1# $NetBSD: Makefile.yp,v 1.21.52.1 2013/07/23 21:07:42 riastradh Exp $ 2# 3# This is the YP Makefile, used to create and push YP maps. 4# 5 6# Invoke with NOPUSH != "" to prevent the maps from being yppushed upon rebuild 7# 8NOPUSH?= "" 9 10# Password maps in standard YP are insecure, because the pw_passwd 11# field is accessible by any user. FreeBSD, NetBSD and OpenBSD have 12# a common solution: a secure map (generated with makedbm -s) can 13# only be accessed by a client bound to a privileged port. 14# 15# Uncomment out the following if you need compatibility with 16# sites that don't support this feature. 17# 18#INSECURE?= yes 19 20# Only include UID's >= ${MINUID} in the maps. Setting this to ~1000 21# and using uid's > 1000 for users allows heterogeneous system support 22# where low numbered uids and gids may have different meanings. 23MINUID?= 0 24MINGID?= 0 25 26# In addition, by adding shadow to the list of rules we support 27# linux and solaris type shadow maps. 28 29YPDBDIR= /var/yp 30DIR= /etc 31AMDDIR= /etc/amd 32AMDMAPS= amd.home 33DOMAIN= ${.CURDIR:T} 34 35AWK= /usr/bin/awk 36CAT= /bin/cat 37CP= /bin/cp 38CUT= /usr/bin/cut 39ECHO= /bin/echo 40EGREP= /usr/bin/egrep 41MAKEDBM= /usr/sbin/makedbm 42MAKEDBM_S= ${MAKEDBM} -s 43MKALIAS= /usr/sbin/mkalias 44MKNETID= /usr/sbin/mknetid 45REVNETGROUP= /usr/sbin/revnetgroup 46RM= /bin/rm 47SED= /usr/bin/sed 48SENDMAIL= /usr/sbin/sendmail 49SORT= /usr/bin/sort 50STDETHERS= /usr/sbin/stdethers 51STDHOSTS= /usr/sbin/stdhosts -n 52TOUCH= /usr/bin/touch 53YPPUSH= /usr/sbin/yppush 54 55 56# We have a rule for ypservers, but we don't build it by default, since 57# it seldom changes (only when slaves are added/deleted). 58 59all: passwd aliases ${AMDMAPS} ethers group hosts ipnodes netgroup networks rpc services protocols netid 60 61__makedbmesc: .USEBEFORE 62 if [ -f ${.ALLSRC} ]; then \ 63 ${SED} -e "s/#.*$$//" ${.ALLSRC} | \ 64 ${AWK} '{ \ 65 if (NF == 0) \ 66 printf("\n"); \ 67 else { \ 68 for (i = 1; i <= NF; i++) { \ 69 if (i == NF) { \ 70 if (substr($$i, length($$i), 1) == "\\") { \ 71 printf("%s", substr($$i, 1, \ 72 length($$i) - 1)); \ 73 } else \ 74 printf("%s\n", $$i); \ 75 } else \ 76 printf("%s ", $$i); \ 77 } \ 78 } \ 79 }' | \ 80 ${SED} -e "/^[ \t]*$$/d" | \ 81 ${SORT} | ${MAKEDBM} - ${.ALLSRC:T}; \ 82 fi 83 84passwd.time: ${DIR}/master.passwd 85 -@if [ -f ${.ALLSRC} ]; then \ 86 umask 077 ; \ 87 if [ "${INSECURE}" != "yes" ]; then \ 88 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 | \ 89 ${AWK} -v minuid=${MINUID} \ 90 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 91 { if (minuid <= $$3) \ 92 print $$1, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ 93 ${SORT} | ${MAKEDBM} - passwd.byname; \ 94 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 |\ 95 ${AWK} -v minuid=${MINUID} \ 96 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 97 { if (minuid <= $$3) \ 98 print $$3, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ 99 ${SORT} | ${MAKEDBM} - passwd.byuid; \ 100 else \ 101 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 | \ 102 ${AWK} -v minuid=${MINUID} \ 103 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 104 { if (minuid <= $$3) \ 105 print $$1, $$0 }' - | ${SORT} | \ 106 ${MAKEDBM} - passwd.byname; \ 107 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 |\ 108 ${AWK} -v minuid=${MINUID} \ 109 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 110 { if (minuid <= $$3) \ 111 print $$3, $$0 }' - | ${SORT} | \ 112 ${MAKEDBM} - passwd.byuid; \ 113 fi; \ 114 ${CAT} ${.ALLSRC} | \ 115 ${AWK} -v minuid=${MINUID} \ 116 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 117 { if (minuid <= $$3) print $$1, $$0 }' - | ${SORT} | \ 118 ${MAKEDBM_S} - master.passwd.byname; \ 119 ${CAT} ${.ALLSRC} | \ 120 ${AWK} -v minuid=${MINUID} \ 121 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 122 { if (minuid <= $$3) print $$3, $$0 }' - | ${SORT} | \ 123 ${MAKEDBM_S} - master.passwd.byuid; \ 124 ${TOUCH} ${.TARGET}; \ 125 ${ECHO} "updated passwd"; \ 126 if [ ! ${NOPUSH} ]; then \ 127 ${YPPUSH} -d ${DOMAIN} passwd.byname; \ 128 ${YPPUSH} -d ${DOMAIN} passwd.byuid; \ 129 ${YPPUSH} -d ${DOMAIN} master.passwd.byname; \ 130 ${YPPUSH} -d ${DOMAIN} master.passwd.byuid; \ 131 ${ECHO} "pushed passwd"; \ 132 else \ 133 : ; \ 134 fi \ 135 else \ 136 ${ECHO} "couldn't find ${.ALLSRC}"; \ 137 fi 138 139# XXX: This does not do modify/expire time correctly. 140shadow.time: ${DIR}/master.passwd 141 -@if [ -f ${.ALLSRC} ]; then \ 142 umask 077 ; \ 143 ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-3 | \ 144 ${AWK} -v minuid=${MINUID} \ 145 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 146 { if (minuid <= $$3) \ 147 print $$1, $$1":"$$2":10779:0:99999:7:::" }' - | \ 148 ${SORT} | ${MAKEDBM_S} - shadow.byname; \ 149 ${TOUCH} ${.TARGET}; \ 150 ${ECHO} "updated shadow"; \ 151 if [ ! ${NOPUSH} ]; then \ 152 ${YPPUSH} -d ${DOMAIN} shadow.byname; \ 153 ${ECHO} "pushed shadow"; \ 154 else \ 155 : ; \ 156 fi \ 157 else \ 158 ${ECHO} "couldn't find ${.ALLSRC}"; \ 159 fi 160 161aliases.time: ${DIR}/mail/aliases 162 -@if [ -f ${.ALLSRC} ]; then \ 163 ${CP} -p ${.ALLSRC} ${DOMAIN}-aliases; \ 164 ${SENDMAIL} -bi -oA${PWD}/${DOMAIN}-aliases; \ 165 ${MAKEDBM} -u ${DOMAIN}-aliases | ${SORT} | \ 166 ${EGREP} -v '(YP_LAST_MODIFIED|YP_MASTER_NAME)' | \ 167 ${MAKEDBM} - mail.aliases; \ 168 ${MKALIAS} mail.aliases mail.byaddr; \ 169 ${TOUCH} ${.TARGET}; \ 170 ${RM} ${DOMAIN}-aliases.db ${DOMAIN}-aliases; \ 171 ${ECHO} "updated aliases"; \ 172 