/[gentoo-x86]/net-misc/openssh/openssh-4.0_p1-r2.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.0_p1-r2.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.20 - (show annotations) (download)
Sat Aug 25 17:41:37 2007 UTC (12 years, 3 months ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.19: +1 -1 lines
FILE REMOVED
old

1 # Copyright 1999-2007 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.0_p1-r2.ebuild,v 1.19 2007/08/04 05:13:07 metalgod Exp $
4
5 inherit eutils flag-o-matic ccc pam
6
7 # Make it more portable between straight releases
8 # and _p? releases.
9 PARCH=${P/_/}
10
11 SFTPLOG_PATCH_VER="1.2"
12 X509_PATCH="${PARCH}+x509-5.2.diff.gz"
13 SELINUX_PATCH="openssh-3.9_p1-selinux.diff"
14 SECURID_PATCH="${PARCH}+SecurID_v1.3.1.patch"
15 LDAP_PATCH="${PARCH/-/-lpk-}-0.3.6.patch"
16 HPN_PATCH="${PARCH}-hpn11.diff"
17
18 DESCRIPTION="Port of OpenBSD's free SSH release"
19 HOMEPAGE="http://www.openssh.com/"
20 SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
21 ldap? ( http://www.opendarwin.org/en/projects/openssh-lpk/files/${LDAP_PATCH} )
22 X509? ( http://roumenpetrov.info/openssh/x509-5.2/${X509_PATCH} )
23 hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
24 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )"
25
26 LICENSE="as-is"
27 SLOT="0"
28 KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"
29 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit"
30
31 RDEPEND="pam? ( virtual/pam )
32 kerberos? ( virtual/krb5 )
33 selinux? ( sys-libs/libselinux )
34 skey? ( >=app-admin/skey-1.1.5-r1 )
35 ldap? ( net-nds/openldap )
36 libedit? ( dev-libs/libedit )
37 >=dev-libs/openssl-0.9.6d
38 >=sys-libs/zlib-1.2.3
39 smartcard? ( dev-libs/opensc )
40 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )"
41 DEPEND="${RDEPEND}
42 virtual/os-headers
43 sys-devel/autoconf"
44 PROVIDE="virtual/ssh"
45
46 S=${WORKDIR}/${PARCH}
47
48 src_unpack() {
49 unpack ${PARCH}.tar.gz
50 cd "${S}"
51
52 sed -i \
53 -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
54 pathnames.h || die
55
56 epatch "${FILESDIR}"/openssh-3.9_p1-configure-openct.patch #78730
57 epatch "${FILESDIR}"/openssh-3.9_p1-kerberos-detection.patch #80811
58 epatch "${FILESDIR}"/openssh-4.2_p1-cross-compile.patch #120567
59
60 use X509 && epatch "${DISTDIR}"/${X509_PATCH}
61 use sftplogging && epatch "${FILESDIR}"/openssh-4.0_p1-sftplogging-1.2-gentoo.patch.bz2
62 use skey && epatch "${FILESDIR}"/openssh-3.9_p1-skey.patch
63 use chroot && epatch "${FILESDIR}"/openssh-3.9_p1-chroot.patch
64 use selinux && epatch "${FILESDIR}"/${SELINUX_PATCH}
65 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
66 if ! use X509 ; then
67 use smartcard && epatch "${DISTDIR}"/${SECURID_PATCH} "${FILESDIR}"/openssh-securid-1.3.1-updates.patch
68 use smartcard && use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
69 if use ldap ; then
70 use sftplogging \
71 && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
72 || epatch "${DISTDIR}"/${LDAP_PATCH}
73 fi
74 elif use smartcard || use ldap ; then
75 ewarn "Sorry, x509 and smartcard/ldap don't get along"
76 fi
77 use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
78
79 sed -i '/LD.*ssh-keysign/s:$: -Wl,-z,now:' Makefile.in || die "setuid"
80
81 autoconf || die "autoconf failed"
82 }
83
84 src_compile() {
85 local myconf
86
87 addwrite /dev/ptmx
88
89 # make sure .sbss is large enough
90 use skey && use alpha && append-ldflags -mlarge-data
91 if use ldap ; then
92 filter-flags -funroll-loops
93 myconf="${myconf} --with-ldap"
94 fi
95 use selinux && append-flags "-DWITH_SELINUX"
96
97 if use static ; then
98 append-ldflags -static
99 use pam && ewarn "Disabling pam support becuse of static flag"
100 myconf="${myconf} --without-pam"
101 else
102 myconf="${myconf} $(use_with pam)"
103 fi
104
105 use ipv6 || myconf="${myconf} --with-ipv4-default"
106
107 econf \
108 --with-ldflags="${LDFLAGS}" \
109 --disable-strip \
110 --sysconfdir=/etc/ssh \
111 --libexecdir=/usr/$(get_libdir)/misc \
112 --datadir=/usr/share/openssh \
113 --disable-suid-ssh \
114 --with-privsep-path=/var/empty \
115 --with-privsep-user=sshd \
116 --with-md5-passwords \
117 $(use_with libedit) \
118 $(use_with kerberos kerberos5 /usr) \
119 $(use_with tcpd tcp-wrappers) \
120 $(use_with skey) \
121 $(use_with smartcard opensc) \
122 ${myconf} \
123 || die "bad configure"
124
125 emake || die "compile problem"
126 }
127
128 src_install() {
129 make install-nokeys DESTDIR="${D}" || die
130 fperms 600 /etc/ssh/sshd_config
131 dobin contrib/ssh-copy-id
132 newinitd "${FILESDIR}"/sshd.rc6 sshd
133 newconfd "${FILESDIR}"/sshd.confd sshd
134 keepdir /var/empty
135
136 newpamd "${FILESDIR}"/sshd.pam_include sshd
137 dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
138 use pam \
139 && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
140 && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
141
142 doman contrib/ssh-copy-id.1
143 dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
144 }
145
146 pkg_postinst() {
147 enewgroup sshd 22
148 enewuser sshd 22 -1 /var/empty sshd
149
150 ewarn "Remember to merge your config files in /etc/ssh/ and then"
151 ewarn "restart sshd: '/etc/init.d/sshd restart'."
152 ewarn
153 einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
154 einfo "functionality, but please ensure that you do not explicitly disable"
155 einfo "this in your configuration as disabling it opens security holes"
156 einfo
157 einfo "This revision has removed your sshd user id and replaced it with a"
158 einfo "new one with UID 22. If you have any scripts or programs that"
159 einfo "that referenced the old UID directly, you will need to update them."
160 einfo
161 if use pam ; then
162 einfo "Please be aware users need a valid shell in /etc/passwd"
163 einfo "in order to be allowed to login."
164 einfo
165 fi
166 }

  ViewVC Help
Powered by ViewVC 1.1.20