/[gentoo-x86]/net-misc/openssh/openssh-3.5_p1-r1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.5_p1-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.10 - (show annotations) (download)
Thu Mar 20 23:41:41 2003 UTC (16 years, 10 months ago) by method
Branch: MAIN
Changes since 1.9: +10 -4 lines
added selinux support

1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.5_p1-r1.ebuild,v 1.9 2003/03/15 18:53:44 tuxus Exp $
4
5 inherit eutils
6
7 IUSE="ipv6 static pam tcpd kerberos selinux"
8
9 # Make it more portable between straight releases
10 # and _p? releases.
11 PARCH=${P/_/}
12 S=${WORKDIR}/${PARCH}
13 DESCRIPTION="Port of OpenBSD's free SSH release"
14 HOMEPAGE="http://www.openssh.com/"
15 SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz
16 selinux? http://www.coker.com.au/selinux/ssh/openssh_3.5p1-5.se1.diff.gz"
17
18 # openssh recognizes when openssl has been slightly upgraded and refuses to run.
19 # This new rev will use the new openssl.
20 RDEPEND="virtual/glibc
21 pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 )
22 kerberos? ( app-crypt/krb5 )
23 selinux? ( sys-apps/selinux-small )
24 >=dev-libs/openssl-0.9.6d
25 sys-libs/zlib"
26
27 DEPEND="${RDEPEND}
28 dev-lang/perl
29 sys-apps/groff
30 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
31
32
33 SLOT="0"
34 LICENSE="as-is"
35 KEYWORDS="~x86 ~ppc ~sparc alpha mips ~hppa arm"
36
37 src_unpack() {
38 unpack ${A}
39 cd ${S}
40 use selinux && epatch ${DISTDIR}/openssh_3.5p1-5.se1.diff.gz
41
42 if [ `use alpha` ]; then
43 epatch ${FILESDIR}/${P}-gentoo-sshd-gcc3.patch || die
44 fi
45 }
46
47 src_compile() {
48 local myconf
49 use tcpd || myconf="${myconf} --without-tcp-wrappers"
50 use tcpd && myconf="${myconf} --with-tcp-wrappers"
51 use pam || myconf="${myconf} --without-pam"
52 use pam && myconf="${myconf} --with-pam"
53 use ipv6 || myconf="${myconf} --with-ipv4-default"
54
55 # app-crypt/krb5
56 use kerberos && myconf="${myconf} --with-kerberos5"
57
58 # app-crypt/kth-krb
59 # KTH's implementation of kerberos IV
60 # KTH_KRB="yes" emerge openssh-3.5_p1-r1.ebuild
61 if [ ! -z $KTH_KRB ]; then
62 myconf="${myconf} --with-kerberos4=/usr/athena"
63 fi
64
65 ./configure \
66 --prefix=/usr \
67 --sysconfdir=/etc/ssh \
68 --mandir=/usr/share/man \
69 --libexecdir=/usr/lib/misc \
70 --datadir=/usr/share/openssh \
71 --disable-suid-ssh \
72 --with-privsep-path=/var/empty \
73 --with-privsep-user=sshd \
74 --with-md5-passwords \
75 --host=${CHOST} ${myconf} || die "bad configure"
76
77 if [ "`use static`" ]
78 then
79 # statically link to libcrypto -- good for the boot cd
80 perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile
81 fi
82
83 emake || die "compile problem"
84 }
85
86 src_install() {
87 make install-files DESTDIR=${D} || die
88 chmod 600 ${D}/etc/ssh/sshd_config
89 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
90 insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
91 exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
92 touch ${D}/var/empty/.keep
93 }
94
95 pkg_preinst() {
96
97 userdel sshd 2> /dev/null
98 if ! groupmod sshd; then
99 groupadd -g 90 sshd 2> /dev/null || \
100 die "Failed to create sshd group"
101 fi
102 useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
103 die "Failed to create sshd user"
104
105 }
106
107 pkg_postinst() {
108
109 # empty dir for the new priv separation auth chroot..
110 install -d -m0755 -o root -g root ${ROOT}/var/empty
111
112 einfo
113 einfo "Remember to merge your config files in /etc/ssh!"
114 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
115 einfo "functionality, but please ensure that you do not explicitly disable"
116 einfo "this in your configuration as disabling it opens security holes"
117 einfo
118 einfo "This revision has removed your sshd user id and replaced it with a"
119 einfo "new one with UID 22. If you have any scripts or programs that"
120 einfo "that referenced the old UID directly, you will need to update them."
121 einfo
122 if use pam >/dev/null 2>&1; then
123 einfo "Please be aware users need a valid shell in /etc/passwd"
124 einfo "in order to be allowed to login."
125 einfo
126 fi
127 }

  ViewVC Help
Powered by ViewVC 1.1.20