X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=openssh.spec;h=22b347ca4712d6374e3d5ea8cc4d6865c267e06b;hb=d2b920f8e31479d3b9319e1a781ba09abbb8ed5b;hp=6674f36d1bca8bf31de9f7538e2ee51a3ae05cdc;hpb=7438e6d60e7dfb3bcefb0ef457e8b8265b0f97f3;p=packages%2Fopenssh.git diff --git a/openssh.spec b/openssh.spec index 6674f36..22b347c 100644 --- a/openssh.spec +++ b/openssh.spec @@ -1,34 +1,56 @@ +# +# Conditional build: +# _without_gnome - without gnome-askpass utility +# _without_embed - don't build uClibc version + Summary: OpenSSH free Secure Shell (SSH) implementation -Summary(pl): ,,wolna'' implementacja bezpiecznego shella (SSH) +Summary(es): Implementación libre de SSH +Summary(pl): Publicznie dostêpna implementacja bezpiecznego shella (SSH) +Summary(pt_BR): Implementação livre do SSH Name: openssh -Version: 2.1.0p2 -Release: 1 +Version: 3.0.2p1 +Release: 2 License: BSD Group: Applications/Networking -Group(pl): Aplikacje/Sieciowe -URL: http://www.openssh.com/ Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz -Source1: opensshd.conf -Source2: openssh.conf -Source3: opensshd.init -Source4: opensshd.pamd -Source5: openssh.sysconfig +Source1: %{name}d.conf +Source2: %{name}.conf +Source3: %{name}d.init +Source4: %{name}d.pamd +Source5: %{name}.sysconfig Source6: passwd.pamd -Patch0: openssh-PAM_NEW_AUTHTOK.patch -Patch1: openssh-libwrap.patch -Patch3: openssh-login.patch -BuildRequires: openssl-devel >= 0.9.5a -BuildRequires: rpm >= 3.0.4 -BuildRequires: zlib-devel -BuildRequires: pam-devel +Patch0: %{name}-libwrap.patch +Patch1: %{name}-no_libnsl.patch +Patch2: %{name}-no-openssl-ver-check.patch +Patch3: %{name}-set_12.patch +URL: http://www.openssh.com/ BuildRequires: XFree86-devel -BuildRequires: gnome-libs-devel -BuildRequires: gtk+-devel +BuildRequires: autoconf +BuildRequires: automake +%{!?_without_gnome:BuildRequires: gnome-libs-devel} +BuildRequires: openssl-devel >= 0.9.6a +BuildRequires: pam-devel +BuildRequires: zlib-devel +BuildRequires: libwrap-devel +BuildRequires: perl +%if %{!?_without_embed:1}%{?_without_embed:0} +BuildRequires: uClibc-devel +BuildRequires: uClibc-static +BuildRequires: openssl-devel-embed +BuildRequires: zlib-devel-embed +%endif BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) -Prereq: openssl >= 0.9.5a -Obsoletes: ssh < %{version}, ssh > %{version} +Prereq: openssl +Obsoletes: ssh + +%define embed_path /usr/lib/embed +%define embed_cc %{_arch}-uclibc-cc +%define embed_cflags %{rpmcflags} -Os + +%define embed_binaries ssh scp sshd ssh-keygen %define _sysconfdir /etc/ssh +%define _libexecdir %{_libdir}/%{name} %description Ssh (Secure Shell) a program for logging into a remote machine and for @@ -45,19 +67,50 @@ This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. +%description -l es +SSH es un programa para accesar y ejecutar órdenes en computadores +remotos. Sustituye rlogin y rsh, y suministra un canal de comunicación +seguro entre dos servidores en una red insegura. Conexiones X11 y +puertas TCP/IP arbitrárias también pueden ser usadas por el canal +seguro. + +OpenSSH es el resultado del trabajo del equipo de OpenBSD para +continuar la última versión gratuita de SSH, actualizándolo en +términos de seguridad y recursos,así también eliminando todos los +algoritmos patentados y colocándolos en bibliotecas separadas +(OpenSSL). + +Este paquete contiene "port" para Linux de OpenSSH. Se debe instalar +también el paquete openssh-clients u openssh-server o ambos. + %description -l pl Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie pomiedzy dwoma hostami. +%description -l pt_BR +SSH é um programa para acessar e executar comandos em máquinas +remotas. Ele substitui rlogin e rsh, e provem um canal de comunicação +seguro entre dois hosts em uma rede insegura. Conexões X11 e portas +TCP/IP arbitrárias também podem ser usadas pelo canal seguro. + +OpenSSH é o resultado do trabalho da equipe do OpenBSD em continuar a +última versão gratuita do SSH, atualizando-o em termos de segurança e +recursos, assim como removendo todos os algoritmos patenteados e +colocando-os em bibliotecas separadas (OpenSSL). + +Esse pacote contém o "port" pra Linux do OpenSSH. Você deve instalar +também ou o pacote openssh-clients, ou o openssh-server, ou ambos. + %package clients Summary: OpenSSH Secure Shell protocol clients +Summary(es): Clientes de OpenSSH Summary(pl): Klienci protoko³u Secure Shell +Summary(pt_BR): Clientes do OpenSSH Requires: openssh Group: Applications/Networking -Group(pl): Aplikacje/Sieciowe -Obsoletes: ssh-clients < %{version}, ssh-clients > %{version} +Obsoletes: ssh-clients Requires: %{name} = %{version} %description clients @@ -74,6 +127,10 @@ all patented algorithms to seperate libraries (OpenSSL). This package includes the clients necessary to make encrypted connections to SSH servers. +%description -l es clients +Este paquete incluye los clientes que se necesitan para hacer +conexiones codificadas con servidores SSH. + %description -l pl clients Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma @@ -82,17 +139,23 @@ pomiedzy dwoma hostami. Ten pakiet zawiera klientów s³u¿±cych do ³±czenia siê z serwerami SSH. +%description -l pt_BR clients +Esse pacote inclui os clientes necessários para fazer conexões +encriptadas com servidores SSH. + %package server Summary: OpenSSH Secure Shell protocol server (sshd) +Summary(es): Servidor OpenSSH para comunicaciones codificadas Summary(pl): Serwer protoko³u Secure Shell (sshd) -Requires: openssh chkconfig >= 0.9 +Summary(pt_BR): Servidor OpenSSH para comunicações encriptadas +Requires: openssh +Requires: chkconfig >= 0.9 Group: Networking/Daemons -Group(pl): Sieciowe/Serwery -Obsoletes: ssh-server < %{version}, ssh-server > %{version} -Requires: rc-scripts +Obsoletes: ssh-server Requires: /bin/login Requires: util-linux -Prereq: pam +Prereq: rc-scripts +Prereq: /sbin/chkconfig Prereq: %{name} = %{version} %description server @@ -110,7 +173,12 @@ This package contains the secure shell daemon. The sshd is the server part of the secure shell protocol and allows ssh clients to connect to your host. -%description -l pl server +%description server -l es +Este paquete contiene el servidor SSH. sshd es la parte servidor del +protocolo secure shell y permite que clientes ssh se conecten a su +servidor. + +%description server -l pl Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie @@ -119,15 +187,35 @@ pomiedzy dwoma hostami. Ten pakiet zawiera serwer sshd (do którego mog± ³±czyæ siê klienci ssh). +%description server -l pt_BR +Esse pacote contém o servidor SSH. O sshd é a parte servidor do +protocolo secure shell e permite que clientes ssh se conectem ao seu +host. + +%package embed +Summary: OpenSSH Secure Shell for embedded applications +Summary: OpenSSH Secure Shell dla aplikacji wbudowanych +Requires: openssh +Group: Applications/Networking +Obsoletes: ssh-clients + +%description embed +OpenSSH for embedded enviroment. Client, server, scp and ssh-keygen. + +%description -l pl embed +OpenSSH dla aplikacji wbudowanych. Klient, serwer, scp i ssh-keygen. + + %package gnome-askpass Summary: OpenSSH GNOME passphrase dialog +Summary(es): Diálogo para introducción de passphrase para GNOME Summary(pl): Odpytywacz has³a OpenSSH dla GNOME +Summary(pt_BR): Diálogo para entrada de passphrase para GNOME Group: Applications/Networking -Group(pl): Aplikacje/Sieciowe Requires: %{name} = %{version} -Obsoletes: ssh-extras < %{version}, ssh-extras > %{version} -Obsoletes: ssh-askpass < %{version}, ssh-askpass > %{version} -Obsoletes: openssh-askpass < %{version}, openssh-askpass > %{version} +Obsoletes: ssh-extras +Obsoletes: ssh-askpass +Obsoletes: openssh-askpass %description gnome-askpass Ssh (Secure Shell) a program for logging into a remote machine and for @@ -142,7 +230,11 @@ all patented algorithms to seperate libraries (OpenSSL). This package contains the GNOME passphrase dialog. -%description -l pl gnome-askpass +%description gnome-askpass -l es +Este paquete contiene un programa que abre una caja de diálogo para +entrada de passphrase en GNOME. + +%description gnome-askpass -l pl Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie @@ -150,36 +242,75 @@ pomiedzy dwoma hostami. Ten pakiet zawiera ,,odpytywacz has³a'' dla GNOME. +%description gnome-askpass -l pt_BR +Esse pacote contém um programa que abre uma caixa de diálogo para +entrada de passphrase no GNOME. + %prep %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 %patch3 -p1 %build +aclocal autoconf + +%if %{!?_without_embed:1}%{?_without_embed:0} %configure \ - --with-gnome-askpass \ - --with-tcp-wrappers \ + --without-gnome-askpass \ + --without-pam \ + --without-shadow \ + --with-mantype=man \ --with-md5-passwords \ --with-ipaddr-display \ - --enable-ipv6 \ --with-4in6 \ - --enable-log-auth + --disable-suid-ssh \ + --without-tcp-wrappers \ + --with-pid-dir=%{_localstatedir}/run \ + CC=%{embed_cc} CFLAGS="%{embed_cflags}" echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h +%{__make} + +for f in %{embed_binaries} ; do + mv -f $f $f-embed-shared +done + +%{__make} LDFLAGS="'-static -L. -Lopenbsd-compat/'" -make -cd contrib && gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` \ - gnome-ssh-askpass.c -o gnome-ssh-askpass \ - `gnome-config --libs gnome gnomeui` +for f in %{embed_binaries} ; do + mv -f $f $f-embed-static +done + +%{__make} distclean +%endif + +%configure \ + %{!?_without_gnome:--with-gnome-askpass} \ + --with-pam \ + --with-mantype=man \ + --with-md5-passwords \ + --with-ipaddr-display \ + --with-4in6 \ + --disable-suid-ssh \ + --with-tcp-wrappers \ + --with-pid-dir=%{_localstatedir}/run + +echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h + +%{__make} + +%{!?_without_gnome:cd contrib && %{__cc} %{rpmcflags} `gnome-config --cflags gnome gnomeui gtk` } \ +%{!?_without_gnome: gnome-ssh-askpass.c -o gnome-ssh-askpass } \ +%{!?_without_gnome: `gnome-config --libs gnome gnomeui gtk` } %install rm -rf $RPM_BUILD_ROOT - install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}} -make install DESTDIR="$RPM_BUILD_ROOT" +%{__make} install DESTDIR="$RPM_BUILD_ROOT" install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh @@ -188,25 +319,28 @@ install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh -install -s contrib/gnome-ssh-askpass \ - $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass +%{!?