1# $NetBSD: Makefile.yp,v 1.20 2004/12/29 13:08:24 grant Exp $ 2# 3# This is the YP Makefile, used to create and push YP maps. 4# 5 6# Invoke with NOPUSH != "" to prevent the maps from being yppushed upon rebuild 7# 8NOPUSH?= "" 9 10# Password maps in standard YP are insecure, because the pw_passwd 11# field is accessible by any user. FreeBSD, NetBSD and OpenBSD have 12# a common solution: a secure map (generated with makedbm -s) can 13# only be accessed by a client bound to a privileged port. 14# 15# Uncomment out the following if you need compatibility with 16# sites that don't support this feature. 17# 18#INSECURE?= yes 19 20# Only include UID's >= ${MINUID} in the maps. Setting this to ~1000 21# and using uid's > 1000 for users allows heterogeneous system support 22# where low numbered uids and gids may have different meanings. 23MINUID?= 0 24MINGID?= 0 25 26# In addition, by adding shadow to the list of rules we support 27# linux and solaris type shadow maps. 28 29YPDBDIR= /var/yp 30DIR= /etc 31AMDDIR= /etc/amd 32AMDMAPS= amd.home 33DOMAIN= ${.CURDIR:T} 34 35AWK= /usr/bin/awk 36CAT= /bin/cat 37CP= /bin/cp 38CUT= /usr/bin/cut 39ECHO= /bin/echo 40EGREP= /usr/bin/egrep 41MAKEDBM= /usr/sbin/makedbm 42MAKEDBM_S= ${MAKEDBM} -s 43MKALIAS= /usr/sbin/mkalias 44MKNETID= /usr/sbin/mknetid 45REVNETGROUP= /usr/sbin/revnetgroup 46RM= /bin/rm 47SED= /usr/bin/sed 48SENDMAIL= /usr/sbin/sendmail 49SORT= /usr/bin/sort 50STDETHERS= /usr/sbin/stdethers 51STDHOSTS= /usr/sbin/stdhosts -n 52TOUCH= /usr/bin/touch 53YPPUSH= /usr/sbin/yppush 54 55 56# We have a rule for ypservers, but we don't build it by default, since 57# it seldom changes (only when slaves are added/deleted). 58 59all: passwd aliases ${AMDMAPS} ethers group hosts ipnodes netgroup networks rpc services protocols netid 60 61__makedbmesc: .USEBEFORE 62 if [ -f ${.ALLSRC} ]; then \ 63 ${SED} -e "s/#.*$$//" ${.ALLSRC} | \ 64 ${AWK} '{ \ 65 if (NF == 0) \ 66 printf("\n"); \ 67 else { \ 68 for (i = 1; i <= NF; i++) { \ 69 if (i == NF) { \ 70 if (substr($$i, length($$i), 1) == "\\") { \ 71 printf("%s", substr($$i, 1, \ 72 length($$i) - 1)); \ 73 } else \ 74 printf("%s\n", $$i); \ 75 } else \ 76 printf("%s ", $$i); \ 77 } \ 78 } \ 79 }' | \ 80 ${SED} -e "/^[ \t]*$$/d" | \ 81 ${SORT} | ${MAKEDBM} - ${.ALLSRC:T}; \ 82 fi 83 84passwd.time: ${DIR}/master.passwd 85 -@if [ -f ${.ALLSRC} ]; then \ 86 umask 077 ; \ 87 if [ "${INSECURE}" != "yes" ]; then \ 88 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 | \ 89 ${AWK} -v minuid=${MINUID} \ 90 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 91 { if (minuid <= $$3) \ 92 print $$1, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ 93 ${SORT} | ${MAKEDBM} - passwd.byname; \ 94 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 |\ 95 ${AWK} -v minuid=${MINUID} \ 96 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 97 { if (minuid <= $$3) \ 98 print $$3, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ 99 ${SORT} | ${MAKEDBM} - passwd.byuid; \ 100 else \ 101 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 | \ 102 ${AWK} -v minuid=${MINUID} \ 103 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 104 { if (minuid <= $$3) \ 105 print $$1, $$0 }' - | ${SORT} | \ 106 ${MAKEDBM} - passwd.byname; \ 107 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 |\ 108 ${AWK} -v minuid=${MINUID} \ 109 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 110 { if (minuid <= $$3) \ 111 print $$3, $$0 }' - | ${SORT} | \ 112 ${MAKEDBM} - passwd.byuid; \ 113 fi; \ 114 ${CAT} ${.ALLSRC} | \ 115 ${AWK} 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 116 { print $$1, $$0 }' - | ${SORT} | \ 117 ${MAKEDBM_S} - master.passwd.byname; \ 118 ${CAT} ${.ALLSRC} | \ 119 ${AWK} 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 120 { print $$3, $$0 }' - | ${SORT} | \ 121 ${MAKEDBM_S} - master.passwd.byuid; \ 122 ${TOUCH} ${.TARGET}; \ 123 ${ECHO} "updated passwd"; \ 124 if [ ! ${NOPUSH} ]; then \ 125 ${YPPUSH} -d ${DOMAIN} passwd.byname; \ 126 ${YPPUSH} -d ${DOMAIN} passwd.byuid; \ 127 ${YPPUSH} -d ${DOMAIN} master.passwd.byname; \ 128 ${YPPUSH} -d ${DOMAIN} master.passwd.byuid; \ 129 ${ECHO} "pushed passwd"; \ 130 else \ 131 : ; \ 132 fi \ 133 else \ 134 ${ECHO} "couldn't find ${.ALLSRC}"; \ 135 fi 136 137# XXX: This does not do modify/expire time correctly. 138shadow.time: ${DIR}/master.passwd 139 -@if [ -f ${.ALLSRC} ]; then \ 140 umask 077 ; \ 141 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-3 | \ 142 ${AWK} -v minuid=${MINUID} \ 143 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 144 { if (minuid <= $$3) \ 145 print $$1, $$1":"$$2":10779:0:99999:7:::" }' - | \ 146 ${SORT} | ${MAKEDBM_S} - shadow.byname; \ 147 ${TOUCH} ${.TARGET}; \ 148 ${ECHO} "updated shadow"; \ 149 if [ ! ${NOPUSH} ]; then \ 150 ${YPPUSH} -d ${DOMAIN} shadow.byname; \ 151 ${ECHO} "pushed shadow"; \ 152 else \ 153 : ; \ 154 fi \ 155 else \ 156 ${ECHO} "couldn't find ${.ALLSRC}"; \ 157 fi 158 159aliases.time: ${DIR}/mail/aliases 160 -@if [ -f ${.ALLSRC} ]; then \ 161 ${CP} -p ${.ALLSRC} ${DOMAIN}-aliases; \ 162 ${SENDMAIL} -bi -oA${PWD}/${DOMAIN}-aliases; \ 163 ${MAKEDBM} -u ${DOMAIN}-aliases | ${SORT} | \ 164 ${EGREP} -v '(YP_LAST_MODIFIED|YP_MASTER_NAME)' | \ 165 ${MAKEDBM} - mail.aliases; \ 166 ${MKALIAS} mail.aliases mail.byaddr; \ 167 ${TOUCH} ${.TARGET}; \ 168 ${RM} ${DOMAIN}-aliases.db ${DOMAIN}-aliases; \ 169 ${ECHO} "updated aliases"; \ 170 if [ ! ${NOPUSH} ]; then \ 171 ${YPPUSH} -d ${DOMAIN} mail.aliases; \ 172 ${YPPUSH} -d ${DOMAIN} mail.byaddr; \ 173 ${ECHO} "pushed aliases"; \ 174 else \ 175 : ; \ 176 fi \ 177 else \ 178 ${ECHO} "couldn't find ${.ALLSRC}"; \ 179 fi 180 181 182.for MAP in ${AMDMAPS} 183${MAP}.time: ${AMDDIR}/${MAP} __makedbmesc 184 -@if [ -f ${.ALLSRC} ]; then \ 185 ${TOUCH} ${.TARGET}; \ 186 ${ECHO} "updated ${MAP}"; \ 187 if [ ! ${NOPUSH} ]; then \ 188 ${YPPUSH} -d ${DOMAIN} ${MAP}; \ 189 ${ECHO} "pushed ${MAP}"; \ 190 else \ 191 : ; \ 192 fi \ 193 else \ 194 ${ECHO} "couldn't find ${.ALLSRC}"; \ 195 fi 196.endfor # AMDMAPS 197 198 199ethers.time: ${DIR}/ethers 200 -@if [ -f ${.ALLSRC} ]; then \ 201 ${STDETHERS} ${.ALLSRC} | ${SED} -e s/#.*$$// | \ 202 ${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$1, $$0 }' | \ 203 ${SORT} | ${MAKEDBM} - ethers.byaddr; \ 204 ${STDETHERS} ${.ALLSRC} | \ 205 ${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$2, $$0 }' | \ 206 ${SORT} | ${MAKEDBM} - ethers.byname; \ 207 ${TOUCH} ${.TARGET}; \ 208 ${ECHO} "updated ethers"; \ 209 if [ ! ${NOPUSH} ]; then \ 210 ${YPPUSH} -d ${DOMAIN} ethers.byaddr; \ 211 ${YPPUSH} -d ${DOMAIN} ethers.byname; \ 212 ${ECHO} "pushed ethers"; \ 213 else \ 214 : ; \ 215 fi \ 216 else \ 217 ${ECHO} "couldn't find ${.ALLSRC}"; \ 218 fi 219 220 221group.time: ${DIR}/group 222 -@if [ -f ${.ALLSRC} ]; then \ 223 ${AWK} -v mingid=${MINGID} \ 224 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 225 { if (mingid <= $$3) print $$1, $$0 }' ${.ALLSRC} | \ 226 ${SORT} | ${MAKEDBM} - group.byname; \ 227 ${AWK} -v mingid=${MINGID} \ 228 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 229 { if (mingid <= $$3) print $$3, $$0 }' ${.ALLSRC} | \ 230 ${SORT} | ${MAKEDBM} - group.bygid; \ 231 ${TOUCH} ${.TARGET}; \ 232 ${ECHO} "updated group"; \ 233 if [ ! ${NOPUSH} ]; then \ 234 ${YPPUSH} -d ${DOMAIN} group.byname; \ 235 ${YPPUSH} -d ${DOMAIN} group.bygid; \ 236 ${ECHO} "pushed group"; \ 237 else \ 238 : ; \ 239 fi \ 240 else \ 241 ${ECHO} "couldn't find ${.ALLSRC}"; \ 242 fi 243 244 245# Solaris 8 does the following: 246# - /etc/hosts and hosts.{byname,byaddr} are IPv4 only. 247# - /etc/inet/ipnodes and ipnodes.{byname,byaddr} are used for protocol 248# independent name-to-address mapping. 249# 250# For local name resolution, we made /etc/hosts protocol independent. 251# For NIS name resolution, we obey Solaris 8 practice. 252# - We keep hosts.{byname,byaddr} IPv4 only, to be friendly with Solaris 8 253# clients. 254# - ipnodes.{byname,byaddr} is used for protocol independent mapping. 255# We generate all the mappings from /etc/hosts, for compatibility with NetBSD 256# local name resolution. 257# 258hosts.time: ${DIR}/hosts 259 -@if [ -f ${.ALLSRC} ]; then \ 260 ${STDHOSTS} ${.ALLSRC} | ${SED} -e s/#.