/[packages]/updates/3/openssh/current/SPECS/openssh.spec
ViewVC logotype

Contents of /updates/3/openssh/current/SPECS/openssh.spec

Parent Directory Parent Directory | Revision Log Revision Log


Revision 18286 - (show annotations) (download)
Sat Jan 15 00:16:19 2011 UTC (13 years, 2 months ago) by blino
Original Path: cauldron/openssh/current/SPECS/openssh.spec
File size: 22329 byte(s)
remove old version checks and files
1 ## Do not apply any unauthorized patches to this package!
2 ## - vdanen 05/18/01
3 ##
4
5 # Version of ssh-askpass
6 %define aversion 1.2.4.1
7 # Version of watchdog patch
8 %define wversion 4.4p1
9
10 # Version of the hpn patch
11 %define hpnver 13v6
12
13 # overrides
14 %define build_skey 0
15 %define build_krb5 1
16 %define build_watchdog 0
17 %define build_x11askpass 1
18 %define build_gnomeaskpass 1
19 %define build_ldap 0
20 %define build_sftpcontrol 0
21 %define build_hpn 0
22 %define build_audit 0
23 %define build_libedit 1
24
25 %{?_with_skey: %{expand: %%global build_skey 1}}
26 %{?_without_skey: %{expand: %%global build_skey 0}}
27 %{?_with_krb5: %{expand: %%global build_krb5 1}}
28 %{?_without_krb5: %{expand: %%global build_krb5 0}}
29 %{?_with_watchdog: %{expand: %%global build_watchdog 1}}
30 %{?_without_watchdog: %{expand: %%global build_watchdog 0}}
31 %{?_with_x11askpass: %{expand: %%global build_x11askpass 1}}
32 %{?_without_x11askpass: %{expand: %%global build_x11askpass 0}}
33 %{?_with_gnomeaskpass: %{expand: %%global build_gnomeaskpass 1}}
34 %{?_without_gnomeaskpass: %{expand: %%global build_gnomeaskpass 0}}
35 %{?_with_ldap: %{expand: %%global build_ldap 1}}
36 %{?_without_ldap: %{expand: %%global build_ldap 0}}
37 %{?_with_sftpcontrol: %{expand: %%global build_sftpcontrol 1}}
38 %{?_without_sftpcontrol: %{expand: %%global build_sftpcontrol 0}}
39 %{?_with_hpn: %{expand: %%global build_hpn 1}}
40 %{?_without_hpn: %{expand: %%global build_hpn 0}}
41 %{?_with_audit: %{expand: %%global build_audit 1}}
42 %{?_without_audit: %{expand: %%global build_audit 0}}
43 %{?_with_libedit: %{expand: %%global build_libedit 1}}
44 %{?_without_libedit: %{expand: %%global build_libedit 0}}
45
46 %define OPENSSH_PATH "/usr/local/bin:/bin:%{_bindir}"
47 %define XAUTH %{_bindir}/xauth
48
49 Summary: OpenSSH free Secure Shell (SSH) implementation
50 Name: openssh
51 Version: 5.6p1
52 Release: %mkrel 2
53 License: BSD
54 Group: Networking/Remote access
55 URL: http://www.openssh.com/
56 Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
57 Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
58 Source2: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.bz2
59 # ssh-copy-id taken from debian, with "usage" added
60 Source3: ssh-copy-id
61 Source7: openssh-xinetd
62 Source9: README.sftpfilecontrol
63 # this is never to be applied by default
64 # http://www.sc.isc.tohoku.ac.jp/~hgot/sources/openssh-watchdog.html
65 Source10: openssh-%{wversion}-watchdog.patch.tgz
66 Source12: ssh_ldap_key.pl
67 Source15: ssh-avahi-integration
68 Source17: sshd.pam
69 Source18: sshd.init
70 Source19: README.3.8p1.upgrade.urpmi
71 Source20: README.3.9p1-3.upgrade.urpmi
72 Source21: README.hpn
73 Patch1: openssh-mdv_conf.diff
74 # authorized by Damien Miller <djm@openbsd.com>
75 Patch3: openssh-3.1p1-check-only-ssl-version.patch
76 # rediffed from openssh-4.4p1-watchdog.patch.tgz
77 Patch4: openssh-4.4p1-watchdog.diff
78 # optional ldap support
79 # http://dev.inversepath.com/trac/openssh-lpk
80 #Patch6: http://dev.inversepath.com/openssh-lpk/openssh-lpk-4.6p1-0.3.9.patch
81 # new location for the lpk patch.
