diff options
Diffstat (limited to 'contrib/aix/buildbff.sh')
-rwxr-xr-x | contrib/aix/buildbff.sh | 213 |
1 files changed, 176 insertions, 37 deletions
diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh index 409588484..d531e53f4 100755 --- a/contrib/aix/buildbff.sh +++ b/contrib/aix/buildbff.sh | |||
@@ -9,28 +9,96 @@ | |||
9 | # Based originally on Ben Lindstrom's buildpkg.sh for Solaris | 9 | # Based originally on Ben Lindstrom's buildpkg.sh for Solaris |
10 | # | 10 | # |
11 | 11 | ||
12 | # | ||
13 | # Tunable configuration settings | ||
14 | # create a "config.local" in your build directory to override these. | ||
15 | # | ||
16 | PERMIT_ROOT_LOGIN=no | ||
17 | X11_FORWARDING=no | ||
18 | |||
12 | umask 022 | 19 | umask 022 |
20 | |||
21 | # | ||
22 | # We still support running from contrib/aix, but this is depreciated | ||
23 | # | ||
24 | if pwd | egrep 'contrib/aix$' | ||
25 | then | ||
26 | echo "Changing directory to `pwd`/../.." | ||
27 | echo "Please run buildbff.sh from your build directory in future." | ||
28 | cd ../.. | ||
29 | contribaix=1 | ||
30 | fi | ||
31 | |||
32 | if [ ! -f Makefile ] | ||
33 | then | ||
34 | echo "Makefile not found (did you run configure?)" | ||
35 | exit 1 | ||
36 | fi | ||
37 | |||
38 | # | ||
39 | # Directories used during build: | ||
40 | # current dir = $objdir directory you ran ./configure in. | ||
41 | # $objdir/$PKGDIR/ directory package files are constructed in | ||
42 | # $objdir/$PKGDIR/root/ package root ($FAKE_ROOT) | ||
43 | # | ||
44 | objdir=`pwd` | ||
13 | PKGNAME=openssh | 45 | PKGNAME=openssh |
14 | PKGDIR=package | 46 | PKGDIR=package |
15 | 47 | ||
16 | PATH=`pwd`:$PATH # set path for external tools | 48 | # Path to inventory.sh: same place as buildbff.sh |
17 | export PATH | 49 | if echo $0 | egrep '^/' |
50 | then | ||
51 | inventory=`dirname $0`/inventory.sh # absolute path | ||
52 | else | ||
53 | inventory=`pwd`/`dirname $0`/inventory.sh # relative path | ||
54 | fi | ||
18 | 55 | ||
19 | # Clean build directory | 56 | # |
20 | rm -rf $PKGDIR | 57 | # Collect local configuration settings to override defaults |
21 | mkdir $PKGDIR | 58 | # |
59 | if [ -s ./config.local ] | ||
60 | then | ||
61 | echo Reading local settings from config.local | ||
62 | . ./config.local | ||
63 | fi | ||
64 | |||
65 | # | ||
66 | # Fill in some details from Makefile, like prefix and sysconfdir | ||
67 | # the eval also expands variables like sysconfdir=${prefix}/etc | ||
68 | # provided they are eval'ed in the correct order | ||
69 | # | ||
70 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir srcdir | ||
71 | do | ||
72 | eval $confvar=`grep "^$confvar=" $objdir/Makefile | cut -d = -f 2` | ||
73 | done | ||
74 | |||
75 | # | ||
76 | # Collect values of privsep user and privsep path | ||
77 | # currently only found in config.h | ||
78 | # | ||
79 | for confvar in SSH_PRIVSEP_USER PRIVSEP_PATH | ||
80 | do | ||
81 | eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' $objdir/config.h` | ||
82 | done | ||
22 | 83 | ||
23 | if [ ! -f ../../Makefile ] | 84 | # Set privsep defaults if not defined |
85 | if [ -z "$SSH_PRIVSEP_USER" ] | ||
24 | then | 86 | then |
25 | echo "Top-level Makefile not found (did you run ./configure?)" | 87 | SSH_PRIVSEP_USER=sshd |
26 | exit 1 | 88 | fi |
89 | if [ -z "$PRIVSEP_PATH" ] | ||
90 | then | ||
91 | PRIVSEP_PATH=/var/empty | ||
27 | fi | 92 | fi |
28 | 93 | ||
29 | ## Start by faking root install | 94 | # Clean package build directory |
