1137015Sdes#!/bin/sh 2137015Sdes# 3137015Sdes# Fake Root Solaris/SVR4/SVR5 Build System - Prototype 4137015Sdes# 5137015Sdes# The following code has been provide under Public Domain License. I really 6137015Sdes# don't care what you use it for. Just as long as you don't complain to me 7137015Sdes# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org) 8137015Sdes# 9137015Sdesumask 022 10137015Sdes# 11137015Sdes# Options for building the package 12137015Sdes# You can create a openssh-config.local with your customized options 13137015Sdes# 14137015SdesREMOVE_FAKE_ROOT_WHEN_DONE=yes 15137015Sdes# 16137015Sdes# uncommenting TEST_DIR and using 17137015Sdes# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty 18137015Sdes# and 19137015Sdes# PKGNAME=tOpenSSH should allow testing a package without interfering 20137015Sdes# with a real OpenSSH package on a system. This is not needed on systems 21137015Sdes# that support the -R option to pkgadd. 22137015Sdes#TEST_DIR=/var/tmp # leave commented out for production build 23137015SdesPKGNAME=OpenSSH 24137015Sdes# revisions within the same version (REV=a) 25137015Sdes#REV= 26137015SdesSYSVINIT_NAME=opensshd 27164146SdesAWK=${AWK:="nawk"} 28137015SdesMAKE=${MAKE:="make"} 29137015SdesSSHDUID=67 # Default privsep uid 30137015SdesSSHDGID=67 # Default privsep gid 31137015Sdes# uncomment these next three as needed 32137015Sdes#PERMIT_ROOT_LOGIN=no 33137015Sdes#X11_FORWARDING=yes 34137015Sdes#USR_LOCAL_IS_SYMLINK=yes 35137015Sdes# System V init run levels 36137015SdesSYSVINITSTART=S98 37137015SdesSYSVINITSTOPT=K30 38137015Sdes# We will source these if they exist 39162852SdesPOST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh 40137015SdesPOST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh 41137015Sdes# We'll be one level deeper looking for these 42137015SdesPKG_PREINSTALL_LOCAL=../pkg-preinstall.local 43137015SdesPKG_POSTINSTALL_LOCAL=../pkg-postinstall.local 44137015SdesPKG_PREREMOVE_LOCAL=../pkg-preremove.local 45137015SdesPKG_POSTREMOVE_LOCAL=../pkg-postremove.local 46137015SdesPKG_REQUEST_LOCAL=../pkg-request.local 47137015Sdes# end of sourced files 48137015Sdes# 49137015SdesOPENSSHD=opensshd.init 50162852SdesOPENSSH_MANIFEST=openssh.xml 51180740SdesOPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default 52180744SdesSMF_METHOD_DIR=/lib/svc/method/site 53180744SdesSMF_MANIFEST_DIR=/var/svc/manifest/site 54137015Sdes 55137015SdesPATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ 56137015SdesPATH_USERADD_PROG=@PATH_USERADD_PROG@ 57137015SdesPATH_PASSWD_PROG=@PATH_PASSWD_PROG@ 58137015Sdes# 59137015Sdes# list of system directories we do NOT want to change owner/group/perms 60137015Sdes# when installing our package 61137015SdesSYSTEM_DIR="/etc \ 62137015Sdes/etc/init.d \ 63137015Sdes/etc/rcS.d \ 64137015Sdes/etc/rc0.d \ 65137015Sdes/etc/rc1.d \ 66137015Sdes/etc/rc2.d \ 67137015Sdes/etc/opt \ 68162852Sdes/lib \ 69162852Sdes/lib/svc \ 70162852Sdes/lib/svc/method \ 71162852Sdes/lib/svc/method/site \ 72137015Sdes/opt \ 73137015Sdes/opt/bin \ 74137015Sdes/usr \ 75137015Sdes/usr/bin \ 76137015Sdes/usr/lib \ 77137015Sdes/usr/sbin \ 78137015Sdes/usr/share \ 79137015Sdes/usr/share/man \ 80137015Sdes/usr/share/man/man1 \ 81137015Sdes/usr/share/man/man8 \ 82137015Sdes/usr/local \ 83137015Sdes/usr/local/bin \ 84137015Sdes/usr/local/etc \ 85137015Sdes/usr/local/libexec \ 86137015Sdes/usr/local/man \ 87137015Sdes/usr/local/man/man1 \ 88137015Sdes/usr/local/man/man8 \ 89137015Sdes/usr/local/sbin \ 90137015Sdes/usr/local/share \ 91137015Sdes/var \ 92137015Sdes/var/opt \ 93137015Sdes/var/run \ 