Install default config files as *.sample instead of overwriting existing ones.

Note: The PR includes diffs to cope with WITHOUT_X11 env, but this was already committed by knu-san. So I just added CONFIGURE_ARGS line, please verify it. PR: ports/35385 Submitted by: maintainer
svn path=/head/; revision=59308
2002-05-17 09:20:47 +00:00 · 2002-05-17 09:20:47 +00:00 · 61824bf696 · 2021-03-31 03:12:20 +00:00
commit 61824bf696
parent 9ed083eb0b
2 changed files with 46 additions and 25 deletions
--- a/security/ssh2/Makefile
+++ b/security/ssh2/Makefile
@ -7,7 +7,8 @@

 PORTNAME=	ssh2
 PORTVERSION=	3.1.0
-CATEGORIES=	security
+PORTREVISION=	1
+CATEGORIES=	security ipv6
 MASTER_SITES=	ftp://ftp.ssh.com/pub/ssh/ \
 		ftp://sunsite.unc.edu/pub/packages/security/ssh/ \
 		ftp://ftp.kyoto.wide.ad.jp/pub/security/ssh/ \
@ -24,20 +25,31 @@ MAINTAINER=	larse@ISI.EDU

 GNU_CONFIGURE=	YES

-CONFIGURE_ARGS=	--with-etcdir=${PREFIX}/etc/ssh2
-#Uncomment if all your users are in their own group and their homedir
-#is writeable by that group.  Beware the security implications!
+CONFIGURE_ARGS=	--with-etcdir=${SSH2_ETC} --disable-debug
+
+SSH2_ETC=	${PREFIX}/etc/ssh2
+SSH2_RCD=	${PREFIX}/etc/rc.d
+CONFIG_FILES=	ssh2_config sshd2_config
+
+# Uncomment if all your users are in their own group and their homedir
+# is writeable by that group.  Beware the security implications!
+#
 #CONFIGURE_ARGS+=	--enable-group-writeability

-.include <bsd.port.pre.mk>
+# Kerberos support is untested.
+#
+#.if defined(KRB5_HOME) && exists(${KRB5_HOME})
+#CONFIGURE_ARGS+=--with-kerberos5=${KRB5_HOME} --disable-suid-ssh-signer
+#.endif

-# Include tcp_wrappers support (automaticlly YES if /usr/include/tcpd.h exists)
-#WITH_TCPWRAP=	yes
-
-.if exists(/usr/include/tcpd.h) && !defined(WITHOUT_TCPWRAP)
+# Auto-configure tcp_wrappers support.
+#
+.if exists(/usr/include/tcpd.h) && !defined(WITHOUT_TCPWRAP) && \
+	!defined(WITHOUT_TCPWRAP)
 CONFIGURE_ARGS+=	--with-libwrap
 .elif defined(WITH_TCPWRAP)
 CONFIGURE_ARGS+=	--with-libwrap="-L${LOCALBASE}/lib -lwrap"
+
 LIB_DEPENDS+=	wrap.7:${PORTSDIR}/security/tcp_wrapper
 .endif

@ -46,9 +58,12 @@ LIB_DEPENDS+=	wrap.7:${PORTSDIR}/security/tcp_wrapper
 USE_XLIB=	yes
 PLIST_SUB=	WITH_X11:=""
 .else
+CONFIGURE_ARGS+=	--without-x
 PLIST_SUB=	WITH_X11:="@comment "
 .endif

+.include <bsd.port.pre.mk>
+
 MAN1=		ssh2.1 ssh-keygen2.1 ssh-add2.1 ssh-agent2.1 scp2.1 sftp2.1 \
 		sshregex.1 ssh-probe2.1 ssh-dummy-shell.1 ssh-pubkeymgr.1 \
 		ssh-chrootmgr.1
@ -62,21 +77,32 @@ MANCOMPRESSED=	no
 PORTDOCS=	BUG.REPORT CHANGES FAQ INSTALL LICENSE MANIFEST NEWS README \
 		REGEX-SYNTAX SSH2.QUICKSTART