_without_gnome:install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass} -gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \ - $RPM_BUILD_ROOT/%{_mandir}/man*/* +rm -f $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1 +echo ".so man1/ssh.1" > $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1 + +gzip -9nf *.RNG TODO README OVERVIEW CREDITS Change* touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd - + +%if %{!?_without_embed:1}%{?_without_embed:0} +install -d $RPM_BUILD_ROOT/%{embed_path}/{shared,static} +for f in %{embed_binaries} ; do + install $f-embed-static $RPM_BUILD_ROOT/%{embed_path}/static/$f + install $f-embed-shared $RPM_BUILD_ROOT/%{embed_path}/shared/$f +done +%endif + %clean rm -rf $RPM_BUILD_ROOT %post server /sbin/chkconfig --add sshd -if [ ! -f %{_sysconfdir}/ssh_host_key -o ! -s %{_sysconfdir}/ssh_host_key ]; then - %{_bindir}/ssh-keygen -b 1024 -f %{_sysconfdir}/ssh_host_key -N '' 1>&2 -fi -if [ ! -f %{_sysconfdir}/ssh_host_dsa_key -o ! -s %{_sysconfdir}/ssh_host_dsa_key ]; then - %{_bindir}/ssh-keygen -d -f %{_sysconfdir}/ssh_host_dsa_key -N '' 1>&2 -fi if [ -f /var/lock/subsys/sshd ]; then /etc/rc.d/init.d/sshd restart 1>&2 else @@ -217,7 +351,7 @@ if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then fi %preun server -if [ "$1" = 0 ]; then +if [ "$1" = "0" ]; then if [ -f /var/lock/subsys/sshd ]; then /etc/rc.d/init.d/sshd stop 1>&2 fi @@ -226,19 +360,23 @@ fi %files %defattr(644,root,root,755) -%doc {ChangeLog,OVERVIEW,COPYING.Ylonen,README,README.Ylonen,UPGRADING}.gz -%attr(755,root,root) %{_bindir}/ssh-keygen -%{_mandir}/man1/ssh-keygen.1* +%doc *.gz +%attr(755,root,root) %{_bindir}/ssh-key* +%{_mandir}/man1/ssh-key*.1* %dir %{_sysconfdir} %files clients %defattr(644,root,root,755) %attr(0755,root,root) %{_bindir}/ssh +%attr(0755,root,root) %{_bindir}/slogin +%attr(0755,root,root) %{_bindir}/sftp %attr(0755,root,root) %{_bindir}/ssh-agent %attr(0755,root,root) %{_bindir}/ssh-add %attr(755,root,root) %{_bindir}/scp %{_mandir}/man1/scp.1* %{_mandir}/man1/ssh.1* +%{_mandir}/man1/slogin.1* +%{_mandir}/man1/sftp.1* %{_mandir}/man1/ssh-agent.1* %{_mandir}/man1/ssh-add.1* %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config @@ -246,14 +384,24 @@ fi %files server %defattr(644,root,root,755) %attr(755,root,root) %{_sbindir}/sshd +%attr(755,root,root) %{_libexecdir}/sftp-server +%dir %{_libexecdir} %{_mandir}/man8/sshd.8* +%{_mandir}/man8/sftp-server.8* %attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sshd_config %attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd +%attr(640,root,root) %{_sysconfdir}/moduli %attr(754,root,root) /etc/rc.d/init.d/sshd %attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd %attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd -%files gnome-askpass +%{!?_without_gnome:%files gnome-askpass} +%{!?_without_gnome:%defattr(644,root,root,755)} +%{!?_without_gnome:%dir %{_libexecdir}/ssh} +%{!?_without_gnome:%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass} + +%if %{!?_without_embed:1}%{?_without_embed:0} +%files embed %defattr(644,root,root,755) -%dir %{_libexecdir}/ssh -%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass +%attr(755,root,root) %{embed_path}/*/* +%endif