diff options
author | Colin Watson <cjwatson@debian.org> | 2007-06-12 16:16:35 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2007-06-12 16:16:35 +0000 |
commit | b7e40fa9da0b5491534a429dadb321eab5a77558 (patch) | |
tree | bed1da11e9f829925797aa093e379fc0b5868ecd /buildpkg.sh.in | |
parent | 4f84beedf1005e44ff33c854abd6b711ffc0adb7 (diff) | |
parent | 086ea76990b1e6287c24b6db74adffd4605eb3b0 (diff) |
* New upstream release (closes: #395507, #397961, #420035). Important
changes not previously backported to 4.3p2:
- 4.4/4.4p1 (http://www.openssh.org/txt/release-4.4):
+ On portable OpenSSH, fix a GSSAPI authentication abort that could be
used to determine the validity of usernames on some platforms.
+ Implemented conditional configuration in sshd_config(5) using the
"Match" directive. This allows some configuration options to be
selectively overridden if specific criteria (based on user, group,
hostname and/or address) are met. So far a useful subset of
post-authentication options are supported and more are expected to
be added in future releases.
+ Add support for Diffie-Hellman group exchange key agreement with a
final hash of SHA256.
+ Added a "ForceCommand" directive to sshd_config(5). Similar to the
command="..." option accepted in ~/.ssh/authorized_keys, this forces
the execution of the specified command regardless of what the user
requested. This is very useful in conjunction with the new "Match"
option.
+ Add a "PermitOpen" directive to sshd_config(5). This mirrors the
permitopen="..." authorized_keys option, allowing fine-grained
control over the port-forwardings that a user is allowed to
establish.
+ Add optional logging of transactions to sftp-server(8).
+ ssh(1) will now record port numbers for hosts stored in
~/.ssh/known_hosts when a non-standard port has been requested
(closes: #50612).
+ Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a
non-zero exit code) when requested port forwardings could not be
established.
+ Extend sshd_config(5) "SubSystem" declarations to allow the
specification of command-line arguments.
+ Replacement of all integer overflow susceptible invocations of
malloc(3) and realloc(3) with overflow-checking equivalents.
+ Many manpage fixes and improvements.
+ Add optional support for OpenSSL hardware accelerators (engines),
enabled using the --with-ssl-engine configure option.
+ Tokens in configuration files may be double-quoted in order to
contain spaces (closes: #319639).
+ Move a debug() call out of a SIGCHLD handler, fixing a hang when the
session exits very quickly (closes: #307890).
+ Fix some incorrect buffer allocation calculations (closes: #410599).
+ ssh-add doesn't ask for a passphrase if key file permissions are too
liberal (closes: #103677).
+ Likewise, ssh doesn't ask either (closes: #99675).
- 4.6/4.6p1 (http://www.openssh.org/txt/release-4.6):
+ sshd now allows the enabling and disabling of authentication methods
on a per user, group, host and network basis via the Match directive
in sshd_config.
+ Fixed an inconsistent check for a terminal when displaying scp
progress meter (closes: #257524).
+ Fix "hang on exit" when background processes are running at the time
of exit on a ttyful/login session (closes: #88337).
* Update to current GSSAPI patch from
http://www.sxw.org.uk/computing/patches/openssh-4.6p1-gsskex-20070312.patch;
install ChangeLog.gssapi.
