/[gentoo-x86]/net-misc/openssh/openssh-3.5_p1-r1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.5_p1-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.21 - (show annotations) (download)
Thu Jan 8 10:07:50 2004 UTC (15 years, 9 months ago) by solar
Branch: MAIN
CVS Tags: HEAD
Changes since 1.20: +1 -1 lines
FILE REMOVED
added feature request for chrooting via sshd bug #26615

1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.5_p1-r1.ebuild,v 1.20 2003/12/08 07:38:37 vapier Exp $
4
5 inherit eutils
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10 S=${WORKDIR}/${PARCH}
11 DESCRIPTION="Port of OpenBSD's free SSH release"
12 HOMEPAGE="http://www.openssh.com/"
13 SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz"
14
15 LICENSE="as-is"
16 SLOT="0"
17 KEYWORDS="x86 ppc sparc alpha mips hppa arm"
18 IUSE="ipv6 static pam tcpd kerberos"
19
20 # openssh recognizes when openssl has been slightly upgraded and refuses to run.
21 # This new rev will use the new openssl.
22 RDEPEND="virtual/glibc
23 pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 )
24 kerberos? ( app-crypt/mit-krb5 )
25 >=dev-libs/openssl-0.9.6d
26 sys-libs/zlib"
27
28 DEPEND="${RDEPEND}
29 dev-lang/perl
30 sys-apps/groff
31 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
32 PROVIDE="virtual/ssh"
33
34 src_unpack() {
35 unpack ${A}
36 cd ${S}
37
38 if [ `use alpha` ]; then
39 epatch ${FILESDIR}/${P}-gentoo-sshd-gcc3.patch || die
40 fi
41 }
42
43 src_compile() {
44 local myconf
45 use tcpd || myconf="${myconf} --without-tcp-wrappers"
46 use tcpd && myconf="${myconf} --with-tcp-wrappers"
47 use pam || myconf="${myconf} --without-pam"
48 use pam && myconf="${myconf} --with-pam"
49 use ipv6 || myconf="${myconf} --with-ipv4-default"
50
51 # app-crypt/mit-krb5
52 use kerberos && myconf="${myconf} --with-kerberos5"
53
54 # app-crypt/kth-krb
55 # KTH's implementation of kerberos IV
56 # KTH_KRB="yes" emerge openssh-3.5_p1-r1.ebuild
57 if [ ! -z $KTH_KRB ]; then
58 myconf="${myconf} --with-kerberos4=/usr/athena"
59 fi
60
61 ./configure \
62 --prefix=/usr \
63 --sysconfdir=/etc/ssh \
64 --mandir=/usr/share/man \
65 --libexecdir=/usr/lib/misc \
66 --datadir=/usr/share/openssh \
67 --disable-suid-ssh \
68 --with-privsep-path=/var/empty \
69 --with-privsep-user=sshd \
70 --with-md5-passwords \
71 --host=${CHOST} ${myconf} || die "bad configure"
72
73 if [ "`use static`" ]
74 then
75 # statically link to libcrypto -- good for the boot cd
76 perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile
77 fi
78
79 emake || die "compile problem"
80 }
81
82 src_install() {
83 make install-files DESTDIR=${D} || die
84 chmod 600 ${D}/etc/ssh/sshd_config
85 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
86 insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
87 exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
88 keepdir /var/empty
89 }
90
91 pkg_preinst() {
92
93 userdel sshd 2> /dev/null
94 if ! groupmod sshd; then
95 groupadd -g 90 sshd 2> /dev/null || \
96 die "Failed to create sshd group"
97 fi
98 useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
99 die "Failed to create sshd user"
100
101 }
102
103 pkg_postinst() {
104
105 # empty dir for the new priv separation auth chroot..
106 install -d -m0755 -o root -g root ${ROOT}/var/empty
107
108 einfo
109 einfo "Remember to merge your config files in /etc/ssh!"
110 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
111 einfo "functionality, but please ensure that you do not explicitly disable"
112 einfo "this in your configuration as disabling it opens security holes"
113 einfo
114 einfo "This revision has removed your sshd user id and replaced it with a"
115 einfo "new one with UID 22. If you have any scripts or programs that"
116 einfo "that referenced the old UID directly, you will need to update them."
117 einfo
118 if use pam >/dev/null 2>&1; then
119 einfo "Please be aware users need a valid shell in /etc/passwd"
120 einfo "in order to be allowed to login."
121 einfo
122 fi
123 }

  ViewVC Help
Powered by ViewVC 1.1.20