/[gentoo-x86]/net-misc/openssh/openssh-3.7.1_p2-r2.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.7.1_p2-r2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.24 - (show annotations) (download)
Wed Dec 29 01:19:00 2004 UTC (14 years, 9 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.23: +1 -1 lines
FILE REMOVED
remove older ebuilds

1 # Copyright 1999-2004 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7.1_p2-r2.ebuild,v 1.23 2004/11/04 02:49:52 vapier Exp $
4
5 inherit eutils flag-o-matic ccc gnuconfig
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 X509_PATCH="${PARCH}+x509g2.diff.gz"
12 SELINUX_PATCH="openssh-3.7.1_p1-selinux.diff"
13
14 S=${WORKDIR}/${PARCH}
15 DESCRIPTION="Port of OpenBSD's free SSH release"
16 HOMEPAGE="http://www.openssh.com/"
17 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
18 X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )"
19
20 LICENSE="as-is"
21 SLOT="0"
22 KEYWORDS="x86 ~ppc sparc alpha mips hppa amd64 ia64 ~ppc64"
23 IUSE="ipv6 static pam tcpd kerberos skey selinux X509 chroot ldap"
24
25 # openssh recognizes when openssl has been slightly upgraded and refuses to run.
26 # This new rev will use the new openssl.
27 RDEPEND="virtual/libc
28 pam? ( >=sys-libs/pam-0.73
29 >=sys-apps/shadow-4.0.2-r2 )
30 !mips? ( kerberos? ( virtual/krb5 ) )
31 selinux? ( sys-libs/libselinux )
32 !ppc64? ( skey? ( >=app-admin/skey-1.1.5-r1 ) )
33 >=dev-libs/openssl-0.9.6d
34 >=sys-libs/zlib-1.1.4
35 !ppc64? ( tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) )"
36 DEPEND="${RDEPEND}
37 virtual/os-headers
38 dev-lang/perl
39 sys-apps/groff
40 >=sys-apps/sed-4"
41 PROVIDE="virtual/ssh"
42
43 src_unpack() {
44 unpack ${PARCH}.tar.gz ; cd ${S}
45
46 epatch ${FILESDIR}/${P}-kerberos.patch.bz2
47
48 use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}.bz2
49 use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch.bz2
50 use X509 && epatch ${DISTDIR}/${X509_PATCH}
51
52 # looks like this one was rewriten somewhat.
53 # epatch ${FILESDIR}/${P}-memory-bugs.patch
54
55 use skey && {
56 # prevent the conftest from violating the sandbox
57 epatch ${FILESDIR}/${P}-skey.patch.bz2
58
59 # updates to skey implementation.
60 epatch ${FILESDIR}/${PN}-skeychallenge-args.diff.bz2
61 }
62
63 # feature request bug #26615
64 use chroot && epatch ${FILESDIR}/${PN}-${PV}-chroot.patch.bz2
65 }
66
67 src_compile() {
68 use ldap && filter-flags -funroll-loops
69 use static && append-ldflags -static
70 export LDFLAGS
71
72
73 autoconf
74
75 local myconf
76
77 # Allow OpenSSH to detect mips systems
78 gnuconfig_update
79
80 myconf="\
81 $( use_with tcpd tcp-wrappers ) \
82 $( use_with kerberos kerberos5 ) \
83 $( use_with pam ) \
84 $( use_with skey )"
85
86 use ipv6 || myconf="${myconf} --with-ipv4-default"
87
88 # make sure .sbss is large enough
89 use skey && use alpha && append-ldflags -mlarge-data
90
91 use selinux && append-flags "-DWITH_SELINUX"
92
93 ./configure \
94 --prefix=/usr \
95 --sysconfdir=/etc/ssh \
96 --mandir=/usr/share/man \
97 --libexecdir=/usr/lib/misc \
98 --datadir=/usr/share/openssh \
99 --disable-suid-ssh \
100 --with-privsep-path=/var/empty \
101 --with-privsep-user=sshd \
102 --with-md5-passwords \
103 --host=${CHOST} \
104 ${myconf} \
105 || die "bad configure"
106
107 # use static && {
108 # # statically link to libcrypto -- good for the boot cd
109 # sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile
110 # }
111
112 emake || die "compile problem"
113 }
114
115 src_install() {
116 make install-files DESTDIR=${D} || die
117 chmod 600 ${D}/etc/ssh/sshd_config
118 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
119 insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
120 exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
121 keepdir /var/empty
122 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
123 use pam && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config
124 }
125
126 pkg_postinst() {
127 # empty dir for the new priv separation auth chroot..
128 #install -d -m0755 -o root -g root ${ROOT}/var/empty
129 # install doesn't seem to be doing its job, on amd64 at least
130 # Brad House <brad_mssw@gentoo.org> 01/10/2004
131 if [ ! -d "${ROOT}/var/empty" ]
132 then
133 mkdir -p "${ROOT}/var/empty"
134 chmod 0755 "${ROOT}/var/empty"
135 chown root:root "${ROOT}/var/empty"
136 fi
137
138 enewgroup sshd 22
139 enewuser sshd 22 /bin/false /var/empty sshd
140
141 ewarn "Remember to merge your config files in /etc/ssh/ and then"
142 ewarn "restart sshd: '/etc/init.d/sshd restart'."
143 ewarn
144 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
145 einfo "functionality, but please ensure that you do not explicitly disable"
146 einfo "this in your configuration as disabling it opens security holes"
147 einfo
148 einfo "This revision has removed your sshd user id and replaced it with a"
149 einfo "new one with UID 22. If you have any scripts or programs that"
150 einfo "that referenced the old UID directly, you will need to update them."
151 einfo
152 use pam >/dev/null 2>&1 && {
153 einfo "Please be aware users need a valid shell in /etc/passwd"
154 einfo "in order to be allowed to login."
155 einfo
156 }
157 }

  ViewVC Help
Powered by ViewVC 1.1.20