82 # rediffed from "svn checkout http://openssh-lpk.googlecode.com/svn/trunk/ openssh-lpk-read-only"
83 Patch6: openssh-lpk-5.4p1-0.3.10.diff
84 # http://sftpfilecontrol.sourceforge.net
85 # Not applied by default
86 # P7 is rediffed and slightly adjusted from http://sftplogging.sourceforge.net/download/v1.5/openssh-4.4p1.sftplogging-v1.5.patch
87 Patch7: openssh-4.9p1.sftplogging-v1.5.diff
88 # (tpg) http://www.psc.edu/networking/projects/hpn-ssh/
89 Patch11: http://www.psc.edu/networking/projects/hpn-ssh/openssh-5.2p1-hpn%{hpnver}.diff
90 Patch12: http://www.psc.edu/networking/projects/hpn-ssh/openssh5.1-peaktput.diff
91 #gw: from Fedora:
92 #fix round-robin DNS with GSSAPI authentification
93 Patch13: openssh-4.3p2-gssapi-canohost.patch
94 Patch14: openssh-4.7p1-audit.patch
95 Patch17: openssh-5.1p1-askpass-progress.patch
96 Patch18: openssh-4.3p2-askpass-grab-info.patch
97 Patch19: openssh-4.0p1-exit-deadlock.patch
98 Patch21: openssh_tcp_wrappers.patch
99 Obsoletes: ssh
100 Provides: ssh
101 Requires(post): openssl >= 0.9.7
102 Requires(post): makedev
103 Requires(preun): openssl >= 0.9.7
104 Requires: tcp_wrappers
105 BuildRequires: groff-for-man
106 BuildRequires: openssl-devel >= 0.9.7
107 BuildRequires: pam-devel
108 BuildRequires: tcp_wrappers-devel
109 BuildRequires: zlib-devel
110 %if %{build_skey}
111 BuildRequires: skey-devel
112 %endif
113 %if %{build_krb5}
114 BuildRequires: krb5-devel
115 %endif
116 %if %{build_x11askpass}
117 BuildRequires: imake
118 BuildRequires: rman
119 # http://qa.mandriva.com/show_bug.cgi?id=22736
120 BuildRequires: x11-util-cf-files >= 1.0.2
121 BuildRequires: gccmakedep
122 BuildRequires: libx11-devel
123 BuildRequires: libxt-devel
124 %endif
125 %if %{build_gnomeaskpass}
126 BuildRequires: gtk+2-devel
127 %endif
128 %if %{build_ldap}
129 BuildRequires: openldap-devel >= 2.0
130 %endif
131 %if %{build_audit}
132 BuildRequires: audit-devel
133 %endif
134 %if %{build_libedit}
135 BuildRequires: edit-devel ncurses-devel
136 %endif
137 BuildConflicts: libgssapi-devel
138 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
139
140 %description
141 Ssh (Secure Shell) is a program for logging into a remote machine and for
142 executing commands in a remote machine. It is intended to replace
143 rlogin and rsh, and provide secure encrypted communications between
144 two untrusted hosts over an insecure network. X11 connections and
145 arbitrary TCP/IP ports can also be forwarded over the secure channel.
146
147 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
148 up to date in terms of security and features, as well as removing all
149 patented algorithms to separate libraries (OpenSSL).
150
151 This package includes the core files necessary for both the OpenSSH
152 client and server. To make this package useful, you should also
153 install openssh-clients, openssh-server, or both.
