diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2002-06-26 04:05:57 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2002-06-26 04:05:57 +0000 |
| commit | 7c4811d9a7898f404a9593e455f5a40011d35566 (patch) | |
| tree | 75f29fca4fbe6e0d52044fe426f254650647d884 | |
| parent | 6b75f866310c3ebf514c8459e55fb2ceeab5e9b2 (diff) | |
| download | freebsd-ports-7c4811d9a7898f404a9593e455f5a40011d35566.zip | |
Migrate configuration files to $PREFIX/etc/ssh/
Add ${PREFIX}/etc/rc.d/sshd.sh.sample
| -rw-r--r-- | security/hpn-ssh/Makefile | 41 | ||||
| -rw-r--r-- | security/hpn-ssh/files/patch-misc.c | 13 | ||||
| -rw-r--r-- | security/hpn-ssh/files/sshd.sh | 24 | ||||
| -rw-r--r-- | security/hpn-ssh/pkg-plist | 26 | ||||
| -rw-r--r-- | security/openssh-portable/Makefile | 41 | ||||
| -rw-r--r-- | security/openssh-portable/files/patch-misc.c | 13 | ||||
| -rw-r--r-- | security/openssh-portable/files/sshd.sh | 24 | ||||
| -rw-r--r-- | security/openssh-portable/pkg-plist | 26 |
8 files changed, 156 insertions, 52 deletions
diff --git a/security/hpn-ssh/Makefile b/security/hpn-ssh/Makefile index 204b61faec5f..9ba5fd1725e4 100644 --- a/security/hpn-ssh/Makefile +++ b/security/hpn-ssh/Makefile @@ -7,7 +7,7 @@ PORTNAME= openssh PORTVERSION= 3.3p1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \ @@ -24,10 +24,11 @@ MAN8= sftp-server.8 sshd.8 ssh-keysign.8 CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto GNU_CONFIGURE= yes CONFIGURE_ARGS+= --prefix=${PREFIX} --with-md5-passwords -CLEAN= etc/ssh_config etc/sshd_config etc/moduli \ - etc/ssh_host_key etc/ssh_host_key.pub \ - etc/ssh_host_dsa_key etc/ssh_host_dsa_key.pub \ - etc/ssh_host_rsa_key etc/ssh_host_rsa_key.pub +PRECIOUS= ssh_config sshd_config \ + ssh_host_key ssh_host_key.pub \ + ssh_host_rsa_key ssh_host_rsa_key.pub \ + ssh_host_dsa_key ssh_host_dsa_key.pub +ETCOLD= ${PREFIX}/etc .if exists(/usr/include/security/pam_modules.h) CONFIGURE_ARGS+= --with-pam @@ -46,12 +47,19 @@ USE_OPENSSL_BASE= yes PKGNAMESUFFIX= -overwrite-base PREFIX= /usr MANPREFIX= ${PREFIX}/share -CONFIGURE_ARGS+= --mandir=${MANPREFIX}/man \ - --sysconfdir=/etc/ssh --localstatedir=/var -EMPTYDIR= ${PREFIX}/empty +CONFIGURE_ARGS+= --mandir=${MANPREFIX}/man --localstatedir=/var +EMPTYDIR= /var/empty +ETCSSH= /etc/ssh .else +.if exists(/var/empty) EMPTYDIR= /var/empty +.else +EMPTYDIR= ${PREFIX}/empty +.endif +ETCSSH= ${PREFIX}/etc/ssh .endif +PLIST_SUB+= EMPTYDIR=${EMPTYDIR} +CONFIGURE_ARGS+= --sysconfdir=${ETCSSH} CONFIGURE_ARGS+= --with-privsep-path=${EMPTYDIR} .if defined(BATCH) @@ -79,17 +87,30 @@ post-patch: pre-configure: @${ECHO_MSG} !!!! Warning this option uses autoconf/autoheader !!! (cd ${CONFIGURE_WRKSRC} && ${SETENV} ${AUTOCONF_ENV} ${AUTOCONF} \ - ${AUTOCONF_ARGS}) + ${AUTOCONF_ARGS}) (cd ${CONFIGURE_WRKSRC} && ${SETENV} ${AUTOCONF_ENV} ${AUTOHEADER}) .endif +post-configure: + ${SED} -e 's:__PREFIX__:${PREFIX}:g' \ + ${FILESDIR}/sshd.sh > ${WRKSRC}/sshd.sh + pre-install: - -${MKDIR} ${EMPTYDIR} + -${MKDIR} ${PREFIX}/empty if ! pw groupshow sshd; then pw groupadd sshd -g 22; fi if ! pw usershow sshd; then pw useradd sshd -g sshd -u 22 \ -h - -d ${EMPTYDIR} -s /nonexistent -c "sshd privilege separation"; fi + -@[ ! -d ${ETCSSH} ] && ${MKDIR} ${ETCSSH} +.for i in ${PRECIOUS} + -@[ -f ${ETCOLD}/${i} ] && [ ! -f ${ETCSSH}/${i} ] && \ + ${ECHO_MSG} ">> Linking ${ETCSSH}/${i} from old layout." && \ + ${LN} ${ETCOLD}/${i} ${ETCSSH}/${i} +.endfor post-install: + ${INSTALL_SCRIPT} ${WRKSRC}/sshd.sh ${PREFIX}/etc/rc.d/sshd.sh.sample + ${INSTALL_DATA} -c ${WRKSRC}/ssh_config.out ${ETCSSH}/ssh_config-dist + ${INSTALL_DATA} -c ${WRKSRC}/sshd_config.out ${ETCSSH}/sshd_config-dist @${CAT} ${PKGMESSAGE} .include <bsd.port.pre.mk> diff --git a/security/hpn-ssh/files/patch-misc.c b/security/hpn-ssh/files/patch-misc.c deleted file mode 100644 index 0f8ef065fec0..000000000000 --- a/security/hpn-ssh/files/patch-misc.c +++ /dev/null @@ -1,13 +0,0 @@ ---- misc.c.orig Thu Apr 12 22:09:37 2001 -+++ misc.c Sat May 26 15:39:25 2001 -@@ -111,6 +111,10 @@ - copy->pw_class = xstrdup(pw->pw_class); - copy->pw_dir = xstrdup(pw->pw_dir); - copy->pw_shell = xstrdup(pw->pw_shell); -+#ifdef __FreeBSD__ -+ copy->pw_expire = pw->pw_expire; -+ copy->pw_change = pw->pw_change; -+#endif /* __FreeBSD__ */ - return copy; - } - diff --git a/security/hpn-ssh/files/sshd.sh b/security/hpn-ssh/files/sshd.sh new file mode 100644 index 000000000000..ba52de02fe7b --- /dev/null +++ b/security/hpn-ssh/files/sshd.sh @@ -0,0 +1,24 @@ +#!/bin/sh +case "$1" in +start) + __PREFIX__/sbin/sshd + echo -n ' sshd' + ;; +stop) + if [ -f /var/run/sshd.pid ]; then + kill -TERM `cat /var/run/sshd.pid` + rm -f /var/run/sshd.pid + echo -n ' sshd' + fi + ;; +restart) + if [ -f /var/run/sshd.pid ]; then + kill -HUP `cat /var/run/sshd.pid` + echo 'sshd restarted' + fi + ;; +*) + echo "Usage: ${0##*/}: { start | stop | restart }" 2>&1 + exit 65 + ;; +esac diff --git a/security/hpn-ssh/pkg-plist b/security/hpn-ssh/pkg-plist index 8a4040e3b7c0..d3f7dab7b47c 100644 --- a/security/hpn-ssh/pkg-plist +++ b/security/hpn-ssh/pkg-plist @@ -1,17 +1,37 @@ @comment slogin must be deleted first bin/slogin -bin/ssh bin/scp +bin/sftp +bin/ssh bin/ssh-add bin/ssh-agent bin/ssh-keygen bin/ssh-keyscan -bin/sftp +etc/rc.d/sshd.sh.sample +etc/ssh/moduli +@exec [ -f %D/etc/ssh_config ] && [ ! -f %D/etc/ssh/ssh_config ] && ln %D/etc/ssh_config %D/etc/ssh/ssh_config +@exec [ -f %D/etc/sshd_config ] && [ ! -f %D/etc/ssh/sshd_config ] && ln %D/etc/sshd_config %D/etc/ssh/sshd_config +@exec [ -f %D/etc/ssh_host_key ] && [ ! -f %D/etc/ssh/ssh_host_key ] && ln %D/etc/ssh_host_key %D/etc/ssh/ssh_host_key +@exec [ -f %D/etc/ssh_host_key.pub ] && [ ! -f %D/etc/ssh/ssh_host_key.pub ] && ln %D/etc/ssh_host_key.pub %D/etc/ssh/ssh_host_key.pub +@exec [ -f %D/etc/ssh_host_rsa_key ] && [ ! -f %D/etc/ssh/ssh_host_rsa_key ] && ln %D/etc/ssh_host_rsa_key %D/etc/ssh/ssh_host_rsa_key +@exec [ -f %D/etc/ssh_host_rsa_key.pub ] && [ ! -f %D/etc/ssh/ssh_host_rsa_key.pub ] && ln %D/etc/ssh_host_rsa_key.pub %D/etc/ssh/ssh_host_rsa_key.pub +@exec [ -f %D/etc/ssh_host_dsa_key ] && [ ! -f %D/etc/ssh/ssh_host_dsa_key ] && ln %D/etc/ssh_host_dsa_key %D/etc/ssh/ssh_host_dsa_key +@exec [ -f %D/etc/ssh_host_dsa_key.pub ] && [ ! -f %D/etc/ssh/ssh_host_dsa_key.pub ] && ln %D/etc/ssh_host_dsa_key.pub %D/etc/ssh/ssh_host_dsa_key.pub +@unexec if cmp -s %D/etc/ssh/ssh_config %D/etc/ssh/ssh_config-dist; then rm -f %D/etc/ssh/ssh_config; fi +@unexec if cmp -s %D/etc/ssh/sshd_config %D/etc/ssh/sshd_config-dist; then rm -f %D/etc/ssh/sshd_config; fi +etc/ssh/ssh_config-dist +etc/ssh/sshd_config-dist +@exec [ ! -f %D/etc/ssh/ssh_config ] && cp %D/etc/ssh/ssh_config-dist %D/etc/ssh/ssh_config +@exec [ ! -f %D/etc/ssh/sshd_config ] && cp %D/etc/ssh/sshd_config-dist %D/etc/ssh/sshd_config +@dirrm etc/ssh sbin/sshd share/Ssh.bin libexec/sftp-server libexec/ssh-keysign +@exec if [ ! -f %D/etc/ssh/ssh_host_key ]; then echo ">> Generating a secret RSA1 host key."; %D/bin/ssh-keygen -t rsa1 -N "" -f %D/etc/ssh/ssh_host_key; fi +@exec if [ ! -f %D/etc/ssh/ssh_host_rsa_key ]; then echo ">> Generating a secret RSA host key."; %D/bin/ssh-keygen -t rsa -N "" -f %D/etc/ssh/ssh_host_rsa_key; fi +@exec if [ ! -f %D/etc/ssh/ssh_host_dsa_key ]; then echo ">> Generating a secret DSA host key."; %D/bin/ssh-keygen -t dsa -N "" -f %D/etc/ssh/ssh_host_dsa_key; fi @exec mkdir -p %D/empty @dirrm empty @exec if ! pw groupshow sshd 2>/dev/null; then pw groupadd sshd -g 22; fi -@exec if ! pw usershow sshd 2>/dev/null; then pw useradd sshd -g sshd -u 22 -h - -d %D/empty -s /nonexistent -c "sshd privilege separation"; fi +@exec if ! pw usershow sshd 2>/dev/null; then pw useradd sshd -g sshd -u 22 -h - -d %%EMPTYDIR%% -s /nonexistent -c "sshd privilege separation"; fi diff --git a/security/openssh-portable/Makefile b/security/openssh-portable/Makefile index 204b61faec5f..9ba5fd1725e4 100644 --- a/security/openssh-portable/Makefile +++ b/security/openssh-portable/Makefile @@ -7,7 +7,7 @@ PORTNAME= openssh PORTVERSION= 3.3p1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security ipv6 MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ ftp://ftp.op.net/pub/OpenBSD/OpenSSH/portable/ \ @@ -24,10 +24,11 @@ MAN8= sftp-server.8 sshd.8 ssh-keysign.8 CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto GNU_CONFIGURE= yes CONFIGURE_ARGS+= --prefix=${PREFIX} --with-md5-passwords -CLEAN= etc/ssh_config etc/sshd_config etc/moduli \ - etc/ssh_host_key etc/ssh_host_key.pub \ - etc/ssh_host_dsa_key etc/ssh_host_dsa_key.pub \ - etc/ssh_host_rsa_key etc/ssh_host_rsa_key.pub +PRECIOUS= ssh_config sshd_config \ + ssh_host_key ssh_host_key.pub \ + ssh_host_rsa_key ssh_host_rsa_key.pub \ + ssh_host_dsa_key ssh_host_dsa_key.pub +ETCOLD= ${PREFIX}/etc .if exists(/usr/include/security/pam_modules.h) CONFIGURE_ARGS+= --with-pam @@ -46,12 +47,19 @@ USE_OPENSSL_BASE= yes PKGNAMESUFFIX= -overwrite-base PREFIX= /usr MANPREFIX= ${PREFIX}/share -CONFIGURE_ARGS+= --mandir=${MANPREFIX}/man \ - --sysconfdir=/etc/ssh --localstatedir=/var -EMPTYDIR= ${PREFIX}/empty +CONFIGURE_ARGS+= --mandir=${MANPREFIX}/man --localstatedir=/var +EMPTYDIR= /var/empty +ETCSSH= /etc/ssh .else +.if exists(/var/empty) EMPTYDIR= /var/empty +.else +EMPTYDIR= ${PREFIX}/empty +.endif +ETCSSH= ${PREFIX}/etc/ssh .endif +PLIST_SUB+= EMPTYDIR=${EMPTYDIR} +CONFIGURE_ARGS+= --sysconfdir=${ETCSSH} CONFIGURE_ARGS+= --with-privsep-path=${EMPTYDIR} .if defined(BATCH) @@ -79,17 +87,30 @@ post-patch: pre-configure: @${ECHO_MSG} !!!! Warning this option uses autoconf/autoheader !!! (cd ${CONFIGURE_WRKSRC} && ${SETENV} ${AUTOCONF_ENV} ${AUTOCONF} \ - ${AUTOCONF_ARGS}) + ${AUTOCONF_ARGS}) (cd ${CONFIGURE_WRKSRC} && ${SETENV} ${AUTOCONF_ENV} ${AUTOHEADER}) .endif +post-configure: + ${SED} -e 's:__PREFIX__:${PREFIX}:g' \ + ${FILESDIR}/sshd.sh > ${WRKSRC}/sshd.sh + pre-install: - -${MKDIR} ${EMPTYDIR} + -${MKDIR} ${PREFIX}/empty if ! pw groupshow sshd; then pw groupadd sshd -g 22; fi if ! pw usershow sshd; then pw useradd sshd -g sshd -u 22 \ -h - -d ${EMPTYDIR} -s /nonexistent -c "sshd privilege separation"; fi + -@[ ! -d ${ETCSSH} ] && ${MKDIR} ${ETCSSH} +.for i in ${PRECIOUS} + -@[ -f ${ETCOLD}/${i} ] && [ ! -f ${ETCSSH}/${i} ] && \ + ${ECHO_MSG} ">> Linking ${ETCSSH}/${i} from old layout." && \ + ${LN} ${ETCOLD}/${i} ${ETCSSH}/${i} +.endfor post-install: + ${INSTALL_SCRIPT} ${WRKSRC}/sshd.sh ${PREFIX}/etc/rc.d/sshd.sh.sample + ${INSTALL_DATA} -c ${WRKSRC}/ssh_config.out ${ETCSSH}/ssh_config-dist + ${INSTALL_DATA} -c ${WRKSRC}/sshd_config.out ${ETCSSH}/sshd_config-dist @${CAT} ${PKGMESSAGE} .include <bsd.port.pre.mk> diff --git a/security/openssh-portable/files/patch-misc.c b/security/openssh-portable/files/patch-misc.c deleted file mode 100644 index 0f8ef065fec0..000000000000 --- a/security/openssh-portable/files/patch-misc.c +++ /dev/null @@ -1,13 +0,0 @@ ---- misc.c.orig Thu Apr 12 22:09:37 2001 -+++ misc.c Sat May 26 15:39:25 2001 -@@ -111,6 +111,10 @@ - copy->pw_class = xstrdup(pw->pw_class); - copy->pw_dir = xstrdup(pw->pw_dir); - copy->pw_shell = xstrdup(pw->pw_shell); -+#ifdef __FreeBSD__ -+ copy->pw_expire = pw->pw_expire; -+ copy->pw_change = pw->pw_change; -+#endif /* __FreeBSD__ */ - return copy; - } - diff --git a/security/openssh-portable/files/sshd.sh b/security/openssh-portable/files/sshd.sh new file mode 100644 index 000000000000..ba52de02fe7b --- /dev/null +++ b/security/openssh-portable/files/sshd.sh @@ -0,0 +1,24 @@ +#!