summaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rw-r--r--contrib/solaris/README10
-rwxr-xr-xcontrib/solaris/buildpkg.sh386
-rwxr-xr-xcontrib/solaris/opensshd.in82
3 files changed, 8 insertions, 470 deletions
diff --git a/contrib/solaris/README b/contrib/solaris/README
index eb4c590f4..fefdd4b53 100644
--- a/contrib/solaris/README
+++ b/contrib/solaris/README
@@ -12,8 +12,14 @@ Directions:
12 12
131. make -F Makefile.in distprep (Only if you are getting from the CVS tree) 131. make -F Makefile.in distprep (Only if you are getting from the CVS tree)
142. ./configure --with-pam [..any other options you want..] 142. ./configure --with-pam [..any other options you want..]
153. look at the top of contrib/solaris/buildpkg.sh for the configurable options. 153. look at the top of buildpkg.sh for the configurable options and put
164. ./contrib/solaris/buildpkg.sh 16 any changes you want in openssh-config.local. Additional customizations
17 can be done to the build process by creating one or more of the following
18 scripts that will be sourced by buildpkg.sh.
19 pkg_post_make_install_fixes.sh pkg-post-prototype-edit.sh
20 pkg-preinstall.local pkg-postinstall.local pkg-preremove.local
21 pkg-postremove.local pkg-request.local
224. Run "make package"
17 23
18If all goes well you should have a solaris package ready to be installed. 24If all goes well you should have a solaris package ready to be installed.
19 25
diff --git a/contrib/solaris/buildpkg.sh b/contrib/solaris/buildpkg.sh
deleted file mode 100755
index 29d096306..000000000
--- a/contrib/solaris/buildpkg.sh
+++ /dev/null
@@ -1,386 +0,0 @@
1#!/bin/sh
2#
3# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
4#
5# The following code has been provide under Public Domain License. I really
6# don't care what you use it for. Just as long as you don't complain to me
7# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
8#
9umask 022
10#
11# Options for building the package
12# You can create a config.local with your customized options
13#
14# uncommenting TEST_DIR and using
15# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
16# and
17# PKGNAME=tOpenSSH should allow testing a package without interfering
18# with a real OpenSSH package on a system. This is not needed on systems
19# that support the -R option to pkgadd.
20#TEST_DIR=/var/tmp # leave commented out for production build
21PKGNAME=OpenSSH
22SYSVINIT_NAME=opensshd
23MAKE=${MAKE:="make"}
24SSHDUID=67 # Default privsep uid
25SSHDGID=67 # Default privsep gid
26# uncomment these next three as needed
27#PERMIT_ROOT_LOGIN=no
28#X11_FORWARDING=yes
29#USR_LOCAL_IS_SYMLINK=yes
30# list of system directories we do NOT want to change owner/group/perms
31# when installing our package
32SYSTEM_DIR="/etc \
33/etc/init.d \
34/etc/rcS.d \
35/etc/rc0.d \
36/etc/rc1.d \
37/etc/rc2.d \
38/etc/opt \
39/opt \
40/opt/bin \
41/usr \
42/usr/bin \
43/usr/lib \
44/usr/sbin \
45/usr/share \
46/usr/share/man \
47/usr/share/man/man1 \
48/usr/share/man/man8 \
49/usr/local \
50/usr/local/bin \
51/usr/local/etc \
52/usr/local/libexec \
53/usr/local/man \
54/usr/local/man/man1 \
55/usr/local/man/man8 \
56/usr/local/sbin \
57/usr/local/share \
58/var \
59/var/opt \
60/var/run \
61/var/tmp \
62/tmp"
63
64# We may need to build as root so we make sure PATH is set up
65# only set the path if it's not set already
66[ -d /usr/local/bin ] && {
67 echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
68 [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
69}
70[ -d /usr/ccs/bin ] && {
71 echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
72 [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
73}
74export PATH
75#
76
77[ -f Makefile ] || {
78 echo "Please run this script from your build directory"
79 exit 1
80}
81
82# we will look for config.local to override the above options
83[ -s ./config.local ] && . ./config.local
84
85## Start by faking root install
86echo "Faking root install..."
87START=`pwd`
88OPENSSHD_IN=`dirname $0`/opensshd.in
89FAKE_ROOT=$START/package
90[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
91mkdir $FAKE_ROOT
92${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
93if [ $? -gt 0 ]
94then
95 echo "Fake root install failed, stopping."
