summaryrefslogtreecommitdiff
path: root/buildpkg.sh.in
diff options
context:
space:
mode:
Diffstat (limited to 'buildpkg.sh.in')
-rw-r--r--buildpkg.sh.in198
1 files changed, 158 insertions, 40 deletions
diff --git a/buildpkg.sh.in b/buildpkg.sh.in
index cb9eb3048..8a96b9050 100644
--- a/buildpkg.sh.in
+++ b/buildpkg.sh.in
@@ -24,6 +24,7 @@ PKGNAME=OpenSSH
24# revisions within the same version (REV=a) 24# revisions within the same version (REV=a)
25#REV= 25#REV=
26SYSVINIT_NAME=opensshd 26SYSVINIT_NAME=opensshd
27AWK=${AWK:="nawk"}
27MAKE=${MAKE:="make"} 28MAKE=${MAKE:="make"}
28SSHDUID=67 # Default privsep uid 29SSHDUID=67 # Default privsep uid
29SSHDGID=67 # Default privsep gid 30SSHDGID=67 # Default privsep gid
@@ -35,7 +36,7 @@ SSHDGID=67 # Default privsep gid
35SYSVINITSTART=S98 36SYSVINITSTART=S98
36SYSVINITSTOPT=K30 37SYSVINITSTOPT=K30
37# We will source these if they exist 38# We will source these if they exist
38POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh 39POST_MAKE_INSTALL_FIXES=./pkg-post-make-install-fixes.sh
39POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh 40POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
40# We'll be one level deeper looking for these 41# We'll be one level deeper looking for these
41PKG_PREINSTALL_LOCAL=../pkg-preinstall.local 42PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
@@ -46,6 +47,8 @@ PKG_REQUEST_LOCAL=../pkg-request.local
46# end of sourced files 47# end of sourced files
47# 48#
48OPENSSHD=opensshd.init 49OPENSSHD=opensshd.init
50OPENSSH_MANIFEST=openssh.xml
51OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default
49 52
50PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@ 53PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
51PATH_USERADD_PROG=@PATH_USERADD_PROG@ 54PATH_USERADD_PROG=@PATH_USERADD_PROG@
@@ -60,6 +63,10 @@ SYSTEM_DIR="/etc \
60/etc/rc1.d \ 63/etc/rc1.d \
61/etc/rc2.d \ 64/etc/rc2.d \
62/etc/opt \ 65/etc/opt \
66/lib \
67/lib/svc \
68/lib/svc/method \
69/lib/svc/method/site \
63/opt \ 70/opt \
64/opt/bin \ 71/opt/bin \
65/usr \ 72/usr \
@@ -82,6 +89,9 @@ SYSTEM_DIR="/etc \
82/var \ 89/var \
83/var/opt \ 90/var/opt \
84/var/run \ 91/var/run \
92/var/svc \
93/var/svc/manifest \
94/var/svc/manifest/site \
85/var/tmp \ 95/var/tmp \
86/tmp" 96/tmp"
87 97
@@ -119,6 +129,12 @@ do
119 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` 129 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
120done 130done
121 131
132## Are we using Solaris' SMF?
133DO_SMF=0
134if egrep "^#define USE_SOLARIS_PROCESS_CONTRACTS" config.h > /dev/null 2>&1
135then
136 DO_SMF=1
137fi
122 138
123## Collect value of privsep user 139## Collect value of privsep user
124for confvar in SSH_PRIVSEP_USER 140for confvar in SSH_PRIVSEP_USER
@@ -139,15 +155,22 @@ ARCH=`uname -m`
139DEF_MSG="\n" 155DEF_MSG="\n"
140OS_VER=`uname -v` 156OS_VER=`uname -v`
141SCRIPT_SHELL=/sbin/sh 157SCRIPT_SHELL=/sbin/sh
158UNAME_R=`uname -r`
142UNAME_S=`uname -s` 159UNAME_S=`uname -s`
143case ${UNAME_S} in 160case ${UNAME_S} in
144 SunOS) UNAME_S=Solaris 161 SunOS) UNAME_S=Solaris
162 OS_VER=${UNAME_R}
145 ARCH=`uname -p` 163 ARCH=`uname -p`
146 RCS_D=yes 164 RCS_D=yes
147 DEF_MSG="(default: n)" 165 DEF_MSG="(default: n)"
148 ;; 166 ;;
149 SCO_SV) UNAME_S=OpenServer 167 SCO_SV) case ${UNAME_R} in
168 3.2) UNAME_S=OpenServer5
150 OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'` 169 OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
170 ;;
171 5) UNAME_S=OpenServer6
172 ;;
173 esac
151 SCRIPT_SHELL=/bin/sh 174 SCRIPT_SHELL=/bin/sh
152 RC1_D=no 175 RC1_D=no
153 DEF_MSG="(default: n)" 176 DEF_MSG="(default: n)"
@@ -168,10 +191,26 @@ then
168fi 191fi
169 192
170## Setup our run level stuff while we are at it. 193## Setup our run level stuff while we are at it.
171mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d 194if [ $DO_SMF -eq 1 ]
195then
196 # For Solaris' SMF, /lib/svc/method/site is the preferred place
197 # for start/stop scripts that aren't supplied with the OS, and
198 # similarly /var/svc/manifest/site for manifests.
199 mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
200 mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
201
202 cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
203 chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
204
205 cat ${OPENSSH_MANIFEST} | sed "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \
206 > $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml
207 chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml
208else
209 mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
172 210
173cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 211 cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
174chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} 212 chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
213fi
175 214
176[ "${PERMIT_ROOT_LOGIN}" = no ] && \ 215[ "${PERMIT_ROOT_LOGIN}" = no ] && \
177 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ 216 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
@@ -221,15 +260,22 @@ touch depend
221 260
222## Build space file 261## Build space file
223echo "Building space file..." 262echo "Building space file..."
224cat > space << _EOF 263if [ $DO_SMF -eq 1 ]
225# extra space required by start/stop links added by installf in postinstall 264then
265 # XXX Is this necessary? If not, remove space line from mk-proto.awk.
266 touch space
267else
268 cat > space << _EOF
269# extra space required by start/stop links added by installf
270# in postinstall
226$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1 271$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
227$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1 272$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
228_EOF 273_EOF
229[ "$RC1_D" = no ] || \ 274 [ "$RC1_D" = no ] || \
230echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 275 echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
231[ "$RCS_D" = yes ] && \ 276 [ "$RCS_D" = yes ] && \
232echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space 277 echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
278fi
233 279
234## Build preinstall file 280## Build preinstall file
235echo "Building preinstall file..." 281echo "Building preinstall file..."
@@ -243,7 +289,16 @@ _EOF
243 289
244cat >> preinstall << _EOF 290cat >> preinstall << _EOF
245# 291#
246[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 292if [ "\${PRE_INS_STOP}" = "yes" ]
293then
294 if [ $DO_SMF -eq 1 ]
295 then
296 svcadm disable $OPENSSH_FMRI
297 else
298 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
299 fi
300fi
301
247exit 0 302exit 0
248_EOF 303_EOF
249 304
@@ -265,28 +320,40 @@ cat > postinstall << _EOF
265} 320}
266 321
267# make rc?.d dirs only if we are doing a test install 322# make rc?.d dirs only if we are doing a test install
268[ -n "${TEST_DIR}" ] && { 323[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
269 [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d 324 [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
270 mkdir -p ${TEST_DIR}/etc/rc0.d 325 mkdir -p ${TEST_DIR}/etc/rc0.d
271 [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d 326 [ "$RC1_D" = no ] || mkdir -p ${TEST_DIR}/etc/rc1.d
272 mkdir -p ${TEST_DIR}/etc/rc2.d 327 mkdir -p ${TEST_DIR}/etc/rc2.d
273} 328}
274 329
275if [ "\${USE_SYM_LINKS}" = yes ] 330if [ $DO_SMF -eq 1 ]
276then 331then
277 [ "$RCS_D" = yes ] && \ 332 # Delete the existing service, if it exists, then import the
278installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 333 # new one.
279 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 334 if svcs $OPENSSH_FMRI > /dev/null 2>&1
280 [ "$RC1_D" = no ] || \ 335 then
281 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 336 svccfg delete -f $OPENSSH_FMRI
282 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s 337 fi
338 # NOTE, The manifest disables sshd by default.
339 svccfg import ${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml
283else 340else
284 [ "$RCS_D" = yes ] && \ 341 if [ "\${USE_SYM_LINKS}" = yes ]
285installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 342 then
286 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 343 [ "$RCS_D" = yes ] && \
287 [ "$RC1_D" = no ] || \ 344 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
288 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 345 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
289 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l 346 [ "$RC1_D" = no ] || \
347 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
348 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
349 else
350 [ "$RCS_D" = yes ] && \
351 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
352 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
353 [ "$RC1_D" = no ] || \
354 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
355 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
356 fi
290fi 357fi
291 358
292# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh) 359# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
@@ -311,14 +378,7 @@ then
311 chroot=echo 378 chroot=echo
312fi 379fi
313 380
314if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null 381 echo "PrivilegeSeparation user always required."
