buildbff.sh revision 214979
1193326Sed#!/bin/sh 2193326Sed# 3193326Sed# buildbff.sh: Create AIX SMIT-installable OpenSSH packages 4193326Sed# $Id: buildbff.sh,v 1.12 2010/04/18 03:35:00 dtucker Exp $ 5193326Sed# 6193326Sed# Author: Darren Tucker (dtucker at zip dot com dot au) 7193326Sed# This file is placed in the public domain and comes with absolutely 8193326Sed# no warranty. 9193326Sed# 10193326Sed# Based originally on Ben Lindstrom's buildpkg.sh for Solaris 11193326Sed# 12193326Sed 13193326Sed# 14193326Sed# Tunable configuration settings 15193326Sed# create a "config.local" in your build directory or set 16218893Sdim# environment variables to override these. 17234353Sdim# 18234353Sdim[ -z "$PERMIT_ROOT_LOGIN" ] && PERMIT_ROOT_LOGIN=no 19212904Sdim[ -z "$X11_FORWARDING" ] && X11_FORWARDING=no 20226633Sdim[ -z "$AIX_SRC" ] && AIX_SRC=no 21212904Sdim 22198893Srdivackyumask 022 23198893Srdivacky 24193326Sedstartdir=`pwd` 25193326Sed 26221345Sdimperl -v >/dev/null || (echo perl required; exit 1) 27221345Sdim 28221345Sdim# Path to inventory.sh: same place as buildbff.sh 29221345Sdimif echo $0 | egrep '^/' 30221345Sdimthen 31221345Sdim inventory=`dirname $0`/inventory.sh # absolute path 32221345Sdimelse 33221345Sdim inventory=`pwd`/`dirname $0`/inventory.sh # relative path 34226633Sdimfi 35221345Sdim 36221345Sdim# 37221345Sdim# We still support running from contrib/aix, but this is deprecated 38221345Sdim# 39221345Sdimif pwd | egrep 'contrib/aix$' 40221345Sdimthen 41221345Sdim echo "Changing directory to `pwd`/../.." 42226633Sdim echo "Please run buildbff.sh from your build directory in future." 43221345Sdim cd ../.. 44221345Sdim contribaix=1 45221345Sdimfi 46221345Sdim 47221345Sdimif [ ! -f Makefile ] 48221345Sdimthen 49221345Sdim echo "Makefile not found (did you run configure?)" 50221345Sdim exit 1 51221345Sdimfi 52221345Sdim 53221345Sdim# 54221345Sdim# Directories used during build: 55221345Sdim# current dir = $objdir directory you ran ./configure in. 56221345Sdim# $objdir/$PKGDIR/ directory package files are constructed in 57221345Sdim# $objdir/$PKGDIR/root/ package root ($FAKE_ROOT) 58221345Sdim# 59221345Sdimobjdir=`pwd` 60221345SdimPKGNAME=openssh 61221345SdimPKGDIR=package 62221345Sdim 63226633Sdim# 64221345Sdim# Collect local configuration settings to override defaults 65221345Sdim# 66221345Sdimif [ -s ./config.local ] 67221345Sdimthen 68221345Sdim echo Reading local settings from config.local 69221345Sdim . ./config.local 70221345Sdimfi 71221345Sdim 72221345Sdim# 73221345Sdim# Fill in some details from Makefile, like prefix and sysconfdir 74226633Sdim# the eval also expands variables like sysconfdir=${prefix}/etc 75226633Sdim# provided they are eval'ed in the correct order 76226633Sdim# 77226633Sdimfor confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir srcdir 78226633Sdimdo 79226633Sdim eval $confvar=`grep "^$confvar=" $objdir/Makefile | cut -d = -f 2` 80226633Sdimdone 81226633Sdim 82226633Sdim# 83226633Sdim# Collect values of privsep user and privsep path 84226633Sdim# currently only found in config.h 85226633Sdim# 86226633Sdimfor confvar in SSH_PRIVSEP_USER PRIVSEP_PATH 87226633Sdimdo 88226633Sdim eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' $objdir/config.h` 89226633Sdimdone 90226633Sdim 91226633Sdim# Set privsep defaults if not defined 92226633Sdimif [ -z "$SSH_PRIVSEP_USER" ] 93226633Sdimthen 94226633Sdim SSH_PRIVSEP_USER=sshd 95226633Sdimfi 96226633Sdimif [ -z "$PRIVSEP_PATH" ] 97226633Sdimthen 98226633Sdim PRIVSEP_PATH=/var/empty 99198092Srdivackyfi 100193326Sed 101198092Srdivacky# Clean package build directory 102198092Srdivackyrm -rf $objdir/$PKGDIR 103198092SrdivackyFAKE_ROOT=$objdir/$PKGDIR/root 104198092Srdivackymkdir -p $FAKE_ROOT 105193326Sed 106193326Sed# Start by faking root install 107193326Sedecho "Faking root install..." 