96 exit 1
97fi
98
99## Fill in some details, like prefix and sysconfdir
100for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
101do
102 eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
103done
104
105
106## Collect value of privsep user
107for confvar in SSH_PRIVSEP_USER
108do
109 eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
110done
111
112## Set privsep defaults if not defined
113if [ -z "$SSH_PRIVSEP_USER" ]
114then
115 SSH_PRIVSEP_USER=sshd
116fi
117
118## Extract common info requires for the 'info' part of the package.
119VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
120
121UNAME_S=`uname -s`
122case ${UNAME_S} in
123 SunOS) UNAME_S=Solaris
124 ARCH=`uname -p`
125 RCS_D=yes
126 DEF_MSG="(default: n)"
127 ;;
128 *) ARCH=`uname -m`
129 DEF_MSG="\n" ;;
130esac
131
132## Setup our run level stuff while we are at it.
133mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
134
135## setup our initscript correctly
136sed -e "s#%%configDir%%#${sysconfdir}#g" \
137 -e "s#%%openSSHDir%%#$prefix#g" \
138 -e "s#%%pidDir%%#${piddir}#g" \
139 ${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
140chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
141
142[ "${PERMIT_ROOT_LOGIN}" = no ] && \
143 perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
144 $FAKE_ROOT/${sysconfdir}/sshd_config
145[ "${X11_FORWARDING}" = yes ] && \
146 perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
147 $FAKE_ROOT/${sysconfdir}/sshd_config
148# fix PrintMotd
149perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
150 $FAKE_ROOT/${sysconfdir}/sshd_config
151
152# We don't want to overwrite config files on multiple installs
153mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
154mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
155[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
156mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
157
158cd $FAKE_ROOT
159
160## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
161## whining.
162for i in *; do
163 PROTO_ARGS="$PROTO_ARGS $i=/$i";
164done
165
166## Build info file
167echo "Building pkginfo file..."
168cat > pkginfo << _EOF
169PKG=$PKGNAME
170NAME="OpenSSH Portable for ${UNAME_S}"
171DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
172VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
173ARCH=$ARCH
174VERSION=$VERSION
175CATEGORY="Security,application"
176BASEDIR=/
177CLASSES="none"
178_EOF
179
180## Build preinstall file
181echo "Building preinstall file..."
182cat > preinstall << _EOF
183#! /sbin/sh
184#
185[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
186exit 0
187_EOF
188
189## Build postinstall file
190echo "Building postinstall file..."
191cat > postinstall << _EOF
192#! /sbin/sh
193#
194[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
195 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
196 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
197[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
198 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
199 \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
200[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
201 [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
202 cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
203 \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
204}
205
206# make rc?.d dirs only if we are doing a test install
207[ -n "${TEST_DIR}" ] && {
208 [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
209 mkdir -p ${TEST_DIR}/etc/rc0.d
210 mkdir -p ${TEST_DIR}/etc/rc1.d
211 mkdir -p ${TEST_DIR}/etc/rc2.d
212}
213
214if [ "\${USE_SYM_LINKS}" = yes ]
215then
216 [ "$RCS_D" = yes ] && \
217installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
218 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
219 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
220 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
221else
222 [ "$RCS_D" = yes ] && \
223installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
224 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
225 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
226 installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
227fi
228
229# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
230[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys
231
232installf -f ${PKGNAME}
233
234# Use chroot to handle PKG_INSTALL_ROOT
235if [ ! -z "\${PKG_INSTALL_ROOT}" ]
236then
237 chroot="chroot \${PKG_INSTALL_ROOT}"
238fi
239# If this is a test build, we will skip the groupadd/useradd/passwd commands
240if [ ! -z "${TEST_DIR}" ]
241then
242 chroot=echo
243fi
244
245if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
246then
247 echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
248 echo "or group."
249else
250 echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
251
252 # create group if required
253 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
254 then
255 echo "PrivSep group $SSH_PRIVSEP_USER already exists."
256 else
257 # Use gid of 67 if possible
258 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
259 then
260 :
261 else
262 sshdgid="-g $SSHDGID"
263 fi
264 echo "Creating PrivSep group $SSH_PRIVSEP_USER."
265 \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
266 fi
267
268 # Create user if required
269 if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
270 then
271 echo "PrivSep user $SSH_PRIVSEP_USER already exists."
272 else
273 # Use uid of 67 if possible
274 if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
275 then
276 :
277 else
278 sshduid="-u $SSHDUID"
279 fi
280 echo "Creating PrivSep user $SSH_PRIVSEP_USER."
281 \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
282 \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
283 fi
284fi
285
286[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
287exit 0
288_EOF
289
290## Build preremove file
291echo "Building preremove file..."
292cat > preremove << _EOF
293#! /sbin/sh
294#
295${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
296exit 0
297_EOF
298
299## Build request file
300echo "Building request file..."