94162852Sdes/var/svc \ 95162852Sdes/var/svc/manifest \ 96162852Sdes/var/svc/manifest/site \ 97137015Sdes/var/tmp \ 98137015Sdes/tmp" 99137015Sdes 100137015Sdes# We may need to build as root so we make sure PATH is set up 101137015Sdes# only set the path if it's not set already 102137015Sdes[ -d /opt/bin ] && { 103137015Sdes echo $PATH | grep ":/opt/bin" > /dev/null 2>&1 104137015Sdes [ $? -ne 0 ] && PATH=$PATH:/opt/bin 105137015Sdes} 106137015Sdes[ -d /usr/local/bin ] && { 107137015Sdes echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1 108137015Sdes [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin 109137015Sdes} 110137015Sdes[ -d /usr/ccs/bin ] && { 111137015Sdes echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1 112137015Sdes [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin 113137015Sdes} 114137015Sdesexport PATH 115137015Sdes# 116137015Sdes 117137015Sdes[ -f Makefile ] || { 118137015Sdes echo "Please run this script from your build directory" 119137015Sdes exit 1 120137015Sdes} 121137015Sdes 122137015Sdes# we will look for openssh-config.local to override the above options 123137015Sdes[ -s ./openssh-config.local ] && . ./openssh-config.local 124137015Sdes 125137015SdesSTART=`pwd` 126137015SdesFAKE_ROOT=$START/pkg 127137015Sdes 128137015Sdes## Fill in some details, like prefix and sysconfdir 129137015Sdesfor confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir 130137015Sdesdo 131137015Sdes eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` 132137015Sdesdone 133137015Sdes 134162852Sdes## Are we using Solaris' SMF? 135162852SdesDO_SMF=0 136162852Sdesif egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 137162852Sdesthen 138162852Sdes DO_SMF=1 139162852Sdesfi 140137015Sdes 141137015Sdes## Collect value of privsep user 142137015Sdesfor confvar in SSH_PRIVSEP_USER 143137015Sdesdo 144137015Sdes eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h` 145137015Sdesdone 146137015Sdes 147137015Sdes## Set privsep defaults if not defined 148137015Sdesif [ -z "$SSH_PRIVSEP_USER" ] 149137015Sdesthen 150137015Sdes SSH_PRIVSEP_USER=sshd 151137015Sdesfi 152137015Sdes 153137015Sdes## Extract common info requires for the 'info' part of the package. 154137015SdesVERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'` 155137015Sdes 156137015SdesARCH=`uname -m` 157137015SdesDEF_MSG="\n" 158137015SdesOS_VER=`uname -v` 159137015SdesSCRIPT_SHELL=/sbin/sh 160164146SdesUNAME_R=`uname -r` 161137015SdesUNAME_S=`uname -s` 162137015Sdescase ${UNAME_S} in 163137015Sdes SunOS) UNAME_S=Solaris 164164146Sdes OS_VER=${UNAME_R} 165137015Sdes ARCH=`uname -p` 166137015Sdes RCS_D=yes 167137015Sdes DEF_MSG="(default: n)" 168137015Sdes ;; 169164146Sdes SCO_SV) case ${UNAME_R} in 170164146Sdes 3.2) UNAME_S=OpenServer5 171137015Sdes OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` 172164146Sdes ;; 173164146Sdes 5) UNAME_S=OpenServer6 174164146Sdes ;; 175164146Sdes esac 176137015Sdes SCRIPT_SHELL=/bin/sh 177137015Sdes RC1_D=no 178137015Sdes DEF_MSG="(default: n)" 179137015Sdes ;; 180137015Sdesesac 181137015Sdes 182137015Sdescase `basename $0` in 183137015Sdes buildpkg.sh) 184137015Sdes## Start by faking root install 185137015Sdesecho "Faking root install..." 186137015Sdes[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT 187137015Sdesmkdir $FAKE_ROOT 188137015Sdes${MAKE} install-nokeys DESTDIR=$FAKE_ROOT 189137015Sdesif [ $? -gt 0 ] 190137015Sdesthen 191137015Sdes echo "Fake root install failed, stopping." 