/bin/sh +case "$1" in +start) + __PREFIX__/sbin/sshd + echo -n ' sshd' + ;; +stop) + if [ -f /var/run/sshd.pid ]; then + kill -TERM `cat /var/run/sshd.pid` + rm -f /var/run/sshd.pid + echo -n ' sshd' + fi + ;; +restart) + if [ -f /var/run/sshd.pid ]; then + kill -HUP `cat /var/run/sshd.pid` + echo 'sshd restarted' + fi + ;; +*) + echo "Usage: ${0##*/}: { start | stop | restart }" 2>&1 + exit 65 + ;; +esac diff --git a/security/openssh-portable/pkg-plist b/security/openssh-portable/pkg-plist index 8a4040e3b7c0..d3f7dab7b47c 100644 --- a/security/openssh-portable/pkg-plist +++ b/security/openssh-portable/pkg-plist @@ -1,17 +1,37 @@ @comment slogin must be deleted first bin/slogin -bin/ssh bin/scp +bin/sftp +bin/ssh bin/ssh-add bin/ssh-agent bin/ssh-keygen bin/ssh-keyscan -bin/sftp +etc/rc.d/sshd.sh.sample +etc/ssh/moduli +@exec [ -f %D/etc/ssh_config ] && [ ! -f %D/etc/ssh/ssh_config ] && ln %D/etc/ssh_config %D/etc/ssh/ssh_config +@exec [ -f %D/etc/sshd_config ] && [ ! -f %D/etc/ssh/sshd_config ] && ln %D/etc/sshd_config %D/etc/ssh/sshd_config +@exec [ -f %D/etc/ssh_host_key ] && [ ! -f %D/etc/ssh/ssh_host_key ] && ln %D/etc/ssh_host_key %D/etc/ssh/ssh_host_key +@exec [ -f %D/etc/ssh_host_key.pub ] && [ ! -f %D/etc/ssh/ssh_host_key.pub ] && ln %D/etc/ssh_host_key.pub %D/etc/ssh/ssh_host_key.pub +@exec [ -f %D/etc/ssh_host_rsa_key ] && [ ! -f %D/etc/ssh/ssh_host_rsa_key ] && ln %D/etc/ssh_host_rsa_key %D/etc/ssh/ssh_host_rsa_key +@exec [ -f %D/etc/ssh_host_rsa_key.pub ] && [ ! -f %D/etc/ssh/ssh_host_rsa_key.pub ] && ln %D/etc/ssh_host_rsa_key.pub %D/etc/ssh/ssh_host_rsa_key.pub +@exec [ -f %D/etc/ssh_host_dsa_key ] && [ ! -f %D/etc/ssh/ssh_host_dsa_key ] && ln %D/etc/ssh_host_dsa_key %D/etc/ssh/ssh_host_dsa_key +@exec [ -f %D/etc/ssh_host_dsa_key.pub ] && [ ! -f %D/etc/ssh/ssh_host_dsa_key.pub ] && ln %D/etc/ssh_host_dsa_key.pub %D/etc/ssh/ssh_host_dsa_key.pub +@unexec if cmp -s %D/etc/ssh/ssh_config %D/etc/ssh/ssh_config-dist; then rm -f %D/etc/ssh/ssh_config; fi +@unexec if cmp -s %D/etc/ssh/sshd_config %D/etc/ssh/sshd_config-dist; then rm -f %D/etc/ssh/sshd_config; fi +etc/ssh/ssh_config-dist +etc/ssh/sshd_config-dist +@exec [ ! -f %D/etc/ssh/ssh_config ] && cp %D/etc/ssh/ssh_config-dist %D/etc/ssh/ssh_config +@exec [ ! -f %D/etc/ssh/sshd_config ] && cp %D/etc/ssh/sshd_config-dist %D/etc/ssh/sshd_config +@dirrm etc/ssh sbin/sshd share/Ssh.bin libexec/sftp-server libexec/ssh-keysign +@exec if [ ! -f %D/etc/ssh/ssh_host_key ]; then echo ">> Generating a secret RSA1 host key."; %D/bin/ssh-keygen -t rsa1 -N "" -f %D/etc/ssh/ssh_host_key; fi +@exec if [ ! -f %D/etc/ssh/ssh_host_rsa_key ]; then echo ">> Generating a secret RSA host key."; %D/bin/ssh-keygen -t rsa -N "" -f %D/etc/ssh/ssh_host_rsa_key; fi +@exec if [ ! -f %D/etc/ssh/ssh_host_dsa_key ]; then echo ">> Generating a secret DSA host key."; %D/bin/ssh-keygen -t dsa -N "" -f %D/etc/ssh/ssh_host_dsa_key; fi @exec mkdir -p %D/empty @dirrm empty @exec if ! pw groupshow sshd 2>/dev/null; then pw groupadd sshd -g 22; fi -@exec if ! pw usershow sshd 2>/dev/null; then pw useradd sshd -g sshd -u 22 -h - -d %D/empty -s /nonexistent -c "sshd privilege separation"; fi +@exec if ! pw usershow sshd 2>/dev/null; then pw useradd sshd -g sshd -u 22 -h - -d %%EMPTYDIR%% -s /nonexistent -c "sshd privilege separation"; fi |