*$$// | \ 261 ${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ 262 ${SORT} | ${MAKEDBM} - hosts.byname; \ 263 ${STDHOSTS} ${.ALLSRC} | \ 264 ${AWK} 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ 265 ${SORT} | ${MAKEDBM} - hosts.byaddr; \ 266 ${TOUCH} ${.TARGET}; \ 267 ${ECHO} "updated hosts"; \ 268 if [ ! ${NOPUSH} ]; then \ 269 ${YPPUSH} -d ${DOMAIN} hosts.byname; \ 270 ${YPPUSH} -d ${DOMAIN} hosts.byaddr; \ 271 ${ECHO} "pushed hosts"; \ 272 else \ 273 : ; \ 274 fi \ 275 else \ 276 ${ECHO} "couldn't find ${.ALLSRC}"; \ 277 fi 278 279 280ipnodes.time: ${DIR}/hosts 281 -@if [ -f ${.ALLSRC} ]; then \ 282 ${STDHOSTS} -n ${.ALLSRC} | ${SED} -e s/#.*$$// | \ 283 ${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ 284 ${SORT} | ${MAKEDBM} - ipnodes.byname; \ 285 ${STDHOSTS} -n ${.ALLSRC} | \ 286 ${AWK} 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ 287 ${SORT} | ${MAKEDBM} - ipnodes.byaddr; \ 288 ${TOUCH} ${.TARGET}; \ 289 ${ECHO} "updated ipnodes"; \ 290 if [ ! ${NOPUSH} ]; then \ 291 ${YPPUSH} -d ${DOMAIN} ipnodes.byname; \ 292 ${YPPUSH} -d ${DOMAIN} ipnodes.byaddr; \ 293 ${ECHO} "pushed ipnodes"; \ 294 else \ 295 : ; \ 296 fi \ 297 else \ 298 ${ECHO} "couldn't find ${.ALLSRC}"; \ 299 fi 300 301 302netgroup.time: ${DIR}/netgroup __makedbmesc 303 -@if [ -f ${.ALLSRC} ]; then \ 304 ${CAT} ${.ALLSRC} | ${REVNETGROUP} -u -f - | \ 305 ${SORT} | ${MAKEDBM} - netgroup.byuser; \ 306 ${CAT} ${.ALLSRC} | ${REVNETGROUP} -h -f - | \ 307 ${SORT} | ${MAKEDBM} - netgroup.byhost; \ 308 ${TOUCH} ${.TARGET}; \ 309 ${ECHO} "updated netgroup"; \ 310 if [ ! ${NOPUSH} ]; then \ 311 ${YPPUSH} -d ${DOMAIN} netgroup; \ 312 ${YPPUSH} -d ${DOMAIN} netgroup.byuser; \ 313 ${YPPUSH} -d ${DOMAIN} netgroup.byhost; \ 314 ${ECHO} "pushed netgroup"; \ 315 else \ 316 : ; \ 317 fi \ 318 else \ 319 ${ECHO} "couldn't find ${.ALLSRC}"; \ 320 fi 321 322 323networks.time: ${DIR}/networks 324 -@if [ -f ${.ALLSRC} ]; then \ 325 ${SED} -e "/^#/d" -e s/#.*$$// ${.ALLSRC} | \ 326 ${AWK} '{print $$1, $$0; \ 327 for (i = 3;i <= NF;i++) print $$i,$$0}' | \ 328 ${SORT} | ${MAKEDBM} - networks.byname; \ 329 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 330 ${.ALLSRC} | \ 331 ${SORT} | ${MAKEDBM} - networks.byaddr; \ 332 ${TOUCH} ${.TARGET}; \ 333 ${ECHO} "updated networks"; \ 334 if [ ! ${NOPUSH} ]; then \ 335 ${YPPUSH} -d ${DOMAIN} networks.byname; \ 336 ${YPPUSH} -d ${DOMAIN} networks.byaddr; \ 337 ${ECHO} "pushed networks"; \ 338 else \ 339 : ; \ 340 fi \ 341 else \ 342 ${ECHO} "couldn't find ${.ALLSRC}"; \ 343 fi 344 345 346protocols.time: ${DIR}/protocols 347 -@if [ -f ${.ALLSRC} ]; then \ 348 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 349 ${.ALLSRC} | \ 350 ${SORT} | ${MAKEDBM} - protocols.bynumber; \ 351 ${SED} -e "/^#/d" -e s/#.