--- openssh-3.6.1_p2-r3.ebuild 2003-09-13 00:49:49.000000000 +0000 +++ openssh-3.6.1_p2-r3_dt.ebuild 2003-09-13 00:51:10.000000000 +0000 @@ -12,7 +12,7 @@ S=${WORKDIR}/${PARCH} DESCRIPTION="Port of OpenBSD's free SSH release" HOMEPAGE="http://www.openssh.com/" -IUSE="ipv6 static pam tcpd kerberos selinux X509 skey" +IUSE="ipv6 static pam tcpd kerberos selinux X509 skey daemontools" SRC_URI="ftp://ftp.openbsd.org/pub/unix/OpenBSD/OpenSSH/portable/${PARCH}.tar.gz selinux? http://lostlogicx.com/gentoo/openssh_3.6p1-5.se1.diff.bz2 X509? http://roumenpetrov.info/openssh/x509g2/${X509_PATCH}" @@ -23,6 +23,7 @@ pam? ( >=sys-libs/pam-0.73 >=sys-apps/shadow-4.0.2-r2 ) kerberos? ( app-crypt/mit-krb5 ) + daemontools? ( >=sys-apps/daemontools-0.76 ) selinux? ( sys-apps/selinux-small ) afs? ( net-fs/openafs app-crypt/kth-krb ) : @@ -41,6 +42,18 @@ LICENSE="as-is" KEYWORDS="~x86 ~alpha" +pkg_setup() { + if use daemontools ; then + if ! grep -q ^sshlog /etc/group ; then + groupadd sshlog || die "Failed to add group: sshlog" + fi + + if ! grep -q ^sshlog /etc/passwd ; then + useradd -g sshlog -d /dev/null -s /dev/null sshlog || die "Failed to add user: sshlog" + fi + fi +} + src_unpack() { unpack ${PARCH}.tar.gz ; cd ${S} @@ -112,6 +125,17 @@ dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config insinto /etc/pam.d ; newins ${FILESDIR}/sshd.pam sshd exeinto /etc/init.d ; newexe ${FILESDIR}/sshd.rc6 sshd + if use daemontools && [ ! -d /etc/ssh/supervise ] ; then + diropts -m 755 -o root + dodir /etc/ssh/supervise /etc/ssh/supervise/log + exeinto /etc/ssh/supervise ; newexe ${FILESDIR}/sshd.supervise.run run + exeinto /etc/ssh/supervise/log ; newexe ${FILESDIR}/sshd.supervise.log run + + diropts -m 755 -o sshlog -g sshlog + dodir /var/log/sshd + keepdir /var/log/sshd + fi + touch ${D}/var/empty/.keep } @@ -129,6 +153,19 @@ # empty dir for the new priv separation auth chroot.. install -d -m0755 -o root -g root ${ROOT}/var/empty + if [ ! -e /etc/ssh/ssh_host_key ] ; then + einfo "Generating Hostkey..." + /usr/bin/ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N '' + fi + if [ ! -e /etc/ssh/ssh_host_dsa_key ] ; then + einfo "Generating DSA-Hostkey..." + /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' + fi + if [ ! -e /etc/ssh/ssh_host_rsa_key ] ; then + einfo "Generating RSA-Hostkey..." + /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' + fi + einfo einfo "Remember to merge your config files in /etc/ssh!" einfo "As of version 3.4 the default is to enable the UsePrivelegeSeparation"