2 # Portions Copyright (c) 2003, 2006 Apple Computer, Inc. All rights reserved.
3 echo '**BUILDPKG**' "$@"
8 echo 'Usage: pkgbuild.sh [-x] [--app-key <appkey>] [--inst-key <instkey>]'
9 echo ' [--apple-id <appleid> <password>]'
10 echo ' [--pass N] [--csdb <CellServDB>] <binary-dir>'
12 echo '--app-key and --inst-key are for signing. -x prints all comamnds as '
13 echo 'they are run. --apple-id is for notarizing.'
15 echo 'Note: the password associated with <appleid> can be a reference to a'
16 echo 'keychain item. Including your password as cleartext is not'
17 echo 'recommended. e.g.'
19 echo '--apple-id foo@bar.com "@keychain:PASSWORD"'
21 echo 'In this case, keychain must hold a keychain item named PASSWORD with'
22 echo 'an account matching foo@bar.com.'
24 echo 'By default, all passes are run. Available passes:'
25 echo ' --pass 1: prepare pkgroot'
26 echo ' --pass 2: create packages/installer from pkgroot'
27 echo 'If you want to alter the pkgroot, run pass 1, then alter what you'
28 echo 'want, and then run pass 2 to create the resulting packages.'
29 echo 'The --pass argument may be given multiple times.'
33 if [ x"$#" = x0 ]; then
50 while [ x"$#" != x0 ] ; do
85 echo "Unknown pass $pass_arg" >&2
94 if [ x"$DEST_DIR" = x ] ; then
97 echo "Error: Unknown arg $key" >&2
104 if [ x"$anypass" = x0 ] ; then
109 if [ x"$DEST_DIR" = x ] ; then
110 echo "Error: binary 'dest' dir not given"
116 if [ x"$DO_X" = x1 ] ; then
120 BINDEST=`cd "$DEST_DIR" && pwd`
122 RESSRC=`dirname "$0"`
123 RESSRC=`cd "$RESSRC" && pwd`
124 majorvers=`uname -r | cut -d. -f1`
126 if [ x"$majorvers" = x10 ]; then
127 RELNAME="Snowleopard"
130 elif [ x"$majorvers" = x11 ]; then
134 elif [ x"$majorvers" = x12 ]; then
135 RELNAME="MountainLion"
138 elif [ x"$majorvers" = x13 ]; then
142 elif [ x"$majorvers" = x14 ]; then
146 elif [ x"$majorvers" = x15 ]; then
150 elif [ x"$majorvers" = x16 ]; then
154 elif [ x"$majorvers" = x17 ]; then
158 elif [ x"$majorvers" = x18 ]; then
162 elif [ x"$majorvers" = x19 ]; then
166 elif [ x"$majorvers" = x ] ; then
167 echo "Error running uname" >&2
171 echo "Unknown major version $majorvers" >&2
175 if [ $THISREL -ge 14 ]; then
176 # Enable the Hardened Runtime capability, required as of 10.14.5.