Diffstat (limited to 'buildpkg.sh.in')
-rw-r--r-- | buildpkg.sh.in | 198 |
1 files changed, 158 insertions, 40 deletions
diff --git a/buildpkg.sh.in b/buildpkg.sh.in index cb9eb3048..8a96b9050 100644 --- a/buildpkg.sh.in +++ b/buildpkg.sh.in | |||
@@ -24,6 +24,7 @@ PKGNAME=OpenSSH | |||
24 | # revisions within the same version (REV=a) | 24 | # revisions within the same version (REV=a) |
25 | #REV= | 25 | #REV= |
26 | SYSVINIT_NAME=opensshd | 26 | SYSVINIT_NAME=opensshd |
27 | AWK=${AWK:="nawk"} | ||
27 | MAKE=${MAKE:="make"} | 28 | MAKE=${MAKE:="make"} |
28 | SSHDUID=67 # Default privsep uid | 29 | SSHDUID=67 # Default privsep uid |
29 | SSHDGID=67 # Default privsep gid | 30 | SSHDGID=67 # Default privsep gid |
@@ -35,7 +36,7 @@ SSHDGID=67 # Default privsep gid | |||
35 | SYSVINITSTART=S98 | 36 | SYSVINITSTART=S98 |
36 | SYSVINITSTOPT=K30 | 37 | SYSVINITSTOPT=K30 |
37 | # We will source these if they exist | 38 | # We will source these if they exist |
38 | POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh | 39 | POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh |
39 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh | 40 | POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh |
40 | # We'll be one level deeper looking for these | 41 | # We'll be one level deeper looking for these |
41 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local | 42 | PKG_PREINSTALL_LOCAL=../pkg-preinstall.local |
@@ -46,6 +47,8 @@ PKG_REQUEST_LOCAL=../pkg-request.local | |||
46 | # end of sourced files | 47 | # end of sourced files |
47 | # | 48 | # |
48 | OPENSSHD=opensshd.init | 49 | OPENSSHD=opensshd.init |
50 | OPENSSH_MANIFEST=openssh.xml | ||
51 | OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default | ||
49 | 52 | ||
50 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ | 53 | PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ |
51 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ | 54 | PATH_USERADD_PROG=@PATH_USERADD_PROG@ |
@@ -60,6 +63,10 @@ SYSTEM_DIR="/etc \ | |||
60 | /etc/rc1.d \ | 63 | /etc/rc1.d \ |
61 | /etc/rc2.d \ | 64 | /etc/rc2.d \ |
62 | /etc/opt \ | 65 | /etc/opt \ |
66 | /lib \ | ||
67 | /lib/svc \ | ||
68 | /lib/svc/method \ | ||
69 | /lib/svc/method/site \ | ||
63 | /opt \ | 70 | /opt \ |
64 | /opt/bin \ | 71 | /opt/bin \ |
65 | /usr \ | 72 | /usr \ |
@@ -82,6 +89,9 @@ SYSTEM_DIR="/etc \ | |||
82 | /var \ | 89 | /var \ |
83 | /var/opt \ | 90 | /var/opt \ |
84 | /var/run \ | 91 | /var/run \ |
92 | /var/svc \ | ||
93 | /var/svc/manifest \ | ||
94 | /var/svc/manifest/site \ | ||
85 | /var/tmp \ | 95 | /var/tmp \ |
86 | /tmp" | 96 | /tmp" |
87 | 97 | ||
@@ -119,6 +129,12 @@ do | |||
119 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` | 129 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` |
120 | done | 130 | done |
121 | 131 | ||
132 | ## Are we using Solaris' SMF? | ||
133 | DO_SMF=0 | ||
134 | if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1 | ||
135 | then | ||
136 | DO_SMF=1 | ||
137 | fi | ||
122 | 138 | ||
123 | ## Collect value of privsep user | 139 | ## Collect value of privsep user |
124 | for confvar in SSH_PRIVSEP_USER | 140 | for confvar in SSH_PRIVSEP_USER |
@@ -139,15 +155,22 @@ ARCH=`uname -m` | |||
139 | DEF_MSG="\n" | 155 | DEF_MSG="\n" |
140 | OS_VER=`uname -v` | 156 | OS_VER=`uname -v` |
141 | SCRIPT_SHELL=/sbin/sh | 157 | SCRIPT_SHELL=/sbin/sh |
158 | UNAME_R=`uname -r` | ||
142 | UNAME_S=`uname -s` | 159 | UNAME_S=`uname -s` |
143 | case ${UNAME_S} in | 160 | case ${UNAME_S} in |
144 | SunOS) UNAME_S=Solaris | 161 | SunOS) UNAME_S=Solaris |
162 | OS_VER=${UNAME_R} | ||
145 | ARCH=`uname -p` | 163 | ARCH=`uname -p` |
146 | RCS_D=yes | 164 | RCS_D=yes |
147 | DEF_MSG="(default: n)" | 165 | DEF_MSG="(default: n)" |
148 | ;; | 166 | ;; |
149 | SCO_SV) UNAME_S=OpenServer | 167 | SCO_SV) case ${UNAME_R} in |
168 | 3.2) UNAME_S=OpenServer5 | ||
150 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` | 169 | OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` |