301cat > request << _EOF
302trap 'exit 3' 15
303USE_SYM_LINKS=no
304PRE_INS_STOP=no
305POST_INS_START=no
306# Use symbolic links?
307ans=\`ckyorn -d n \
308-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
309case \$ans in
310 [y,Y]*) USE_SYM_LINKS=yes ;;
311esac
312
313# determine if should restart the daemon
314if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
315then
316 ans=\`ckyorn -d n \
317-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
318 case \$ans in
319 [y,Y]*) PRE_INS_STOP=yes
320 POST_INS_START=yes
321 ;;
322 esac
323
324else
325
326# determine if we should start sshd
327 ans=\`ckyorn -d n \
328-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
329 case \$ans in
330 [y,Y]*) POST_INS_START=yes ;;
331 esac
332fi
333
334# make parameters available to installation service,
335# and so to any other packaging scripts
336cat >\$1 <<!
337USE_SYM_LINKS='\$USE_SYM_LINKS'
338PRE_INS_STOP='\$PRE_INS_STOP'
339POST_INS_START='\$POST_INS_START'
340!
341exit 0
342
343_EOF
344
345## Build space file
346echo "Building space file..."
347cat > space << _EOF
348# extra space required by start/stop links added by installf in postinstall
349$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
350$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
351$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
352_EOF
353[ "$RCS_D" = yes ] && \
354echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space
355
356## Next Build our prototype
357echo "Building prototype file..."
358cat >mk-proto.awk << _EOF
359 BEGIN { print "i pkginfo"; print "i preinstall"; \\
360 print "i postinstall"; print "i preremove"; \\
361 print "i request"; print "i space"; \\
362 split("$SYSTEM_DIR",sys_files); }
363 {
364 for (dir in sys_files) { if ( \$3 != sys_files[dir] )
365 { \$5="root"; \$6="sys"; }
366 else
367 { \$4="?"; \$5="?"; \$6="?"; break;}
368 } }
369 { print; }
370_EOF
371find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
372 pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
373
374# /usr/local is a symlink on some systems
375[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
376 grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
377 mv prototype.new prototype
378}
379
380## Step back a directory and now build the package.
381echo "Building package.."
382cd ..
383pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
384echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
385rm -rf $FAKE_ROOT
386
diff --git a/contrib/solaris/opensshd.in b/contrib/solaris/opensshd.in
deleted file mode 100755
index 50e18deea..000000000
--- a/contrib/solaris/opensshd.in
+++ /dev/null
@@ -1,82 +0,0 @@
1#!/sbin/sh
2# Donated code that was put under PD license.
3#
4# Stripped PRNGd out of it for the time being.
5
6umask 022
7
8CAT=/usr/bin/cat
9KILL=/usr/bin/kill
10
11prefix=%%openSSHDir%%
12etcdir=%%configDir%%
13piddir=%%pidDir%%
14
15SSHD=$prefix/sbin/sshd
16PIDFILE=$piddir/sshd.pid
17SSH_KEYGEN=$prefix/bin/ssh-keygen
18HOST_KEY_RSA1=$etcdir/ssh_host_key
19HOST_KEY_DSA=$etcdir/ssh_host_dsa_key
20HOST_KEY_RSA=$etcdir/ssh_host_rsa_key
21
22
23checkkeys() {
24 if [ ! -f $HOST_KEY_RSA1 ]; then
25 ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
26 fi
27 if [ ! -f $HOST_KEY_DSA ]; then
28 ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
29 fi
30 if [ ! -f $HOST_KEY_RSA ]; then
31 ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N ""
32 fi
33}
34
35stop_service() {
36 if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then
37 PID=`${CAT} ${PIDFILE}`
38 fi
39 if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then
40 ${KILL} ${PID}
41 else
42 echo "Unable to read PID file"
43 fi
44}
45
46start_service() {
47 # XXX We really should check if the service is already going, but
48 # XXX we will opt out at this time. - Bal
49
50 # Check to see if we have keys that need to be made
51 checkkeys
52
53 # Start SSHD
54 echo "starting $SSHD... \c" ; $SSHD
55
56 sshd_rc=$?
57 if [ $sshd_rc -ne 0 ]; then
58 echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing."
59 exit $sshd_rc
60 fi
61 echo done.
62}
63
64case $1 in
65
66'start')
67 start_service
68 ;;
69
70'stop')
71 stop_service
72 ;;
73
74'restart')
75 stop_service
76 start_service
77 ;;
78
79*)
80 echo "$0: usage: $0 {start|stop|restart}"
81 ;;
82esac