# $NetBSD: Makefile.yp,v 1.23 2014/03/18 18:20:48 riastradh Exp $ # # This is the YP Makefile, used to create and push YP maps. # # Invoke with NOPUSH != "" to prevent the maps from being yppushed upon rebuild # NOPUSH?= "" # Password maps in standard YP are insecure, because the pw_passwd # field is accessible by any user. FreeBSD, NetBSD and OpenBSD have # a common solution: a secure map (generated with makedbm -s) can # only be accessed by a client bound to a privileged port. # # Uncomment out the following if you need compatibility with # sites that don't support this feature. # #INSECURE?= yes # Only include UID's >= ${MINUID} in the maps. Setting this to ~1000 # and using uid's > 1000 for users allows heterogeneous system support # where low numbered uids and gids may have different meanings. MINUID?= 0 MINGID?= 0 # In addition, by adding shadow to the list of rules we support # linux and solaris type shadow maps. YPDBDIR= /var/yp DIR= /etc AMDDIR= /etc/amd AMDMAPS= amd.home DOMAIN= ${.CURDIR:T} AWK= /usr/bin/awk CAT= /bin/cat CP= /bin/cp CUT= /usr/bin/cut ECHO= /bin/echo EGREP= /usr/bin/egrep MAKEDBM= /usr/sbin/makedbm MAKEDBM_S= ${MAKEDBM} -s MKALIAS= /usr/sbin/mkalias MKNETID= /usr/sbin/mknetid REVNETGROUP= /usr/sbin/revnetgroup RM= /bin/rm SED= /usr/bin/sed SENDMAIL= /usr/sbin/sendmail SORT= /usr/bin/sort STDETHERS= /usr/sbin/stdethers STDHOSTS= /usr/sbin/stdhosts -n TOUCH= /usr/bin/touch YPPUSH= /usr/sbin/yppush # We have a rule for ypservers, but we don't build it by default, since # it seldom changes (only when slaves are added/deleted). all: passwd aliases ${AMDMAPS} ethers group hosts ipnodes netgroup networks rpc services protocols netid __makedbmesc: .USEBEFORE if [ -f ${.ALLSRC} ]; then \ ${SED} -e "s/#.*$$//" ${.ALLSRC} | \ ${AWK} '{ \ if (NF == 0) \ printf("\n"); \ else { \ for (i = 1; i <= NF; i++) { \ if (i == NF) { \ if (substr($$i, length($$i), 1) == "\\") { \ printf("%s", substr($$i, 1, \ length($$i) - 1)); \ } else \ printf("%s\n", $$i); \ } else \ printf("%s ", $$i); \ } \ } \ }' | \ ${SED} -e "/^[ \t]*$$/d" | \ ${SORT} | ${MAKEDBM} - ${.ALLSRC:T}; \ fi passwd.time: ${DIR}/master.passwd -@if [ -f ${.ALLSRC} ]; then \ umask 077 ; \ if [ "${INSECURE}" != "yes" ]; then \ ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 | \ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) \ print $$1, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ ${SORT} | ${MAKEDBM} - passwd.byname; \ ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 |\ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) \ print $$3, $$1":*:"$$3":"$$4":"$$5":"$$6":"$$7 }' -|\ ${SORT} | ${MAKEDBM} - passwd.byuid; \ else \ ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 | \ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) \ print $$1, $$0 }' - | ${SORT} | \ ${MAKEDBM} - passwd.byname; \ ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-4,8-10 |\ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) \ print $$3, $$0 }' - | ${SORT} | \ ${MAKEDBM} - passwd.byuid; \ fi; \ ${CAT} ${.ALLSRC} | \ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) print $$1, $$0 }' - | ${SORT} | \ ${MAKEDBM_S} - master.passwd.byname; \ ${CAT} ${.ALLSRC} | \ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) print $$3, $$0 }' - | ${SORT} | \ ${MAKEDBM_S} - master.passwd.byuid; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated passwd"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} passwd.byname; \ ${YPPUSH} -d ${DOMAIN} passwd.byuid; \ ${YPPUSH} -d ${DOMAIN} master.passwd.byname; \ ${YPPUSH} -d ${DOMAIN} master.passwd.byuid; \ ${ECHO} "pushed passwd"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi # XXX: This does not do modify/expire time correctly. shadow.time: ${DIR}/master.passwd -@if [ -f ${.ALLSRC} ]; then \ umask 077 ; \ ${CAT} ${.ALLSRC} | ${CUT} -d: -f1-3 | \ ${AWK} -v minuid=${MINUID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (minuid <= $$3) \ print $$1, $$1":"$$2":10779:0:99999:7:::" }' - | \ ${SORT} | ${MAKEDBM_S} - shadow.byname; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated shadow"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} shadow.byname; \ ${ECHO} "pushed shadow"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi aliases.time: ${DIR}/mail/aliases -@if [ -f ${.ALLSRC} ]; then \ ${CP} -p ${.ALLSRC} ${DOMAIN}-aliases; \ ${SENDMAIL} -bi -oA${PWD}/${DOMAIN}-aliases; \ ${MAKEDBM} -u ${DOMAIN}-aliases | ${SORT} | \ ${EGREP} -v '(YP_LAST_MODIFIED|YP_MASTER_NAME)' | \ ${MAKEDBM} - mail.aliases; \ ${MKALIAS} mail.aliases mail.byaddr; \ ${TOUCH} ${.TARGET}; \ ${RM} ${DOMAIN}-aliases.db ${DOMAIN}-aliases; \ ${ECHO} "updated aliases"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} mail.aliases; \ ${YPPUSH} -d ${DOMAIN} mail.byaddr; \ ${ECHO} "pushed aliases"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi .for MAP in ${AMDMAPS} ${MAP}.time: ${AMDDIR}/${MAP} __makedbmesc -@if [ -f ${.ALLSRC} ]; then \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated ${MAP}"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} ${MAP}; \ ${ECHO} "pushed ${MAP}"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi .endfor # AMDMAPS ethers.time: ${DIR}/ethers -@if [ -f ${.ALLSRC} ]; then \ ${STDETHERS} ${.ALLSRC} | \ ${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$1, $$0 }' | \ ${SORT} | ${MAKEDBM} - ethers.byaddr; \ ${STDETHERS} ${.ALLSRC} | \ ${AWK} 'BEGIN { FS="\t"; OFS="\t"; } { print $$2, $$0 }' | \ ${SORT} | ${MAKEDBM} - ethers.byname; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated ethers"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} ethers.byaddr; \ ${YPPUSH} -d ${DOMAIN} ethers.byname; \ ${ECHO} "pushed ethers"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi group.time: ${DIR}/group -@if [ -f ${.ALLSRC} ]; then \ ${AWK} -v mingid=${MINGID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (mingid <= $$3) print $$1, $$0 }' ${.ALLSRC} | \ ${SORT} | ${MAKEDBM} - group.byname; \ ${AWK} -v mingid=${MINGID} \ 'BEGIN { FS=":"; OFS="\t"; } /^[a-zA-Z0-9_]/ \ { if (mingid <= $$3) print $$3, $$0 }' ${.ALLSRC} | \ ${SORT} | ${MAKEDBM} - group.bygid; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated group"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} group.byname; \ ${YPPUSH} -d ${DOMAIN} group.bygid; \ ${ECHO} "pushed group"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi # Solaris 8 does the following: # - /etc/hosts and hosts.{byname,byaddr} are IPv4 only. # - /etc/inet/ipnodes and ipnodes.{byname,byaddr} are used for protocol # independent name-to-address mapping. # # For local name resolution, we made /etc/hosts protocol independent. # For NIS name resolution, we obey Solaris 8 practice. # - We keep hosts.{byname,byaddr} IPv4 only, to be friendly with Solaris 8 # clients. # - ipnodes.{byname,byaddr} is used for protocol independent mapping. # We generate all the mappings from /etc/hosts, for compatibility with NetBSD # local name resolution. # hosts.time: ${DIR}/hosts -@if [ -f ${.ALLSRC} ]; then \ ${STDHOSTS} ${.ALLSRC} | \ ${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ ${SORT} | ${MAKEDBM} - hosts.byname; \ ${STDHOSTS} ${.ALLSRC} | \ ${AWK} 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ ${SORT} | ${MAKEDBM} - hosts.byaddr; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated hosts"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} hosts.byname; \ ${YPPUSH} -d ${DOMAIN} hosts.byaddr; \ ${ECHO} "pushed hosts"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi ipnodes.time: ${DIR}/hosts -@if [ -f ${.ALLSRC} ]; then \ ${STDHOSTS} -n ${.ALLSRC} | \ ${AWK} '{for (i = 2; i <= NF; i++) print $$i, $$0 }' | \ ${SORT} | ${MAKEDBM} - ipnodes.byname; \ ${STDHOSTS} -n ${.ALLSRC} | \ ${AWK} 'BEGIN { OFS="\t"; } { print $$1, $$0 }' | \ ${SORT} | ${MAKEDBM} - ipnodes.byaddr; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated ipnodes"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} ipnodes.byname; \ ${YPPUSH} -d ${DOMAIN} ipnodes.byaddr; \ ${ECHO} "pushed ipnodes"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi netgroup.time: ${DIR}/netgroup __makedbmesc -@if [ -f ${.ALLSRC} ]; then \ ${CAT} ${.ALLSRC} | ${REVNETGROUP} -u -f - | \ ${SORT} | ${MAKEDBM} - netgroup.byuser; \ ${CAT} ${.ALLSRC} | ${REVNETGROUP} -h -f - | \ ${SORT} | ${MAKEDBM} - netgroup.byhost; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated netgroup"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} netgroup; \ ${YPPUSH} -d ${DOMAIN} netgroup.byuser; \ ${YPPUSH} -d ${DOMAIN} netgroup.byhost; \ ${ECHO} "pushed netgroup"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi networks.time: ${DIR}/networks -@if [ -f ${.ALLSRC} ]; then \ ${SED} -e "/^#/d" -e s/#.*$$// ${.ALLSRC} | \ ${AWK} '{print $$1, $$0; \ for (i = 3;i <= NF;i++) print $$i,$$0}' | \ ${SORT} | ${MAKEDBM} - networks.byname; \ ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ ${.ALLSRC} | \ ${SORT} | ${MAKEDBM} - networks.byaddr; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated networks"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} networks.byname; \ ${YPPUSH} -d ${DOMAIN} networks.byaddr; \ ${ECHO} "pushed networks"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi protocols.time: ${DIR}/protocols -@if [ -f ${.ALLSRC} ]; then \ ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ ${.ALLSRC} | \ ${SORT} | ${MAKEDBM} - protocols.bynumber; \ ${SED} -e "/^#/d" -e s/#.*$$// ${.ALLSRC} | \ ${AWK} '{print $$1, $$0; \ for (i = 3;i <= NF;i++) print $$i,$$0}' | \ ${SORT} | ${MAKEDBM} - protocols.byname; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated protocols"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} protocols.bynumber; \ ${YPPUSH} -d ${DOMAIN} protocols.byname; \ ${ECHO} "pushed protocols"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi rpc.time: ${DIR}/rpc -@if [ -f ${.ALLSRC} ]; then \ ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ ${.ALLSRC} | \ ${SORT} | ${MAKEDBM} - rpc.bynumber; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated rpc"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} rpc.bynumber; \ ${ECHO} "pushed rpc"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi services.time: ${DIR}/services -@if [ -f ${.ALLSRC} ]; then \ ${AWK} 'BEGIN { OFS="\t"; } $$1 !~ /^#/ { print $$2, $$0 }' \ ${.ALLSRC} | \ ${SORT} | ${MAKEDBM} - services.byname; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated services"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} services.byname; \ ${ECHO} "pushed services"; \ else \ : ; \ fi \ else \ ${ECHO} "couldn't find ${.ALLSRC}"; \ fi netid.time: ${DIR}/passwd ${DIR}/group ${DIR}/hosts ${DIR}/netid -@${MKNETID} -q -d ${DOMAIN} -p ${DIR}/passwd -g ${DIR}/group -h \ ${DIR}/hosts -m ${DIR}/netid | \ ${SORT} | ${MAKEDBM} - netid.byname; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated netid"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} netid.byname; \ ${ECHO} "pushed netid"; \ else \ : ; \ fi ypservers.time: ${.CURDIR}/ypservers -@${MAKEDBM} ypservers ypservers; \ ${TOUCH} ${.TARGET}; \ ${ECHO} "updated ypservers"; \ if [ ! ${NOPUSH} ]; then \ ${YPPUSH} -d ${DOMAIN} ypservers; \ ${ECHO} "pushed ypservers"; \ else \ : ; \ fi passwd: passwd.time group: group.time hosts: hosts.time ipnodes: ipnodes.time aliases: aliases.time .for MAP in ${AMDMAPS} ${MAP}: ${MAP}.time .endfor # AMDMAPS ethers: ethers.time netgroup: netgroup.time networks: networks.time rpc: rpc.time services: services.time shadow: shadow.time protocols: protocols.time netid: netid.time ypservers: ypservers.time ${DIR}/passwd: ${DIR}/group: ${DIR}/hosts: ${DIR}/mail/aliases: .for MAP in ${AMDMAPS} ${AMDDIR}/${MAP}: .endfor # AMDMAPS ${DIR}/ethers: ${DIR}/master.passwd: ${DIR}/netgroup: ${DIR}/networks: ${DIR}/rpc: ${DIR}/services: ${DIR}/protocols: ${DIR}/netid: