buildbff.sh revision 214979
1#!/bin/sh 2# 3# buildbff.sh: Create AIX SMIT-installable OpenSSH packages 4# $Id: buildbff.sh,v 1.12 2010/04/18 03:35:00 dtucker Exp $ 5# 6# Author: Darren Tucker (dtucker at zip dot com dot au) 7# This file is placed in the public domain and comes with absolutely 8# no warranty. 9# 10# Based originally on Ben Lindstrom's buildpkg.sh for Solaris 11# 12 13# 14# Tunable configuration settings 15# create a "config.local" in your build directory or set 16# environment variables to override these. 17# 18[ -z "$PERMIT_ROOT_LOGIN" ] && PERMIT_ROOT_LOGIN=no 19[ -z "$X11_FORWARDING" ] && X11_FORWARDING=no 20[ -z "$AIX_SRC" ] && AIX_SRC=no 21 22umask 022 23 24startdir=`pwd` 25 26perl -v >/dev/null || (echo perl required; exit 1) 27 28# Path to inventory.sh: same place as buildbff.sh 29if echo $0 | egrep '^/' 30then 31 inventory=`dirname $0`/inventory.sh # absolute path 32else 33 inventory=`pwd`/`dirname $0`/inventory.sh # relative path 34fi 35 36# 37# We still support running from contrib/aix, but this is deprecated 38# 39if pwd | egrep 'contrib/aix$' 40then 41 echo "Changing directory to `pwd`/../.." 42 echo "Please run buildbff.sh from your build directory in future." 43 cd ../.. 44 contribaix=1 45fi 46 47if [ ! -f Makefile ] 48then 49 echo "Makefile not found (did you run configure?)" 50 exit 1 51fi 52 53# 54# Directories used during build: 55# current dir = $objdir directory you ran ./configure in. 56# $objdir/$PKGDIR/ directory package files are constructed in 57# $objdir/$PKGDIR/root/ package root ($FAKE_ROOT) 58# 59objdir=`pwd` 60PKGNAME=openssh 61PKGDIR=package 62 63# 64# Collect local configuration settings to override defaults 65# 66if [ -s ./config.local ] 67then 68 echo Reading local settings from config.local 69 . ./config.local 70fi 71 72# 73# Fill in some details from Makefile, like prefix and sysconfdir 74# the eval also expands variables like sysconfdir=${prefix}/etc 75# provided they are eval'ed in the correct order 76# 77for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir srcdir 78do 79 eval $confvar=`grep "^$confvar=" $objdir/Makefile | cut -d = -f 2` 80done 81 82# 83# Collect values of privsep user and privsep path 84# currently only found in config.h 85# 86for confvar in SSH_PRIVSEP_USER PRIVSEP_PATH 87do 88 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' $objdir/config.h` 89done 90 91# Set privsep defaults if not defined 92if [ -z "$SSH_PRIVSEP_USER" ] 93then 94 SSH_PRIVSEP_USER=sshd 95fi 96if [ -z "$PRIVSEP_PATH" ] 97then 98 PRIVSEP_PATH=/var/empty 99fi 100 101# Clean package build directory 102rm -rf $objdir/$PKGDIR 103FAKE_ROOT=$objdir/$PKGDIR/root 104mkdir -p $FAKE_ROOT 105 106# Start by faking root install 107echo "Faking root install..." 108cd $objdir 109make install-nokeys DESTDIR=$FAKE_ROOT 110 111if [ $? -gt 0 ] 112then 113 echo "Fake root install failed, stopping." 114 exit 1 115fi 116 117# 118# Copy informational files to include in package 119# 120cp $srcdir/LICENCE $objdir/$PKGDIR/ 121cp $srcdir/README* $objdir/$PKGDIR/ 122 123# 124# Extract common info requires for the 'info' part of the package. 125# AIX requires 4-part version numbers 126# 127VERSION=`./ssh -V 2>&1 | cut -f 1 -d , | cut -f 2 -d _` 128MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .` 129MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .` 130PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .