openssh converted to the new-style buildpkg environment

the script files in meta are unchanged from the last commit in the old tree (now openssh.old)

openssh/build.sh

@@ -0,0 +1,116 @@
+#!/bin/bash
+#
+# This is a generic build.sh script
+# It can be used nearly unmodified with many packages
+# 
+# The concept of "method" registering and the logic that implements it was shamelessly
+# stolen from jhlj's Compile.sh script :)
+#
+# Check the following 4 variables before running the script
+topdir=openssh
+version=3.6.1p1
+pkgver=2
+source[0]=$topdir-$version.tar.gz
+# If there are no patches, simply comment this
+#patch[0]=
+
+# Source function library
+. ${HOME}/buildpkg/scripts/buildpkg.functions
+
+# Fill in pkginfo values if necessary
+# using pkgname,name,pkgcat,pkgvendor & pkgdesc
+pkgname=SBossh
+name="OpenSSH portable for Solaris"
+pkgvendor="http://www.openssh.org"
+pkgdesc="Secure Shell remote access utility"
+
+# Define script functions and register them
+METHODS=""
+reg() {
+    METHODS="$METHODS $1"
+}
+
+reg prep
+prep()
+{
+    generic_prep
+}
+
+reg build
+build()
+{
+    setdir source
+    ./configure --prefix=$prefix --with-prngd-socket=/var/run/egd-pool --with-default-path=/usr/bin:/usr/local/bin:/opt/sfw/bin --with-mantype=cat --with-pam --disable-suid-ssh --without-rsh --with-privsep-user=sshd --with-superuser-path=/usr/bin:/usr/sbin:/usr/local/bin
+    $MAKE_PROG
+}
+
+reg install
+install()
+{
+    clean stage
+    setdir source
+    $MAKE_PROG DESTDIR=$stagedir install-nokeys
+    strip
+}
+
+reg pack
+pack()
+{
+    clean meta
+    pack_info
+    setdir $stagedir$prefix/etc
+    for i in *; do mv $i $i.default; done
+    cp -p $srcdir/sshd.init $stagedir/usr/local/etc
+    setdir $stagedir$prefix
+    prototype root bin script
+    make_pkg
+}
+
+reg distclean
+distclean()
+{
+    clean distclean
+}
+
+###################################################
+# No need to look below here
+###################################################
+
+reg all
+all()
+{
+    for METHOD in $METHODS 
+    do
+	case $METHOD in
+	     all*) ;;
+	     *) $METHOD
+		;;
+	esac
+    done
+
+}
+
+reg
+usage() {
+    echo Usage $0 "{"$(echo $METHODS | tr " " "|")"}"
+    exit 1
+}
+
+OK=0
+for METHOD in $*
+do
+    METHOD=" $METHOD *"
+    if [ "${METHODS%$METHOD}" == "$METHODS" ] ; then
+	usage
+    fi
+    OK=1
+done
+
+if [ $OK = 0 ] ; then
+    usage;
+fi
+
+for METHOD in $*
+do
+    ( $METHOD )
+done

openssh/meta/pkginfo.in

@@ -0,0 +1,11 @@
+PKG="%%pkgname%%"
+NAME="%%name%%"
+ARCH="sparc"
+VERSION="%%version%%"
+CATEGORY="application"
+VENDOR="http://www.openssh.org"
+EMAIL="Tom G. Christenen - tgc@statsbiblioteket.dk"
+PSTAMP="%%pkgver%%"
+BASEDIR="%%topinstalldir%%"
+CLASSES="none"
+DESC="Secure Shell remote access utility"