177 CODESIGN_OPTS="--options runtime"
182 PKGROOT="$CURDIR"/pkgroot
183 PKGRES="$CURDIR"/pkgres
184 DPKGROOT="$CURDIR"/dpkgroot
185 PLUGINS="$CURDIR"/plugins
186 if test -e /usr/bin/pkgbuild; then
189 echo pkgbuild not found >&2
192 if test -e /usr/bin/productbuild; then
195 echo productbuild not found >&2
199 if [ x"$PASS1" = x1 ]; then
200 if [ -x /usr/bin/curl ] && [ x"$CSDB" = x ]; then
201 echo "No CellServDB provided; downloading one from central.org"
202 /usr/bin/curl -f -O https://www.central.org/dl/cellservdb/CellServDB
203 if [ -f "$CURDIR"/CellServDB ] ; then
204 CSDB="$CURDIR"/CellServDB
208 if [ x"$CSDB" = x ]; then
209 echo "A CellServDB file must be provided with --csdb" >&2
212 # Turn CSDB into an absolute path
221 if grep -q 'GCO Public CellServDB' "$CSDB" ; then
224 echo "A proper CellServDB file must be provided" >&2
229 for f in ReadMe.rtf."$majorvers" \
233 OpenAFS.post_install \
234 OpenAFS.pre_upgrade \
238 if [ ! -f "$RESSRC/$f" ]; then
239 echo "file missing: $RESSRC/$f" >&2
243 if [ x"$die" = x1 ]; then
244 echo "Correct above errors; then retry" >&2
248 for f in "$BINDEST"/bin/translate_et \
249 "$BINDEST/root.client/usr/vice/etc/afs.kext/Contents/MacOS/afs"
251 if [ ! -f "$f" ] ; then
252 echo "dest file missing: $f" >&2
256 if [ x"$die" = x1 ]; then
257 echo $BINDEST " is not a valid binary dir. it should be the result of" >&2
262 rm -rf "$PKGROOT" "$PLUGINS"
266 mkdir -p "$PKGROOT"/Library
267 mkdir -p "$PKGROOT"/Library/PreferencePanes
268 mkdir -p "$PKGROOT"/Library/Security/SecurityAgentPlugins
270 chown -R root${SEP}admin "$PKGROOT"
271 chmod -R 755 "$PKGROOT"
273 (cd "$BINDEST"/tools && pax -rw OpenAFS.prefPane "$PKGROOT"/Library/PreferencePanes/)
274 (cd "$BINDEST"/tools && pax -rw aklog.bundle \
275 "$PKGROOT"/Library/Security/SecurityAgentPlugins/)
277 mkdir -p "$PKGROOT"/Library/OpenAFS/Tools
278 (cd "$BINDEST" && pax -rw * "$PKGROOT"/Library/OpenAFS/Tools)
281 mv "$PKGROOT"/Library/OpenAFS/Tools/installer/* "$PLUGINS"/
283 mkdir -p "$PKGROOT"/Library/LaunchDaemons
284 chmod -R o-w "$PKGROOT"/Library
285 chmod -R g-w "$PKGROOT"/Library
287 cp openafs.launchd.plist "$PKGROOT"/Library/LaunchDaemons/org.openafs.filesystems.afs.plist
288 chmod 644 "$PKGROOT"/Library/LaunchDaemons/org.openafs.filesystems.afs.plist
290 chown root${SEP}admin "$PKGROOT"/Library
291 chown -R root${SEP}wheel "$PKGROOT"/Library/LaunchDaemons
292 chown -R root${SEP}wheel "$PKGROOT"/Library/OpenAFS/Tools
293 chmod -R og-w "$PKGROOT"/Library/OpenAFS/Tools
295 mkdir -p "$PKGROOT"/private/var/db/openafs/cache
296 mkdir -p "$PKGROOT"/private/var/db/openafs/etc/config
298 cp openafs.launchdaemon "$PKGROOT"/private/var/db/openafs/etc/launchafs.sh
299 chmod 755 "$PKGROOT"/private/var/db/openafs/etc/launchafs.sh
301 cp "$CSDB" "$PKGROOT"/private/var/db/openafs/etc/CellServDB.master
302 echo grand.central.org > "$PKGROOT"/private/var/db/openafs/etc/ThisCell.sample
