Last active
December 19, 2015 02:58
-
-
Save zellio/5886730 to your computer and use it in GitHub Desktop.
Script to automate the process of compiling the ShibbolethSP Apache module and the daemon program from source on a Solaris Sparc system.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| ### build_shibbolethsp --- compile ShibbolethSP plugin on Solaris | |
| ## Copyright (c) 2013 New York University | |
| ## | |
| ## Authors: Zachary Elliott <[email protected]> | |
| ## URL: https://gist.github.com/zellio/5886730 | |
| ## Version: 1.0.5 | |
| ### Commentary: | |
| ## The code presented below automates the process of compiling the ShibbolethSP | |
| ## Apache module and the daemon program from source on a Solaris Sparc | |
| ## system. It should work fairly well out of the box with minimal tweaking | |
| ## (excepting of course, the obvious need to set variables accordingly). | |
| ## Variables of note: | |
| ## - RUN_TESTS: Control for use of 'make test' or 'make check' (default: false) | |
| ## | |
| ## - CLEANUP: Controls for removal of directories and files not require in a | |
| ## production environment and for setting of various permissions their | |
| ## proper values. The value defaults to false, as using it would require | |
| ## running as root but is left as an informal guide for things to do after | |
| ## the complication is completed. | |
| ## | |
| ## - BUILD_DIR: Defaults to "/opt/shibboleth-sp" AND NOT TO "$PROJ_DIR/build" | |
| ## as one might expect | |
| ## Other considerations: | |
| ## | |
| ## - The system assumes that you will be using the Solaris studio tools | |
| ## (version 12.2 to be specific) and that they are located in the | |
| ## /opt/solarisstudio12.2 directory. | |
| ### License: | |
| ## All Rights Reserved | |
| ## Permission is hereby granted, free of charge, to any person obtaining a copy | |
| ## of this software and associated documentation files (the "Software"), to deal | |
| ## in the Software without restriction, including without limitation the rights | |
| ## to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| ## copies of the Software, and to permit persons to whom the Software is | |
| ## furnished to do so, subject to the following conditions: | |
| ## The above copyright notice and this permission notice shall be included in | |
| ## all copies or substantial portions of the Software, and that the name of NYU | |
| ## not be used in advertising or publicity pertaining to distribution of the | |
| ## software without specific written permission. | |
| ## THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
| ## IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
| ## FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | |
| ## AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
| ## LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | |
| ## OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | |
| ## THE SOFTWARE. | |
| ### Code: | |
| RUN_TESTS= | |