if [ ! ${NOPUSH} ]; then \ 173 ${YPPUSH} -d ${DOMAIN} mail.aliases; \ 174 ${YPPUSH} -d ${DOMAIN} mail.byaddr; \ 175 ${ECHO} "pushed aliases"; \ 176 else \ 177 : ; \ 178 fi \ 179 else \ 180 ${ECHO} "couldn't find ${.ALLSRC}"; \ 181 fi 182 183 184.for MAP in ${AMDMAPS} 185${MAP}.time: ${AMDDIR}/${MAP} __makedbmesc 186 -@if [ -f ${.ALLSRC} ]; then \ 187 ${TOUCH} ${.TARGET}; \ 188 ${ECHO} "updated ${MAP}"; \ 189 if [ ! ${NOPUSH} ]; then \ 190 ${YPPUSH} -d ${DOMAIN} ${MAP}; \ 191 ${ECHO} "pushed ${MAP}"; \ 192 else \ 193 : ; \ 194 fi \ 195 else \ 196 ${ECHO} "couldn't find ${.ALLSRC}"; \ 197 fi 198.endfor # AMDMAPS 199 200 201ethers.time: ${DIR}/ethers 202 -@if [ -f ${.ALLSRC} ]; then \ 203 ${STDETHERS} ${.ALLSRC} | \ 204 ${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$1, $$0 }' | \ 205 ${SORT} | ${MAKEDBM} - ethers.byaddr; \ 206 ${STDETHERS} ${.ALLSRC} | \ 207 ${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$2, $$0 }' | \ 208 ${SORT} | ${MAKEDBM} - ethers.byname; \ 209 ${TOUCH} ${.TARGET}; \ 210 ${ECHO} "updated ethers"; \ 211 if [ ! ${NOPUSH} ]; then \ 212 ${YPPUSH} -d ${DOMAIN} ethers.byaddr; \ 213 ${YPPUSH} -d ${DOMAIN} ethers.byname; \ 214 ${ECHO} "pushed ethers"; \ 215 else \ 216 : ; \ 217 fi \ 218 else \ 219 ${ECHO} "couldn't find ${.ALLSRC}"; \ 220 fi 221 222 223group.time: ${DIR}/group 224 -@if [ -f ${.ALLSRC} ]; then \ 225 ${AWK} -v mingid=${MINGID} \ 226 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 227 { if (mingid <= $$3) print $$1, $$0 }' ${.ALLSRC} | \ 228 ${SORT} | ${MAKEDBM} - group.byname; \ 229 ${AWK} -v mingid=${MINGID} \ 230 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ 231 { if (mingid <= $$3) print $$3, $$0 }' ${.ALLSRC} | \ 232 ${SORT} | ${MAKEDBM} - group.bygid; \ 233 ${TOUCH} ${.TARGET}; \ 234 ${ECHO} "updated group"; \ 235 if [ ! ${NOPUSH} ]; then \ 236 ${YPPUSH} -d ${DOMAIN} group.byname; \ 237 ${YPPUSH} -d ${DOMAIN} group.bygid; \ 238 ${ECHO} "pushed group"; \ 239 else \ 240 : ; \ 241 fi \ 242 else \ 243 ${ECHO} "couldn't find ${.ALLSRC}"; \ 244 fi 245 246 247# Solaris 8 does the following: 248# - /etc/hosts and hosts.{byname,byaddr} are IPv4 only. 249# - /etc/inet/ipnodes and ipnodes.{byname,byaddr} are used for protocol 250# independent name-to-address mapping. 251# 252# For local name resolution, we made /etc/hosts protocol independent. 253# For NIS name resolution, we obey Solaris 8 practice. 254# - We keep hosts.{byname,byaddr} IPv4 only, to be friendly with Solaris 8 255# clients. 256# - ipnodes.{byname,byaddr} is used for protocol independent mapping. 257# We generate all the mappings from /etc/hosts, for compatibility with NetBSD 258# local name resolution. 