X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=openssh.spec;h=fb9293c2d3433556829d88f6531db156e741dd08;hb=9880a59f756b36e134de49bbf95e5c9615fcf80c;hp=315173f885e0366bd2246de910aa39d785191140;hpb=35cb43f788539c3bbdc2f68066a256cdc2552222;p=packages%2Fopenssh.git

diff --git a/openssh.spec b/openssh.spec
index 315173f..fb9293c 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -73,7 +73,6 @@ Patch15:	%{name}-disable_ldap.patch
 Patch16:	libseccomp-sandbox.patch
 URL:		http://www.openssh.com/portable.html
 BuildRequires:	%{__perl}
-%{?with_tests:BuildRequires:	%{name}-server}
 %{?with_audit:BuildRequires:	audit-libs-devel}
 BuildRequires:	autoconf >= 2.50
 BuildRequires:	automake
@@ -93,6 +92,9 @@ BuildRequires:	sed >= 4.0
 # libseccomp based sandbox requires NO_NEW_PRIVS prctl flag
 %{?with_tests:BuildRequires:	uname(release) >= 3.5}
 BuildRequires:	zlib-devel >= 1.2.3
+%if %{with tests} && 0%(id -u sshd 2>/dev/null; echo $?)
+BuildRequires:	%{name}-server
+%endif
 Requires:	zlib >= 1.2.3
 %if "%{pld_release}" == "ac"
 Requires:	filesystem >= 2.0-1
@@ -578,6 +580,7 @@ CPPFLAGS="%{rpmcppflags} -DCHROOT -std=gnu99"
 	--with-pam \
 	--with-pid-dir=%{_localstatedir}/run \
 	--with-privsep-path=%{_privsepdir} \
+	--with-privsep-user=sshd \
 %if "%{pld_release}" != "ac"
 	--with-sandbox=libseccomp_filter \
 %endif
@@ -615,23 +618,8 @@ install -d $RPM_BUILD_ROOT/etc/{profile.d,X11/xinit/xinitrc.d}
 
 bzip2 -dc %{SOURCE1} | tar xf - -C $RPM_BUILD_ROOT%{_mandir}
 
-cp -p %{SOURCE3} sshd.pam
-install -p %{SOURCE2} sshd.init
-
-%if "%{pld_release}" == "ac"
-# not present in ac, no point searching it
-%{__sed} -i -e '/pam_keyinit.so/d' sshd.pam
-# openssl on ac does not have OPENSSL_HAS_ECC
-%{__sed} -i -e '/ecdsa/d' sshd.init
-%endif
-
-%if %{without audit}
-# remove recording user's login uid to the process attribute
-%{__sed} -i -e '/pam_loginuid.so/d' sshd.pam
-%endif
-
-install -p sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-cp -p sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -p %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
+cp -p %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/sshd
 cp -p %{SOURCE4} $RPM_BUILD_ROOT/etc/sysconfig/sshd
 cp -p %{SOURCE5} $RPM_BUILD_ROOT/etc/profile.d
 ln -sf /etc/profile.d/ssh-agent.sh $RPM_BUILD_ROOT/etc/X11/xinit/xinitrc.d/ssh-agent.sh
@@ -643,7 +631,7 @@ cp -p %{SOURCE9} %{SOURCE11} %{SOURCE12} $RPM_BUILD_ROOT%{systemdunitdir}
 install -p %{SOURCE10} $RPM_BUILD_ROOT%{_libexecdir}/sshd-keygen
 
 %{__sed} -e 's|@@LIBEXECDIR@@|%{_libexecdir}|g' \
-	$RPM_BUILD_ROOT%{systemdunitdir}/sshd.service
+	$RPM_BUILD_ROOT%{systemdunitdir}/sshd.service \
 	$RPM_BUILD_ROOT%{_libexecdir}/sshd-keygen
 
 %if %{with gnome}
@@ -674,6 +662,18 @@ cat << 'EOF' > $RPM_BUILD_ROOT/etc/env.d/SSH_ASKPASS
 #SSH_ASKPASS="%{_libexecdir}/ssh-askpass"
 EOF
 
+%if "%{pld_release}" == "ac"
+# not present in ac, no point searching it
+%{__sed} -i -e '/pam_keyinit.so/d' $RPM_BUILD_ROOT/etc/pam.d/sshd
+# openssl on ac does not have OPENSSL_HAS_ECC
+%{__sed} -i -e '/ecdsa/d' $RPM_BUILD_ROOT%{_libexecdir}/sshd-keygen
+%endif
+
+%if %{without audit}
+# remove recording user's login uid to the process attribute
+%{__sed} -i -e '/pam_loginuid.so/d' $RPM_BUILD_ROOT/etc/pam.d/sshd
+%endif
+
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/README.openssh-non-english-man-pages
 %{?with_ldap:%{__rm} $RPM_BUILD_ROOT%{_sysconfdir}/ldap.conf}