315then
316 echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
317 echo "or group."
318else
319 echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
320
321 # user required?
322 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null 382 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
323 then 383 then
324 echo "PrivSep user $SSH_PRIVSEP_USER already exists." 384 echo "PrivSep user $SSH_PRIVSEP_USER already exists."
@@ -363,9 +423,16 @@ else
363 \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER 423 \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
364 \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER 424 \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
365 } 425 }
366fi
367 426
368[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start 427if [ "\${POST_INS_START}" = "yes" ]
428then
429 if [ $DO_SMF -eq 1 ]
430 then
431 svcadm enable $OPENSSH_FMRI
432 else
433 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
434 fi
435fi
369exit 0 436exit 0
370_EOF 437_EOF
371 438
@@ -374,7 +441,12 @@ echo "Building preremove file..."
374cat > preremove << _EOF 441cat > preremove << _EOF
375#! ${SCRIPT_SHELL} 442#! ${SCRIPT_SHELL}
376# 443#
377${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop 444if [ $DO_SMF -eq 1 ]
445then
446 svcadm disable $OPENSSH_FMRI
447else
448 ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
449fi
378_EOF 450_EOF
379 451
380# local preremove changes here 452# local preremove changes here
@@ -389,6 +461,13 @@ echo "Building postremove file..."
389cat > postremove << _EOF 461cat > postremove << _EOF
390#! ${SCRIPT_SHELL} 462#! ${SCRIPT_SHELL}
391# 463#
464if [ $DO_SMF -eq 1 ]
465then
466 if svcs $OPENSSH_FMRI > /dev/null 2>&1
467 then
468 svccfg delete -f $OPENSSH_FMRI
469 fi
470fi
392_EOF 471_EOF
393 472
394# local postremove changes here 473# local postremove changes here
@@ -408,7 +487,7 @@ _EOF
408[ -x /usr/bin/ckyorn ] || cat >> request << _EOF 487[ -x /usr/bin/ckyorn ] || cat >> request << _EOF
409 488
410ckyorn() { 489ckyorn() {
411# for some strange reason OpenServer has no ckyorn 490# for some strange reason OpenServer5 has no ckyorn
412# We build a striped down version here 491# We build a striped down version here
413 492
414DEFAULT=n 493DEFAULT=n
@@ -454,7 +533,45 @@ done
454 533
455_EOF 534_EOF
456 535
457cat >> request << _EOF 536if [ $DO_SMF -eq 1 ]
537then
538 # This could get hairy, as the running sshd may not be under SMF.
539 # We'll assume an earlier version of OpenSSH started via SMF.
540 cat >> request << _EOF
541PRE_INS_STOP=no
542POST_INS_START=no
543# determine if should restart the daemon
544if [ -s ${piddir}/sshd.pid ] && \
545 /usr/bin/svcs -H $OPENSSH_FMRI 2>&1 | egrep "^online" > /dev/null 2>&1
546then
547 ans=\`ckyorn -d n \
548-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
549 case \$ans in
550 [y,Y]*) PRE_INS_STOP=yes
551 POST_INS_START=yes
552 ;;
553 esac
554
555else
556
557# determine if we should start sshd
558 ans=\`ckyorn -d n \
559-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
560 case \$ans in
561 [y,Y]*) POST_INS_START=yes ;;
562 esac
563fi
564
565# make parameters available to installation service,
566# and so to any other packaging scripts
567cat >\$1 <<!
568PRE_INS_STOP='\$PRE_INS_STOP'
569POST_INS_START='\$POST_INS_START'
570!
571
572_EOF
573else
574 cat >> request << _EOF
458USE_SYM_LINKS=no 575USE_SYM_LINKS=no
459PRE_INS_STOP=no 576PRE_INS_STOP=no
460POST_INS_START=no 577POST_INS_START=no
@@ -495,6 +612,7 @@ POST_INS_START='\$POST_INS_START'
495! 612!
496 613
497_EOF 614_EOF
615fi
498 616
499# local request changes here 617# local request changes here
500[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL} 618[ -s "${PKG_REQUEST_LOCAL}" ] && . ${PKG_REQUEST_LOCAL}
@@ -526,7 +644,7 @@ cat >mk-proto.awk << _EOF
526_EOF 644_EOF
527 645
528find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \ 646find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
529 pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype 647 pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype
530 648
531# /usr/local is a symlink on some systems 649# /usr/local is a symlink on some systems
532[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && { 650[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-09 00:02:50 +0000