303 echo /afs:/var/db/openafs/cache:100000 > \
304 "$PKGROOT"/private/var/db/openafs/etc/cacheinfo.sample
306 cp -RP "$PKGROOT"/Library/OpenAFS/Tools/etc/afssettings \
307 "$PKGROOT"/private/var/db/openafs/etc/config
308 cp settings.plist "$PKGROOT"/private/var/db/openafs/etc/config/settings.plist.orig
309 cp afs.conf "$PKGROOT"/private/var/db/openafs/etc/config/afs.conf.sample
310 cp krb5-weak.conf "$PKGROOT"/private/var/db/openafs/etc/krb5-weak.conf
312 cp decode-panic "$PKGROOT"/Library/OpenAFS/Tools/tools
313 chmod a+x "$PKGROOT"/Library/OpenAFS/Tools/tools/decode-panic
317 mkdir -p "$DPKGROOT"/Library/OpenAFS/Debug
319 mv "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.kext.dSYM \
320 "$DPKGROOT"/Library/OpenAFS/Debug/
321 cp -RP "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.kext \
322 "$DPKGROOT"/Library/OpenAFS/Debug/
323 chown -R root${SEP}wheel "$DPKGROOT"/Library/OpenAFS/Debug
324 chmod -R og-w "$DPKGROOT"/Library/OpenAFS/Debug
327 "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.kext/Contents/MacOS/afs
329 mkdir -p "$PKGROOT"/private/var/db/openafs
331 cp -RP "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.kext \
332 "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/C \
333 "$PKGROOT"/private/var/db/openafs/etc
335 chown -R root${SEP}wheel "$PKGROOT"/private
336 chmod -R og-w "$PKGROOT"/private
338 chown -R root${SEP}wheel "$PKGROOT"/private
339 chmod -R og-w "$PKGROOT"/private
340 chmod og-rx "$PKGROOT"/private/var/db/openafs/cache
342 if [ x"$APP_KEY" != x ] ; then
343 # To be notarized by Apple, all files must be signed.
344 find "$PKGROOT" -type f -exec codesign --verbose --force \
345 --timestamp --sign "$APP_KEY" $CODESIGN_OPTS {} \;
347 # Sign each 'thing' that we have (commands, kexts, etc)
348 for obj in "$DPKGROOT"/Library/OpenAFS/Debug/afs.kext \
349 "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.kext \
350 "$PKGROOT"/private/var/db/openafs/etc/afs.kext \
351 "$PKGROOT"/Library/PreferencePanes/OpenAFS.prefPane/Contents/Resources/AFSBackgrounder.app \
352 "$PKGROOT"/Library/PreferencePanes/OpenAFS.prefPane \
353 "$PKGROOT"/Library/Security/SecurityAgentPlugins/aklog.bundle \
354 "$PKGROOT"/Library/OpenAFS/Tools/tools/growlagent-openafs.app \
355 "$PKGROOT"/Library/OpenAFS/Tools/tools/aklog.bundle \
356 "$PKGROOT"/Library/OpenAFS/Tools/tools/OpenAFS.prefPane/Contents/Resources/AFSBackgrounder.app \
357 "$PKGROOT"/Library/OpenAFS/Tools/tools/OpenAFS.prefPane \
358 "$PLUGINS"/afscell.bundle
360 codesign --verbose --force --timestamp --sign "$APP_KEY" $CODESIGN_OPTS "$obj"
364 # Check if our signatures for our kexts are valid. 'kextutil' will exit
365 # with an error and print out a message if something is wrong with the
366 # signature. Note that a code signing cert must have the
367 # 1.2.840.113635.100.6.1.18 extension present to be used for kexts
368 # (most code signing certs cannot be used for kexts).
