- print "no\n";
- $config{HAS_OPENSSL} = "n";
-}
-
-printf "Checking if you are running an ancient, unsupported OS... ";
-if ($config{OSNAME} =~ /FreeBSD/i)
-{
- my $version = `uname -r`;
- if ($version =~ /^4\./)
- {
- my $foundit = `ls -l /usr/local/lib/libgnugetopt* | wc -l`;
- if ($foundit > 0)
- {
- # ICKY ICKY ICK, FREEBSD 4.x! GET AN UPGRADE!
- $config{CRAQ} = "-L/usr/local/lib -lgnugetopt -DHAVE_DECL_GETOPT=1";
- print "yes (upgrade ffs, freebsd 4 is *way* out of date)\n";
- }
- else
- {
- print "\n\nERROR: You require libgnugetopt (from ports or packages) to build InspIRCd on FreeBSD 4.11.\n";
- }
- }
- else
- {
- $config{CRAQ} = " ";
- print "no ($version)\n";
- }
-}
-else
-{
- $config{CRAQ} = " ";
- print "no ($config{OSNAME})\n";
-}
-
-################################################################################
-# BEGIN INTERACTIVE PART #
-################################################################################
-
-# Clear the Screen..
-if ($interactive)
-{
- print "\e[2J\e[0G\e[0d"; # J = Erase in Display, 2 = Entire Screen, (G, d) = Move cursor to (..,..)
- my $wholeos = $^O;
-
- my $rev = getrevision();
- # Display Introduction Message..
- print <<"STOP" ;
-Welcome to the \e[1mInspIRCd\e[0m Configuration program! (\e[1minteractive mode\e[0m)
-\e[1mPackage maintainers: Type ./configure --help for non-interactive help\e[0m
-
-*** If you are unsure of any of these values, leave it blank for ***
-*** standard settings that will work, and your server will run ***
-*** using them. Please consult your IRC network admin if in doubt. ***
-
-Press \e[1m<RETURN>\e[0m to accept the default for any option, or enter
-a new value. Please note: You will \e[1mHAVE\e[0m to read the docs
-dir, otherwise you won't have a config file!
-
-Your operating system is: \e[1;32m$config{OSNAME}\e[0m ($wholeos)
-Your InspIRCd revision ID is \e[1;32mr$rev\e[0m
-STOP
- if ($rev eq "r0") {
- print " (Non-SVN build)";
- }
- print ".\n\n";
-
- $config{CHANGE_COMPILER} = "n";
- print "I have detected the following compiler: \e[1;32m$config{CC}\e[0m (version \e[1;32m$config{GCCVER}.$config{GCCMINOR}\e[0m)\n";
-
- while (($config{GCCVER} < 3) || ($config{GCCVER} eq "")) {
- print "\e[1;32mIMPORTANT!\e[0m A GCC 2.x compiler has been detected, and
-should NOT be used. You should probably specify a newer compiler.\n\n";
- yesno('CHANGE_COMPILER',"Do you want to change the compiler?");
- if ($config{CHANGE_COMPILER} =~ /y/i) {
- print "What command do you want to use to invoke your compiler?\n";
- print "[\e[1;32m$config{CC}\e[0m] -> ";
- chomp($config{CC} = <STDIN>);
- if ($config{CC} eq "") {
- $config{CC} = "g++";
- }
- chomp(my $foo = `$config{CC} -dumpversion | cut -c 1`);
- if ($foo ne "") {
- chomp($config{GCCVER} = `$config{CC} -dumpversion | cut -c 1`); # we must redo these if we change compilers
- chomp($config{GCCMINOR} = `$config{CC} -dumpversion | cut -c 3`);
- print "Queried compiler: \e[1;32m$config{CC}\e[0m (version \e[1;32m$config{GCCVER}.$config{GCCMINOR}\e[0m)\n";
- if ($config{GCCVER} < 3) {
- print "\e[1;32mGCC 2.x WILL NOT WORK!\e[0m. Let's try that again, shall we?\n";
- }
- }
- else {
- print "\e[1;32mWARNING!\e[0m Could not execute the compiler you specified. You may want to try again.\n";
- }
- }
- }
-
- print "\n";
-
- # Directory Settings..