` 131PORTABLE=`echo $VERSION | awk 'BEGIN{FS="p"}{print $2}'` 132[ "$PATCH" = "" ] && PATCH=0 133[ "$PORTABLE" = "" ] && PORTABLE=0 134BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE` 135 136echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" 137 138# 139# Set ssh and sshd parameters as per config.local 140# 141if [ "${PERMIT_ROOT_LOGIN}" = no ] 142then 143 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 144 $FAKE_ROOT/${sysconfdir}/sshd_config 145fi 146if [ "${X11_FORWARDING}" = yes ] 147then 148 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ 149 $FAKE_ROOT/${sysconfdir}/sshd_config 150fi 151 152 153# Rename config files; postinstall script will copy them if necessary 154for cfgfile in ssh_config sshd_config 155do 156 mv $FAKE_ROOT/$sysconfdir/$cfgfile $FAKE_ROOT/$sysconfdir/$cfgfile.default 157done 158 159# AIX 5.3 and newer have /dev/random and don't create ssh_prng_cmds 160if [ -f $FAKE_ROOT/$sysconfdir/ssh_prng_cmds ] 161then 162 mv $FAKE_ROOT/$sysconfdir/ssh_prng_cmds \ 163 $FAKE_ROOT/$sysconfdir/ssh_prng_cmds.default 164fi 165 166# 167# Generate lpp control files. 168# working dir is $FAKE_ROOT but files are generated in dir above 169# and moved into place just before creation of .bff 170# 171cd $FAKE_ROOT 172echo Generating LPP control files 173find . ! -name . -print >../openssh.al 174$inventory >../openssh.inventory 175 176cat <<EOD >../openssh.copyright 177This software is distributed under a BSD-style license. 178For the full text of the license, see /usr/lpp/openssh/LICENCE 179EOD 180 181# 182# openssh.size file allows filesystem expansion as required 183# generate list of directories containing files 184# then calculate disk usage for each directory and store in openssh.size 185# 186files=`find . -type f -print` 187dirs=`for file in $files; do dirname $file; done | sort -u` 188for dir in $dirs 189do 190 du $dir 191done > ../openssh.size 192 193# 194# Create postinstall script 195# 196cat <<EOF >>../openssh.post_i 197#!/bin/sh 198 199echo Creating configs from defaults if necessary. 200for cfgfile in ssh_config sshd_config ssh_prng_cmds 201do 202 if [ ! -f $sysconfdir/\$cfgfile ] 203 then 204 echo "Creating \$cfgfile from default" 205 cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile 206 else 207 echo "\$cfgfile already exists." 208 fi 209done 210echo 211 212# Create PrivilegeSeparation user and group if not present 213echo Checking for PrivilegeSeparation user and group. 214if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 215then 216 echo "PrivSep group $SSH_PRIVSEP_USER already exists." 217else 218 echo "Creating PrivSep group $SSH_PRIVSEP_USER." 219 mkgroup -A $SSH_PRIVSEP_USER 220fi 221 222# Create user if required 223if lsuser "$SSH_PRIVSEP_USER" >/dev/null 224then 225 echo "PrivSep user $SSH_PRIVSEP_USER already exists." 226else 227 echo "Creating PrivSep user $SSH_PRIVSEP_USER." 228 mkuser gecos='SSHD PrivSep User' login=false rlogin=false account_locked=true pgrp=$SSH_PRIVSEP_USER $SSH_PRIVSEP_USER 229fi 230 231if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null 232then 233 echo UsePrivilegeSeparation not enabled, privsep directory not required. 234else 235 # create chroot directory if required 236 if [ -d $PRIVSEP_PATH ] 237 then 238 echo "PrivSep chroot directory $PRIVSEP_PATH already exists." 239 else 240 echo "Creating PrivSep chroot directory $PRIVSEP_PATH." 241 mkdir $PRIVSEP_PATH 242 chown 0 $PRIVSEP_PATH 243 chgrp 0 $PRIVSEP_PATH 244 chmod 755 $PRIVSEP_PATH 245 fi 246fi 247echo 248 249# Generate keys unless they already exist 250echo Creating host keys if required. 251if [ -f "$sysconfdir/ssh_host_key" ] ; then 252 echo "$sysconfdir/ssh_host_key already exists, skipping." 