154
155 You can build %{name} with some conditional build swithes;
156
157 (ie. use with rpm --rebuild):
158
159 --with[out] skey smartcard support (disabled)
160 --with[out] krb5 kerberos support (enabled)
161 --with[out] watchdog watchdog support (disabled)
162 --with[out] x11askpass X11 ask pass support (enabled)
163 --with[out] gnomeaskpass Gnome ask pass support (enabled)
164 --with[out] ldap OpenLDAP support (disabled)
165 --with[out] sftpcontrol sftp file control support (disabled)
166 --with[out] hpn HPN ssh/scp support (disabled)
167 --with[out] audit audit support (disabled)
168 --with[out] libedit libedit support in sftp (enabled)
169
170 %package clients
171 Summary: OpenSSH Secure Shell protocol clients
172 Group: Networking/Remote access
173 Requires: %{name} = %{version}-%{release}
174 Obsoletes: ssh-clients, sftp, ssh
175 Provides: ssh-clients, sftp, ssh
176
177 %description clients
178 Ssh (Secure Shell) is a program for logging into a remote machine and for
179 executing commands in a remote machine. It is intended to replace
180 rlogin and rsh, and provide secure encrypted communications between
181 two untrusted hosts over an insecure network. X11 connections and
182 arbitrary TCP/IP ports can also be forwarded over the secure channel.
183
184 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
185 up to date in terms of security and features, as well as removing all
186 patented algorithms to separate libraries (OpenSSL).
187
188 This package includes the clients necessary to make encrypted connections
189 to SSH servers.
190
191 %package server
192 Summary: OpenSSH Secure Shell protocol server (sshd)
193 Group: System/Servers
194 Requires(pre): %{name} = %{version}-%{release} chkconfig >= 0.9
195 Requires(pre): pam >= 0.74
196 Requires(pre): rpm-helper
197 Requires(post): rpm-helper
198 Requires(preun): rpm-helper
199 Requires(postun): rpm-helper
200 Requires(post): openssl >= 0.9.7
201 Requires(post): makedev
202 Requires: %{name}-clients = %{version}-%{release}
203 %if %{build_skey}
204 Requires: skey
205 %endif
206 %if %{build_audit}
207 BuildRequires: audit
208 %endif
209 Obsoletes: ssh-server, sshd
210 Provides: ssh-server, sshd
211
212 %description server
213 Ssh (Secure Shell) is a program for logging into a remote machine and for
214 executing commands in a remote machine. It is intended to replace
215 rlogin and rsh, and provide secure encrypted communications between
216 two untrusted hosts over an insecure network. X11 connections and
217 arbitrary TCP/IP ports can also be forwarded over the secure channel.
218
219 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
220 up to date in terms of security and features, as well as removing all
221 patented algorithms to separate libraries (OpenSSL).
222
223 This package contains the secure shell daemon. The sshd is the server
224 part of the secure shell protocol and allows ssh clients to connect to
225 your host.
226
227 %package askpass-common
228 Summary: OpenSSH X11 passphrase common scripts
229 Group: Networking/Remote access
230
231 %description askpass-common
232 OpenSSH X11 passphrase common scripts
233
234 %if %{build_x11askpass}
235 %package askpass
236 Summary: OpenSSH X11 passphrase dialog
237 Group: Networking/Remote access
238 Requires: %{name} = %{version}-%{release}
239 Requires: %{name}-askpass-common
240 Obsoletes: ssh-extras, ssh-askpass
241 Provides: ssh-extras, ssh-askpass
242 Requires(pre): update-alternatives
243
244 %description askpass
245 Ssh (Secure Shell) is a program for logging into a remote machine and for
246 executing commands in a remote machine. It is intended to replace
247 rlogin and rsh, and provide secure encrypted communications between
248 two untrusted hosts over an insecure network. X11 connections and
249 arbitrary TCP/IP ports can also be forwarded over the secure channel.