| CLEANUP= | |
| BITSIZE=32 | |
| # | |
| # Variables are specific to your system configuration. Please set accordingly. | |
| # | |
| export PATH="/opt/solarisstudio12.2/bin:/usr/sbin:/usr/bin:/local/bin" | |
| export LD_LIBRARY_PATH="/opt/solarisstudio12.2/prod/lib/stlport4" | |
| export CC=cc | |
| export CXX=CC | |
| export MAKE=gmake | |
| export CFLAGS="-m$BITSIZE -xO2" | |
| export CXXFLAGS="-m$BITSIZE -xO2 -library=stlport4" | |
| SOLARIS_SYSTEM=solaris | |
| [ "$BITSIZE" = "64" ] && SOLARIS_SYSTEM="$SOLARIS_SYSTEM$BITSIZE" | |
| SOLARIS_SYSTEM="$SOLARIS_SYSTEM-sparcv9-cc" | |
| export SOLARIS_SYSTEM | |
| export PROJ_DIR=`pwd` | |
| export ARCHIVE_DIR="$PROJ_DIR/archive" | |
| export SOURCE_DIR="$PROJ_DIR/src" | |
| export BUILD_DIR="/opt/shibboleth-sp" | |
| export BOOST_SRC_DIR="$SOURCE_DIR/boost" | |
| export LD_LIBRARY_PATH="$BUILD_DIR/lib:$LD_LIBRARY_PATH" | |
| export SHIBD_USER=shibd | |
| export SHIBD_GROUP=shibd | |
| mkdir -p "$PROJ_DIR" "$ARCHIVE_DIR" "$SOURCE_DIR" "$BUILD_DIR" | |
| cat > "$BUILD_DIR/.build-env" <<EOF | |
| # Generated by $(basename $0) | |
| # This file exists for reference only | |
| PATH="$PATH" | |
| RUN_TESTS="$RUN_TESTS" | |
| CLEANUP="$CLEANUP" | |
| BITSIZE="$BITSIZE" | |
| PATH="$PATH" | |
| LD_LIBRARY_PATH="$LD_LIBRARY_PATH" | |
| CC="$CC" | |
| CXX="$CXX" | |
| MAKE="$MAKE" | |
| CFLAGS="$CFLAGS" | |
| CXXFLAGS="$CXXFLAGS" | |
| SOLARIS_SYSTEM="$SOLARIS_SYSTEM" | |
| PROJ_DIR="$PROJ_DIR" | |
| ARCHIVE_DIR="$ARCHIVE_DIR" | |
| SOURCE_DIR="$SOURCE_DIR" | |
| BUILD_DIR="$BUILD_DIR" | |
| BOOST_SRC_DIR="$BOOST_SRC_DIR" | |
| SHIBD_USER="$SHIBD_USER" | |
| SHIBD_GROUP="$SHIBD_GROUP" | |
| EOF | |
| fetch_source() { | |
| if [ ! -f "$ARCHIVE_DIR/$1.tar.gz" ]; then | |
| echo "Fetching archive for $1 ... \c" | |
| wget "$2" -O "$ARCHIVE_DIR/$1.tar.gz" | |
| echo "complete" | |
| fi | |
| echo "Verifying $1.tar.gz ... \c" | |
| if [ `sha1sum "$ARCHIVE_DIR/$1.tar.gz" | cut -d' ' -f1` = "$3" ]; then | |
| echo "passed" | |
| else | |
| echo "failed" | |
| echo "Removing file, say no to continue anyway" | |
| \rm -i "$ARCHIVE_DIR/$1.tar.gz" | |
| fi | |
| if [ -f "$ARCHIVE_DIR/$1.tar.gz" ]; then | |
| echo "Extracting $1 ... \c" | |
| \cd "$SOURCE_DIR" | |
| if [ ! -d "$SOURCE_DIR/$1" ]; then | |
| tar xzf "$ARCHIVE_DIR/$1.tar.gz" | |
| _t=`tar tzf "$ARCHIVE_DIR/$1.tar.gz" | sed -e 's@/.*@@' | uniq | head -1` | |
| \mv "$SOURCE_DIR/$_t" "$SOURCE_DIR/$1" | |
| fi | |
| echo "complete" | |
| fi | |
| cd "$SOURCE_DIR/$1" | |
| } | |
| ##### Build Boost ##### | |
| fetch_source "boost"\ | |
| "http://downloads.sourceforge.net/project/boost/boost/1.52.0/boost_1_52_0.tar.gz"\ | |
| "1120430030315b0a94b6d63fc04662960db2444c" | |
| ##### Build OpenSSL ##### | |
| fetch_source "openssl"\ | |
| "http://www.openssl.org/source/openssl-1.0.1e.tar.gz"\ | |
| "3f1b1223c9e8189bfe4e186d86449775bd903460" | |
| ./Configure "$SOLARIS_SYSTEM" --prefix="$BUILD_DIR" -m$BITSIZE\ | |
| --openssldir="$BUILD_DIR/etc/ssl" --libdir=lib threads shared | |
