/[gentoo-x86]/net-misc/openssh/openssh-3.7.1_p2.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-3.7.1_p2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.8 - (show annotations) (download)
Mon Dec 8 07:37:57 2003 UTC (15 years, 10 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.7: +1 -1 lines
FILE REMOVED
old

1 # Copyright 1999-2003 Gentoo Technologies, Inc.
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /home/cvsroot/gentoo-x86/net-misc/openssh/openssh-3.7.1_p2.ebuild,v 1.7 2003/10/29 03:17:56 pebenito Exp $
4
5 inherit eutils flag-o-matic ccc
6 [ `use kerberos` ] && append-flags -I/usr/include/gssapi
7
8 # Make it more portable between straight releases
9 # and _p? releases.
10 PARCH=${P/_/}
11
12 X509_PATCH="${PARCH}+x509g2.diff.gz"
13 SELINUX_PATCH="openssh-3.7.1_p1-selinux.diff"
14
15 S=${WORKDIR}/${PARCH}
16 DESCRIPTION="Port of OpenBSD's free SSH release"
17 HOMEPAGE="http://www.openssh.com/"
18 SRC_URI="mirror://openssh/${PARCH}.tar.gz
19 X509? ( http://roumenpetrov.info/openssh/x509g2/${X509_PATCH} )"
20
21 LICENSE="as-is"
22 SLOT="0"
23 KEYWORDS="x86 ppc sparc alpha mips hppa arm amd64 ia64"
24 IUSE="ipv6 static pam tcpd kerberos skey selinux X509"
25
26 # openssh recognizes when openssl has been slightly upgraded and refuses to run.
27 # This new rev will use the new openssl.
28 RDEPEND="virtual/glibc
29 pam? ( >=sys-libs/pam-0.73
30 >=sys-apps/shadow-4.0.2-r2 )
31 kerberos? ( app-crypt/mit-krb5 )
32 selinux? ( sys-libs/libselinux )
33 skey? ( app-admin/skey )
34 >=dev-libs/openssl-0.9.6d
35 >=sys-libs/zlib-1.1.4
36 >=sys-apps/sed-4"
37
38 DEPEND="${RDEPEND}
39 dev-lang/perl
40 sys-apps/groff
41 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
42 PROVIDE="virtual/ssh"
43
44 src_unpack() {
45 unpack ${PARCH}.tar.gz ; cd ${S}
46
47 use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}
48 use alpha && epatch ${FILESDIR}/${PN}-3.5_p1-gentoo-sshd-gcc3.patch
49 use X509 && epatch ${DISTDIR}/${X509_PATCH}
50
51 # looks like this one was rewriten somewhat.
52 # epatch ${FILESDIR}/${P}-memory-bugs.patch
53
54 use skey && {
55 # prevent the conftest from violating the sandbox
56 sed -i 's#skey_keyinfo("")#"true"#g' configure
57 }
58 }
59
60 src_compile() {
61 local myconf
62
63 myconf="\
64 $( use_with tcpd tcp-wrappers ) \
65 $( use_with kerberos kerberos5 ) \
66 $( use_with pam ) \
67 $( use_with skey )"
68
69 use ipv6 || myconf="${myconf} --with-ipv4-default"
70
71 use skey && {
72 # make sure .sbss is large enough
73 use alpha && append-ldflags -mlarge-data
74 }
75
76 use selinux && append-flags "-DWITH_SELINUX"
77
78 ./configure \
79 --prefix=/usr \
80 --sysconfdir=/etc/ssh \
81 --mandir=/usr/share/man \
82 --libexecdir=/usr/lib/misc \
83 --datadir=/usr/share/openssh \
84 --disable-suid-ssh \
85 --with-privsep-path=/var/empty \
86 --with-privsep-user=sshd \
87 --with-md5-passwords \
88 --host=${CHOST} ${myconf} || die "bad configure"
89
90 use static && {
91 # statically link to libcrypto -- good for the boot cd
92 sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" Makefile
93 }
94
95 emake || die "compile problem"
96 }
97
98 src_install() {
99 make install-files DESTDIR=${D} || die
100 chmod 600 ${D}/etc/ssh/sshd_config
101 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
102 insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd
103 exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd
104 keepdir /var/empty/.keep
105 }
106
107 pkg_preinst() {
108 userdel sshd 2> /dev/null
109 if ! groupmod sshd; then
110 groupadd -g 90 sshd 2> /dev/null || \
111 die "Failed to create sshd group"
112 fi
113 useradd -u 22 -g sshd -s /dev/null -d /var/empty -c "sshd" sshd || \
114 die "Failed to create sshd user"
115 }
116
117 pkg_postinst() {
118 # empty dir for the new priv separation auth chroot..
119 install -d -m0755 -o root -g root ${ROOT}/var/empty
120
121 ewarn "Remember to merge your config files in /etc/ssh/ and then"
122 ewarn "restart sshd: '/etc/init.d/sshd restart'."
123 ewarn
124 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
125 einfo "functionality, but please ensure that you do not explicitly disable"
126 einfo "this in your configuration as disabling it opens security holes"
127 einfo
128 einfo "This revision has removed your sshd user id and replaced it with a"
129 einfo "new one with UID 22. If you have any scripts or programs that"
130 einfo "that referenced the old UID directly, you will need to update them."
131 einfo
132 use pam >/dev/null 2>&1 && {
133 einfo "Please be aware users need a valid shell in /etc/passwd"
134 einfo "in order to be allowed to login."
135 einfo
136 }
137 }

  ViewVC Help
Powered by ViewVC 1.1.20