250
251 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
252 up to date in terms of security and features, as well as removing all
253 patented algorithms to separate libraries (OpenSSL).
254
255 This package contains Jim Knoble's <jmknoble@pobox.com> X11 passphrase
256 dialog.
257 %endif
258
259 %if %{build_gnomeaskpass}
260 %package askpass-gnome
261 Summary: OpenSSH GNOME passphrase dialog
262 Group: Networking/Remote access
263 Requires: %{name} = %{version}-%{release}
264 Requires: %{name}-askpass-common
265 Obsoletes: ssh-extras
266 Requires(pre): update-alternatives
267 Provides: %{name}-askpass, ssh-askpass, ssh-extras
268
269 %description askpass-gnome
270 Ssh (Secure Shell) is a program for logging into a remote machine and for
271 executing commands in a remote machine. It is intended to replace
272 rlogin and rsh, and provide secure encrypted communications between
273 two untrusted hosts over an insecure network. X11 connections and
274 arbitrary TCP/IP ports can also be forwarded over the secure channel.
275
276 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
277 up to date in terms of security and features, as well as removing all
278 patented algorithms to separate libraries (OpenSSL).
279
280 This package contains the GNOME passphrase dialog.
281 %endif
282
283 %prep
284 %if %{build_x11askpass}
285 echo "Building with x11 askpass..."
286 %endif
287 %if %{build_gnomeaskpass}
288 echo "Building with GNOME askpass..."
289 %endif
290 %if %{build_krb5}
291 echo "Building with Kerberos5 support..."
292 %endif
293 %if %{build_skey}
294 echo "Building with S/KEY support..."
295 %endif
296 %if %{build_watchdog}
297 echo "Building with watchdog support..."
298 %endif
299 %if %{build_ldap}
300 echo "Buiding with support for authenticating to public keys in ldap"
301 %endif
302 %if %{build_sftpcontrol}
303 echo "Buiding with support for sftp file control"
304 %endif
305 %if %{build_hpn}
306 echo "Buiding with support for High Performance Network SSH/SCP"
307 %endif
308 %if %{build_audit}
309 echo "Buiding with audit support"
310 %endif
311
312 %setup -q -a2 -a10
313
314 %patch1 -p1 -b .mdkconf
315 %patch3 -p1 -b .ssl_ver
316 %if %{build_watchdog}
317 #patch -p0 -s -z .wdog < %{name}-%{wversion}-watchdog.patch
318 %patch4 -p1 -b .watchdog
319 %endif
320 %if %{build_ldap}
321 sed -i 's|UsePrivilegeSeparation yes|#UsePrivilegeSeparation yes|' sshd_config
322 %patch6 -p1 -b .lpk
323 rm -f README.lpk.lpk
324 %define _default_patch_fuzz 3
325 %else
326 %define _default_patch_fuzz 2
327 %endif
328 %if %{build_sftpcontrol}
329 #cat %{SOURCE8} | patch -p1 -s -z .sftpcontrol
330 echo "This patch is broken or needs to be updated/rediffed"; exit 1
331 %patch7 -p1 -b .sftplogging-v1.5
332 # README with license terms for this patch
333 install -m 0644 %{SOURCE9} .
334 %endif
335 %if %{build_hpn}
336 echo "This patch is broken or needs to be updated/rediffed"; exit 1
337 %patch11 -p1 -b .hpn
338 %patch12 -p1 -b .peak
339 install %{SOURCE21} .
340 %endif
341 %patch13 -p1 -b .canohost
342 %if %{build_audit}
343 %patch14 -p1 -b .audit
344 %endif
345 %patch17 -p1 -b .progress
346 %patch18 -p1 -b .grab-info
347 %patch19 -p1 -b .exit-deadlock
348 %patch21 -p1 -b .tcp_wrappers_mips
349
350 install %{SOURCE12} %{SOURCE19} %{SOURCE20} .