192137015Sdes exit 1 193137015Sdesfi 194137015Sdes 195137015Sdes## Setup our run level stuff while we are at it. 196162852Sdesif [ $DO_SMF -eq 1 ] 197162852Sdesthen 198162852Sdes # For Solaris' SMF, /lib/svc/method/site is the preferred place 199162852Sdes # for start/stop scripts that aren't supplied with the OS, and 200162852Sdes # similarly /var/svc/manifest/site for manifests. 201180744Sdes mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR} 202180744Sdes mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR} 203137015Sdes 204180744Sdes cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} 205180744Sdes chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME} 206137015Sdes 207180744Sdes cat ${OPENSSH_MANIFEST} | \ 208180744Sdes sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \ 209180744Sdes -e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \ 210180744Sdes > $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml 211180744Sdes chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml 212162852Sdeselse 213162852Sdes mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d 214162852Sdes 215162852Sdes cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 216162852Sdes chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 217162852Sdesfi 218162852Sdes 219137015Sdes[ "${PERMIT_ROOT_LOGIN}" = no ] && \ 220137015Sdes perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 221180744Sdes $FAKE_ROOT${sysconfdir}/sshd_config 222137015Sdes[ "${X11_FORWARDING}" = yes ] && \ 223137015Sdes perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ 224180744Sdes $FAKE_ROOT${sysconfdir}/sshd_config 225137015Sdes# fix PrintMotd 226137015Sdesperl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \ 227180744Sdes $FAKE_ROOT${sysconfdir}/sshd_config 228137015Sdes 229137015Sdes# We don't want to overwrite config files on multiple installs 230180744Sdesmv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default 231180744Sdesmv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default 232137015Sdes 233137015Sdes# local tweeks here 234137015Sdes[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES} 235137015Sdes 236137015Sdescd $FAKE_ROOT 237137015Sdes 238137015Sdes## Ok, this is outright wrong, but it will work. I'm tired of pkgmk 239137015Sdes## whining. 240137015Sdesfor i in *; do 241137015Sdes PROTO_ARGS="$PROTO_ARGS $i=/$i"; 242137015Sdesdone 243137015Sdes 244137015Sdes## Build info file 245137015Sdesecho "Building pkginfo file..." 246137015Sdescat > pkginfo << _EOF 247137015SdesPKG=$PKGNAME 248137015SdesNAME="OpenSSH Portable for ${UNAME_S}" 249137015SdesDESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh." 250323134SdesVENDOR="OpenSSH Portable Team - https://www.openssh.com/portable.html" 251137015SdesARCH=$ARCH 252137015SdesVERSION=$VERSION$REV 253137015SdesCATEGORY="Security,application" 254137015SdesBASEDIR=/ 255137015SdesCLASSES="none" 256137015SdesPSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" 257137015Sdes_EOF 258137015Sdes 259137015Sdes## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS 260137015Sdesecho "Building depend file..." 261137015Sdestouch depend 262137015Sdes 263137015Sdes## Build space file 264137015Sdesecho "Building space file..." 265162852Sdesif [ $DO_SMF -eq 1 ] 266162852Sdesthen 267162852Sdes # XXX Is this necessary? If not, remove space line from mk-proto.awk. 268162852Sdes touch space 269162852Sdeselse 270162852Sdes cat > space << _EOF 271162852Sdes# extra space required by start/stop links added by installf 272162852Sdes# in postinstall 273137015Sdes$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 274137015Sdes$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 275137015Sdes_EOF 276162852Sdes [ "$RC1_D" = no ] || \ 277162852Sdes echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 278162852Sdes [ "$RCS_D" = yes ] && \ 279162852Sdes echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 280162852Sdesfi 281137015Sdes 282137015Sdes## Build preinstall file 283137015Sdesecho "Building preinstall file..." 284137015Sdescat > preinstall << _EOF 285137015Sdes#! ${SCRIPT_SHELL} 286137015Sdes# 287137015Sdes_EOF 288137015Sdes 289137015Sdes# local preinstall changes here 290137015Sdes[ -s "${PKG_PREINSTALL_LOCAL}" ] && . ${PKG_PREINSTALL_LOCAL} 291137015Sdes 292137015Sdescat >> preinstall << _EOF 293137015Sdes# 294162852Sdesif [ "\${PRE_INS_STOP}" = "yes" ] 295162852Sdesthen 296162852Sdes if [ $DO_SMF -eq 1 ] 297162852Sdes then 298162852Sdes svcadm disable $OPENSSH_FMRI 299162852Sdes else 300162852Sdes ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 301162852Sdes fi 302162852Sdesfi 303162852Sdes 304137015Sdesexit 0 305137015Sdes_EOF 306137015Sdes 307137015Sdes## Build postinstall file 308137015Sdesecho "Building postinstall file..." 309137015Sdescat > postinstall << _EOF 310137015Sdes#! ${SCRIPT_SHELL} 311137015Sdes# 312137015Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\ 313137015Sdes cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\ 314137015Sdes \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config 315137015Sdes[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\ 316137015Sdes cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\ 317137015Sdes \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config 318137015Sdes 319137015Sdes# make rc?.d dirs only if we are doing a test install 320162852Sdes[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { 321137015Sdes [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d 322137015Sdes mkdir -p ${TEST_DIR}/etc/rc0.d 323137015Sdes [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d 324137015Sdes mkdir -p ${TEST_DIR}/etc/rc2.d 325137015Sdes} 326137015Sdes 327162852Sdesif [ $DO_SMF -eq 1 ] 328137015Sdesthen 329162852Sdes # Delete the existing service, if it exists, then import the 330162852Sdes # new one. 331162852Sdes if svcs $OPENSSH_FMRI > /dev/null 2>&1 332162852Sdes then 333162852Sdes svccfg delete -f $OPENSSH_FMRI 334162852Sdes fi 335180740Sdes # NOTE, The manifest disables sshd by default. 336180744Sdes svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml 337137015Sdeselse 338162852Sdes if [ "\${USE_SYM_LINKS}" = yes ] 339162852Sdes then 340248613Sdes [ "$RCS_D" = yes ] && \\ 341162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 342162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 343248613Sdes [ "$RC1_D" = no ] || \\ 344162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 345162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 346162852Sdes else 347248613Sdes [ "$RCS_D" = yes ] && \\ 348162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 349162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 350248613Sdes [ "$RC1_D" = no ] || \\ 351162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 352162852Sdes installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 353162852Sdes fi 354137015Sdesfi 355137015Sdes 356137015Sdes# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) 357137015Sdes[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys 358137015Sdes 359137015Sdes_EOF 360137015Sdes 361137015Sdes# local postinstall changes here 362137015Sdes[ -s "${PKG_POSTINSTALL_LOCAL}" ] && . ${PKG_POSTINSTALL_LOCAL} 363137015Sdes 364137015Sdescat >> postinstall << _EOF 365137015Sdesinstallf -f ${PKGNAME} 366137015Sdes 367137015Sdes# Use chroot to handle PKG_INSTALL_ROOT 368137015Sdesif [ ! -z "\${PKG_INSTALL_ROOT}" ] 369137015Sdesthen 370137015Sdes chroot="chroot \${PKG_INSTALL_ROOT}" 371137015Sdesfi 372137015Sdes# If this is a test build, we will skip the groupadd/useradd/passwd commands 373137015Sdesif [ ! -z "${TEST_DIR}" ] 374137015Sdesthen 375137015Sdes chroot=echo 376137015Sdesfi 377137015Sdes 378162852Sdes echo "PrivilegeSeparation user always required." 