108193326Sedcd $objdir 109193326Sedmake install-nokeys DESTDIR=$FAKE_ROOT 110193326Sed 111193326Sedif [ $? -gt 0 ] 112198092Srdivackythen 113193326Sed echo "Fake root install failed, stopping." 114198092Srdivacky exit 1 115198092Srdivackyfi 116198092Srdivacky 117198092Srdivacky# 118198092Srdivacky# Copy informational files to include in package 119198092Srdivacky# 120198092Srdivackycp $srcdir/LICENCE $objdir/$PKGDIR/ 121198092Srdivackycp $srcdir/README* $objdir/$PKGDIR/ 122198092Srdivacky 123198092Srdivacky# 124198092Srdivacky# Extract common info requires for the 'info' part of the package. 125204643Srdivacky# AIX requires 4-part version numbers 126204643Srdivacky# 127204643SrdivackyVERSION=`./ssh -V 2>&1 | cut -f 1 -d , | cut -f 2 -d _` 128204643SrdivackyMAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .` 129204643SrdivackyMINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .` 130204643SrdivackyPATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .` 131204643SrdivackyPORTABLE=`echo $VERSION | awk 'BEGIN{FS="p"}{print $2}'` 132204643Srdivacky[ "$PATCH" = "" ] && PATCH=0 133204643Srdivacky[ "$PORTABLE" = "" ] && PORTABLE=0 134204643SrdivackyBFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE` 135204643Srdivacky 136198092Srdivackyecho "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" 137212904Sdim 138204643Srdivacky# 139221345Sdim# Set ssh and sshd parameters as per config.local 140221345Sdim# 141234353Sdimif [ "${PERMIT_ROOT_LOGIN}" = no ] 142193326Sedthen 143193326Sed perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 144193326Sed $FAKE_ROOT/${sysconfdir}/sshd_config 145219077Sdimfi 146219077Sdimif [ "${X11_FORWARDING}" = yes ] 147219077Sdimthen 148193326Sed perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ 149204643Srdivacky $FAKE_ROOT/${sysconfdir}/sshd_config 150193326Sedfi 151193326Sed 152193326Sed 153193326Sed# Rename config files; postinstall script will copy them if necessary 154193326Sedfor cfgfile in ssh_config sshd_config 155193326Seddo 156193326Sed mv $FAKE_ROOT/$sysconfdir/$cfgfile $FAKE_ROOT/$sysconfdir/$cfgfile.default 157193326Seddone 158193326Sed 159198092Srdivacky# AIX 5.3 and newer have /dev/random and don't create ssh_prng_cmds 160193326Sedif [ -f $FAKE_ROOT/$sysconfdir/ssh_prng_cmds ] 161219077Sdimthen 162219077Sdim mv $FAKE_ROOT/$sysconfdir/ssh_prng_cmds \ 163219077Sdim $FAKE_ROOT/$sysconfdir/ssh_prng_cmds.default 164193326Sedfi 165193326Sed 166193326Sed# 167204643Srdivacky# Generate lpp control files. 168204643Srdivacky# working dir is $FAKE_ROOT but files are generated in dir above 169204643Srdivacky# and moved into place just before creation of .bff 170204643Srdivacky# 171204643Srdivackycd $FAKE_ROOT 172204643Srdivackyecho Generating LPP control files 173234353Sdimfind . ! -name . -print >../openssh.al 174234353Sdim$inventory >../openssh.inventory 175234353Sdim 176234353Sdimcat <<EOD >../openssh.copyright 177234353SdimThis software is distributed under a BSD-style license. 178234353SdimFor the full text of the license, see /usr/lpp/openssh/LICENCE 179234353SdimEOD 180234353Sdim 181234353Sdim# 182234353Sdim# openssh.size file allows filesystem expansion as required 183234353Sdim# generate list of directories containing files 184234353Sdim# then calculate disk usage for each directory and store in openssh.size 185234353Sdim# 186234353Sdimfiles=`find . -type f -print` 187234353Sdimdirs=`for file in $files; do dirname $file; done | sort -u` 188234353Sdimfor dir in $dirs 189193326Seddo 190198092Srdivacky du $dir 191198092Srdivackydone > ../openssh.size 192198092Srdivacky 193198092Srdivacky# 194198092Srdivacky# Create postinstall script 195198092Srdivacky# 196198092Srdivackycat <<EOF >>../openssh.post_i 197198092Srdivacky#!