351
352 install -m 0644 %{SOURCE17} sshd.pam
353 install -m 0755 %{SOURCE18} sshd.init
354
355 # fix attribs
356 chmod 644 ChangeLog OVERVIEW README* INSTALL CREDITS LICENCE TODO ssh_ldap_key.pl
357
358 # http://qa.mandriva.com/show_bug.cgi?id=22957
359 perl -pi -e "s|_OPENSSH_PATH_|%{OPENSSH_PATH}|g" sshd_config
360
361 %build
362 autoreconf
363
364 %serverbuild
365
366 %if %{build_x11askpass}
367 pushd x11-ssh-askpass-%{aversion}
368 %configure2_5x \
369 --prefix=%{_prefix} --libdir=%{_libdir} \
370 --mandir=%{_mandir} --libexecdir=%{_libdir}/ssh \
371 --with-app-defaults-dir=%{_sysconfdir}/X11/app-defaults \
372 %if %{build_libedit}
373 --with-libedit \
374 %else
375 --without-libedit \
376 %endif
377
378 xmkmf -a
379
380 %ifarch x86_64
381 perl -pi -e "s|/usr/lib\b|%{_libdir}|g" Makefile
382 perl -pi -e "s|i586-mandriva-linux-gnu|x86_64-mandriva-linux-gnu|g" Makefile
383 perl -pi -e "s|%{_libdir}/gcc/|/usr/lib/gcc/|g" Makefile
384 perl -pi -e "s|-m32|-m64|g" Makefile
385 perl -pi -e "s|__i386__|__x86_64__|g" Makefile
386 %endif
387
388 make \
389 BINDIR=%{_libdir}/ssh \
390 CDEBUGFLAGS="$RPM_OPT_FLAGS" \
391 CXXDEBUGFLAGS="$RPM_OPT_FLAGS"
392
393 # For some reason the x11-ssh-askpass.1.html file is not created on 10.0/10.1
394 # x86_64, so we just do it manually here... (oden)
395 rm -f x11-ssh-askpass.1x.html x11-ssh-askpass.1x-html
396 rman -f HTML < x11-ssh-askpass._man > x11-ssh-askpass.1x-html && \
397 mv -f x11-ssh-askpass.1x-html x11-ssh-askpass.1.html
398 popd
399 %endif
400
401 %if %{build_gnomeaskpass}
402 pushd contrib
403 make gnome-ssh-askpass2 CC="%__cc %optflags %ldflags"
404 mv gnome-ssh-askpass2 gnome-ssh-askpass
405 popd
406 %endif
407
408 %configure2_5x \
409 --prefix=%{_prefix} \
410 --sysconfdir=%{_sysconfdir}/ssh \
411 --mandir=%{_mandir} \
412 --libdir=%{_libdir} \
413 --libexecdir=%{_libdir}/ssh \
414 --datadir=%{_datadir}/ssh \
415 --disable-strip \
416 --with-tcp-wrappers \
417 --with-pam \
418 --with-default-path=%{OPENSSH_PATH} \
419 --with-xauth=%{XAUTH} \
420 --with-privsep-path=/var/empty \
421 --without-zlib-version-check \
422 %if %{build_krb5}
423 --with-kerberos5=%{_prefix} \
424 %endif
425 %if %{build_skey}
426 --with-skey \
427 %endif
428 %if %{build_ldap}
429 --with-libs="-lldap -llber" \
430 --with-cppflags="-DWITH_LDAP_PUBKEY -DLDAP_DEPRECATED" \
431 %endif
432 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:%{_sbindir}:%{_bindir} \
433 %if %{build_libedit}
434 --with-libedit \
435 %else
436 --without-libedit \
437 %endif
438 %if %{build_audit}
439 --with-linux-audit \
440 %endif
441
442 %make
443
444 %install
445 rm -rf %{buildroot}
446
447 %makeinstall_std
448
449 install -d %{buildroot}%{_sysconfdir}/ssh
450 install -d %{buildroot}%{_sysconfdir}/pam.d/
451 install -d %{buildroot}%{_sysconfdir}/sysconfig