95 | rm -rf $objdir/$PKGDIR | ||
96 | FAKE_ROOT=$objdir/$PKGDIR/root | ||
97 | mkdir -p $FAKE_ROOT | ||
98 | |||
99 | # Start by faking root install | ||
30 | echo "Faking root install..." | 100 | echo "Faking root install..." |
31 | START=`pwd` | 101 | cd $objdir |
32 | FAKE_ROOT=$START/$PKGDIR | ||
33 | cd ../.. | ||
34 | make install-nokeys DESTDIR=$FAKE_ROOT | 102 | make install-nokeys DESTDIR=$FAKE_ROOT |
35 | 103 | ||
36 | if [ $? -gt 0 ] | 104 | if [ $? -gt 0 ] |
@@ -40,6 +108,12 @@ then | |||
40 | fi | 108 | fi |
41 | 109 | ||
42 | # | 110 | # |
111 | # Copy informational files to include in package | ||
112 | # | ||
113 | cp $srcdir/LICENCE $objdir/$PKGDIR/ | ||
114 | cp $srcdir/README* $objdir/$PKGDIR/ | ||
115 | |||
116 | # | ||
43 | # Extract common info requires for the 'info' part of the package. | 117 | # Extract common info requires for the 'info' part of the package. |
44 | # AIX requires 4-part version numbers | 118 | # AIX requires 4-part version numbers |
45 | # | 119 | # |
@@ -47,24 +121,27 @@ VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//' | cut -f 2 -d _` | |||
47 | MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .` | 121 | MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .` |
48 | MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .` | 122 | MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .` |
49 | PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .` | 123 | PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .` |
50 | PORTABLE=`echo $VERSION | cut -f 2 -d p` | 124 | PORTABLE=`echo $VERSION | awk 'BEGIN{FS="p"}{print $2}'` |
51 | if [ "$PATCH" = "" ] | 125 | [ "$PATCH" = "" ] && PATCH=0 |
52 | then | 126 | [ "$PORTABLE" = "" ] && PORTABLE=0 |
53 | PATCH=0 | ||
54 | fi | ||
55 | BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE` | 127 | BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE` |
56 | 128 | ||
57 | echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" | 129 | echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)" |
58 | 130 | ||
59 | # | 131 | # |
60 | # Fill in some details, like prefix and sysconfdir | 132 | # Set ssh and sshd parameters as per config.local |
61 | # the eval also expands variables like sysconfdir=${prefix}/etc | ||
62 | # provided they are eval'ed in the correct order | ||
63 | # | 133 | # |
64 | for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir | 134 | if [ "${PERMIT_ROOT_LOGIN}" = no ] |
65 | do | 135 | then |
66 | eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2` | 136 | perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \ |
67 | done | 137 | $FAKE_ROOT/${sysconfdir}/sshd_config |
138 | fi | ||
139 | if [ "${X11_FORWARDING}" = yes ] | ||
140 | then | ||
141 | perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \ | ||
142 | $FAKE_ROOT/${sysconfdir}/sshd_config | ||
143 | fi | ||
144 | |||
68 | 145 | ||
69 | # Rename config files; postinstall script will copy them if necessary | 146 | # Rename config files; postinstall script will copy them if necessary |
70 | for cfgfile in ssh_config sshd_config ssh_prng_cmds | 147 | for cfgfile in ssh_config sshd_config ssh_prng_cmds |
@@ -74,14 +151,18 @@ done | |||
74 | 151 | ||
75 | # | 152 | # |
76 | # Generate lpp control files. | 153 | # Generate lpp control files. |
77 | # working dir is $FAKE_ROOT but files are generated in contrib/aix | 154 | # working dir is $FAKE_ROOT but files are generated in dir above |