170 | ;; | ||
171 | 5) UNAME_S=OpenServer6 | ||
172 | ;; | ||
173 | esac | ||
151 | SCRIPT_SHELL=/bin/sh | 174 | SCRIPT_SHELL=/bin/sh |
152 | RC1_D=no | 175 | RC1_D=no |
153 | DEF_MSG="(default: n)" | 176 | DEF_MSG="(default: n)" |
@@ -168,10 +191,26 @@ then | |||
168 | fi | 191 | fi |
169 | 192 | ||
170 | ## Setup our run level stuff while we are at it. | 193 | ## Setup our run level stuff while we are at it. |
171 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d | 194 | if [ $DO_SMF -eq 1 ] |
195 | then | ||
196 | # For Solaris' SMF, /lib/svc/method/site is the preferred place | ||
197 | # for start/stop scripts that aren't supplied with the OS, and | ||
198 | # similarly /var/svc/manifest/site for manifests. | ||
199 | mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site | ||
200 | mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site | ||
201 | |||
202 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} | ||
203 | chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME} | ||
204 | |||
205 | cat ${OPENSSH_MANIFEST} | sed "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \ | ||
206 | > $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml | ||
207 | chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml | ||
208 | else | ||
209 | mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d | ||
172 | 210 | ||
173 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} | 211 | cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
174 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} | 212 | chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} |
213 | fi | ||
175 | 214 | ||
176 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ | 215 | [ "${PERMIT_ROOT_LOGIN}" = no ] && \ |
177 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ | 216 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
@@ -221,15 +260,22 @@ touch depend | |||
221 | 260 | ||
222 | ## Build space file | 261 | ## Build space file |
223 | echo "Building space file..." | 262 | echo "Building space file..." |
224 | cat > space << _EOF | 263 | if [ $DO_SMF -eq 1 ] |
225 | # extra space required by start/stop links added by installf in postinstall | 264 | then |
265 | # XXX Is this necessary? If not, remove space line from mk-proto.awk. | ||
266 | touch space | ||
267 | else | ||
268 | cat > space << _EOF | ||
269 | # extra space required by start/stop links added by installf | ||
270 | # in postinstall | ||
226 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 | 271 | $TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 |
227 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 | 272 | $TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 |
228 | _EOF | 273 | _EOF |
229 | [ "$RC1_D" = no ] || \ | 274 | [ "$RC1_D" = no ] || \ |
230 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space | 275 | echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
231 | [ "$RCS_D" = yes ] && \ | 276 | [ "$RCS_D" = yes ] && \ |
232 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space | 277 | echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space |
278 | fi | ||
233 | 279 | ||
234 | ## Build preinstall file | 280 | ## Build preinstall file |
235 | echo "Building preinstall file..." | 281 | echo "Building preinstall file..." |
@@ -243,7 +289,16 @@ _EOF | |||
243 | 289 | ||
244 | cat >> preinstall << _EOF | 290 | cat >> preinstall << _EOF |
245 | # | 291 | # |
246 | [ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | 292 | if [ "\${PRE_INS_STOP}" = "yes" ] |
293 | then | ||
294 | if [ $DO_SMF -eq 1 ] | ||
295 | then | ||
296 | svcadm disable $OPENSSH_FMRI | ||
297 | else | ||
298 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | ||
299 | fi | ||
300 | fi | ||
301 | |||
247 | exit 0 | 302 | exit 0 |
248 | _EOF | 303 | _EOF |
249 | 304 | ||
@@ -265,28 +320,40 @@ cat > postinstall << _EOF | |||
265 | } | 320 | } |
266 | 321 | ||
267 | # make rc?.d dirs only if we are doing a test install | 322 | # make rc?.d dirs only if we are doing a test install |
