Mercurial > vanilla
changeset 409:0b7acfc69fec
network/openssh: add uid/gid and PAM
author | David Demelier <markand@malikania.fr> |
---|---|
date | Thu, 04 Apr 2019 20:05:00 +0200 |
parents | 35eeda73d259 |
children | 67e2013ed8f3 |
files | HOWTO.md UIDS_GIDS.md network/openssh/openssh.sh |
diffstat | 3 files changed, 37 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/HOWTO.md Wed Apr 03 20:18:00 2019 +0200 +++ b/HOWTO.md Thu Apr 04 20:05:00 2019 +0200 @@ -132,6 +132,9 @@ Warning: if you need to change file permissions, do it *ONLY* in a post install script as users may have set different numeric id than the package defaults. +Once you need a new UID/GID, edit the file UIDS_GIDS.md in the repository +accordingly. + ## Options Some packages are configurable via compile time options. Check the variable
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/UIDS_GIDS.md Thu Apr 04 20:05:00 2019 +0200 @@ -0,0 +1,13 @@ +vanilla reserved UIDs and GIDs +============================== + +Users and groups are created once needed at package installation. It's perfectly +safe to reuse the same UID/GID for different packages (example www, mail). + +You may think of UID/GID just like a simple package dependency. + +The following UID/GID are defined: + +| uid | gid | package(s) | +|----------- |------------|------------| +| sshd (100) | sshd (100) | openssh |
--- a/network/openssh/openssh.sh Wed Apr 03 20:18:00 2019 +0200 +++ b/network/openssh/openssh.sh Thu Apr 04 20:05:00 2019 +0200 @@ -21,14 +21,32 @@ PKGLICENSE="BSD" PKGSUMMARY="OpenBSD ssh implementation" PKGDOWNLOAD="https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$PKGNAME-$PKGVERSION.tar.gz" +PKGOPTIONS="PAM SELINUX" +PKGUIDS="sshd:100" +PKGGIDS="sshd:100" PKGPROTECT="etc/ssh/ssh_config etc/ssh/sshd_config" : ${CHOST:=$(uname -m)-linux-musl} : ${CBUILD:=$(uname -m)-linux-musl} -: ${CC:=gcc} +: ${CC:=clang} : ${CFLAGS:=-O2} : ${LDFLAGS:=} : ${LIBS:=} +: ${PAM:=yes} +: ${SELINUX:=no} + +if [ "$PAM" = "yes" ]; then + PKGDEPENDS="security/linux-pam $PKGDEPENDS" + with_pam="--with-pam" +else + with_pam="--without-pam" +fi + +if [ "$SELINUX" = "yes" ]; then + with_selinux="--with-selinux" +else + with_selinux="--without-selinux" +fi build() { @@ -49,9 +67,9 @@ --host=$CHOST \ --prefix=/usr \ --sysconfdir=/etc/ssh \ - --without-pam \ --with-pid-dir=/var/run \ - --without-selinux + $with_pam \ + $with_selinux make make install DESTDIR=$DESTDIR install -D -m 0644 ../sshd /etc/rc.d/sshd