78 | # and moved into place just before creation of .bff | 155 | # and moved into place just before creation of .bff |
79 | # | 156 | # |
80 | cd $FAKE_ROOT | 157 | cd $FAKE_ROOT |
81 | echo Generating LPP control files | 158 | echo Generating LPP control files |
82 | find . ! -name . -print >../openssh.al | 159 | find . ! -name . -print >../openssh.al |
83 | inventory.sh >../openssh.inventory | 160 | $inventory >../openssh.inventory |
84 | cp ../../../LICENCE ../openssh.copyright | 161 | |
162 | cat <<EOD >../openssh.copyright | ||
163 | This software is distributed under a BSD-style license. | ||
164 | For the full text of the license, see /usr/lpp/openssh/LICENCE | ||
165 | EOD | ||
85 | 166 | ||
86 | # | 167 | # |
87 | # Create postinstall script | 168 | # Create postinstall script |
@@ -89,7 +170,7 @@ cp ../../../LICENCE ../openssh.copyright | |||
89 | cat <<EOF >>../openssh.post_i | 170 | cat <<EOF >>../openssh.post_i |
90 | #!/bin/sh | 171 | #!/bin/sh |
91 | 172 | ||
92 | # Create configs from defaults if necessary | 173 | echo Creating configs from defaults if necessary. |
93 | for cfgfile in ssh_config sshd_config ssh_prng_cmds | 174 | for cfgfile in ssh_config sshd_config ssh_prng_cmds |
94 | do | 175 | do |
95 | if [ ! -f $sysconfdir/\$cfgfile ] | 176 | if [ ! -f $sysconfdir/\$cfgfile ] |
@@ -100,8 +181,51 @@ do | |||
100 | echo "\$cfgfile already exists." | 181 | echo "\$cfgfile already exists." |
101 | fi | 182 | fi |
102 | done | 183 | done |
184 | echo | ||
185 | |||
186 | # Create PrivSep user if PrivSep not disabled in config | ||
187 | echo Creating PrivSep prereqs if required. | ||
188 | if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null | ||
189 | then | ||
190 | echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user," | ||
191 | echo "group or chroot directory." | ||
192 | else | ||
193 | echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." | ||
194 | |||
195 | # create group if required | ||
196 | if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null | ||
197 | then | ||
198 | echo "PrivSep group $SSH_PRIVSEP_USER already exists." | ||
199 | else | ||
200 | echo "Creating PrivSep group $SSH_PRIVSEP_USER." | ||
201 | mkgroup -A $SSH_PRIVSEP_USER | ||
202 | fi | ||
203 | |||
204 | # Create user if required | ||
205 | if cut -f1 -d: /etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null | ||
206 | then | ||
207 | echo "PrivSep user $SSH_PRIVSEP_USER already exists." | ||
208 | else | ||
209 | echo "Creating PrivSep user $SSH_PRIVSEP_USER." | ||
210 | mkuser gecos='SSHD PrivSep User' login=false rlogin=false account_locked=true pgrp=$SSH_PRIVSEP_USER $SSH_PRIVSEP_USER | ||
211 | fi | ||
212 | |||
213 | # create chroot directory if required | ||
214 | if [ -d $PRIVSEP_PATH ] | ||
215 | then | ||
216 | echo "PrivSep chroot directory $PRIVSEP_PATH already exists." | ||
217 | else | ||
218 | echo "Creating PrivSep chroot directory $PRIVSEP_PATH." | ||
219 | mkdir $PRIVSEP_PATH | ||
220 | chown 0 $PRIVSEP_PATH | ||
221 | chgrp 0 $PRIVSEP_PATH | ||
222 | chmod 755 $PRIVSEP_PATH | ||
223 | fi | ||
224 | fi | ||
225 | echo | ||
103 | 226 | ||
104 | # Generate keys unless they already exist | 227 | # Generate keys unless they already exist |
228 | echo Creating host keys if required. | ||
105 | if [ -f "$sysconfdir/ssh_host_key" ] ; then | 229 | if [ -f "$sysconfdir/ssh_host_key" ] ; then |
106 | echo "$sysconfdir/ssh_host_key already exists, skipping." | 230 | echo "$sysconfdir/ssh_host_key already exists, skipping." |
