALL_ROOT}" ] 369124208Sdesthen 370124208Sdes chroot="chroot \${PKG_INSTALL_ROOT}" 371fi 372# If this is a test build, we will skip the groupadd/useradd/passwd commands 373if [ ! -z "${TEST_DIR}" ] 374then 375 chroot=echo 376fi 377 378 echo "PrivilegeSeparation user always required." 379 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 380 then 381 echo "PrivSep user $SSH_PRIVSEP_USER already exists." 382 SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` 383 SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` 384 else 385 DO_PASSWD=yes 386 fi 387 [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER 388 389 # group required? 390 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null 391 then 392 echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." 393 else 394 DO_GROUP=yes 395 fi 396 397 # create group if required 398 [ "\$DO_GROUP" = yes ] && { 399 # Use gid of 67 if possible 400 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null 401 then 402 : 403 else 404 sshdgid="-g $SSHDGID" 405 fi 406 echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." 407 \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP 408 } 409 410 # Create user if required 411 [ "\$DO_PASSWD" = yes ] && { 412 # Use uid of 67 if possible 413 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null 414 then 415 : 416 else 417 sshduid="-u $SSHDUID" 418 fi 419 echo "Creating PrivSep user $SSH_PRIVSEP_USER." 420 \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER 421 \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER 422 } 423 424if [ "\${POST_INS_START}" = "yes" ] 425then 426 if [ $DO_SMF -eq 1 ] 427 then 428 svcadm enable $OPENSSH_FMRI 429 else 430 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start 431 fi 432fi 433exit 0 434_EOF 435 436## Build preremove file 437echo "Building preremove file..." 438cat > preremove << _EOF 439#! ${SCRIPT_SHELL} 440# 441if [ $DO_SMF -eq 1 ] 442then 443 svcadm disable $OPENSSH_FMRI 444else 445 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 446fi 447_EOF 448 449# local preremove changes here 450[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} 451 452cat >> preremove << _EOF 453exit 0 454_EOF 455 456## Build postremove file 457echo "Building postremove file..." 458cat > postremove << _EOF 459#! ${SCRIPT_SHELL} 460# 461if [ $DO_SMF -eq 1 ] 462then 463 if svcs $OPENSSH_FMRI > /dev/null 2>&1 464 then 465 svccfg delete -f $OPENSSH_FMRI 466 fi 467fi 468_EOF 469 470# local postremove changes here 471[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} 472 473cat >> postremove << _EOF 474exit 0 475_EOF 476 477## Build request file 478echo "Building request file..." 479cat > request << _EOF 480trap 'exit 3' 15 481 482_EOF 483 484[ -x /usr/bin/ckyorn ] || cat >> request << _EOF 485 486ckyorn() { 487# for some strange reason OpenServer5 has no ckyorn 488# We build a striped down version here 489 490DEFAULT=n 491PROMPT="Yes or No [yes,no,?,quit]" 492HELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." 493USAGE="usage: ckyorn [options] 494where options may include: 495 -d default 496 -h help 497 -p prompt 498" 499 500if [ \$# != 0 ] 501then 502 while getopts d:p:h: c 503 do 504 case \$c in 505 h) HELP_PROMPT="\$OPTARG" ;; 506 d) DEFAULT=\$OPTARG ;; 507 p) PROMPT=\$OPTARG ;; 508 \\?) echo "\$USAGE" 1>&2 509 exit 1 ;; 510 esac 511 done 512 shift \`expr \$OPTIND - 1\` 513fi 514 515while true 516do 517 echo "\${PROMPT}\\c " 1>&2 518 read key 519 [ -z "\$key" ] && key=\$DEFAULT 520 case \$key in 521 [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" 522 exit 0 ;; 523 \\?) echo \$HELP_PROMPT 1>&2 ;; 524 q|quit) echo "q\\c" 1>&2 525 exit 3 ;; 526 esac 527done 528 529} 530 531_EOF 532 533if [ $DO_SMF -eq 1 ] 534then 535 # This could get hairy, as the running sshd may not be under SMF. 536 # We'll assume an earlier version of OpenSSH started via SMF. 537 cat >> request << _EOF 538PRE_INS_STOP=no 539POST_INS_START=no 540# determine if should restart the daemon 541if [ -s ${piddir}/sshd.pid ] && \\ 542 /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 543then 544 ans=\`ckyorn -d n \\ 545-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? 546 case \$ans in 547 [y,Y]*) PRE_INS_STOP=yes 548 POST_INS_START=yes 549 ;; 550 esac 551 552else 553 554# determine if we should start sshd 555 ans=\`ckyorn -d n \\ 556-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? 557 case \$ans in 558 [y,Y]*) POST_INS_START=yes ;; 559 esac 560fi 561 562# make parameters available to installation service, 563# and so to any other packaging scripts 564cat >\$1 <<! 565PRE_INS_STOP='\$PRE_INS_STOP' 566POST_INS_START='\$POST_INS_START' 567! 568 569_EOF 570else 571 cat >> request << _EOF 572USE_SYM_LINKS=no 573PRE_INS_STOP=no 574POST_INS_START=no 575# Use symbolic links? 576ans=\`ckyorn -d n \\ 577-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? 578case \$ans in 579 [y,Y]*) USE_SYM_LINKS=yes ;; 580esac 581 582# determine if should restart the daemon 583if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] 584then 585 ans=\`ckyorn -d n \\ 586-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? 587 case \$ans in 588 [y,Y]*) PRE_INS_STOP=yes 589 POST_INS_START=yes 590 ;; 591 esac 592 593else 594 595# determine if we should start sshd 596 ans=\`ckyorn -d n \\ 597-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? 598 case \$ans in 599 [y,Y]*) POST_INS_START=yes ;; 600 esac 601fi 602 603# make parameters available to installation service, 604# and so to any other packaging scripts 605cat >\$1 <<! 606USE_SYM_LINKS='\$USE_SYM_LINKS' 607PRE_INS_STOP='\$PRE_INS_STOP' 608POST_INS_START='\$POST_INS_START' 609! 610 611_EOF 612fi 613 614# local request changes here 615[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} 616 617cat >> request << _EOF 618exit 0 619 620_EOF 621 622## Next Build our prototype 623echo "Building prototype file..." 624cat >mk-proto.awk << _EOF 625 BEGIN { print "i pkginfo"; print "i depend"; \\ 626 print "i preinstall"; print "i postinstall"; \\ 627 print "i preremove"; print "i postremove"; \\ 628 print "i request"; print "i space"; \\ 629 split("$SYSTEM_DIR",sys_files); } 630 { 631 for (dir in sys_files) { if ( \$3 != sys_files[dir] ) 632 { if ( \$1 == "s" ) 633 { \$5=""; \$6=""; } 634 else 635 { \$5="root"; \$6="sys"; } 636 } 637 else 638 { \$4="?"; \$5="?"; \$6="?"; break;} 639 } } 640 { print; } 641_EOF 642 643find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ 644 pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype 645 646# /usr/local is a symlink on some systems 647[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { 648 grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new 649 mv prototype.new prototype 650} 651 652## Step back a directory and now build the package. 653cd .. 654# local prototype tweeks here 655[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} 656 657echo "Building package.." 658pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o 659echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg 660 ;; 661 662 justpkg.sh) 663rm -fr ${FAKE_ROOT}/${PKGNAME} 664grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp 665mv $$tmp $FAKE_ROOT/pkginfo 666cat >> $FAKE_ROOT/pkginfo << _EOF 667PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" 668_EOF 669pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o 670echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg 671 ;; 672 673esac 674 675[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT 676exit 0 677 678