- my $tmpbase = $config{BASE_DIR};
- dir_check("do you wish to install the InspIRCd base", "BASE_DIR");
- if ($tmpbase ne $config{BASE_DIR}) {
- $config{CONFIG_DIR} = resolve_directory($config{BASE_DIR}."/conf"); # Configuration Dir
- $config{MODULE_DIR} = resolve_directory($config{BASE_DIR}."/modules"); # Modules Directory
- $config{BINARY_DIR} = resolve_directory($config{BASE_DIR}."/bin"); # Binary Directory
- $config{LIBRARY_DIR} = resolve_directory($config{BASE_DIR}."/lib"); # Library Directory
- }
-
- dir_check("are the configuration files", "CONFIG_DIR");
- dir_check("are the modules to be compiled to", "MODULE_DIR");
- dir_check("is the IRCd binary to be placed", "BINARY_DIR");
- dir_check("are the IRCd libraries to be placed", "LIBRARY_DIR");
-
- my $chose_hiperf = 0;
- if ($has_kqueue) {
- yesno('USE_KQUEUE',"You are running a BSD operating system, and kqueue\nwas detected. Would you like to enable kqueue support?\nThis is likely to increase performance.\nIf you are unsure, answer yes.\n\nEnable kqueue?");
- print "\n";
- if ($config{USE_KQUEUE} eq "y") {
- $chose_hiperf = 1;
- }
- }
- if ($has_epoll) {
- yesno('USE_EPOLL',"You are running a Linux 2.6+ operating system, and epoll\nwas detected. Would you like to enable epoll support?\nThis is likely to increase performance.\nIf you are unsure, answer yes.\n\nEnable epoll?");
- print "\n";
- if ($config{USE_EPOLL} eq "y") {
- $chose_hiperf = 1;
- }
- }
- if ($has_ports) {
- yesno('USE_PORTS',"You are running Solaris 10.\nWould you like to enable I/O completion ports support?\nThis is likely to increase performance.\nIf you are unsure, answer yes.\n\nEnable support for I/O completion ports?");
- print "\n";
- if ($config{USE_PORTS} eq "y") {
- $chose_hiperf = 1;
- }
- }
-
- if (!$chose_hiperf) {
- yesno('USE_POLL', "Would you like to use poll?\n This is likely to increase performance.\nIf you are unsure, answer yes.\n\nEnable poll?\n");
- if ($config{USE_POLL} ne "y")
- {
- print "No high-performance socket engines are available, or you chose\n";
- print "not to enable one. Defaulting to select() engine.\n\n";
- }
- }
-
- yesno('IPV6',"Would you like to build InspIRCd with IPv6 support?");
- print "\n";
-
- if ($config{IPV6} eq "y") {
- print "You have chosen to build an \e[1;32mIPV6-enabled\e[0m server.\nTo accept IPV4 users, you can still use IPV4 addresses\nin your port bindings..\n\n";
- $config{SUPPORT_IP6LINKS} = "y";
- } else {
- yesno('SUPPORT_IP6LINKS',"You have chosen to build an \e[1;32mIPV4-only\e[0m server.\nWould you like to enable support for linking to IPV6-enabled\nInspIRCd servers? If you are using a recent operating system and are\nunsure, answer yes. If you answer 'no' here, your InspIRCd server will\nbe unable to parse IPV6 addresses (e.g. for CIDR bans)\n\nEnable linking to servers which have IPV6 enabled?");
- print "\n";
- }
-
- $config{USE_FREEBSD_BASE_SSL} = "n";
- $config{USE_FREEBSD_PORTS_SSL} = "n";
- if ($config{HAS_OPENSSL_PORT} ne "")
- {
- $config{USE_FREEBSD_PORTS_SSL} = "y";
- print "I have detected the OpenSSL FreeBSD port installed on your system,\n";
- print "version \e[1;32m".$config{HAS_OPENSSL_PORT}."\e[0m. Your base system OpenSSL is version \e[1;32m".$openssl_ver."\e[0m.\n\n";
- yesno('USE_FREEBSD_PORTS_SSL', "Do you want to use the FreeBSD ports version?");
- print "\n";
- $config{USE_FREEBSD_BASE_SSL} = "y" if ($config{USE_FREEBSD_PORTS_SSL} eq "n");
-
- if ($config{USE_FREEBSD_BASE_SSL} eq "n")
- {
- # update to port version
- $openssl_ver = $config{HAS_OPENSSL_PORT};
- }
- }
- else
- {
- $config{USE_FREEBSD_BASE_SSL} = "y" if ($^O eq "freebsd");
- }
-
- $config{USE_SSL} = "n";
-