379137015Sdes if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 380137015Sdes then 381137015Sdes echo "PrivSep user $SSH_PRIVSEP_USER already exists." 382137015Sdes SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\` 383137015Sdes SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\` 384137015Sdes else 385137015Sdes DO_PASSWD=yes 386137015Sdes fi 387137015Sdes [ -z "\$SSH_PRIVSEP_GROUP" ] && SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER 388137015Sdes 389137015Sdes # group required? 390137015Sdes if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null 391137015Sdes then 392137015Sdes echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists." 393137015Sdes else 394137015Sdes DO_GROUP=yes 395137015Sdes fi 396137015Sdes 397137015Sdes # create group if required 398137015Sdes [ "\$DO_GROUP" = yes ] && { 399137015Sdes # Use gid of 67 if possible 400137015Sdes if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null 401137015Sdes then 402137015Sdes : 403137015Sdes else 404137015Sdes sshdgid="-g $SSHDGID" 405137015Sdes fi 406137015Sdes echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP." 407137015Sdes \$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP 408137015Sdes } 409137015Sdes 410137015Sdes # Create user if required 411137015Sdes [ "\$DO_PASSWD" = yes ] && { 412137015Sdes # Use uid of 67 if possible 413157016Sdes if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null 414137015Sdes then 415137015Sdes : 416137015Sdes else 417137015Sdes sshduid="-u $SSHDUID" 418137015Sdes fi 419137015Sdes echo "Creating PrivSep user $SSH_PRIVSEP_USER." 420137015Sdes \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER 421137015Sdes \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER 422137015Sdes } 423162852Sdes 424162852Sdesif [ "\${POST_INS_START}" = "yes" ] 425162852Sdesthen 426162852Sdes if [ $DO_SMF -eq 1 ] 427162852Sdes then 428162852Sdes svcadm enable $OPENSSH_FMRI 429162852Sdes else 430162852Sdes ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start 431162852Sdes fi 432137015Sdesfi 433137015Sdesexit 0 434137015Sdes_EOF 435137015Sdes 436137015Sdes## Build preremove file 437137015Sdesecho "Building preremove file..." 438137015Sdescat > preremove << _EOF 439137015Sdes#! ${SCRIPT_SHELL} 440137015Sdes# 441162852Sdesif [ $DO_SMF -eq 1 ] 442162852Sdesthen 443162852Sdes svcadm disable $OPENSSH_FMRI 444162852Sdeselse 445162852Sdes ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 446162852Sdesfi 447137015Sdes_EOF 448137015Sdes 449137015Sdes# local preremove changes here 450137015Sdes[ -s "${PKG_PREREMOVE_LOCAL}" ] && . ${PKG_PREREMOVE_LOCAL} 451137015Sdes 452137015Sdescat >> preremove << _EOF 453137015Sdesexit 0 454137015Sdes_EOF 455137015Sdes 456137015Sdes## Build postremove file 457137015Sdesecho "Building postremove file..." 458137015Sdescat > postremove << _EOF 459137015Sdes#! ${SCRIPT_SHELL} 460137015Sdes# 461162852Sdesif [ $DO_SMF -eq 1 ] 462162852Sdesthen 463162852Sdes if svcs $OPENSSH_FMRI > /dev/null 2>&1 464162852Sdes then 465162852Sdes svccfg delete -f $OPENSSH_FMRI 466162852Sdes fi 467162852Sdesfi 468137015Sdes_EOF 469137015Sdes 470137015Sdes# local