107 | else | 231 | else |
@@ -117,6 +241,7 @@ if [ -f $sysconfdir/ssh_host_rsa_key ] ; then | |||
117 | else | 241 | else |
118 | $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" | 242 | $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N "" |
119 | fi | 243 | fi |
244 | echo | ||
120 | 245 | ||
121 | # Add to system startup if required | 246 | # Add to system startup if required |
122 | if grep $sbindir/sshd /etc/rc.tcpip >/dev/null | 247 | if grep $sbindir/sshd /etc/rc.tcpip >/dev/null |
@@ -135,10 +260,10 @@ EOF | |||
135 | echo Creating liblpp.a | 260 | echo Creating liblpp.a |
136 | ( | 261 | ( |
137 | cd .. | 262 | cd .. |
138 | for i in al copyright inventory post_i | 263 | for i in openssh.al openssh.copyright openssh.inventory openssh.post_i LICENCE README* |
139 | do | 264 | do |
140 | ar -r liblpp.a openssh.$i | 265 | ar -r liblpp.a $i |
141 | rm openssh.$i | 266 | rm $i |
142 | done | 267 | done |
143 | ) | 268 | ) |
144 | 269 | ||
@@ -159,6 +284,8 @@ echo Creating liblpp.a | |||
159 | # /usr/local/share 3 | 284 | # /usr/local/share 3 |
160 | # % | 285 | # % |
161 | # ] | 286 | # ] |
287 | # } | ||
288 | |||
162 | echo Creating lpp_name | 289 | echo Creating lpp_name |
163 | cat <<EOF >../lpp_name | 290 | cat <<EOF >../lpp_name |
164 | 4 R I $PKGNAME { | 291 | 4 R I $PKGNAME { |
@@ -167,11 +294,14 @@ $PKGNAME $BFFVERSION 1 N U en_US OpenSSH $VERSION Portable for AIX | |||
167 | % | 294 | % |
168 | EOF | 295 | EOF |
169 | 296 | ||
170 | for i in $bindir $sysconfdir $libexecdir $mandir/man1 $mandir/man8 $sbindir $datadir | 297 | for i in $bindir $sysconfdir $libexecdir $mandir/${mansubdir}1 $mandir/${mansubdir}8 $sbindir $datadir /usr/lpp/openssh |
171 | do | 298 | do |
172 | # get size in 512 byte blocks | 299 | # get size in 512 byte blocks |
173 | size=`du $FAKE_ROOT/$i | awk '{print $1}'` | 300 | if [ -d $FAKE_ROOT/$i ] |
174 | echo "$i $size" >>../lpp_name | 301 | then |
302 | size=`du $FAKE_ROOT/$i | awk '{print $1}'` | ||
303 | echo "$i $size" >>../lpp_name | ||
304 | fi | ||
175 | done | 305 | done |
176 | 306 | ||
177 | echo '%' >>../lpp_name | 307 | echo '%' >>../lpp_name |
@@ -187,7 +317,7 @@ mv ../lpp_name . | |||
187 | 317 | ||
188 | # | 318 | # |
189 | # Now invoke backup to create .bff file | 319 | # Now invoke backup to create .bff file |
190 | # note: lpp_name needs to be the first file do we generate the | 320 | # note: lpp_name needs to be the first file so we generate the |
191 | # file list on the fly and feed it to backup using -i | 321 | # file list on the fly and feed it to backup using -i |
192 | # | 322 | # |
193 | echo Creating $PKGNAME-$VERSION.bff with backup... | 323 | echo Creating $PKGNAME-$VERSION.bff with backup... |
@@ -197,8 +327,17 @@ rm -f $PKGNAME-$VERSION.bff | |||
197 | find . ! -name lpp_name -a ! -name . -print | 327 | find . ! -name lpp_name -a ! -name . -print |
198 | ) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist | 328 | ) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist |
199 | 329 | ||
200 | cd .. | 330 | # |
331 | # Move package into final location | ||
332 | # | ||
333 | if [ "$contribaix" = "1" ] | ||
334 | then | ||
335 | mv ../$PKGNAME-$VERSION.bff $objdir/contrib/aix | ||
336 | else | ||
337 | mv ../$PKGNAME-$VERSION.bff $objdir | ||
338 | fi | ||
339 | |||
340 | rm -rf $objdir/$PKGDIR | ||
201 | 341 | ||
202 | rm -rf $PKGDIR | ||
203 | echo $0: done. | 342 | echo $0: done. |
204 | 343 | ||