253else 254 $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N "" 255fi 256if [ -f $sysconfdir/ssh_host_dsa_key ] ; then 257 echo "$sysconfdir/ssh_host_dsa_key already exists, skipping." 258else 259 $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N "" 260fi 261if [ -f $sysconfdir/ssh_host_rsa_key ] ; then 262 echo "$sysconfdir/ssh_host_rsa_key already exists, skipping." 263else 264 $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" 265fi 266echo 267 268# Set startup command depending on SRC support 269if [ "$AIX_SRC" = "yes" ] 270then 271 echo Creating SRC sshd subsystem. 272 rmssys -s sshd 2>&1 >/dev/null 273 mkssys -s sshd -p "$sbindir/sshd" -a '-D' -u 0 -S -n 15 -f 9 -R -G tcpip 274 startupcmd="start $sbindir/sshd \\\"\\\$src_running\\\"" 275 oldstartcmd="$sbindir/sshd" 276else 277 startupcmd="$sbindir/sshd" 278 oldstartcmd="start $sbindir/sshd \\\"$src_running\\\"" 279fi 280 281# If migrating to or from SRC, change previous startup command 282# otherwise add to rc.tcpip 283if egrep "^\$oldstartcmd" /etc/rc.tcpip >/dev/null 284then 285 if sed "s|^\$oldstartcmd|\$startupcmd|g" /etc/rc.tcpip >/etc/rc.tcpip.new 286 then 287 chmod 0755 /etc/rc.tcpip.new 288 mv /etc/rc.tcpip /etc/rc.tcpip.old && \ 289 mv /etc/rc.tcpip.new /etc/rc.tcpip 290 else 291 echo "Updating /etc/rc.tcpip failed, please check." 292 fi 293else 294 # Add to system startup if required 295 if grep "^\$startupcmd" /etc/rc.tcpip >/dev/null 296 then 297 echo "sshd found in rc.tcpip, not adding." 298 else 299 echo "Adding sshd to rc.tcpip" 300 echo >>/etc/rc.tcpip 301 echo "# Start sshd" >>/etc/rc.tcpip 302 echo "\$startupcmd" >>/etc/rc.tcpip 303 fi 304fi 305EOF 306 307# 308# Create liblpp.a and move control files into it 309# 310echo Creating liblpp.a 311( 312 cd .. 313 for i in openssh.al openssh.copyright openssh.inventory openssh.post_i openssh.size LICENCE README* 314 do 315 ar -r liblpp.a $i 316 rm $i 317 done 318) 319 320# 321# Create lpp_name 322# 323# This will end up looking something like: 324# 4 R I OpenSSH { 325# OpenSSH 3.0.2.1 1 N U en_US OpenSSH 3.0.2p1 Portable for AIX 326# [ 327# % 328# /usr/local/bin 8073 329# /usr/local/etc 189 330# /usr/local/libexec 185 331# /usr/local/man/man1 145 332# /usr/local/man/man8 83 333# /usr/local/sbin 2105 334# /usr/local/share 3 335# % 336# ] 337# } 338 339echo Creating lpp_name 340cat <<EOF >../lpp_name 3414 R I $PKGNAME { 342$PKGNAME $BFFVERSION 1 N U en_US OpenSSH $VERSION Portable for AIX 343[ 344% 345EOF 346 347for i in $bindir $sysconfdir $libexecdir $mandir/${mansubdir}1 $mandir/${mansubdir}8 $sbindir $datadir /usr/lpp/openssh 348do 349 # get size in 512 byte blocks 350 if [ -d $FAKE_ROOT/$i ] 351 then 352 size=`du $FAKE_ROOT/$i | awk '{print $1}'` 353 echo "$i $size" >>../lpp_name 354 fi 355done 356 357echo '%' >>../lpp_name 358echo ']' >>../lpp_name 359echo '}' >>../lpp_name 360 361# 362# Move pieces into place 363# 364mkdir -p usr/lpp/openssh 365mv ../liblpp.a usr/lpp/openssh 366mv ../lpp_name . 367 368# 369# Now invoke backup to create .bff file 370# note: lpp_name needs to be the first file so we generate the 371# file list on the fly and feed it to backup using -i 372# 373echo Creating $PKGNAME-$VERSION.bff with backup... 374rm -f $PKGNAME-$VERSION.bff 375( 376 echo "./lpp_name" 377 find . ! -name lpp_name -a ! -name . -print 378) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist 379 380# 381# Move package into final location and clean up 382# 383mv ../$PKGNAME-$VERSION.bff $startdir 384cd $startdir 385rm -rf $objdir/$PKGDIR 386 387echo $0: done. 388 389