369 for kext in "$DPKGROOT"/Library/OpenAFS/Debug/afs.kext \
370 "$PKGROOT"/Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.kext \
371 "$PKGROOT"/private/var/db/openafs/etc/afs.kext
373 kextutil -no-load -print-diagnostics "$kext"
377 if [ $majorvers -ge 15 ]; then
378 # El Capitan and further prevent us from touching /usr/bin directly
380 USRBIN=/opt/openafs/bin
381 USRBIN2TOOLS=../../../Library/OpenAFS/Tools
383 USRSBIN=/opt/openafs/sbin
384 USRSBIN2TOOLS=../../../Library/OpenAFS/Tools
386 MANDIR=/opt/openafs/share/man
387 MANDIR2TOOLS=../../../../Library/OpenAFS/Tools
389 # Add our bin, sbin, and man directories to the default search path
390 mkdir -p "$PKGROOT"/etc/paths.d "$PKGROOT"/etc/manpaths.d
391 echo "$USRBIN" > "$PKGROOT"/etc/paths.d/40-openafs
392 echo "$USRSBIN" >> "$PKGROOT"/etc/paths.d/40-openafs
393 echo "$MANDIR" > "$PKGROOT"/etc/manpaths.d/40-openafs
397 USRBIN2TOOLS=../../Library/OpenAFS/Tools
400 USRSBIN2TOOLS="$USRBIN2TOOLS"
402 MANDIR=/usr/share/man
403 MANDIR2TOOLS=../../../Library/OpenAFS/Tools
406 mkdir -p "$PKGROOT$USRBIN" \
408 "$PKGROOT$MANDIR"/man1 \
409 "$PKGROOT$MANDIR"/man5 \
410 "$PKGROOT$MANDIR"/man8
412 BINLIST="fs klog klog.krb pagsh pagsh.krb pts sys tokens tokens.krb unlog unlog.krb aklog"
415 if [ x"$DO_X" = x1 ] ; then
416 # Don't print out every single 'ln -s'... that's kinda useless
417 : 'Symlinking commands and manpages into place...'
421 for f in $BINLIST; do
422 ln -s "$USRBIN2TOOLS"/bin/"$f" "$PKGROOT$USRBIN/$f"
424 for f in $ETCLIST; do
425 ln -s "$USRSBIN2TOOLS"/etc/"$f" "$PKGROOT$USRSBIN/$f"
428 for section in man1 man5 man8 ; do
429 for f in $(ls $PKGROOT/Library/OpenAFS/Tools/man/$section); do
431 if [ -L "$PKGROOT/Library/OpenAFS/Tools/man/$section/$f" ] ; then
432 # If this manpage is a symlink, just change where it's pointing,
433 # and rename the link; don't actually 'gzip' it.
434 link=$(readlink "$PKGROOT/Library/OpenAFS/Tools/man/$section/$f")
435 rm -f "$PKGROOT/Library/OpenAFS/Tools/man/$section/$f"
436 ln -s "$link".gz "$PKGROOT/Library/OpenAFS/Tools/man/$section/$f".gz
439 gzip -9 "$PKGROOT/Library/OpenAFS/Tools/man/$section/$f"
441 ln -s ../"$MANDIR2TOOLS"/man/"$section/$f".gz \
442 "$PKGROOT$MANDIR/$section/$f".gz
446 if [ x"$DO_X" = x1 ] ; then
450 ln -s "$USRBIN2TOOLS"/bin/kpasswd "$PKGROOT$USRBIN"/kpasswd.afs
452 ln -s "$USRSBIN2TOOLS"/root.client/usr/vice/etc/afsd "$PKGROOT$USRSBIN"/afsd
454 chown -R root${SEP}wheel "$PKGROOT$PREFIX"
455 chmod -R og-w "$PKGROOT$PREFIX"
458 if [ x"$PASS2" = x1 ]; then
463 rm -rf "$CURDIR"/OpenAFS-debug-extension.pkg
464 /usr/bin/pkgbuild --root "$DPKGROOT" --id org.openafs.OpenAFS-debug.pkg \
465 --version '@PACKAGE_VERSION@' \
466 "$CURDIR"/OpenAFS-debug-extension.pkg
469 cp OpenAFS.post_install "$PKGRES"/postinstall
470 cp OpenAFS.pre_upgrade "$PKGRES"/preupgrade
471 cp OpenAFS.post_install "$PKGRES"/postupgrade
472 cp csrvdbmerge.pl "$PKGRES"
474 chmod a+x "$PKGRES"/csrvdbmerge.pl \
475 "$PKGRES"/postinstall \
476 "$PKGRES"/postupgrade \
479 cp CellServDB.list "$PKGRES"
480 chown -R root${SEP}wheel "$PKGRES"
482 rm -rf "$CURDIR"/OpenAFS-dist.pkg
483 /usr/bin/pkgbuild --root "$PKGROOT" --id org.openafs.OpenAFS.pkg \
484 --version '@PACKAGE_VERSION@' \
485 --scripts "$PKGRES" "$CURDIR"/OpenAFS-dist.pkg
489 cp background.jpg "$PKGRES"/background.jpg
490 cp License.rtf "$PKGRES"
491 cp ReadMe.rtf."$majorvers" "$PKGRES"/ReadMe.rtf
492 chown -R root${SEP}wheel "$PKGRES"
494 if [ $majorvers -ge 15 ] ; then
495 # For El Capitan and further, we have some extra information to tell
496 # the user at the end of the installation process.