/bin/sh 198198092Srdivacky 199198092Srdivackyecho Creating configs from defaults if necessary. 200198092Srdivackyfor cfgfile in ssh_config sshd_config ssh_prng_cmds 201212904Sdimdo 202198092Srdivacky if [ ! -f $sysconfdir/\$cfgfile ] 203198092Srdivacky then 204198092Srdivacky echo "Creating \$cfgfile from default" 205198092Srdivacky cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile 206210299Sed else 207221345Sdim echo "\$cfgfile already exists." 208221345Sdim fi 209221345Sdimdone 210221345Sdimecho 211226633Sdim 212226633Sdim# Create PrivilegeSeparation user and group if not present 213226633Sdimecho Checking for PrivilegeSeparation user and group. 214198092Srdivackyif cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 215198092Srdivackythen 216198092Srdivacky echo "PrivSep group $SSH_PRIVSEP_USER already exists." 217193326Sedelse 218195099Sed echo "Creating PrivSep group $SSH_PRIVSEP_USER." 219195099Sed mkgroup -A $SSH_PRIVSEP_USER 220195099Sedfi 221195099Sed 222195099Sed# Create user if required 223198092Srdivackyif lsuser "$SSH_PRIVSEP_USER" >/dev/null 224198092Srdivackythen 225198092Srdivacky echo "PrivSep user $SSH_PRIVSEP_USER already exists." 226198092Srdivackyelse 227198092Srdivacky echo "Creating PrivSep user $SSH_PRIVSEP_USER." 228198092Srdivacky mkuser gecos='SSHD PrivSep User' login=false rlogin=false account_locked=true pgrp=$SSH_PRIVSEP_USER $SSH_PRIVSEP_USER 229199482Srdivackyfi 230195099Sed 231198893Srdivackyif egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null 232198893Srdivackythen 233198893Srdivacky echo UsePrivilegeSeparation not enabled, privsep directory not required. 234199482Srdivackyelse 235198893Srdivacky # create chroot directory if required 236198893Srdivacky if [ -d $PRIVSEP_PATH ] 237198893Srdivacky then 238198893Srdivacky echo "PrivSep chroot directory $PRIVSEP_PATH already exists." 239199482Srdivacky else 240199482Srdivacky echo "Creating PrivSep chroot directory $PRIVSEP_PATH." 241198893Srdivacky mkdir $PRIVSEP_PATH 242199482Srdivacky chown 0 $PRIVSEP_PATH 243198893Srdivacky chgrp 0 $PRIVSEP_PATH 244199990Srdivacky chmod 755 $PRIVSEP_PATH 245199990Srdivacky fi 246198893Srdivackyfi 247198893Srdivackyecho 248198893Srdivacky 249199482Srdivacky# Generate keys unless they already exist 250198893Srdivackyecho Creating host keys if required. 251198893Srdivackyif [ -f "$sysconfdir/ssh_host_key" ] ; then 252198893Srdivacky echo "$sysconfdir/ssh_host_key already exists, skipping." 253199482Srdivackyelse 254195099Sed $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" 255193326Sedfi 256198092Srdivackyif [ -f $sysconfdir/ssh_host_dsa_key ] ; then 257199482Srdivacky echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." 258199482Srdivackyelse 259199482Srdivacky $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" 260199482Srdivackyfi 261199482Srdivackyif [ -f $sysconfdir/ssh_host_rsa_key ] ; then 262199482Srdivacky echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." 263199482Srdivackyelse 264199482Srdivacky $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" 265199482Srdivackyfi 266199482Srdivackyecho 267210299Sed 268234353Sdim# Set startup command depending on SRC support 269234353Sdimif [ "$AIX_SRC" = "yes" ] 270234353Sdimthen 271234353Sdim echo Creating SRC sshd subsystem. 272234353Sdim rmssys -s sshd 2>&1 >/dev/null 273234353Sdim mkssys -s sshd -p "$sbindir/sshd" -a '-D' -u 0 -S -n 15 -f 9 -R -G tcpip 274234353Sdim startupcmd="start $sbindir/sshd \\\"\\\$src_running\\\"" 275210299Sed oldstartcmd="$sbindir/sshd" 276210299Sedelse 277204643Srdivacky startupcmd="$sbindir/sshd" 278198092Srdivacky oldstartcmd="start $sbindir/sshd \\\"$src_running\\\"" 279193326Sedfi 280193326Sed 281198092Srdivacky# If migrating to or from SRC, change previous startup command 282193326Sed# otherwise add to rc.tcpip 283198092Srdivackyif egrep "^\$oldstartcmd" /etc/rc.tcpip >/dev/null 284193326Sedthen 285193326Sed if sed "s|^\$oldstartcmd|\$startupcmd|g" /etc/rc.tcpip >/etc/rc.tcpip.new 286193326Sed then 287193326Sed chmod 0755 /etc/rc.tcpip.new 288193326Sed mv /etc/rc.tcpip /etc/rc.tcpip.old && \ 289193326Sed mv /etc/rc.tcpip.new /etc/rc.tcpip 290224145Sdim else 291204643Srdivacky echo "Updating /etc/rc.tcpip failed, please check." 