452 install -d %{buildroot}%{_initrddir}
453 install -m644 sshd.pam %{buildroot}%{_sysconfdir}/pam.d/sshd
454 install -m755 sshd.init %{buildroot}%{_initrddir}/sshd
455
456 if [[ -f sshd_config.out ]]; then
457 install -m600 sshd_config.out %{buildroot}%{_sysconfdir}/ssh/sshd_config
458 else
459 install -m600 sshd_config %{buildroot}%{_sysconfdir}/ssh/sshd_config
460 fi
461 echo "root" > %{buildroot}%{_sysconfdir}/ssh/denyusers
462
463 if [[ -f ssh_config.out ]]; then
464 install -m644 ssh_config.out %{buildroot}%{_sysconfdir}/ssh/ssh_config
465 else
466 install -m644 ssh_config %{buildroot}%{_sysconfdir}/ssh/ssh_config
467 fi
468 echo " StrictHostKeyChecking no" >> %{buildroot}%{_sysconfdir}/ssh/ssh_config
469
470 mkdir -p %{buildroot}%{_libdir}/ssh
471 %if %{build_x11askpass}
472 pushd x11-ssh-askpass-%{aversion}
473 #make DESTDIR=%{buildroot} install
474 #make DESTDIR=%{buildroot} install.man
475 #install -d %{buildroot}%{_prefix}/X11R6/lib/X11/doc/html
476 #install -m0644 x11-ssh-askpass.1.html %{buildroot}%{_prefix}/X11R6/lib/X11/doc/html/
477 install -d %{buildroot}%{_libdir}/ssh
478 install -d %{buildroot}%{_sysconfdir}/X11/app-defaults
479 install -m0644 SshAskpass.ad %{buildroot}%{_sysconfdir}/X11/app-defaults/SshAskpass
480 install -m0755 x11-ssh-askpass %{buildroot}%{_libdir}/ssh/
481 install -m0644 x11-ssh-askpass.man %{buildroot}%{_mandir}/man1/x11-ssh-askpass.1
482 popd
483 %endif
484
485 install -d %{buildroot}%{_sysconfdir}/profile.d/
486 %if %{build_gnomeaskpass}
487 install -m 755 contrib/gnome-ssh-askpass %{buildroot}%{_libdir}/ssh/gnome-ssh-askpass
488 %endif
489
490 cat > %{buildroot}%{_sysconfdir}/profile.d/90ssh-askpass.csh <<EOF
491 setenv SSH_ASKPASS %{_libdir}/ssh/ssh-askpass
492 EOF
493
494 cat > %{buildroot}%{_sysconfdir}/profile.d/90ssh-askpass.sh <<EOF
495 export SSH_ASKPASS=%{_libdir}/ssh/ssh-askpass
496 EOF
497
498 cat > %{buildroot}%{_sysconfdir}/profile.d/90ssh-client.sh <<'EOF'
499 # fix hanging ssh clients on exit
500 if [ -n "$BASH_VERSION" ]; then
501 shopt -s huponexit
502 elif [ -n "$ZSH_VERSION" ]; then
503 setopt hup
504 fi
505 EOF
506
507 install -m 0755 %{SOURCE3} %{buildroot}/%{_bindir}/ssh-copy-id
508 chmod a+x %{buildroot}/%{_bindir}/ssh-copy-id
509 install -m 644 contrib/ssh-copy-id.1 %{buildroot}/%{_mandir}/man1/
510
511 # create pre-authentication directory
512 mkdir -p %{buildroot}/var/empty
513
514 # remove unwanted files
515 rm -f %{buildroot}%{_libdir}/ssh/ssh-askpass
516
517 # xinetd support (tv)
518 mkdir -p %{buildroot}%{_sysconfdir}/xinetd.d/
519 install -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/xinetd.d/sshd-xinetd
520
521 cat > %{buildroot}%{_sysconfdir}/sysconfig/sshd << EOF
522 #SSHD="%{_sbindir}/sshd"
523 #PID_FILE="/var/run/sshd.pid"
524 #OPTIONS=""
525 EOF
526
527 # avahi integration support (misc)
