changeset 409:0b7acfc69fec

network/openssh: add uid/gid and PAM
author David Demelier <markand@malikania.fr>
date Thu, 04 Apr 2019 20:05:00 +0200
parents 35eeda73d259
children 67e2013ed8f3
files HOWTO.md UIDS_GIDS.md network/openssh/openssh.sh
diffstat 3 files changed, 37 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/HOWTO.md	Wed Apr 03 20:18:00 2019 +0200
+++ b/HOWTO.md	Thu Apr 04 20:05:00 2019 +0200
@@ -132,6 +132,9 @@
 Warning: if you need to change file permissions, do it *ONLY* in a post install
 script as users may have set different numeric id than the package defaults.
 
+Once you need a new UID/GID, edit the file UIDS_GIDS.md in the repository
+accordingly.
+
 ## Options
 
 Some packages are configurable via compile time options. Check the variable
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/UIDS_GIDS.md	Thu Apr 04 20:05:00 2019 +0200
@@ -0,0 +1,13 @@
+vanilla reserved UIDs and GIDs
+==============================
+
+Users and groups are created once needed at package installation. It's perfectly
+safe to reuse the same UID/GID for different packages (example www, mail).
+
+You may think of UID/GID just like a simple package dependency.
+
+The following UID/GID are defined:
+
+| uid        | gid        | package(s) |
+|----------- |------------|------------|
+| sshd (100) | sshd (100) | openssh    |
--- a/network/openssh/openssh.sh	Wed Apr 03 20:18:00 2019 +0200
+++ b/network/openssh/openssh.sh	Thu Apr 04 20:05:00 2019 +0200
@@ -21,14 +21,32 @@
 PKGLICENSE="BSD"
 PKGSUMMARY="OpenBSD ssh implementation"
 PKGDOWNLOAD="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$PKGNAME-$PKGVERSION.tar.gz"
+PKGOPTIONS="PAM SELINUX"
+PKGUIDS="sshd:100"
+PKGGIDS="sshd:100"
 PKGPROTECT="etc/ssh/ssh_config etc/ssh/sshd_config"
 
 : ${CHOST:=$(uname -m)-linux-musl}
 : ${CBUILD:=$(uname -m)-linux-musl}
-: ${CC:=gcc}
+: ${CC:=clang}
 : ${CFLAGS:=-O2}
 : ${LDFLAGS:=}
 : ${LIBS:=}
+: ${PAM:=yes}
+: ${SELINUX:=no}
+
+if [ "$PAM" = "yes" ]; then
+	PKGDEPENDS="security/linux-pam $PKGDEPENDS"
+	with_pam="--with-pam"
+else
+	with_pam="--without-pam"
+fi
+
+if [ "$SELINUX" = "yes" ]; then
+	with_selinux="--with-selinux"
+else
+	with_selinux="--without-selinux"
+fi
 
 build()
 {
@@ -49,9 +67,9 @@
 		--host=$CHOST \
 		--prefix=/usr \
 		--sysconfdir=/etc/ssh \
-		--without-pam \
 		--with-pid-dir=/var/run \
-		--without-selinux
+		$with_pam \
+		$with_selinux
 	make
 	make install DESTDIR=$DESTDIR
 	install -D -m 0644 ../sshd /etc/rc.d/sshd