259# 260hosts.time: ${DIR}/hosts 261 -@if [ -f ${.ALLSRC} ]; then \ 262 ${STDHOSTS} ${.ALLSRC} | \ 263 ${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ 264 ${SORT} | ${MAKEDBM} - hosts.byname; \ 265 ${STDHOSTS} ${.ALLSRC} | \ 266 ${AWK} 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ 267 ${SORT} | ${MAKEDBM} - hosts.byaddr; \ 268 ${TOUCH} ${.TARGET}; \ 269 ${ECHO} "updated hosts"; \ 270 if [ ! ${NOPUSH} ]; then \ 271 ${YPPUSH} -d ${DOMAIN} hosts.byname; \ 272 ${YPPUSH} -d ${DOMAIN} hosts.byaddr; \ 273 ${ECHO} "pushed hosts"; \ 274 else \ 275 : ; \ 276 fi \ 277 else \ 278 ${ECHO} "couldn't find ${.ALLSRC}"; \ 279 fi 280 281 282ipnodes.time: ${DIR}/hosts 283 -@if [ -f ${.ALLSRC} ]; then \ 284 ${STDHOSTS} -n ${.ALLSRC} | \ 285 ${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ 286 ${SORT} | ${MAKEDBM} - ipnodes.byname; \ 287 ${STDHOSTS} -n ${.ALLSRC} | \ 288 ${AWK} 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ 289 ${SORT} | ${MAKEDBM} - ipnodes.byaddr; \ 290 ${TOUCH} ${.TARGET}; \ 291 ${ECHO} "updated ipnodes"; \ 292 if [ ! ${NOPUSH} ]; then \ 293 ${YPPUSH} -d ${DOMAIN} ipnodes.byname; \ 294 ${YPPUSH} -d ${DOMAIN} ipnodes.byaddr; \ 295 ${ECHO} "pushed ipnodes"; \ 296 else \ 297 : ; \ 298 fi \ 299 else \ 300 ${ECHO} "couldn't find ${.ALLSRC}"; \ 301 fi 302 303 304netgroup.time: ${DIR}/netgroup __makedbmesc 305 -@if [ -f ${.ALLSRC} ]; then \ 306 ${CAT} ${.ALLSRC} | ${REVNETGROUP} -u -f - | \ 307 ${SORT} | ${MAKEDBM} - netgroup.byuser; \ 308 ${CAT} ${.ALLSRC} | ${REVNETGROUP} -h -f - | \ 309 ${SORT} | ${MAKEDBM} - netgroup.byhost; \ 310 ${TOUCH} ${.TARGET}; \ 311 ${ECHO} "updated netgroup"; \ 312 if [ ! ${NOPUSH} ]; then \ 313 ${YPPUSH} -d ${DOMAIN} netgroup; \ 314 ${YPPUSH} -d ${DOMAIN} netgroup.byuser; \ 315 ${YPPUSH} -d ${DOMAIN} netgroup.byhost; \ 316 ${ECHO} "pushed netgroup"; \ 317 else \ 318 : ; \ 319 fi \ 320 else \ 321 ${ECHO} "couldn't find ${.ALLSRC}"; \ 322 fi 323 324 325networks.time: ${DIR}/networks 326 -@if [ -f ${.ALLSRC} ]; then \ 327 ${SED} -e "/^#/d" -e s/#.*$$// ${.ALLSRC} | \ 328 ${AWK} '{print $$1, $$0; \ 329 for (i = 3;i <= NF;i++) print $$i,$$0}' | \ 330 ${SORT} | ${MAKEDBM} - networks.byname; \ 331 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 332 ${.ALLSRC} | \ 333 ${SORT} | ${MAKEDBM} - networks.byaddr; \ 334 ${TOUCH} ${.TARGET}; \ 335 ${ECHO} "updated networks"; \ 336 if [ ! ${NOPUSH} ]; then \ 337 ${YPPUSH} -d ${DOMAIN} networks.byname; \ 338 ${YPPUSH} -d ${DOMAIN} networks.byaddr; \ 339 ${ECHO} "pushed networks"; \ 340 else \ 341 : ; \ 342 fi \ 343 else \ 344 ${ECHO} "couldn't find ${.ALLSRC}"; \ 345 fi 346 347 348protocols.time: ${DIR}/protocols 349 -@if [ -f ${.ALLSRC} ]; then \ 350 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 351 ${.ALLSRC} | \ 352 ${SORT} | ${MAKEDBM} - protocols.bynumber; \ 353 ${SED} -e "/^#/d" -e s/#.