497 cp conclusion.txt "$PKGRES"/conclusion.txt
498 PRES_EXTRA="<conclusion file=\"conclusion.txt\"/>"
501 # generate Distribution.xml from Distribution.xml.in -- nonstandard substs
502 sed -e "s/%%OSX_MAJOR_CUR%%/$THISREL/g" \
503 -e "s/%%OSX_MAJOR_NEXT%%/$(( $THISREL + 1 ))/g" \
504 -e "s,%%PRES_EXTRA%%,$PRES_EXTRA,g" \
505 -e "s/%%OPENAFS_VERSION%%/@PACKAGE_VERSION@/g" \
506 < Distribution.xml.in > Distribution.xml
508 rm -rf "$CURDIR/prod"
510 mv "$CURDIR"/OpenAFS-dist.pkg "$CURDIR"/OpenAFS-debug-extension.pkg "$CURDIR"/prod
511 /usr/bin/productbuild --distribution Distribution.xml --resources "$PKGRES" \
512 --plugins "$PLUGINS" --package-path "$CURDIR"/prod "$CURDIR"/OpenAFS.pkg
514 if [ x"$INST_KEY" != x ] ; then
515 mv "$CURDIR"/OpenAFS.pkg "$CURDIR"/OpenAFS-unsigned.pkg
516 productsign --timestamp --sign "$INST_KEY" "$CURDIR"/OpenAFS-unsigned.pkg \
517 "$CURDIR"/OpenAFS.pkg
518 rm -f "$CURDIR"/OpenAFS-unsigned.pkg
522 rm -f "$CURDIR/TMP.dmg"
523 rm -rf "$CURDIR/OpenAFS-@PACKAGE_VERSION@-$RELNAME.dmg"
526 mv "$CURDIR"/OpenAFS.pkg "$CURDIR"/dmg
527 cp "$RESSRC"/Uninstall.14.15 "$CURDIR"/dmg/Uninstall.command
528 cp "$RESSRC"/DS_Store "$CURDIR"/dmg/.DS_Store
529 mkdir "$CURDIR"/dmg/.background
530 cp "$RESSRC"/afslogo.jpg "$CURDIR"/dmg/.background
532 if [ x"$APP_KEY" != x ] ; then
533 codesign --verbose --force --timestamp --sign "$APP_KEY" "$CURDIR"/dmg/Uninstall.command
534 codesign --verbose --force --timestamp --sign "$APP_KEY" "$CURDIR"/dmg/OpenAFS.pkg
537 hdiutil create -srcfolder "$CURDIR"/dmg -volname OpenAFS \
539 hdiutil convert -format UDZO "$CURDIR"/TMP.dmg \
540 -o "$CURDIR/OpenAFS-@PACKAGE_VERSION@-$RELNAME".dmg
543 echo "Created $CURDIR/OpenAFS-@PACKAGE_VERSION@-$RELNAME".dmg
545 if [ x"$APPLE_ID" != x ] ; then
546 echo "Notarizing package..."
547 ./notarize.pl "$APPLE_ID" "$APPLE_PW" "$CURDIR/OpenAFS-@PACKAGE_VERSION@-$RELNAME.dmg"