/[gentoo-x86]/net-misc/openssh/openssh-3.6.1_p2-r1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.6.1_p2-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.2 - (hide annotations) (download)
Fri Sep 5 22:01:49 2003 UTC (16 years, 4 months ago) by msterret
Branch: MAIN
Changes since 1.1: +5 -5 lines
whitespace cleanup

1 woodchip 1.1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2     # Distributed under the terms of the GNU General Public License v2
3 msterret 1.2 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.6.1_p2-r1.ebuild,v 1.1 2003/08/06 20:52:50 woodchip Exp $
4 woodchip 1.1
5     inherit eutils
6    
7     IUSE="ipv6 static pam tcpd kerberos selinux"
8     IUSE="${IUSE} X509"
9    
10     X509_PATCH=${P/_/}+x509g2.diff.gz
11    
12     # Make it more portable between straight releases
13     # and _p? releases.
14     PARCH=${P/_/}
15     S=${WORKDIR}/${PARCH}
16     DESCRIPTION="Port of OpenBSD's free SSH release"
17     HOMEPAGE="http://www.openssh.com/"
18     SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz
19     selinux? http://lostlogicx.com/gentoo/openssh_3.6p1-5.se1.diff.bz2
20     X509? http://roumenpetrov.info/openssh/x509g2/${X509_PATCH}"
21    
22     # openssh recognizes when openssl has been slightly upgraded and refuses to run.
23     # This new rev will use the new openssl.
24     RDEPEND="virtual/glibc
25     pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 )
26     kerberos? ( app-crypt/mit-krb5 )
27     selinux? ( sys-apps/selinux-small )
28     >=dev-libs/openssl-0.9.6d
29     sys-libs/zlib"
30    
31     DEPEND="${RDEPEND}
32     dev-lang/perl
33     sys-apps/groff
34     tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
35    
36     SLOT="0"
37     LICENSE="as-is"
38     KEYWORDS="~x86 ~ppc ~sparc ~alpha ~mips ~hppa ~arm ~amd64"
39    
40     src_unpack() {
41     unpack ${PARCH}.tar.gz
42     cd ${S}
43     use selinux && epatch ${DISTDIR}/openssh_3.6p1-5.se1.diff.bz2
44    
45     if [ `use alpha` ]; then
46     epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch || die
47     fi
48    
49     if [ `use X509` ]; then
50     epatch ${DISTDIR}/${X509_PATCH} || die
51     fi
52     }
53    
54     src_compile() {
55     local myconf
56     use tcpd || myconf="${myconf} --without-tcp-wrappers"
57     use tcpd && myconf="${myconf} --with-tcp-wrappers"
58     use pam || myconf="${myconf} --without-pam"
59     use pam && myconf="${myconf} --with-pam"
60     use ipv6 || myconf="${myconf} --with-ipv4-default"
61    
62     # app-crypt/mit-krb5
63     use kerberos && myconf="${myconf} --with-kerberos5"
64    
65     # app-crypt/kth-krb
66     # KTH's implementation of kerberos IV
67     # KTH_KRB="yes" emerge openssh-3.5_p1-r1.ebuild
68     if [ ! -z $KTH_KRB ]; then
69     myconf="${myconf} --with-kerberos4=/usr/athena"
70     fi
71 msterret 1.2
72     use selinux && CFLAGS="${CFLAGS} -DWITH_SELINUX"
73 woodchip 1.1
74     ./configure \
75     --prefix=/usr \
76     --sysconfdir=/etc/ssh \
77     --mandir=/usr/share/man \
78     --libexecdir=/usr/lib/misc \
79     --datadir=/usr/share/openssh \
80     --disable-suid-ssh \
81     --with-privsep-path=/var/empty \
82     --with-privsep-user=sshd \
83     --with-md5-passwords \
84     --host=${CHOST} ${myconf} || die "bad configure"
85    
86     if [ "`use static`" ]
87     then
88     # statically link to libcrypto -- good for the boot cd
89     perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile
90     fi
91    
92     if [ "`use selinux`" ]
93     then
94     #add -lsecure
95     sed "s:LIBS=\(.*\):LIBS=\1 -lsecure:" < Makefile > Makefile.new
96     mv Makefile.new Makefile
97     fi
98 msterret 1.2
99 woodchip 1.1 emake || die "compile problem"
100     }
101    
102 msterret 1.2 src_install() {
103 woodchip 1.1 make install-files DESTDIR=${D} || die
104     chmod 600 ${D}/etc/ssh/sshd_config
105     dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
106     insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
107     exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
108     touch ${D}/var/empty/.keep
109     }
110    
111     pkg_preinst() {
112    
113     userdel sshd 2> /dev/null
114     if ! groupmod sshd; then
115     groupadd -g 90 sshd 2> /dev/null || \
116     die "Failed to create sshd group"
117     fi
118     useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
119     die "Failed to create sshd user"
120    
121     }
122    
123     pkg_postinst() {
124    
125     # empty dir for the new priv separation auth chroot..
126     install -d -m0755 -o root -g root ${ROOT}/var/empty
127    
128     einfo
129     einfo "Remember to merge your config files in /etc/ssh!"
130     einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
131     einfo "functionality, but please ensure that you do not explicitly disable"
132     einfo "this in your configuration as disabling it opens security holes"
133     einfo
134     einfo "This revision has removed your sshd user id and replaced it with a"
135     einfo "new one with UID 22. If you have any scripts or programs that"
136     einfo "that referenced the old UID directly, you will need to update them."
137     einfo
138     if use pam >/dev/null 2>&1; then
139     einfo "Please be aware users need a valid shell in /etc/passwd"
140     einfo "in order to be allowed to login."
141     einfo
142     fi
143     }

  ViewVC Help
Powered by ViewVC 1.1.20