- if ($config{HAS_GNUTLS} eq "y" || $config{HAS_OPENSSL} eq "y")
- {
- print "Detected GnuTLS version: \e[1;32m" . $gnutls_ver . "\e[0m\n";
- print "Detected OpenSSL version: \e[1;32m" . $openssl_ver . "\e[0m\n\n";
-
- yesno('USE_SSL', "One or more SSL libraries detected. Would you like to enable SSL support?");
- if ($config{USE_SSL} eq "y")
- {
- if ($config{HAS_GNUTLS} eq "y")
- {
- yesno('USE_GNUTLS',"Would you like to enable SSL with m_ssl_gnutls? (recommended)");
- if ($config{USE_GNUTLS} eq "y")
- {
- print "\nUsing GnuTLS SSL module.\n";
- }
- }
-
- if ($config{HAS_OPENSSL} eq "y")
- {
- yesno('USE_OPENSSL', "Would you like to enable SSL with m_ssl_openssl?");
- if ($config{USE_OPENSSL} eq "y")
- {
- print "\nUsing OpenSSL SSL module.\nYou will get better performance if you move to GnuTLS in the future.\n";
- }
- }
- }
- }
- else
- {
- print "\nCould not detect OpenSSL or GnuTLS. Make sure pkg-config is installed if\n";
- print "you intend to use OpenSSL, or that GnuTLS is in your path if you intend\nto use GnuTLS.\n\n";
- }
-}
-
-dumphash();
-
-if (($config{USE_GNUTLS} eq "y") && ($config{HAS_GNUTLS} ne "y"))
-{
- print "Sorry, but i couldn't detect gnutls. Make sure gnutls-config is in your path.\n";
- exit(0);
-}
-if (($config{USE_OPENSSL} eq "y") && ($config{HAS_OPENSSL} ne "y"))
-{
- print "Sorry, but i couldn't detect openssl. Make sure openssl is in your path.\n";
- exit(0);
-}
-our $failed = 0;
-
-if ($config{USE_GNUTLS} eq "y") {
- unless (-r "src/modules/m_ssl_gnutls.cpp") {
- print "Symlinking src/modules/m_ssl_gnutls.cpp from extra/\n";
- symlink "extra/m_ssl_gnutls.cpp", "src/modules/m_ssl_gnutls.cpp" or print STDERR "Symlink failed: $!";
- }
- getmodules();
- if ($interactive)
- {
- unless (-r "$config{CONFIG_DIR}/key.pem" && -r "$config{CONFIG_DIR}/cert.pem") {
- print "SSL Certificates Not found, Generating.. \n\n
-*************************************************************
-* Generating the Private Key may take some time, go grab a *
-* Coffee. Even better, to generate some more entropy if it *
-* is taking a while, open another console and type du / a *
-* few times and get that HD going :) Then answer the *
-* Questions which follow. If you are unsure, just hit enter *
-*************************************************************\n\n";
- $failed = make_gnutls_cert();
- if ($failed) {
- print "\n\e[1;32mCertificate generation failed!\e[0m\n\n";
- } else {
- print "\nCertificate generation complete, copying to config directory... ";
- File::Copy::move("key.pem", "$config{CONFIG_DIR}/key.pem") or print STDERR "Could not copy key.pem!\n";
- File::Copy::move("cert.pem", "$config{CONFIG_DIR}/cert.pem") or print STDERR "Could not copy cert.pem!\n";
- print "Done.\n\n";
- }
- }
- else {
- print "SSL Certificates found, skipping.\n\n";
- }
- }
- else
- {
- print "Skipping SSL certificate generation\nin non-interactive mode.\n\n";
- }
-} elsif ($config{USE_OPENSSL} eq "y") {
- unless (-r "src/modules/m_ssl_openssl.cpp") {
- print "Symlinking src/modules/m_ssl_openssl.cpp from extra/\n";
- symlink "extra/m_ssl_openssl.cpp", "src/modules/m_ssl_openssl.cpp" or print STDERR "Symlink failed: $!";
- }
- getmodules();
- $failed = 0;
- if ($interactive)
- {
- unless (-r "$config{CONFIG_DIR}/key.pem" && -r "$config{CONFIG_DIR}/cert.pem") {
- print "SSL Certificates Not found, Generating.. \n\n
-*************************************************************
-* Generating the certificates may take some time, go grab a *
-* coffee, or something. *
-*************************************************************\n\n";
- make_openssl_cert();
- print "\nCertificate generation complete, copying to config directory... ";