268 | [ -n "${TEST_DIR}" ] && { | 323 | [ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && { |
269 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d | 324 | [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d |
270 | mkdir -p ${TEST_DIR}/etc/rc0.d | 325 | mkdir -p ${TEST_DIR}/etc/rc0.d |
271 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d | 326 | [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d |
272 | mkdir -p ${TEST_DIR}/etc/rc2.d | 327 | mkdir -p ${TEST_DIR}/etc/rc2.d |
273 | } | 328 | } |
274 | 329 | ||
275 | if [ "\${USE_SYM_LINKS}" = yes ] | 330 | if [ $DO_SMF -eq 1 ] |
276 | then | 331 | then |
277 | [ "$RCS_D" = yes ] && \ | 332 | # Delete the existing service, if it exists, then import the |
278 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | 333 | # new one. |
279 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | 334 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 |
280 | [ "$RC1_D" = no ] || \ | 335 | then |
281 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | 336 | svccfg delete -f $OPENSSH_FMRI |
282 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | 337 | fi |
338 | # NOTE, The manifest disables sshd by default. | ||
339 | svccfg import ${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml | ||
283 | else | 340 | else |
284 | [ "$RCS_D" = yes ] && \ | 341 | if [ "\${USE_SYM_LINKS}" = yes ] |
285 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | 342 | then |
286 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | 343 | [ "$RCS_D" = yes ] && \ |
287 | [ "$RC1_D" = no ] || \ | 344 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
288 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | 345 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s |
289 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | 346 | [ "$RC1_D" = no ] || \ |
347 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | ||
348 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s | ||
349 | else | ||
350 | [ "$RCS_D" = yes ] && \ | ||
351 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | ||
352 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | ||
353 | [ "$RC1_D" = no ] || \ | ||
354 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | ||
355 | installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l | ||
356 | fi | ||
290 | fi | 357 | fi |
291 | 358 | ||
292 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) | 359 | # If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) |
@@ -311,14 +378,7 @@ then | |||
311 | chroot=echo | 378 | chroot=echo |
312 | fi | 379 | fi |
313 | 380 | ||
314 | if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null | 381 | echo "PrivilegeSeparation user always required." |
315 | then | ||
316 | echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" | ||
317 | echo "or group." | ||
318 | else | ||
319 | echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." | ||
320 | |||
321 | # user required? | ||
322 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null | 382 | if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null |
323 | then | 383 | then |
324 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." | 384 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." |
@@ -363,9 +423,16 @@ else | |||
363 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER | 423 | \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER |
364 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER | 424 | \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER |
365 | } | 425 | } |
366 | fi | ||
367 | 426 | ||
368 | [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start | 427 | if [ "\${POST_INS_START}" = "yes" ] |
428 | then | ||
429 | if [ $DO_SMF -eq 1 ] | ||
430 | then | ||
431 | svcadm enable $OPENSSH_FMRI | ||
432 | else | ||
433 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start | ||
434 | fi | ||
435 | fi | ||
369 | exit 0 | 436 | exit 0 |
370 | _EOF | 437 | _EOF |
371 | 438 | ||