528 mkdir -p %{buildroot}%{_sysconfdir}/avahi/services/
529 install -m 0644 %{SOURCE15} %{buildroot}%{_sysconfdir}/avahi/services/%{name}.service
530
531 # make sure strip can touch it
532 chmod 755 %{buildroot}%{_libdir}/ssh/ssh-keysign
533
534 %clean
535 rm -rf %{buildroot}
536
537 %pre server
538 %_pre_useradd sshd /var/empty /bin/true
539
540 %post server
541 # do some key management; taken from the initscript
542
543 KEYGEN=/usr/bin/ssh-keygen
544 RSA1_KEY=/etc/ssh/ssh_host_key
545 RSA_KEY=/etc/ssh/ssh_host_rsa_key
546 DSA_KEY=/etc/ssh/ssh_host_dsa_key
547
548 do_rsa1_keygen() {
549 if [ ! -s $RSA1_KEY ]; then
550 echo -n "Generating SSH1 RSA host key... "
551 if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
552 chmod 600 $RSA1_KEY
553 chmod 644 $RSA1_KEY.pub
554 echo "done"
555 echo
556 else
557 echo "failed"
558 echo
559 exit 1
560 fi
561 fi
562 }
563
564 do_rsa_keygen() {
565 if [ ! -s $RSA_KEY ]; then
566 echo "Generating SSH2 RSA host key... "
567 if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
568 chmod 600 $RSA_KEY
569 chmod 644 $RSA_KEY.pub
570 echo "done"
571 echo
572 else
573 echo "failed"
574 echo
575 exit 1
576 fi
577 fi
578 }
579
580 do_dsa_keygen() {
581 if [ ! -s $DSA_KEY ]; then
582 echo "Generating SSH2 DSA host key... "
583 if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
584 chmod 600 $DSA_KEY
585 chmod 644 $DSA_KEY.pub
586 echo "done"
587 echo
588 else
589 echo "failed"
590 echo
591 exit 1
592 fi
593 fi
594 }
595
596 do_rsa1_keygen
597 do_rsa_keygen
598 do_dsa_keygen
599 %_post_service sshd
600
601 %preun server
602 %_preun_service sshd
603
604 %postun server
605 %_postun_userdel sshd
606
607 %if %{build_x11askpass}
608 %post askpass
609 update-alternatives --install %{_libdir}/ssh/ssh-askpass ssh-askpass %{_libdir}/ssh/x11-ssh-askpass 10
610 update-alternatives --install %{_bindir}/ssh-askpass bssh-askpass %{_libdir}/ssh/x11-ssh-askpass 10
611
612 %postun askpass
613 [ $1 = 0 ] || exit 0
614 update-alternatives --remove ssh-askpass %{_libdir}/ssh/x11-ssh-askpass
615 update-alternatives --remove bssh-askpass %{_libdir}/ssh/x11-ssh-askpass
616 %endif
617
618 %if %{build_gnomeaskpass}
619 %post askpass-gnome
620 update-alternatives --install %{_libdir}/ssh/ssh-askpass ssh-askpass %{_libdir}/ssh/gnome-ssh-askpass 20
621 update-alternatives --install %{_bindir}/ssh-askpass bssh-askpass %{_libdir}/ssh/gnome-ssh-askpass 20
622
623 %postun askpass-gnome
624 [ $1 = 0 ] || exit 0
625 update-alternatives --remove ssh-askpass %{_libdir}/ssh/gnome-ssh-askpass
626 update-alternatives --remove bssh-askpass %{_libdir}/ssh/gnome-ssh-askpass
627 %endif
628
629 %triggerpostun server -- openssh-server < 3.8p1
630 if grep -qE "^\W*auth\W+\w+\W+.*pam_(ldap|winbind|mysql)" /etc/pam.d/system-auth /etc/pam.d/sshd; then
631 perl -pi -e 's|^#UsePAM no|UsePAM yes|' /etc/ssh/sshd_config
632 fi
633
634 %files
635 %defattr(-,root,root)
636 %doc ChangeLog OVERVIEW README* INSTALL CREDITS LICENCE TODO ssh_ldap_key.pl
637 %if %{build_ldap}
638 %doc *.schema
639 %endif
640 %if %{build_watchdog}
641 %doc CHANGES-openssh-watchdog openssh-watchdog.html
642 %endif
643 %if %{build_sftpcontrol}
644 %doc README.sftpfilecontrol
645 %endif
646 %{_bindir}/ssh-keygen
647 %dir %{_sysconfdir}/ssh
648 %{_bindir}/ssh-keyscan
649 %attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
650 %{_libdir}/ssh/ssh-pkcs11-helper
651 %{_mandir}/man1/ssh-keygen.1*
652 %{_mandir}/man1/ssh-keyscan.1*
653 %{_mandir}/man8/ssh-keysign.8*
654 %{_mandir}/man8/ssh-pkcs11-helper.8*
655
656 %files clients
657 %defattr(-,root,root)
658 %{_bindir}/scp
659 %{_bindir}/ssh
660 %{_bindir}/ssh-agent
661 %{_bindir}/ssh-add
662 %{_bindir}/ssh-copy-id
663 %{_bindir}/slogin
664 %{_bindir}/sftp
665 %{_mandir}/man1/scp.1*
666 %{_mandir}/man1/ssh-copy-id.1*
667 %{_mandir}/man1/slogin.1*
668 %{_mandir}/man1/ssh.1*
669 %{_mandir}/man1/ssh-agent.1*
670 %{_mandir}/man1/ssh-add.1*
671 %{_mandir}/man1/sftp.1*
672 %{_mandir}/man5/ssh_config.5*
673 %config(noreplace) %{_sysconfdir}/ssh/ssh_config
674 %{_sysconfdir}/profile.d/90ssh-client.sh
675
676 %files server
677 %defattr(-,root,root)
678 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/sshd
679 %{_sbindir}/sshd
680 %dir %{_libdir}/ssh
681 %{_libdir}/ssh/sftp-server
682 %{_mandir}/man5/sshd_config.5*
683 %{_mandir}/man5/moduli.5*
684 %{_mandir}/man8/sshd.8*
685 %{_mandir}/man8/sftp-server.8*
686 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
687 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/denyusers
688 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
689 %config(noreplace) %_sysconfdir/xinetd.d/sshd-xinetd
690 %config(noreplace) %{_sysconfdir}/avahi/services/%{name}.service
691 %config(noreplace) %{_sysconfdir}/ssh/moduli
692 %attr(0755,root,root) %{_initrddir}/sshd
693 %dir %attr(0755,root,root) /var/empty
694
695 %files askpass-common
696 %defattr(-,root,root)
697 %{_sysconfdir}/profile.d/90ssh-askpass.*
698
699 %if %{build_x11askpass}
700 %files askpass
701 %defattr(-,root,root)
702 %doc x11-ssh-askpass-%{aversion}/README
703 %doc x11-ssh-askpass-%{aversion}/ChangeLog
704 %doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
705 %doc x11-ssh-askpass-%{aversion}/x11-ssh-askpass.1.html
706 %{_libdir}/ssh/x11-ssh-askpass
707 %{_sysconfdir}/X11/app-defaults/SshAskpass
708 #%{_prefix}/X11R6/lib/X11/doc/html/x11-ssh-askpass.1.html
709 %{_mandir}/man1/x11-ssh-askpass.1*
710 %endif
711
712 %if %{build_gnomeaskpass}
713 %files askpass-gnome
714 %defattr(-,root,root)
715 %{_libdir}/ssh/gnome-ssh-askpass
716 %endif
717
718

  ViewVC Help
Powered by ViewVC 1.1.30