/[gentoo-x86]/net-misc/openssh/openssh-4.0_p1-r1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.0_p1-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.15 - (show annotations) (download)
Mon Sep 5 20:00:28 2005 UTC (14 years, 3 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.14: +1 -1 lines
FILE REMOVED
old

1 # Copyright 1999-2005 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.0_p1-r1.ebuild,v 1.14 2005/08/24 00:07:24 vapier Exp $
4
5 inherit eutils flag-o-matic ccc pam
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 SFTPLOG_PATCH_VER="1.2"
12 X509_PATCH="${PARCH}+x509-5.1.diff.gz"
13 SELINUX_PATCH="openssh-3.9_p1-selinux.diff"
14 SECURID_PATCH="${PARCH}+SecurID_v1.3.1.patch"
15 LDAP_PATCH="${PARCH/-/-lpk-}-0.3.4.patch"
16 HPN_PATCH="${PARCH}-hpn11.diff"
17
18 DESCRIPTION="Port of OpenBSD's free SSH release"
19 HOMEPAGE="http://www.openssh.com/"
20 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
21 ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} )
22 X509? ( http://roumenpetrov.info/openssh/x509-5.1/${X509_PATCH} )
23 hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
24 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )"
25
26
27 LICENSE="as-is"
28 SLOT="0"
29 KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
30 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit"
31
32 RDEPEND="pam? ( virtual/pam )
33 kerberos? ( virtual/krb5 )
34 selinux? ( sys-libs/libselinux )
35 skey? ( >=app-admin/skey-1.1.5-r1 )
36 ldap? ( net-nds/openldap )
37 libedit? ( dev-libs/libedit )
38 >=dev-libs/openssl-0.9.6d
39 >=sys-libs/zlib-1.1.4
40 smartcard? ( dev-libs/opensc )
41 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
42 DEPEND="${RDEPEND}
43 virtual/os-headers
44 sys-devel/autoconf"
45 PROVIDE="virtual/ssh"
46
47 S=${WORKDIR}/${PARCH}
48
49 src_unpack() {
50 unpack ${PARCH}.tar.gz
51 cd "${S}"
52
53 #epatch "${FILESDIR}"/openssh-3.9_p1-largekey.patch.bz2
54 epatch "${FILESDIR}"/openssh-3.9_p1-configure-openct.patch #78730
55 epatch "${FILESDIR}"/openssh-3.9_p1-kerberos-detection.patch #80811
56
57 use X509 && epatch ${DISTDIR}/${X509_PATCH}
58 use sftplogging && epatch ${FILESDIR}/openssh-4.0_p1-sftplogging-1.2-gentoo.patch.bz2
59 use skey && epatch ${FILESDIR}/openssh-3.9_p1-skey.patch.bz2
60 use chroot && epatch ${FILESDIR}/openssh-3.9_p1-chroot.patch
61 use selinux && epatch ${FILESDIR}/${SELINUX_PATCH}.bz2
62 use smartcard && epatch ${FILESDIR}/openssh-3.9_p1-opensc.patch.bz2
63 if ! use X509 ; then
64 use smartcard && epatch ${DISTDIR}/${SECURID_PATCH}
65 use smartcard && use ldap && epatch ${FILESDIR}/openssh-4.0_p1-smartcard-ldap-happy.patch
66 if use sftplogging ; then
67 ewarn "Sorry, sftplogging and ldap don't get along"
68 else
69 use ldap && epatch ${DISTDIR}/${LDAP_PATCH}
70 fi
71 elif use smartcard || use ldap ; then
72 ewarn "Sorry, x509 and smartcard/ldap don't get along"
73 fi
74 use hpn && epatch ${DISTDIR}/${HPN_PATCH}
75
76 sed -i '/LD.*ssh-keysign/s:$: -Wl,-z,now:' Makefile.in || die "setuid"
77
78 autoconf || die "autoconf failed"
79 }
80
81 src_compile() {
82 local myconf
83
84 addwrite /dev/ptmx
85
86 # make sure .sbss is large enough
87 use skey && use alpha && append-ldflags -mlarge-data
88 if use ldap ; then
89 filter-flags -funroll-loops
90 append-ldflags -lldap
91 append-flags -DWITH_LDAP_PUBKEY
92 fi
93 use selinux && append-flags "-DWITH_SELINUX"
94
95 if use static ; then
96 append-ldflags -static
97 use pam && ewarn "Disabling pam support becuse of static flag"
98 myconf="${myconf} --without-pam"
99 else
100 myconf="${myconf} $(use_with pam)"
101 fi
102
103 use ipv6 || myconf="${myconf} --with-ipv4-default"
104
105 econf \
106 --with-ldflags="${LDFLAGS}" \
107 --disable-strip \
108 --sysconfdir=/etc/ssh \
109 --libexecdir=/usr/$(get_libdir)/misc \
110 --datadir=/usr/share/openssh \
111 --disable-suid-ssh \
112 --with-privsep-path=/var/empty \
113 --with-privsep-user=sshd \
114 --with-md5-passwords \
115 $(use_with libedit) \
116 $(use_with kerberos kerberos5 /usr) \
117 $(use_with tcpd tcp-wrappers) \
118 $(use_with skey) \
119 $(use_with smartcard opensc) \
120 ${myconf} \
121 || die "bad configure"
122
123 emake || die "compile problem"
124 }
125
126 src_install() {
127 make install-nokeys DESTDIR="${D}" || die
128 fperms 600 /etc/ssh/sshd_config
129 dobin contrib/ssh-copy-id
130 newinitd "${FILESDIR}"/sshd.rc6 sshd
131 keepdir /var/empty
132
133 newpamd "${FILESDIR}"/sshd.pam_include sshd
134 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
135 use pam \
136 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
137 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
138
139 doman contrib/ssh-copy-id.1
140 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
141 }
142
143 pkg_postinst() {
144 enewgroup sshd 22
145 enewuser sshd 22 -1 /var/empty sshd
146
147 ewarn "Remember to merge your config files in /etc/ssh/ and then"
148 ewarn "restart sshd: '/etc/init.d/sshd restart'."
149 ewarn
150 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
151 einfo "functionality, but please ensure that you do not explicitly disable"
152 einfo "this in your configuration as disabling it opens security holes"
153 einfo
154 einfo "This revision has removed your sshd user id and replaced it with a"
155 einfo "new one with UID 22. If you have any scripts or programs that"
156 einfo "that referenced the old UID directly, you will need to update them."
157 einfo
158 if use pam ; then
159 einfo "Please be aware users need a valid shell in /etc/passwd"
160 einfo "in order to be allowed to login."
161 einfo
162 fi
163 }

  ViewVC Help
Powered by ViewVC 1.1.20