/[gentoo-x86]/net-misc/openssh/openssh-3.7.1_p1-r1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.7.1_p1-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.5 - (show annotations) (download)
Fri Sep 26 06:15:18 2003 UTC (16 years ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.4: +1 -1 lines
FILE REMOVED
oops someone forgot me !

1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7.1_p1-r1.ebuild,v 1.4 2003/09/26 06:06:11 vapier Exp $
4
5 inherit eutils flag-o-matic ccc
6 [ `use kerberos` ] && append-flags -I/usr/include/gssapi
7
8 # Make it more portable between straight releases
9 # and _p? releases.
10 PARCH=${P/_/}
11
12 X509_PATCH=${PARCH}+x509g2.diff.gz
13 SELINUX_PATCH=openssh-3.7.1_p1-selinux.diff.bz2
14
15 S=${WORKDIR}/${PARCH}
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz
19 selinux? ( http://dev.gentoo.org/~pebenito/${SELINUX_PATCH} )
20 X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )"
21
22 LICENSE="as-is"
23 SLOT="0"
24 KEYWORDS="~x86 ~ppc ~sparc ~alpha ~mips ~hppa ~arm ~amd64 ~ia64"
25 IUSE="ipv6 static pam tcpd kerberos skey selinux X509"
26
27 # openssh recognizes when openssl has been slightly upgraded and refuses to run.
28 # This new rev will use the new openssl.
29 RDEPEND="virtual/glibc
30 pam? ( >=sys-libs/pam-0.73
31 >=sys-apps/shadow-4.0.2-r2 )
32 kerberos? ( app-crypt/mit-krb5 )
33 selinux? ( sys-apps/selinux-small )
34 skey? ( app-admin/skey )
35 >=dev-libs/openssl-0.9.6d
36 sys-libs/zlib
37 >=sys-apps/sed-4"
38
39 DEPEND="${RDEPEND}
40 dev-lang/perl
41 sys-apps/groff
42 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
43 PROVIDE="virtual/ssh"
44
45 src_unpack() {
46 unpack ${PARCH}.tar.gz ; cd ${S}
47
48 use selinux && epatch ${DISTDIR}/${SELINUX_PATCH}
49 use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch
50 use X509 && epatch ${DISTDIR}/${X509_PATCH}
51
52 epatch ${FILESDIR}/${P}-connect-timeout.patch
53 epatch ${FILESDIR}/${P}-double-free.patch
54 epatch ${FILESDIR}/${P}-memory-leak.patch
55 epatch ${FILESDIR}/${P}-memory-bugs.patch
56
57 use skey && {
58 # prevent the conftest from violating the sandbox
59 sed -i 's#skey_keyinfo("")#"true"#g' configure
60 }
61 }
62
63 src_compile() {
64 local myconf
65
66 myconf="\
67 $( use_with tcpd tcp-wrappers ) \
68 $( use_with kerberos kerberos5 ) \
69 $( use_with pam ) \
70 $( use_with skey )"
71
72 use ipv6 || myconf="${myconf} --with-ipv4-default"
73
74 use skey && {
75 # make sure .sbss is large enough
76 use alpha && append-ldflags -mlarge-data
77 }
78
79 use selinux && append-flags "-DWITH_SELINUX"
80
81 ./configure \
82 --prefix=/usr \
83 --sysconfdir=/etc/ssh \
84 --mandir=/usr/share/man \
85 --libexecdir=/usr/lib/misc \
86 --datadir=/usr/share/openssh \
87 --disable-suid-ssh \
88 --with-privsep-path=/var/empty \
89 --with-privsep-user=sshd \
90 --with-md5-passwords \
91 --host=${CHOST} ${myconf} || die "bad configure"
92
93 use static && {
94 # statically link to libcrypto -- good for the boot cd
95 sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile
96 }
97
98 use selinux && {
99 #add -lsecure
100 sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile
101 }
102
103 emake || die "compile problem"
104 }
105
106 src_install() {
107 make install-files DESTDIR=${D} || die
108 chmod 600 ${D}/etc/ssh/sshd_config
109 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
110 insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
111 exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
112 keepdir /var/empty/.keep
113 }
114
115 pkg_preinst() {
116 userdel sshd 2> /dev/null
117 if ! groupmod sshd; then
118 groupadd -g 90 sshd 2> /dev/null || \
119 die "Failed to create sshd group"
120 fi
121 useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
122 die "Failed to create sshd user"
123 }
124
125 pkg_postinst() {
126 # empty dir for the new priv separation auth chroot..
127 install -d -m0755 -o root -g root ${ROOT}/var/empty
128
129 ewarn "Remember to merge your config files in /etc/ssh/ and then"
130 ewarn "restart sshd: '/etc/init.d/sshd restart'."
131 ewarn
132 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
133 einfo "functionality, but please ensure that you do not explicitly disable"
134 einfo "this in your configuration as disabling it opens security holes"
135 einfo
136 einfo "This revision has removed your sshd user id and replaced it with a"
137 einfo "new one with UID 22. If you have any scripts or programs that"
138 einfo "that referenced the old UID directly, you will need to update them."
139 einfo
140 use pam >/dev/null 2>&1 && {
141 einfo "Please be aware users need a valid shell in /etc/passwd"
142 einfo "in order to be allowed to login."
143 einfo
144 }
145 }

  ViewVC Help
Powered by ViewVC 1.1.20