@@ -374,7 +441,12 @@ echo "Building preremove file..." | |||
374 | cat > preremove << _EOF | 441 | cat > preremove << _EOF |
375 | #! ${SCRIPT_SHELL} | 442 | #! ${SCRIPT_SHELL} |
376 | # | 443 | # |
377 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | 444 | if [ $DO_SMF -eq 1 ] |
445 | then | ||
446 | svcadm disable $OPENSSH_FMRI | ||
447 | else | ||
448 | ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop | ||
449 | fi | ||
378 | _EOF | 450 | _EOF |
379 | 451 | ||
380 | # local preremove changes here | 452 | # local preremove changes here |
@@ -389,6 +461,13 @@ echo "Building postremove file..." | |||
389 | cat > postremove << _EOF | 461 | cat > postremove << _EOF |
390 | #! ${SCRIPT_SHELL} | 462 | #! ${SCRIPT_SHELL} |
391 | # | 463 | # |
464 | if [ $DO_SMF -eq 1 ] | ||
465 | then | ||
466 | if svcs $OPENSSH_FMRI > /dev/null 2>&1 | ||
467 | then | ||
468 | svccfg delete -f $OPENSSH_FMRI | ||
469 | fi | ||
470 | fi | ||
392 | _EOF | 471 | _EOF |
393 | 472 | ||
394 | # local postremove changes here | 473 | # local postremove changes here |
@@ -408,7 +487,7 @@ _EOF | |||
408 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF | 487 | [ -x /usr/bin/ckyorn ] || cat >> request << _EOF |
409 | 488 | ||
410 | ckyorn() { | 489 | ckyorn() { |
411 | # for some strange reason OpenServer has no ckyorn | 490 | # for some strange reason OpenServer5 has no ckyorn |
412 | # We build a striped down version here | 491 | # We build a striped down version here |
413 | 492 | ||
414 | DEFAULT=n | 493 | DEFAULT=n |
@@ -454,7 +533,45 @@ done | |||
454 | 533 | ||
455 | _EOF | 534 | _EOF |
456 | 535 | ||
457 | cat >> request << _EOF | 536 | if [ $DO_SMF -eq 1 ] |
537 | then | ||
538 | # This could get hairy, as the running sshd may not be under SMF. | ||
539 | # We'll assume an earlier version of OpenSSH started via SMF. | ||
540 | cat >> request << _EOF | ||
541 | PRE_INS_STOP=no | ||
542 | POST_INS_START=no | ||
543 | # determine if should restart the daemon | ||
544 | if [ -s ${piddir}/sshd.pid ] && \ | ||
545 | /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1 | ||
546 | then | ||
547 | ans=\`ckyorn -d n \ | ||
548 | -p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$? | ||
549 | case \$ans in | ||
550 | [y,Y]*) PRE_INS_STOP=yes | ||
551 | POST_INS_START=yes | ||
552 | ;; | ||
553 | esac | ||
554 | |||
555 | else | ||
556 | |||
557 | # determine if we should start sshd | ||
558 | ans=\`ckyorn -d n \ | ||
559 | -p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$? | ||
560 | case \$ans in | ||
561 | [y,Y]*) POST_INS_START=yes ;; | ||
562 | esac | ||
563 | fi | ||
564 | |||
565 | # make parameters available to installation service, | ||
566 | # and so to any other packaging scripts | ||
567 | cat >\$1 <<! | ||
568 | PRE_INS_STOP='\$PRE_INS_STOP' | ||
569 | POST_INS_START='\$POST_INS_START' | ||
570 | ! | ||
571 | |||
572 | _EOF | ||
573 | else | ||
574 | cat >> request << _EOF | ||
458 | USE_SYM_LINKS=no | 575 | USE_SYM_LINKS=no |
459 | PRE_INS_STOP=no | 576 | PRE_INS_STOP=no |
460 | POST_INS_START=no | 577 | POST_INS_START=no |
@@ -495,6 +612,7 @@ POST_INS_START='\$POST_INS_START' | |||
495 | ! | 612 | ! |
496 | 613 | ||
497 | _EOF | 614 | _EOF |
615 | fi | ||
498 | 616 | ||
499 | # local request changes here | 617 | # local request changes here |
500 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} | 618 | [ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} |
@@ -526,7 +644,7 @@ cat >mk-proto.awk << _EOF | |||
526 | _EOF | 644 | _EOF |
527 | 645 | ||
528 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ | 646 | find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ |
529 | pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype | 647 | pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype |
530 | 648 | ||
531 | # /usr/local is a symlink on some systems | 649 | # /usr/local is a symlink on some systems |
532 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { | 650 | [ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { |