X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=openssh.spec;h=33801db6c25b9f5b5f765aedaf88a0e3a75cc0eb;hb=a0e66996eccb444b6a3c377a0112399218d48fed;hp=b8d32c00813c2f6b878f6ff599263d4582350f42;hpb=566fead14e4a3c6ab6f91d9d2b5ca09b79d0185f;p=packages%2Fopenssh.git diff --git a/openssh.spec b/openssh.spec index b8d32c0..33801db 100644 --- a/openssh.spec +++ b/openssh.spec @@ -1,10 +1,12 @@ # # Conditional build: -%bcond_with gnome # without gnome-askpass utility -%bcond_without gtk # without gtk (2.x) +%bcond_without chroot # without chrooted user environment support +%bcond_with gnome # with gnome-askpass (GNOME 1.x) utility +%bcond_without gtk # without GTK+ (2.x) %bcond_with ldap # with ldap support +%bcond_without libedit # without libedit (editline/history support in sftp client) %bcond_without kerberos5 # without kerberos5 support -%bcond_without chroot # without chrooted user environment support +%bcond_without selinux # build without SELinux support %bcond_with sshagentsh # with system-wide script for starting ssh-agent # # gtk2-based gnome-askpass means no gnome1-based @@ -20,13 +22,13 @@ Summary(pt_BR): Implementa Summary(ru): OpenSSH - Ó×ÏÂÏÄÎÁÑ ÒÅÁÌÉÚÁÃÉÑ ÐÒÏÔÏËÏÌÁ Secure Shell (SSH) Summary(uk): OpenSSH - צÌØÎÁ ÒÅÁ̦ÚÁÃ¦Ñ ÐÒÏÔÏËÏÌÕ Secure Shell (SSH) Name: openssh -Version: 3.9p1 -Release: 0.1 +Version: 4.0p1 +Release: 2 Epoch: 2 License: BSD Group: Applications/Networking Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz -# Source0-md5: 8e1774d0b52aff08f817f3987442a16e +# Source0-md5: 7b36f28fc16e1b7f4ba3c1dca191ac92 Source1: %{name}d.conf Source2: %{name}.conf Source3: %{name}d.init @@ -35,18 +37,18 @@ Source5: %{name}.sysconfig Source6: passwd.pamd Source7: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/openssh-non-english-man-pages.tar.bz2 # Source7-md5: 66943d481cc422512b537bcc2c7400d1 -Source9: http://www.imasy.or.jp/~gotoh/ssh/connect.c -# NoSource9-md5: c78de727e1208799072be78c05d64398 -Source10: http://www.imasy.or.jp/~gotoh/ssh/connect.html -# NoSource10-md5: f14cb61fafd067a3f5ce4eaa9643bf05 +Source9: http://www.taiyo.co.jp/~gotoh/ssh/connect.c +# NoSource9-md5: e1c3cbed88f08ea778d90813d48cd428 +Source10: http://www.taiyo.co.jp/~gotoh/ssh/connect.html +# NoSource10-md5: ec74f3e3b2ea3a7dc84c7988235b6fcf Source11: ssh-agent.sh Source12: ssh-agent.conf Patch0: %{name}-no_libnsl.patch Patch2: %{name}-linux-ipv6.patch Patch3: %{name}-pam_misc.patch Patch4: %{name}-sigpipe.patch -# http://ldappubkey.gcu-squad.org/ -Patch5: ldappubkey-ossh3.6-v2.patch +# http://www.opendarwin.org/projects/openssh-lpk/ +Patch5: %{name}-lpk-4.0p1-0.3.patch Patch6: %{name}-heimdal.patch Patch7: %{name}-pam-conv.patch # http://chrootssh.sourceforge.net/download/osshChroot-3.7.1p2.diff @@ -59,13 +61,15 @@ BuildRequires: automake %{?with_gnome:BuildRequires: gnome-libs-devel} %{?with_gtk:BuildRequires: gtk+2-devel} %{?with_kerberos5:BuildRequires: heimdal-devel} -BuildRequires: libselinux-devel +%{?with_libedit:BuildRequires: libedit-devel} +%{?with_selinux:BuildRequires: libselinux-devel} BuildRequires: libwrap-devel %{?with_ldap:BuildRequires: openldap-devel} BuildRequires: openssl-devel >= 0.9.7d BuildRequires: pam-devel BuildRequires: %{__perl} %{?with_gtk:BuildRequires: pkgconfig} +BuildRequires: rpmbuild(macros) >= 1.159 BuildRequires: zlib-devel PreReq: FHS >= 2.1-24 PreReq: openssl >= 0.9.7d @@ -133,7 +137,7 @@ inoltrate attraverso un canale sicuro. Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie -pomiedzy dwoma hostami. +pomiêdzy dwoma hostami. Ten pakiet zawiera podstawowe pliki potrzebne zarówno po stronie klienta jak i serwera OpenSSH. Aby by³ u¿yteczny, trzeba zainstalowaæ @@ -229,7 +233,7 @@ conexiones codificadas con servidores SSH. Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie -pomiedzy dwoma hostami. +pomiêdzy dwoma hostami. Ten pakiet zawiera klientów s³u¿±cych do ³±czenia siê z serwerami SSH. @@ -274,6 +278,7 @@ Requires(postun): /usr/sbin/userdel Requires: /bin/login Requires: util-linux Requires: pam >= 0.77.3 +Provides: user(sshd) Provides: ssh-server %description server @@ -309,7 +314,7 @@ Questo pacchetto installa sshd, il server di OpenSSH. Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie -pomiedzy dwoma hostami. +pomiêdzy dwoma hostami. Ten pakiet zawiera serwer sshd (do którego mog± ³±czyæ siê klienci ssh). @@ -376,7 +381,7 @@ entrada de passphrase en GNOME. Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin, rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie -pomiedzy dwoma hostami. +pomiêdzy dwoma hostami. Ten pakiet zawiera ,,odpytywacz has³a'' dla GNOME. @@ -408,8 +413,8 @@ GNOME. %{?with_kerberos5:%patch6 -p1} #%patch7 -p1 %patch8 -p1 -%patch9 -p1 -%patch10 -p1 +%{?with_selinux:%patch9 -p1} +%{?with_selinux:%patch10 -p1} %build cp %{_datadir}/automake/config.sub . @@ -423,6 +428,7 @@ cp %{_datadir}/automake/config.sub . --with-mantype=man \ --with-md5-passwords \ --with-ipaddr-display \ + %{?with_libedit:--with-libedit} \ --with-4in6 \ --disable-suid-ssh \ --with-tcp-wrappers \ @@ -453,7 +459,7 @@ cd contrib %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}} \ +install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security,env.d}} \ $RPM_BUILD_ROOT%{_libexecdir}/ssh %{?with_sshagentsh:install -d $RPM_BUILD_ROOT/etc/{profile.d,X11/xinit/xinitrc.d}} @@ -477,10 +483,17 @@ bzip2 -dc %{SOURCE7} | tar xf - -C $RPM_BUILD_ROOT%{_mandir} %if %{with gnome} install contrib/gnome-ssh-askpass1 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass -ln -s %{_libexecdir}/ssh/ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh-askpass %endif %if %{with gtk} install contrib/gnome-ssh-askpass2 $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass +%endif +%if %{with gnome} || %{with gtk} +cat << EOF >$RPM_BUILD_ROOT/etc/env.d/GNOME_SSH_ASKPASS_GRAB_SERVER +#GNOME_SSH_ASKPASS_GRAB_SERVER="true" +EOF +cat << EOF >$RPM_BUILD_ROOT/etc/env.d/GNOME_SSH_ASKPASS_GRAB_POINTER +#GNOME_SSH_ASKPASS_GRAB_POINTER="true" +EOF ln -s %{_libexecdir}/ssh/ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/ssh-askpass %endif @@ -489,17 +502,21 @@ echo ".so ssh.1" > $RPM_BUILD_ROOT%{_mandir}/man1/slogin.1 touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd +cat << EOF >$RPM_BUILD_ROOT/etc/env.d/SSH_ASKPASS +#SSH_ASKPASS="%{_libexecdir}/ssh-askpass" +EOF + %clean rm -rf $RPM_BUILD_ROOT %pre server -if [ -n "`id -u sshd 2>/dev/null`" ]; then - if [ "`id -u sshd`" != "40" ]; then +if [ -n "`/bin/id -u sshd 2>/dev/null`" ]; then + if [ "`/bin/id -u sshd`" != "40" ]; then echo "Error: user sshd doesn't have uid=40. Correct this before installing ssh server." 1>&2 exit 1 fi else - /usr/sbin/useradd -u 40 -d %{_privsepdir} -s /bin/false -M -r -c "OpenSSH PrivSep User" -g nobody sshd 1>&2 + /usr/sbin/useradd -u 40 -d %{_privsepdir} -s /bin/false -c "OpenSSH PrivSep User" -g nobody sshd 1>&2 fi %post server @@ -524,7 +541,7 @@ fi %postun server if [ "$1" = "0" ]; then - /usr/sbin/userdel sshd + %userremove sshd fi %files @@ -533,6 +550,7 @@ fi %attr(755,root,root) %{_bindir}/ssh-key* %{_mandir}/man1/ssh-key*.1* %dir %{_sysconfdir} +%dir %{_libexecdir} %files clients %defattr(644,root,root,755) @@ -545,6 +563,7 @@ fi %attr(755,root,root) %{_bindir}/ssh-add %attr(755,root,root) %{_bindir}/scp %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config +%attr(644,root,root) %config(noreplace,missingok) %verify(not md5 size mtime) /etc/env.d/SSH_ASKPASS %if %{with sshagentsh} %config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh-agent.conf %attr(755,root,root) /etc/profile.d/ssh-agent.sh @@ -571,7 +590,6 @@ fi %attr(755,root,root) %{_sbindir}/sshd %attr(755,root,root) %{_libexecdir}/sftp-server %attr(755,root,root) %{_libexecdir}/ssh-keysign -%dir %{_libexecdir} %{_mandir}/man8/sshd.8* %{_mandir}/man8/sftp-server.8* %{_mandir}/man8/ssh-keysign.8* @@ -586,6 +604,7 @@ fi %if %{with gnome} || %{with gtk} %files gnome-askpass %defattr(644,root,root,755) +%attr(644,root,root) %config(noreplace,missingok) %verify(not md5 size mtime) /etc/env.d/GNOME_SSH_ASKPASS* %dir %{_libexecdir}/ssh %attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass %attr(755,root,root) %{_libexecdir}/ssh-askpass