postremove changes here 471137015Sdes[ -s "${PKG_POSTREMOVE_LOCAL}" ] && . ${PKG_POSTREMOVE_LOCAL} 472137015Sdes 473137015Sdescat >> postremove << _EOF 474137015Sdesexit 0 475137015Sdes_EOF 476137015Sdes 477137015Sdes## Build request file 478137015Sdesecho "Building request file..." 479137015Sdescat > request << _EOF 480137015Sdestrap 'exit 3' 15 481137015Sdes 482137015Sdes_EOF 483137015Sdes 484137015Sdes[ -x /usr/bin/ckyorn ] || cat >> request << _EOF 485137015Sdes 486137015Sdesckyorn() { 487164146Sdes# for some strange reason OpenServer5 has no ckyorn 488137015Sdes# We build a striped down version here 489137015Sdes 490137015SdesDEFAULT=n 491137015SdesPROMPT="Yes or No [yes,no,?,quit]" 492137015SdesHELP_PROMPT=" Enter y or yes if your answer is yes; n or no if your answer is no." 493137015SdesUSAGE="usage: ckyorn [options] 494137015Sdeswhere options may include: 495137015Sdes -d default 496137015Sdes -h help 497137015Sdes -p prompt 498137015Sdes" 499137015Sdes 500137015Sdesif [ \$# != 0 ] 501137015Sdesthen 502137015Sdes while getopts d:p:h: c 503137015Sdes do 504137015Sdes case \$c in 505137015Sdes h) HELP_PROMPT="\$OPTARG" ;; 506137015Sdes d) DEFAULT=\$OPTARG ;; 507137015Sdes p) PROMPT=\$OPTARG ;; 508137015Sdes \\?) echo "\$USAGE" 1>&2 509137015Sdes exit 1 ;; 510137015Sdes esac 511137015Sdes done 512137015Sdes shift \`expr \$OPTIND - 1\` 513137015Sdesfi 514137015Sdes 515137015Sdeswhile true 516137015Sdesdo 517137015Sdes echo "\${PROMPT}\\c " 1>&2 518137015Sdes read key 519137015Sdes [ -z "\$key" ] && key=\$DEFAULT 520137015Sdes case \$key in 521137015Sdes [n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S]) echo "\${key}\\c" 522137015Sdes exit 0 ;; 523137015Sdes \\?) echo \$HELP_PROMPT 1>&2 ;; 524137015Sdes q|quit) echo "q\\c" 1>&2 525137015Sdes exit 3 ;; 526137015Sdes esac 527137015Sdesdone 528137015Sdes 529137015Sdes} 530137015Sdes 531137015Sdes_EOF 532137015Sdes 533162852Sdesif [ $DO_SMF -eq 1 ] 534162852Sdesthen 535162852Sdes # This could get hairy, as the running sshd may not be under SMF. 536162852Sdes # We'll assume an earlier version of OpenSSH started via SMF. 537162852Sdes cat >> request << _EOF 538162852SdesPRE_INS_STOP=no 539162852SdesPOST_INS_START=no 540162852Sdes# determine if should restart the daemon 541248613Sdesif [ -s ${piddir}/sshd.pid ] && \\ 542180740Sdes /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 543162852Sdesthen 544248613Sdes ans=\`ckyorn -d n \\ 545162852Sdes-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? 546162852Sdes case \$ans in 547162852Sdes [y,Y]*) PRE_INS_STOP=yes 548162852Sdes POST_INS_START=yes 549162852Sdes ;; 550162852Sdes esac 551162852Sdes 552162852Sdeselse 553162852Sdes 554162852Sdes# determine if we should start sshd 555248613Sdes ans=\`ckyorn -d n \\ 556162852Sdes-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? 557162852Sdes case \$ans in 558162852Sdes [y,Y]*) POST_INS_START=yes ;; 559162852Sdes esac 560162852Sdesfi 561162852Sdes 562162852Sdes# make parameters available to installation service, 563162852Sdes# and so to any other packaging scripts 564162852Sdescat >\$1 <<! 565162852SdesPRE_INS_STOP='\$PRE_INS_STOP' 566162852SdesPOST_INS_START='\$POST_INS_START' 567162852Sdes! 568162852Sdes 569162852Sdes_EOF 570162852Sdeselse 571162852Sdes cat >> request << _EOF 572137015SdesUSE_SYM_LINKS=no 573137015SdesPRE_INS_STOP=no 574137015SdesPOST_INS_START=no 575137015Sdes# Use symbolic links? 576248613Sdesans=\`ckyorn -d n \\ 577137015Sdes-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$? 