- File::Copy::move("key.pem", "$config{CONFIG_DIR}/key.pem") or print STDERR "Could not copy key.pem!\n";
- File::Copy::move("cert.pem", "$config{CONFIG_DIR}/cert.pem") or print STDERR "Could not copy cert.pem!\n";
- File::Copy::move("dhparams.pem", "$config{CONFIG_DIR}/dhparams.pem") or print STDERR "Could not copy dhparams.pem!\n";
- print "Done.\n\n";
- } else {
- print "SSL Certificates found, skipping.\n\n"
- }
- }
- else
- {
- print "Skipping SSL certificate generation\nin non-interactive mode.\n\n";
+ @group = $opt_system ? getgrnam('irc') : getgrgid($config{GID} // getgid());
+ print_error "you need to specify a group to run as using '--gid [id|name]'!" unless @group;
+ unless ($group[2]) {
+ print_warning <<"EOW";
+You are building as the privileged $group[0] group and have not specified
+an unprivileged group to run InspIRCd as.
+
+This is almost never what you should do. You should probably either create a new
+unprivileged user/group to build and run as or pass the '--gid [id|name]' flag
+to specify an unprivileged group to run as.
+EOW
+ if (!prompt_bool $interactive, "Are you sure you want to build as the $group[0] group?", 0) {
+ say STDERR "If you are sure you want to build as the $group[0] group pass the --gid $group[2] flag." unless $interactive;
+ exit 1;
+ }
+ }
+}
+$config{GROUP} = $group[0];
+$config{GID} = $group[2];
+
+# Parse --uid=123 or --uid=foo and extract the user id.
+my @user;
+if (defined $opt_uid) {
+ @user = $opt_uid =~ /^\d+$/ ? getpwuid($opt_uid) : getpwnam($opt_uid);
+ print_error "there is no '$opt_uid' user on this system!" unless @user;
+} else {
+ @user = $opt_system ? getpwnam('irc') : getpwuid($config{UID} // getuid());
+ print_error "you need to specify a user to run as using '--uid [id|name]'!" unless @user;
+ unless ($user[2]) {
+ print_warning <<"EOW";
+You are building as the privileged $user[0] user and have not specified
+an unprivileged user to run InspIRCd as.
+
+This is almost never what you should do. You should probably either create a new
+unprivileged user/group to build and run as or pass the '--uid [id|name]' flag
+to specify an unprivileged user to run as.
+EOW
+ if (!prompt_bool $interactive, "Are you sure you want to build as the $user[0] user?", 0) {
+ say STDERR "If you are sure you want to build as the $user[0] user pass the --uid $user[2] flag." unless $interactive;
+ exit 1;
+ }
+ }
+}
+$config{USER} = $user[0];
+$config{UID} = $user[2];
+
+# Warn the user about clock drifting when running on OpenVZ.
+if (-e '/proc/user_beancounters' || -e '/proc/vz/vzaquota') {
+ print_warning <<'EOW';
+You are building InspIRCd inside of an OpenVZ container. If you
+plan to use InspIRCd in this container then you should make sure that NTP is
+configured on the Hardware Node. Failure to do so may result in clock drifting!
+EOW
+}
+
+# Check that the user actually wants this version.
+if (defined $version{REAL_LABEL}) {
+ print_warning <<'EOW';
+You are building a development version. This contains code which has
+not been tested as heavily and may contain various faults which could seriously
+affect the running of your server. It is recommended that you use a stable
+version instead.
+
+You can obtain the latest stable version from https://www.inspircd.org or by
+running `<|GREEN git checkout $(git describe --abbrev=0 --tags insp3)|>` if you are
+installing from Git.
+EOW
+ if (!prompt_bool $interactive, 'I understand this warning and want to continue anyway.', $opt_development // 0) {
+ say STDERR 'If you understand this warning and still want to continue pass the --development flag.' unless $interactive;
+ exit 1;