-post-install:
+post-install: install-config-files
 .if !defined(NOPORTDOCS)
 	${MKDIR} ${DOCSDIR}
 .for i in ${PORTDOCS}
 	${INSTALL_DATA} ${WRKSRC}/$i ${DOCSDIR}
 .endfor
 .endif
-#
-	@if [ "`grep ssh /etc/inetd.conf|grep -v ^#ssh`" = "" ]; then \
-	    if [ ! -f ${PREFIX}/etc/rc.d/sshd.sh ]; then \
-		${ECHO} "Installing ${PREFIX}/etc/rc.d/sshd.sh startup file."; \
+	@if [ ! -f ${SSH2_ETC}/hostkey ]; then \
+	    ${ECHO} "Generating a secret host key..."; \
+	    ${PREFIX}/bin/ssh-keygen2 -P -b 1024 -t dsa ${SSH2_ETC}/hostkey; \
+	fi; \
+	if [ "`grep ssh /etc/inetd.conf|grep -v ^#ssh`" = "" ]; then \
+	    if [ ! -f ${SSH2_RCD}/sshd.sh ]; then \
+		${ECHO} "Installing ${SSH2_RCD}/sshd.sh startup file."; \
 		${SED} -e 's+!!PREFIX!!+${PREFIX}+' < ${FILESDIR}/sshd.sh \
-			> ${PREFIX}/etc/rc.d/sshd.sh; \
-		${CHMOD} 751 ${PREFIX}/etc/rc.d/sshd.sh; \
+			> ${SSH2_RCD}/sshd.sh; \
+		${CHMOD} 751 ${SSH2_RCD}/sshd.sh; \
 	    fi; \
 	fi

+install-config-files:
+.for file in ${CONFIG_FILES}
+	${INSTALL_DATA} ${WRKSRC}/apps/ssh/${file} ${SSH2_ETC}/${file}.sample
+.if !exists(${SSH2_ETC}/${file})
+	${INSTALL_DATA} ${WRKSRC}/apps/ssh/${file} ${SSH2_ETC}
+.endif
+.endfor
+
 .include <bsd.port.post.mk>
--- a/security/ssh2/pkg-plist
+++ b/security/ssh2/pkg-plist
@ -2,11 +2,11 @@ bin/ssh2
 bin/scp2
 bin/sftp2
 bin/ssh-agent2
+%%WITH_X11:%%bin/ssh-askpass2
 bin/ssh-keygen2
 bin/ssh-add2
 bin/ssh-signer2
 bin/ssh-probe2
-%%WITH_X11:%%bin/ssh-askpass2
 bin/ssh-pam-client
 bin/sftp-server2
 bin/ssh-dummy-shell
@ -23,18 +23,13 @@ bin/sftp-server
 bin/ssh-signer
 bin/ssh-probe
 etc/rc.d/sshd.sh
-etc/ssh2/hostkey
-etc/ssh2/hostkey.pub
-etc/ssh2/sshd2_config
-etc/ssh2/ssh2_config
+etc/ssh2/sshd2_config.sample
+etc/ssh2/ssh2_config.sample
 etc/ssh2/ssh_dummy_shell.out
 sbin/sshd2
 sbin/sshd-check-conf
 sbin/sshd
-@dirrm etc/ssh2/knownhosts
-@dirrm etc/ssh2/hostkeys
-@dirrm etc/ssh2
-@exec if [ ! -f %D/etc/ssh2/hostkey ]; then umask 022; echo "Generating 1024 bit host key."; %D/bin/ssh-keygen2 -P -b 1024 -t dsa -c "1024-bit dsa hostkey" -o %D/etc/ssh2/hostkey;  fi
+@exec if [ ! -f %D/etc/ssh2/hostkey ]; then umask 022; echo "Generating 1024 bit host key."; %D/bin/ssh-keygen2 -P -b 1024 -t dsa %D/etc/ssh2/hostkey;  fi
 %%PORTDOCS%%share/doc/ssh2/BUG.REPORT
 %%PORTDOCS%%share/doc/ssh2/CHANGES
 %%PORTDOCS%%share/doc/ssh2/FAQ