578137015Sdescase \$ans in 579137015Sdes [y,Y]*) USE_SYM_LINKS=yes ;; 580137015Sdesesac 581137015Sdes 582137015Sdes# determine if should restart the daemon 583137015Sdesif [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ] 584137015Sdesthen 585248613Sdes ans=\`ckyorn -d n \\ 586137015Sdes-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? 587137015Sdes case \$ans in 588137015Sdes [y,Y]*) PRE_INS_STOP=yes 589137015Sdes POST_INS_START=yes 590137015Sdes ;; 591137015Sdes esac 592137015Sdes 593137015Sdeselse 594137015Sdes 595137015Sdes# determine if we should start sshd 596248613Sdes ans=\`ckyorn -d n \\ 597137015Sdes-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? 598137015Sdes case \$ans in 599137015Sdes [y,Y]*) POST_INS_START=yes ;; 600137015Sdes esac 601137015Sdesfi 602137015Sdes 603137015Sdes# make parameters available to installation service, 604137015Sdes# and so to any other packaging scripts 605137015Sdescat >\$1 <<! 606137015SdesUSE_SYM_LINKS='\$USE_SYM_LINKS' 607137015SdesPRE_INS_STOP='\$PRE_INS_STOP' 608137015SdesPOST_INS_START='\$POST_INS_START' 609137015Sdes! 610137015Sdes 611137015Sdes_EOF 612162852Sdesfi 613137015Sdes 614137015Sdes# local request changes here 615137015Sdes[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} 616137015Sdes 617137015Sdescat >> request << _EOF 618137015Sdesexit 0 619137015Sdes 620137015Sdes_EOF 621137015Sdes 622137015Sdes## Next Build our prototype 623137015Sdesecho "Building prototype file..." 624137015Sdescat >mk-proto.awk << _EOF 625137015Sdes BEGIN { print "i pkginfo"; print "i depend"; \\ 626137015Sdes print "i preinstall"; print "i postinstall"; \\ 627137015Sdes print "i preremove"; print "i postremove"; \\ 628137015Sdes print "i request"; print "i space"; \\ 629137015Sdes split("$SYSTEM_DIR",sys_files); } 630137015Sdes { 631137015Sdes for (dir in sys_files) { if ( \$3 != sys_files[dir] ) 632137015Sdes { if ( \$1 == "s" ) 633137015Sdes { \$5=""; \$6=""; } 634137015Sdes else 635137015Sdes { \$5="root"; \$6="sys"; } 636137015Sdes } 637137015Sdes else 638137015Sdes { \$4="?"; \$5="?"; \$6="?"; break;} 639137015Sdes } } 640137015Sdes { print; } 641137015Sdes_EOF 642137015Sdes 643137015Sdesfind . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ 644164146Sdes pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype 645137015Sdes 646137015Sdes# /usr/local is a symlink on some systems 647137015Sdes[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { 648137015Sdes grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new 649137015Sdes mv prototype.new prototype 650137015Sdes} 651137015Sdes 652137015Sdes## Step back a directory and now build the package. 653137015Sdescd .. 654137015Sdes# local prototype tweeks here 655137015Sdes[ -s "${POST_PROTOTYPE_EDITS}" ] && . ${POST_PROTOTYPE_EDITS} 656137015Sdes 657137015Sdesecho "Building package.." 658137015Sdespkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o 659137015Sdesecho | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg 660137015Sdes ;; 661137015Sdes 662137015Sdes justpkg.sh) 663137015Sdesrm -fr ${FAKE_ROOT}/${PKGNAME} 664137015Sdesgrep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp 665137015Sdesmv $$tmp $FAKE_ROOT/pkginfo 666137015Sdescat >> $FAKE_ROOT/pkginfo << _EOF 667137015SdesPSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`" 668137015Sdes_EOF 669137015Sdespkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o 670137015Sdesecho | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg 671137015Sdes ;; 672137015Sdes 673137015Sdesesac 674137015Sdes 675137015Sdes[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ] && rm -rf $FAKE_ROOT 676137015Sdesexit 0 677137015Sdes 678