/[gentoo-x86]/net-misc/openssh/openssh-3.7.1_p1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.7.1_p1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.8 - (show annotations) (download)
Thu Sep 25 20:11:02 2003 UTC (16 years, 2 months ago) by mholzer
Branch: MAIN
CVS Tags: HEAD
Changes since 1.7: +1 -1 lines
FILE REMOVED
cleanup

1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7.1_p1.ebuild,v 1.7 2003/09/20 01:02:37 pebenito Exp $
4
5 inherit eutils flag-o-matic ccc
6 [ `use kerberos` ] && append-flags -I/usr/include/gssapi
7
8 # Make it more portable between straight releases
9 # and _p? releases.
10 PARCH=${P/_/}
11
12 X509_PATCH=${PARCH}+x509g2.diff.gz
13 SELINUX_PATCH=openssh-3.7.1_p1-selinux.diff.bz2
14
15 S=${WORKDIR}/${PARCH}
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 IUSE="ipv6 static pam tcpd kerberos skey selinux X509"
19 SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz
20 selinux? ( http://dev.gentoo.org/~pebenito/${SELINUX_PATCH} )
21 X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )"
22
23 # openssh recognizes when openssl has been slightly upgraded and refuses to run.
24 # This new rev will use the new openssl.
25 RDEPEND="virtual/glibc
26 pam? ( >=sys-libs/pam-0.73
27 >=sys-apps/shadow-4.0.2-r2 )
28 kerberos? ( app-crypt/mit-krb5 )
29 selinux? ( sys-apps/selinux-small )
30 afs? ( net-fs/openafs
31 app-crypt/kth-krb ) :
32 ( krb4? ( app-crypt/kth-krb ) )
33 skey? ( app-admin/skey )
34 >=dev-libs/openssl-0.9.6d
35 sys-libs/zlib
36 >=sys-apps/sed-4"
37
38 DEPEND="${RDEPEND}
39 dev-lang/perl
40 sys-apps/groff
41 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
42
43 SLOT="0"
44 LICENSE="as-is"
45 KEYWORDS="x86 ppc sparc alpha mips hppa arm amd64 ia64"
46
47 src_unpack() {
48 unpack ${PARCH}.tar.gz ; cd ${S}
49
50 use selinux && epatch ${DISTDIR}/${SELINUX_PATCH}
51 use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch
52 use X509 && epatch ${DISTDIR}/${X509_PATCH}
53 }
54
55 src_compile() {
56 local myconf
57
58 use tcpd || myconf="${myconf} --without-tcp-wrappers"
59 use tcpd && myconf="${myconf} --with-tcp-wrappers"
60 use pam || myconf="${myconf} --without-pam"
61 use pam && myconf="${myconf} --with-pam"
62 use ipv6 || myconf="${myconf} --with-ipv4-default"
63 use krb4 && myconf="${myconf} --with-kerberos4=/usr/athena"
64 use kerberos && myconf="${myconf} --with-kerberos5"
65 use skey || myconf="${myconf} --without-skey"
66 use skey && {
67 myconf="${myconf} --with-skey"
68
69 # prevent the conftest from violating the sandbox
70 sed -i 's#skey_keyinfo("")#"true"#g' ${S}/configure
71
72 # make sure .sbss is large enough
73 use alpha && append-ldflags -mlarge-data
74 }
75
76 if [ "`use afs`" ] && [ "`use krb4`" ]; then
77 myconf="${myconf} --with-afs"
78 elif [ "`use afs`" ] && [ -z "`use krb4`" ]; then
79 myconf="${myconf} --with-afs"
80 myconf="${myconf} --with-kerberos4=/usr/athena"
81 fi
82
83 use selinux && append-flags "-DWITH_SELINUX"
84
85 ./configure \
86 --prefix=/usr \
87 --sysconfdir=/etc/ssh \
88 --mandir=/usr/share/man \
89 --libexecdir=/usr/lib/misc \
90 --datadir=/usr/share/openssh \
91 --disable-suid-ssh \
92 --with-privsep-path=/var/empty \
93 --with-privsep-user=sshd \
94 --with-md5-passwords \
95 --host=${CHOST} ${myconf} || die "bad configure"
96
97 if [ "`use static`" ]
98 then
99 # statically link to libcrypto -- good for the boot cd
100 sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile
101 fi
102
103 if [ "`use selinux`" ]
104 then
105 #add -lsecure
106 sed -i "s:LIBS=\(.*\):LIBS=\1 -lsecure:" Makefile
107 fi
108
109 emake || die "compile problem"
110 }
111
112 src_install() {
113 make install-files DESTDIR=${D} || die
114 chmod 600 ${D}/etc/ssh/sshd_config
115 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
116 insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
117 exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
118 touch ${D}/var/empty/.keep
119 }
120
121 pkg_preinst() {
122 userdel sshd 2> /dev/null
123 if ! groupmod sshd; then
124 groupadd -g 90 sshd 2> /dev/null || \
125 die "Failed to create sshd group"
126 fi
127 useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
128 die "Failed to create sshd user"
129 }
130
131 pkg_postinst() {
132 # empty dir for the new priv separation auth chroot..
133 install -d -m0755 -o root -g root ${ROOT}/var/empty
134
135 ewarn "Remember to merge your config files in /etc/ssh/ and then"
136 ewarn "restart sshd: '/etc/init.d/sshd restart'."
137 ewarn
138 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
139 einfo "functionality, but please ensure that you do not explicitly disable"
140 einfo "this in your configuration as disabling it opens security holes"
141 einfo
142 einfo "This revision has removed your sshd user id and replaced it with a"
143 einfo "new one with UID 22. If you have any scripts or programs that"
144 einfo "that referenced the old UID directly, you will need to update them."
145 einfo
146 if use pam >/dev/null 2>&1; then
147 einfo "Please be aware users need a valid shell in /etc/passwd"
148 einfo "in order to be allowed to login."
149 einfo
150 fi
151 }

  ViewVC Help
Powered by ViewVC 1.1.20