*$$// ${.ALLSRC} | \ 354 ${AWK} '{print $$1, $$0; \ 355 for (i = 3;i <= NF;i++) print $$i,$$0}' | \ 356 ${SORT} | ${MAKEDBM} - protocols.byname; \ 357 ${TOUCH} ${.TARGET}; \ 358 ${ECHO} "updated protocols"; \ 359 if [ ! ${NOPUSH} ]; then \ 360 ${YPPUSH} -d ${DOMAIN} protocols.bynumber; \ 361 ${YPPUSH} -d ${DOMAIN} protocols.byname; \ 362 ${ECHO} "pushed protocols"; \ 363 else \ 364 : ; \ 365 fi \ 366 else \ 367 ${ECHO} "couldn't find ${.ALLSRC}"; \ 368 fi 369 370 371rpc.time: ${DIR}/rpc 372 -@if [ -f ${.ALLSRC} ]; then \ 373 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 374 ${.ALLSRC} | \ 375 ${SORT} | ${MAKEDBM} - rpc.bynumber; \ 376 ${TOUCH} ${.TARGET}; \ 377 ${ECHO} "updated rpc"; \ 378 if [ ! ${NOPUSH} ]; then \ 379 ${YPPUSH} -d ${DOMAIN} rpc.bynumber; \ 380 ${ECHO} "pushed rpc"; \ 381 else \ 382 : ; \ 383 fi \ 384 else \ 385 ${ECHO} "couldn't find ${.ALLSRC}"; \ 386 fi 387 388 389services.time: ${DIR}/services 390 -@if [ -f ${.ALLSRC} ]; then \ 391 ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ 392 ${.ALLSRC} | \ 393 ${SORT} | ${MAKEDBM} - services.byname; \ 394 ${TOUCH} ${.TARGET}; \ 395 ${ECHO} "updated services"; \ 396 if [ ! ${NOPUSH} ]; then \ 397 ${YPPUSH} -d ${DOMAIN} services.byname; \ 398 ${ECHO} "pushed services"; \ 399 else \ 400 : ; \ 401 fi \ 402 else \ 403 ${ECHO} "couldn't find ${.ALLSRC}"; \ 404 fi 405 406 407netid.time: ${DIR}/passwd ${DIR}/group ${DIR}/hosts ${DIR}/netid 408 -@${MKNETID} -q -d ${DOMAIN} -p ${DIR}/passwd -g ${DIR}/group -h \ 409 ${DIR}/hosts -m ${DIR}/netid | \ 410 ${SORT} | ${MAKEDBM} - netid.byname; \ 411 ${TOUCH} ${.TARGET}; \ 412 ${ECHO} "updated netid"; \ 413 if [ ! ${NOPUSH} ]; then \ 414 ${YPPUSH} -d ${DOMAIN} netid.byname; \ 415 ${ECHO} "pushed netid"; \ 416 else \ 417 : ; \ 418 fi 419 420 421ypservers.time: ${.CURDIR}/ypservers 422 -@${MAKEDBM} ypservers ypservers; \ 423 ${TOUCH} ${.TARGET}; \ 424 ${ECHO} "updated ypservers"; \ 425 if [ ! ${NOPUSH} ]; then \ 426 ${YPPUSH} -d ${DOMAIN} ypservers; \ 427 ${ECHO} "pushed ypservers"; \ 428 else \ 429 : ; \ 430 fi 431 432 433passwd: passwd.time 434group: group.time 435hosts: hosts.time 436ipnodes: ipnodes.time 437aliases: aliases.time 438.for MAP in ${AMDMAPS} 439${MAP}: ${MAP}.time 440.endfor # AMDMAPS 441ethers: ethers.time 442netgroup: netgroup.time 443networks: networks.time 444rpc: rpc.time 445services: services.time 446shadow: shadow.time 447protocols: protocols.time 448netid: netid.time 449ypservers: ypservers.time 450 451${DIR}/passwd: 452${DIR}/group: 453${DIR}/hosts: 454${DIR}/mail/aliases: 455.for MAP in ${AMDMAPS} 456${AMDDIR}/${MAP}: 457.endfor # AMDMAPS 458${DIR}/ethers: 459${DIR}/master.passwd: 460${DIR}/netgroup: 461${DIR}/networks: 462${DIR}/rpc: 463${DIR}/services: 464${DIR}/protocols: 465${DIR}/netid: 466