/[gentoo-x86]/net-misc/openssh/openssh-3.7.1_p1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.7.1_p1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.8 - (hide annotations) (download)
Thu Sep 25 20:11:02 2003 UTC (16 years, 4 months ago) by mholzer
Branch: MAIN
CVS Tags: HEAD
Changes since 1.7: +1 -1 lines
FILE REMOVED
cleanup

1 vapier 1.1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2     # Distributed under the terms of the GNU General Public License v2
3 mholzer 1.8 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7.1_p1.ebuild,v 1.7 2003/09/20 01:02:37 pebenito Exp $
4 vapier 1.1
5     inherit eutils flag-o-matic ccc
6     [ `use kerberos` ] && append-flags -I/usr/include/gssapi
7    
8     # Make it more portable between straight releases
9     # and _p? releases.
10     PARCH=${P/_/}
11    
12 aliz 1.6 X509_PATCH=${PARCH}+x509g2.diff.gz
13 pebenito 1.7 SELINUX_PATCH=openssh-3.7.1_p1-selinux.diff.bz2
14 aliz 1.6
15 vapier 1.1 S=${WORKDIR}/${PARCH}
16     DESCRIPTION="Port of OpenBSD's free SSH release"
17     HOMEPAGE="http://www.openssh.com/"
18 aliz 1.6 IUSE="ipv6 static pam tcpd kerberos skey selinux X509"
19 vapier 1.1 SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz
20 pebenito 1.7 selinux? ( http://dev.gentoo.org/~pebenito/${SELINUX_PATCH} )
21 aliz 1.6 X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )"
22 vapier 1.1
23     # openssh recognizes when openssl has been slightly upgraded and refuses to run.
24     # This new rev will use the new openssl.
25     RDEPEND="virtual/glibc
26     pam? ( >=sys-libs/pam-0.73
27     >=sys-apps/shadow-4.0.2-r2 )
28     kerberos? ( app-crypt/mit-krb5 )
29     selinux? ( sys-apps/selinux-small )
30     afs? ( net-fs/openafs
31     app-crypt/kth-krb ) :
32     ( krb4? ( app-crypt/kth-krb ) )
33     skey? ( app-admin/skey )
34     >=dev-libs/openssl-0.9.6d
35     sys-libs/zlib
36     >=sys-apps/sed-4"
37    
38     DEPEND="${RDEPEND}
39     dev-lang/perl
40     sys-apps/groff
41     tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
42    
43     SLOT="0"
44     LICENSE="as-is"
45 avenj 1.5 KEYWORDS="x86 ppc sparc alpha mips hppa arm amd64 ia64"
46 vapier 1.1
47     src_unpack() {
48     unpack ${PARCH}.tar.gz ; cd ${S}
49    
50 pebenito 1.7 use selinux && epatch ${DISTDIR}/${SELINUX_PATCH}
51 vapier 1.1 use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch
52 aliz 1.6 use X509 && epatch ${DISTDIR}/${X509_PATCH}
53 vapier 1.1 }
54    
55     src_compile() {
56     local myconf
57    
58     use tcpd || myconf="${myconf} --without-tcp-wrappers"
59     use tcpd && myconf="${myconf} --with-tcp-wrappers"
60     use pam || myconf="${myconf} --without-pam"
61     use pam && myconf="${myconf} --with-pam"
62     use ipv6 || myconf="${myconf} --with-ipv4-default"
63     use krb4 && myconf="${myconf} --with-kerberos4=/usr/athena"
64     use kerberos && myconf="${myconf} --with-kerberos5"
65     use skey || myconf="${myconf} --without-skey"
66     use skey && {
67     myconf="${myconf} --with-skey"
68    
69     # prevent the conftest from violating the sandbox
70     sed -i 's#skey_keyinfo("")#"true"#g' ${S}/configure
71    
72     # make sure .sbss is large enough
73     use alpha && append-ldflags -mlarge-data
74     }
75    
76     if [ "`use afs`" ] && [ "`use krb4`" ]; then
77     myconf="${myconf} --with-afs"
78     elif [ "`use afs`" ] && [ -z "`use krb4`" ]; then
79     myconf="${myconf} --with-afs"
80     myconf="${myconf} --with-kerberos4=/usr/athena"
81     fi
82    
83     use selinux && append-flags "-DWITH_SELINUX"
84    
85     ./configure \
86     --prefix=/usr \
87     --sysconfdir=/etc/ssh \
88     --mandir=/usr/share/man \
89     --libexecdir=/usr/lib/misc \
90     --datadir=/usr/share/openssh \
91     --disable-suid-ssh \
92     --with-privsep-path=/var/empty \
93     --with-privsep-user=sshd \
94     --with-md5-passwords \
95     --host=${CHOST} ${myconf} || die "bad configure"
96    
97     if [ "`use static`" ]
98     then
99     # statically link to libcrypto -- good for the boot cd
100     sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile
101     fi
102    
103     if [ "`use selinux`" ]
104     then
105     #add -lsecure
106     sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile
107     fi
108    
109     emake || die "compile problem"
110     }
111    
112     src_install() {
113     make install-files DESTDIR=${D} || die
114     chmod 600 ${D}/etc/ssh/sshd_config
115     dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
116     insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
117     exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
118     touch ${D}/var/empty/.keep
119     }
120    
121     pkg_preinst() {
122     userdel sshd 2> /dev/null
123     if ! groupmod sshd; then
124     groupadd -g 90 sshd 2> /dev/null || \
125     die "Failed to create sshd group"
126     fi
127     useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
128     die "Failed to create sshd user"
129     }
130    
131     pkg_postinst() {
132     # empty dir for the new priv separation auth chroot..
133     install -d -m0755 -o root -g root ${ROOT}/var/empty
134    
135 rajiv 1.2 ewarn "Remember to merge your config files in /etc/ssh/ and then"
136     ewarn "restart sshd: '/etc/init.d/sshd restart'."
137     ewarn
138 vapier 1.1 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
139     einfo "functionality, but please ensure that you do not explicitly disable"
140     einfo "this in your configuration as disabling it opens security holes"
141     einfo
142     einfo "This revision has removed your sshd user id and replaced it with a"
143     einfo "new one with UID 22. If you have any scripts or programs that"
144     einfo "that referenced the old UID directly, you will need to update them."
145     einfo
146     if use pam >/dev/null 2>&1; then
147     einfo "Please be aware users need a valid shell in /etc/passwd"
148     einfo "in order to be allowed to login."
149     einfo
150     fi
151     }

  ViewVC Help
Powered by ViewVC 1.1.20