openssh/meta/postinstall

@@ -0,0 +1,169 @@
+INSTALLF=/usr/sbin/installf
+REMOVEF=/usr/sbin/removef
+GROUPADD=/usr/sbin/groupadd
+USERADD=/usr/sbin/useradd
+GREP=/usr/bin/grep
+CUT=/usr/bin/cut
+CAT=/usr/bin/cat
+
+CONFDIR=${BASEDIR}/etc
+DESTBIN=${BASEDIR}/bin
+CHECKCONF=0
+SSHID=199
+
+# We provide default config-files, check and see if they should be installed.
+if [ ! -f "${CONFDIR}/ssh_config" ] ; then
+	cp -p ${CONFDIR}/ssh_config.default ${CONFDIR}/ssh_config
+	echo "Installing new ssh_config"
+else
+	echo "Keeping existing ssh_config"
+	CHECKCONF=1
+fi
+if [ ! -f "${CONFDIR}/sshd_config" ] ; then
+	cp -p ${CONFDIR}/sshd_config.default ${CONFDIR}/sshd_config
+	echo "Installing new sshd_config"
+else
+	echo "Keeping existing sshd_config"
+	CHECKCONF=1
+fi
+if [ -f "${CONFDIR}/ssh_prng_cmds" ] ; then
+	rm -f ${CONFDIR}/ssh_prng_cmds.default ${CONFDIR}/ssh_prng_cmds
+	echo "Removing unneeded ssh_prng_cmds file"
+
+fi
+if [ ! -f "${CONFDIR}/moduli" ] ; then
+	if [ -f "${CONFDIR}/primes" ]; then
+		echo "Keeping existing primes but renaming it to moduli"
+		mv ${CONFDIR}/primes ${CONFDIR}/moduli
+	else
+		echo "Installing new moduli (formerly known as primes)"
+		cp -p ${CONFDIR}/moduli.default ${CONFDIR}/moduli
+	fi
+else
+	echo "Keeping existing moduli"
+fi
+
+# We will try to preserve any existing keys
+if [ -f "${CONFDIR}/ssh_host_key" ] ; then
+	echo "Keeping existing ssh_host_key"
+else
+	${DESTBIN}/ssh-keygen -t rsa1 -f ${CONFDIR}/ssh_host_key -N ""
+fi
+if [ -f "${CONFDIR}/ssh_host_dsa_key" ] ; then
+	echo "Keeping existing ssh_host_dsa_key"
+else
+	${DESTBIN}/ssh-keygen -t dsa -f ${CONFDIR}/ssh_host_dsa_key -N ""
+fi
+if [ -f "${CONFDIR}/ssh_host_rsa_key" ] ; then
+	echo "Keeping existing ssh_host_rsa_key"
+else
+	${DESTBIN}/ssh-keygen -t rsa -f ${CONFDIR}/ssh_host_rsa_key -N ""
+fi
+
+# Right, now move the init script into place and make some symlinks 
+# for automatic startup.
+
+# start by removing knowledge of sshd.init from the pkgdb
+${REMOVEF} ${PKGINST} /usr/local/etc/sshd.init 2>&1 > /dev/null # suppress output
+
+# confirm the changes to the pkgdb (removef -f)
+${REMOVEF} -f ${PKGINST}
+
+# Now that the holds from the pkgdb are gone, move the script to it's final destination.
+mv /usr/local/etc/sshd.init /etc/init.d/sshd.local
+
+# Install new *symlinks*
+ln -s /etc/init.d/sshd.local /etc/rc0.d/K30sshd.local
+ln -s /etc/init.d/sshd.local /etc/rc1.d/K30sshd.local
+ln -s /etc/init.d/sshd.local /etc/rc2.d/S78sshd.local
+ln -s /etc/init.d/sshd.local /etc/rcS.d/K30sshd.local
+
+# Then installf the new pathnames
+${INSTALLF} ${PKGINST} /etc/init.d/sshd.local f 744 root sys
+${INSTALLF} ${PKGINST} /etc/rc2.d/S78sshd.local=/etc/init.d/sshd.local s
+${INSTALLF} ${PKGINST} /etc/rc1.d/K30sshd.local=/etc/init.d/sshd.local s
+${INSTALLF} ${PKGINST} /etc/rc0.d/K30sshd.local=/etc/init.d/sshd.local s
+${INSTALLF} ${PKGINST} /etc/rcS.d/K30sshd.local=/etc/init.d/sshd.local s
+
+# confirm the changes to the pkgdb (installf -f)
+${INSTALLF} -f ${PKGINST}
+
+#uh yeah, better make sure that /var/run exists aswell (for pid files)
+echo "Checking to see if /var/run exists... \c"
+if [ ! -d /var/run ]; then
+   echo "no, creating..."
+   mkdir -p /var/run;
+   chown root:sys /var/run;
+   chmod 755 /var/run
+else
+    echo "yes"
+fi
+
+# New in OpenSSH 3.3+ is Privilege seperation, it requires an empty dir to chroot into
+# and an unprivileged user to run as.
+echo "Checking to see if /var/empty/sshd exists... \c"
+if [ ! -d /var/empty ]; then
+    echo "no, creating..."
+    mkdir -p /var/empty/sshd
+    chown root:sys /var/empty/sshd
+    chmod 755 /var/empty/sshd
+else
+    echo "yes"
+fi
+
+# Attempt to create a group & user for sshd
+echo "Checking for sshd group... \c"
+temp=`$GREP sshd /etc/group`
+if [ -n "$temp" ]; then
+    echo "yes"
+    gid=`echo $temp|$CUT -d : -f 3`
+    if [ "$gid" != "$SSHID" ]; then
+	echo "  Group sshd found but gid does not match with the preferred ($SSHID)"
+	echo "  I will continue anyway, but please check up on this afterwards!"
+    fi
+else
+    echo "no"
+    echo "  Attempting to create sshd group (gid=$SSHID)"
+    $GROUPADD -g $SSHID sshd
+    gid=$SSHID
+fi
+
+echo "Checking for sshd user... \c"
+temp=`$GREP sshd /etc/passwd`
+if [ -n "$temp" ]; then
+    echo "yes"
+    uid=`echo $temp|$CUT -d : -f 3`
+    ugid=`echo $temp|$CUT -d : -f 4`
+    if [ "$uid" != "$SSHID" ]; then
+	echo "  User sshd found but uid doesn't match with the preferred ($SSHID)"
+	echo "  I will continue anyway, but please check up on this afterwards!"
+    fi
+    if [ "$ugid" != "$gid" ]; then
+	echo "  User sshd doesn't have group sshd!"
+	echo "  I will continue anyway, but this is a critical error that must be resolved"
+	echo "  before privilege seperation can be enabled!"
+    fi
+else
+    echo "no"
+    echo "  Attempting to create sshd user (uid=$SSHID, gid=$SSHID)"
+    $USERADD -u $SSHID -g $SSHID -c "sshd privsep" -d /var/empty/sshd -s /bin/false sshd
+fi
+
+# FIXME Other stuff about the user/group situation should probably be checked
+# FIXME like the homedir and shell of the sshd user
+
+# Notice how the ssh host keys are not associated with the SBossh package.
+# I find that convenient as I'm sure that they don't disappear if someone
+# uninstalls the package.
+# This is nice because we can then avoid the "hostid changed" warnings.  
+# The config files will not be associated with the package either, this way when 
+# installing a newer version the config files will be in place and will be preserved
+
+# If original config-files where preserved, urge the operator
+# to check the new default files for hints on recommended configuration
+if [ "$CHECKCONF" = "1" ] ; then
+	echo "#######"
+	echo ""
+	echo "Please check the *.default config files for configuration hints"
+	echo "and update your existing config files accordingly."
+fi