| $MAKE | |
| [ $RUN_TESTS ] && $MAKE test | |
| $MAKE install | |
| ##### Build libcurl ##### | |
| # Note test 591 and 592 failed, they are FTP tests and so I'm assuming they can | |
| # be ignored for our target goals of building shibboleth-sp | |
| fetch_source "libcurl"\ | |
| "http://curl.haxx.se/download/curl-7.29.0.tar.gz"\ | |
| "6f5fd02bd9db83d5a1e2f52c8fa3566a60eda4f1" | |
| ./configure --prefix="$BUILD_DIR" --disable-static --without-ca-bundle\ | |
| --with-ssl="$BUILD_DIR" | |
| $MAKE | |
| [ $RUN_TESTS ] && $MAKE check | |
| $MAKE install | |
| ##### Build log4shib ##### | |
| fetch_source "log4shib"\ | |
| "http://shibboleth.net/downloads/log4shib/1.0.5/log4shib-1.0.5.tar.gz"\ | |
| "4748128cf680180bed6cf737761636562440f64f" | |
| ./configure --prefix="$BUILD_DIR" --disable-static --disable-doxygen | |
| $MAKE | |
| [ $RUN_TESTS ] && $MAKE check | |
| $MAKE install | |
| ##### Build Xerces ##### | |
| fetch_source "xerces"\ | |
| "http://mirror.sdunix.com/apache/xerces/c/3/sources/xerces-c-3.1.1.tar.gz"\ | |
| "177ec838c5119df57ec77eddec9a29f7e754c8b2" | |
| ./configure --prefix="$BUILD_DIR" --enable-netaccessor-curl\ | |
| --with-curl="$BUILD_DIR" --enable-transcoder-iconv | |
| $MAKE | |
| [ $RUN_TESTS ] && $MAKE check | |
| $MAKE install | |
| ##### Build XML-Security-c ##### | |
| fetch_source "xmlsecurity"\ | |
| "http://www.eng.lsu.edu/mirrors/apache/santuario/c-library/xml-security-c-1.7.0.tar.gz"\ | |
| "cd6c60fc74bcbc6cd5a70a6825b72395e55b7bff" | |
| ./configure --prefix="$BUILD_DIR" --with-openssl="$BUILD_DIR"\ | |
| --with-xerces="$BUILD_DIR" --without-xalan --disable-static | |
| $MAKE | |
| $MAKE install | |
| ##### Build XML-Tooling-c ##### | |
| fetch_source "xmltooling"\ | |
| "http://shibboleth.net/downloads/c++-opensaml/2.5.2/xmltooling-1.5.2.tar.gz"\ | |
| "93902b25ab5682198268ccfb696b9abb7a7373fd" | |
| ./configure --prefix="$BUILD_DIR" --disable-doxygen-doc\ | |
| --with-boost="$BOOST_SRC_DIR" --with-log4shib="$BUILD_DIR"\ | |
| --with-xerces="$BUILD_DIR" --with-xmlsec="$BUILD_DIR"\ | |
| --with-openssl="$BUILD_DIR" --with-curl="$BUILD_DIR" | |
| $MAKE | |
| $MAKE install | |
| ##### Build OpenSAML-c ##### | |
| fetch_source "opensaml"\ | |
| "http://shibboleth.net/downloads/c++-opensaml/2.5.2/opensaml-2.5.2.tar.gz"\ | |
| "e1019cdbc6fbd0c4780441a588d079839d40f104" | |
| ./configure --prefix="$BUILD_DIR" --disable-doxygen-doc\ | |
| --with-openssl="$BUILD_DIR" --with-boost="$BOOST_SRC_DIR"\ | |
| --with-log4shib="$BUILD_DIR" --with-xerces="$BUILD_DIR"\ | |
| --with-xmlsec="$BUILD_DIR" --with-xmltooling="$BUILD_DIR" | |
| $MAKE | |
| $MAKE install | |
| ###### shibboleth-sp #### | |
| fetch_source "shibboleth_sp"\ | |
| "http://shibboleth.net/downloads/service-provider/2.5.1/shibboleth-sp-2.5.1.tar.gz"\ | |
| "dd4b3f7c2f189528288341ce253c1c9931044905" | |
| ./configure --prefix="$BUILD_DIR" --disable-doxygen-doc\ | |
| --with-openssl="$BUILD_DIR" --with-boost="$BOOST_SRC_DIR"\ | |
