/[gentoo-x86]/net-misc/openssh/openssh-4.3_p2-r1.ebuild
Gentoo

Contents of /net-misc/openssh/openssh-4.3_p2-r1.ebuild

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.20 - (hide annotations) (download)
Sat Dec 30 02:02:58 2006 UTC (13 years, 1 month ago) by vapier
Branch: MAIN
CVS Tags: HEAD
Changes since 1.19: +1 -1 lines
FILE REMOVED
old

1 pebenito 1.1 # Copyright 1999-2006 Gentoo Foundation
2     # Distributed under the terms of the GNU General Public License v2
3 vapier 1.20 # $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.3_p2-r1.ebuild,v 1.19 2006/12/07 08:44:26 flameeyes Exp $
4 pebenito 1.1
5     inherit eutils flag-o-matic ccc pam
6    
7     # Make it more portable between straight releases
8     # and _p? releases.
9     PARCH=${P/_/}
10    
11     X509_PATCH="${PARCH}+x509-5.3.diff.gz"
12     SECURID_PATCH="${PARCH}+SecurID_v1.3.2.patch"
13 lcars 1.2 LDAP_PATCH="${PARCH/-4.3p2/-lpk-4.3p1}-0.3.7.patch"
14 pebenito 1.1 HPN_PATCH="${PARCH/p2/p1}-hpn11.diff"
15    
16     DESCRIPTION="Port of OpenBSD's free SSH release"
17     HOMEPAGE="http://www.openssh.com/"
18     SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz
19     hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )
20     X509? ( http://roumenpetrov.info/openssh/x509-5.3/${X509_PATCH} )
21 lcars 1.2 smartcard? ( http://www.omniti.com/~jesus/projects/${SECURID_PATCH} )
22 lcars 1.14 ldap? ( http://www.opendarwin.org/projects/openssh-lpk/files/${LDAP_PATCH} )"
23 pebenito 1.1
24     LICENSE="as-is"
25     SLOT="0"
26 flameeyes 1.17 KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86"
27 pebenito 1.1 IUSE="ipv6 static pam tcpd kerberos skey selinux chroot X509 ldap smartcard sftplogging hpn libedit"
28    
29     RDEPEND="pam? ( virtual/pam )
30     kerberos? ( virtual/krb5 )
31     selinux? ( >=sys-libs/libselinux-1.28 )
32     skey? ( >=app-admin/skey-1.1.5-r1 )
33     ldap? ( net-nds/openldap )
34 flameeyes 1.19 libedit? ( dev-libs/libedit )
35 pebenito 1.1 >=dev-libs/openssl-0.9.6d
36     >=sys-libs/zlib-1.2.3
37     smartcard? ( dev-libs/opensc )
38 kumba 1.16 tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
39     sys-apps/shadow"
40    
41 pebenito 1.1 DEPEND="${RDEPEND}
42     virtual/os-headers
43     sys-devel/autoconf"
44 kumba 1.16
45    
46 pebenito 1.1 PROVIDE="virtual/ssh"
47    
48     S=${WORKDIR}/${PARCH}
49    
50     src_unpack() {
51     unpack ${PARCH}.tar.gz
52     cd "${S}"
53    
54     sed -i \
55     -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \
56     pathnames.h || die
57    
58 vapier 1.18 epatch "${FILESDIR}"/openssh-4.3_p2-configure.patch #137921
59 pebenito 1.1 epatch "${FILESDIR}"/openssh-4.3_p1-krb5-typos.patch #124494
60     use X509 && epatch "${DISTDIR}"/${X509_PATCH}
61     use sftplogging && epatch "${FILESDIR}"/openssh-4.2_p1-sftplogging-1.4-gentoo.patch.bz2
62     use chroot && epatch "${FILESDIR}"/openssh-3.9_p1-chroot.patch
63 vapier 1.3 if use X509 ; then
64     cp "${FILESDIR}"/openssh-4.3_p2-selinux.patch .
65     epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch.glue ./openssh-4.3_p2-selinux.patch
66     else
67     epatch "${FILESDIR}"/openssh-4.3_p2-selinux.patch
68     fi
69 pebenito 1.1 use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch
70     if ! use X509 ; then
71     if [[ -n ${SECURID_PATCH} ]] && use smartcard ; then
72     epatch "${DISTDIR}"/${SECURID_PATCH}
73     use ldap && epatch "${FILESDIR}"/openssh-4.0_p1-smartcard-ldap-happy.patch
74     fi
75     if use ldap ; then
76     use sftplogging \
77     && ewarn "Sorry, sftplogging and ldap don't get along, disabling ldap" \
78     || epatch "${DISTDIR}"/${LDAP_PATCH}
79     fi
80     elif [[ -n ${SECURID_PATCH} ]] && use smartcard || use ldap ; then
81     ewarn "Sorry, x509 and smartcard/ldap don't get along"
82     fi
83     [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH}
84    
85     sed -i '/LD.*ssh-keysign/s:$: '$(bindnow-flags)':' Makefile.in || die "setuid"
86    
87     autoconf || die "autoconf failed"
88     }
89    
90     src_compile() {
91     addwrite /dev/ptmx
92     addpredict /etc/skey/skeykeys #skey configure code triggers this
93    
94     local myconf
95     # make sure .sbss is large enough
96     use skey && use alpha && append-ldflags -mlarge-data
97     if use ldap ; then
98     filter-flags -funroll-loops
99     myconf="${myconf} --with-ldap"
100     fi
101     use selinux && append-flags -DWITH_SELINUX && append-ldflags -lselinux
102    
103     if use static ; then
104     append-ldflags -static
105     use pam && ewarn "Disabling pam support becuse of static flag"
106     myconf="${myconf} --without-pam"
107     else
108     myconf="${myconf} $(use_with pam)"
109     fi
110    
111     use ipv6 || myconf="${myconf} --with-ipv4-default"
112    
113     econf \
114     --with-ldflags="${LDFLAGS}" \
115     --disable-strip \
116     --sysconfdir=/etc/ssh \
117     --libexecdir=/usr/$(get_libdir)/misc \
118     --datadir=/usr/share/openssh \
119     --disable-suid-ssh \
120     --with-privsep-path=/var/empty \
121     --with-privsep-user=sshd \
122     --with-md5-passwords \
123     $(use_with libedit) \
124     $(use_with kerberos kerberos5 /usr) \
125     $(use_with tcpd tcp-wrappers) \
126     $(use_with skey) \
127     $(use_with smartcard opensc) \
128     ${myconf} \
129     || die "bad configure"
130    
131     emake || die "compile problem"
132     }
133    
134     src_install() {
135     make install-nokeys DESTDIR="${D}" || die
136     fperms 600 /etc/ssh/sshd_config
137     dobin contrib/ssh-copy-id
138     newinitd "${FILESDIR}"/sshd.rc6 sshd
139     newconfd "${FILESDIR}"/sshd.confd sshd
140     keepdir /var/empty
141    
142     newpamd "${FILESDIR}"/sshd.pam_include sshd
143     dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config
144     use pam \
145     && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \
146     && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config
147    
148     doman contrib/ssh-copy-id.1
149     dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config
150     }
151    
152     pkg_postinst() {
153     enewgroup sshd 22
154     enewuser sshd 22 -1 /var/empty sshd
155    
156     ewarn "Remember to merge your config files in /etc/ssh/ and then"
157     ewarn "restart sshd: '/etc/init.d/sshd restart'."
158     ewarn
159     einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"
160     einfo "functionality, but please ensure that you do not explicitly disable"
161     einfo "this in your configuration as disabling it opens security holes"
162     einfo
163     einfo "This revision has removed your sshd user id and replaced it with a"
164     einfo "new one with UID 22. If you have any scripts or programs that"
165     einfo "that referenced the old UID directly, you will need to update them."
166     einfo
167     if use pam ; then
168     einfo "Please be aware users need a valid shell in /etc/passwd"
169     einfo "in order to be allowed to login."
170     einfo
171     fi
172     }

  ViewVC Help
Powered by ViewVC 1.1.20