292204643Srdivacky fi 293204643Srdivackyelse 294204643Srdivacky # Add to system startup if required 295193326Sed if grep "^\$startupcmd" /etc/rc.tcpip >/dev/null 296221345Sdim then 297221345Sdim echo "sshd found in rc.tcpip, not adding." 298221345Sdim else 299221345Sdim echo "Adding sshd to rc.tcpip" 300221345Sdim echo >>/etc/rc.tcpip 301193326Sed echo "# Start sshd" >>/etc/rc.tcpip 302234353Sdim echo "\$startupcmd" >>/etc/rc.tcpip 303221345Sdim fi 304221345Sdimfi 305221345SdimEOF 306221345Sdim 307221345Sdim# 308221345Sdim# Create liblpp.a and move control files into it 309234353Sdim# 310234353Sdimecho Creating liblpp.a 311221345Sdim( 312221345Sdim cd .. 313221345Sdim for i in openssh.al openssh.copyright openssh.inventory openssh.post_i openssh.size LICENCE README* 314221345Sdim do 315221345Sdim ar -r liblpp.a $i 316221345Sdim rm $i 317221345Sdim done 318221345Sdim) 319221345Sdim 320221345Sdim# 321221345Sdim# Create lpp_name 322195099Sed# 323223017Sdim# This will end up looking something like: 324221345Sdim# 4 R I OpenSSH { 325193326Sed# OpenSSH 3.0.2.1 1 N U en_US OpenSSH 3.0.2p1 Portable for AIX 326193326Sed# [ 327195099Sed# % 328195099Sed# /usr/local/bin 8073 329195099Sed# /usr/local/etc 189 330195099Sed# /usr/local/libexec 185 331195099Sed# /usr/local/man/man1 145 332195099Sed# /usr/local/man/man8 83 333195099Sed# /usr/local/sbin 2105 334195099Sed# /usr/local/share 3 335195099Sed# % 336195099Sed# ] 337195099Sed# } 338195099Sed 339195099Sedecho Creating lpp_name 340200583Srdivackycat <<EOF >../lpp_name 341200583Srdivacky4 R I $PKGNAME { 342200583Srdivacky$PKGNAME $BFFVERSION 1 N U en_US OpenSSH $VERSION Portable for AIX 343204643Srdivacky[ 344219077Sdim% 345219077SdimEOF 346219077Sdim 347204643Srdivackyfor i in $bindir $sysconfdir $libexecdir $mandir/${mansubdir}1 $mandir/${mansubdir}8 $sbindir $datadir /usr/lpp/openssh 348204643Srdivackydo 349204643Srdivacky # get size in 512 byte blocks 350204643Srdivacky if [ -d $FAKE_ROOT/$i ] 351204643Srdivacky then 352204643Srdivacky size=`du $FAKE_ROOT/$i | awk '{print $1}'` 353206084Srdivacky echo "$i $size" >>../lpp_name 354204643Srdivacky fi 355204643Srdivackydone 356204643Srdivacky 357204643Srdivackyecho '%' >>../lpp_name 358200583Srdivackyecho ']' >>../lpp_name 359200583Srdivackyecho '}' >>../lpp_name 360195099Sed 361204643Srdivacky# 362210299Sed# Move pieces into place 363204643Srdivacky# 364204643Srdivackymkdir -p usr/lpp/openssh 365204643Srdivackymv ../liblpp.a usr/lpp/openssh 366204643Srdivackymv ../lpp_name . 367204643Srdivacky 368195099Sed# 369195099Sed# Now invoke backup to create .bff file 370195099Sed# note: lpp_name needs to be the first file so we generate the 371200583Srdivacky# file list on the fly and feed it to backup using -i 372200583Srdivacky# 373195099Sedecho Creating $PKGNAME-$VERSION.bff with backup... 374198092Srdivackyrm -f $PKGNAME-$VERSION.bff 375219077Sdim( 376219077Sdim echo "./lpp_name" 377219077Sdim find . ! -name lpp_name -a ! -name . -print 378219077Sdim) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist 379219077Sdim 380195099Sed# 381195099Sed# Move package into final location and clean up 382198092Srdivacky# 383226633Sdimmv ../$PKGNAME-$VERSION.bff $startdir 384221345Sdimcd $startdir 385195099Sedrm -rf $objdir/$PKGDIR 386195099Sed 387195099Sedecho $0: done. 388195099Sed 389198893Srdivacky