openssh/meta/postremove

@@ -0,0 +1,9 @@
+# Inform the operator that ssh configfiles and keys are intact
+echo ""
+echo "!!ATTENTION!!"
+echo "SSH configfiles and keys are still available in ${BASEDIR}/etc/"
+echo "Please make sure that you remove these if you won't be using them again."
+echo ""
+echo "No attempt has been made to remove user and group sshd"
+echo "These should be manually removed if they are no longer used."
+echo ""

openssh/meta/preremove

@@ -0,0 +1 @@
+/etc/init.d/sshd.local stop

openssh/src/sshd.init

@@ -0,0 +1,40 @@
+#!/bin/sh
+
+# Script to control ssh server start/stop
+# History:
+#   Please see CVS for history information
+
+pidfile=/var/run/sshd.pid
+desc="sshd"
+
+mode=$1
+
+set `/usr/xpg4/bin/id -u`
+if [ $1 = "0" ]; then
+
+case $mode in
+
+'start' ) if [ -r $pidfile ]; then
+	    echo "A pidfile was found, trying to stop $desc first"
+	    $0 stop
+	  fi
+	  echo "Starting $desc" 
+	  /usr/local/sbin/sshd
+  	  ;;
+'stop' ) if [ -r $pidfile ]; then
+	    echo "Stopping $desc"
+	    kill `cat $pidfile`
+	 else
+	    echo "$desc already stopped (no pid file found)"
+	 fi
+	 ;;
+'restart') $0 stop
+	   $0 start
+	   ;;
+*) echo "Usage: $0 {start|stop|restart}"
+esac 
+
+else
+  echo "$0: this script must be run as root... fatal error"
+
+fi