*$$// ${.ALLSRC} | \ 352 ${AWK} '{print $$1, $$0; \ 353 for (i = 3;i <= NF;i++) print $$i,$$0}' | \ 354 ${SORT} | ${MAKEDBM} - protocols.byname; \ 355 ${TOUCH} ${.TARGET}; \ 356 ${ECHO} "updated protocols"; \ 357 if [ ! ${NOPUSH} ]; then \ 358 ${YPPUSH} -d ${DOMAIN} protocols.bynumber; \ 359 ${YPPUSH} -d ${DOMAIN} protocols.byname; \ 360 ${ECHO} "pushed protocols"; \ 361 else \ 362 : ; \ 363 fi \ 364 else \ 365 ${ECHO} "couldn't find ${.ALLSRC}"; \ 366 fi 367 368 369rpc.time: ${DIR}/rpc 370 -@if [ -f ${.ALLSRC} ]; then \ 371 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 372 ${.ALLSRC} | \ 373 ${SORT} | ${MAKEDBM} - rpc.bynumber; \ 374 ${TOUCH} ${.TARGET}; \ 375 ${ECHO} "updated rpc"; \ 376 if [ ! ${NOPUSH} ]; then \ 377 ${YPPUSH} -d ${DOMAIN} rpc.bynumber; \ 378 ${ECHO} "pushed rpc"; \ 379 else \ 380 : ; \ 381 fi \ 382 else \ 383 ${ECHO} "couldn't find ${.ALLSRC}"; \ 384 fi 385 386 387services.time: ${DIR}/services 388 -@if [ -f ${.ALLSRC} ]; then \ 389 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 390 ${.ALLSRC} | \ 391 ${SORT} | ${MAKEDBM} - services.byname; \ 392 ${TOUCH} ${.TARGET}; \ 393 ${ECHO} "updated services"; \ 394 if [ ! ${NOPUSH} ]; then \ 395 ${YPPUSH} -d ${DOMAIN} services.byname; \ 396 ${ECHO} "pushed services"; \ 397 else \ 398 : ; \ 399 fi \ 400 else \ 401 ${ECHO} "couldn't find ${.ALLSRC}"; \ 402 fi 403 404 405netid.time: ${DIR}/passwd ${DIR}/group ${DIR}/hosts ${DIR}/netid 406 -@${MKNETID} -q -d ${DOMAIN} -p ${DIR}/passwd -g ${DIR}/group -h \ 407 ${DIR}/hosts -m ${DIR}/netid | \ 408 ${SORT} | ${MAKEDBM} - netid.byname; \ 409 ${TOUCH} ${.TARGET}; \ 410 ${ECHO} "updated netid"; \ 411 if [ ! ${NOPUSH} ]; then \ 412 ${YPPUSH} -d ${DOMAIN} netid.byname; \ 413 ${ECHO} "pushed netid"; \ 414 else \ 415 : ; \ 416 fi 417 418 419ypservers.time: ${.CURDIR}/ypservers 420 -@${MAKEDBM} ypservers ypservers; \ 421 ${TOUCH} ${.TARGET}; \ 422 ${ECHO} "updated ypservers"; \ 423 if [ ! ${NOPUSH} ]; then \ 424 ${YPPUSH} -d ${DOMAIN} ypservers; \ 425 ${ECHO} "pushed ypservers"; \ 426 else \ 427 : ; \ 428 fi 429 430 431passwd: passwd.time 432group: group.time 433hosts: hosts.time 434ipnodes: ipnodes.time 435aliases: aliases.time 436.for MAP in ${AMDMAPS} 437${MAP}: ${MAP}.time 438.endfor # AMDMAPS 439ethers: ethers.time 440netgroup: netgroup.time 441networks: networks.time 442rpc: rpc.time 443services: services.time 444shadow: shadow.time 445protocols: protocols.time 446netid: netid.time 447ypservers: ypservers.time 448 449${DIR}/passwd: 450${DIR}/group: 451${DIR}/hosts: 452${DIR}/mail/aliases: 453.for MAP in ${AMDMAPS} 454${AMDDIR}/${MAP}: 455.endfor # AMDMAPS 456${DIR}/ethers: 457${DIR}/master.passwd: 458${DIR}/netgroup: 459${DIR}/networks: 460${DIR}/rpc: 461${DIR}/services: 462${DIR}/protocols: 463${DIR}/netid: 464