| --with-log4shib="$BUILD_DIR" --with-xerces="$BUILD_DIR"\ | |
| --with-xmlsec="$BUILD_DIR" --with-xmltooling="$BUILD_DIR"\ | |
| --with-saml="$BUILD_DIR"\ | |
| --enable-apache-22 --with-apxs22=/usr/apache2/2.2/bin/apxs | |
| # --enable-apache-13 --with-apxs=FILE | |
| # --enable-apache-20 --with-apxs2=FILE | |
| # --enable-apache-24 --with-apxs24=FILE | |
| $MAKE | |
| $MAKE install | |
| [ -z "$CLEANUP" ] && exit; | |
| ##### Clean up ##### | |
| echo "Cleaning up build directory: $BUILD_DIR" | |
| echo "rm $BUILD_DIR/etc/shibboleth/sp-key.pem" | |
| rm "$BUILD_DIR/etc/shibboleth/sp-key.pem" | |
| echo "rm $BUILD_DIR/etc/shibboleth/sp-cert.pem" | |
| rm "$BUILD_DIR/etc/shibboleth/sp-cert.pem" | |
| echo "rm -R $BUILD_DIR/include" | |
| rm -R "$BUILD_DIR/include" | |
| echo "rm -R $BUILD_DIR/share/doc" | |
| rm -R "$BUILD_DIR/share/doc" | |
| echo "rm -R $BUILD_DIR/share/man" | |
| rm -R "$BUILD_DIR/share/man" | |
| echo "rm -R $BUILD_DIR/var/cache/shibboleth/*" | |
| rm -R "$BUILD_DIR/etc/ssl/man" | |
| echo "rm -R $BUILD_DIR/etc/ssl/man" | |
| rm -R "$BUILD_DIR/etc/ssl/man" | |
| echo "rm -R $BUILD_DIR/var/log/shibboleth/*" | |
| rm -R "$BUILD_DIR/var/log/shibboleth/*" | |
| echo "rm -R $BUILD_DIR/var/run/shibboleth/*" | |
| rm -R "$BUILD_DIR/var/run/shibboleth/*" | |
| echo "Cleaning up compilation directories" | |
| echo "rm -R $ARCHIVE_DIR" | |
| rm -R "$ARCHIVE_DIR" | |
| echo "rm -R $SOURCE_DIR" | |
| rm -R "$SOURCE_DIR" | |
| ##### Generate Keys ##### | |
| cd "$BUILD_DIR/etc/shibboleth" | |
| sh keygen.sh | |
| ##### Repair Owner/Group Structure ##### | |
| cat <<EOM | |
| chown -R root:bin "$BUILD_DIR/bin" "$BUILD_DIR/lib" "$BUILD_DIR/sbin" | |
| chown -R root:sys "$BUILD_DIR/etc" "$BUILD_DIR/share" "$BUILD_DIR/var" | |
| chown root:sys "$BUILD_DIR" | |
| EOM | |
| chown -R root:bin "$BUILD_DIR/bin" "$BUILD_DIR/lib" "$BUILD_DIR/sbin" | |
| chown -R root:sys "$BUILD_DIR/etc" "$BUILD_DIR/share" "$BUILD_DIR/var" | |
| chown root:sys "$BUILD_DIR" | |
| cat <<EOM | |
| chown -R "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/var/cache/shibboleth" | |
| chown -R "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/var/log/shibboleth" | |
| chown -R "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/var/run/shibboleth" | |
| EOM | |
| chown -R "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/var/cache/shibboleth" | |
| chown -R "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/var/log/shibboleth" | |
| chown -R "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/var/run/shibboleth" | |
| chown "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/etc/shibboleth/sp-key.pem" | |
| chown "$SHIBD_USER":"$SHIBD_GROUP" "$BUILD_DIR/etc/shibboleth/sp-key.pem" | |
| ##### Repair Permissions Structure ##### | |
| chmod 644 "$BUILD_DIR/etc/shibboleth/sp-key.pem" | |
| chmod 600 "$BUILD_DIR/etc/shibboleth/sp-key.pem" | |
| chmod 000 "$BUILD_DIR/.build-env" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment