[gssapi-openssh.git] / openssh / contrib / caldera / openssh.spec


# Some of this will need re-evaluation post-LSB.  The SVIdir is there
# because the link appeared broken.  The rest is for easy compilation,
# the tradeoff open to discussion.  (LC957)

%define	SVIdir		/etc/rc.d/init.d
%{!?_defaultdocdir:%define	_defaultdocdir	%{_prefix}/share/doc/packages}
%{!?SVIcdir:%define		SVIcdir		/etc/sysconfig/daemons}

%define _mandir		%{_prefix}/share/man/en
%define _sysconfdir	/etc/ssh
%define	_libexecdir	%{_libdir}/ssh

# Do we want to disable root_login? (1=yes 0=no)
%define no_root_login 0

#old cvs stuff.  please update before use.  may be deprecated.
%define use_stable	1
%if %{use_stable}
  %define version 	5.3p1
  %define cvs		%{nil}
  %define release 	1
%else
  %define version 	5.3p1
  %define cvs		cvs20050315
  %define release 	0r1
%endif
%define xsa		x11-ssh-askpass		
%define askpass		%{xsa}-1.2.4.1

# OpenSSH privilege separation requires a user & group ID
%define sshd_uid    67
%define sshd_gid    67

Name        	: openssh
Version     	: %{version}%{cvs}
Release     	: %{release}
Group       	: System/Network

Summary     	: OpenSSH free Secure Shell (SSH) implementation.
Summary(de) 	: OpenSSH - freie Implementation der Secure Shell (SSH).
Summary(es) 	: OpenSSH implementaci�n libre de Secure Shell (SSH).
Summary(fr) 	: Impl�mentation libre du shell s�curis� OpenSSH (SSH).
Summary(it) 	: Implementazione gratuita OpenSSH della Secure Shell.
Summary(pt) 	: Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH).
Summary(pt_BR) 	: Implementa��o livre OpenSSH do protocolo Secure Shell (SSH).

Copyright   	: BSD
Packager    	: Raymund Will <ray@caldera.de>
URL         	: http://www.openssh.com/

Obsoletes   	: ssh, ssh-clients, openssh-clients

BuildRoot   	: /tmp/%{name}-%{version}
BuildRequires	: XFree86-imake

# %{use_stable}==1:	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
# %{use_stable}==0:	:pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
Source0: see-above:/.../openssh-%{version}.tar.gz
%if %{use_stable}
Source1: see-above:/.../openssh-%{version}.tar.gz.sig
%endif
Source2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz
Source3: http://www.openssh.com/faq.html

%Package server
Group       	: System/Network
Requires    	: openssh = %{version}
Obsoletes   	: ssh-server

Summary     	: OpenSSH Secure Shell protocol server (sshd).
Summary(de) 	: OpenSSH Secure Shell Protocol-Server (sshd).
Summary(es) 	: Servidor del protocolo OpenSSH Secure Shell (sshd).
Summary(fr) 	: Serveur de protocole du shell s�curis� OpenSSH (sshd).
Summary(it) 	: Server OpenSSH per il protocollo Secure Shell (sshd).
Summary(pt) 	: Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
Summary(pt_BR) 	: Servidor do protocolo Secure Shell OpenSSH (sshd).


%Package askpass
Group       	: System/Network
Requires    	: openssh = %{version}
URL       	: http://www.jmknoble.net/software/x11-ssh-askpass/
Obsoletes   	: ssh-extras

Summary     	: OpenSSH X11 pass-phrase dialog.
Summary(de) 	: OpenSSH X11 Passwort-Dialog.
Summary(es) 	: Aplicaci�n de petici�n de frase clave OpenSSH X11.
Summary(fr) 	: Dialogue pass-phrase X11 d'OpenSSH.
Summary(it) 	: Finestra di dialogo X11 per la frase segreta di OpenSSH.
Summary(pt) 	: Di�logo de pedido de senha para X11 do OpenSSH.
Summary(pt_BR) 	: Di�logo de pedido de senha para X11 do OpenSSH.


%Description
OpenSSH (Secure Shell) provides access to a remote system. It replaces
telnet, rlogin,  rexec, and rsh, and provides secure encrypted 
communications between two untrusted hosts over an insecure network.  
X11 connections and arbitrary TCP/IP ports can also be forwarded over 
the secure channel.

%Description -l de
OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
telnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte
Verbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres
Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso
�ber den sicheren Channel weitergeleitet werden.

%Description -l es
OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
entre dos equipos entre los que no se ha establecido confianza a trav�s de una
red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden
ser canalizadas sobre el canal seguro.

%Description -l fr
OpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace
telnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es
securis�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des
connexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre
transmis sur le canal s�curis�.

%Description -l it
OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
e crittate tra due host non fidati su una rete non sicura. Le connessioni
X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
un canale sicuro.

%Description -l pt
OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas
entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
Liga��es X11 e portos TCP/IP arbitr�rios tamb�m poder ser reenviados
pelo canal seguro.

%Description -l pt_BR
O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas
entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
Liga��es X11 e portas TCP/IP arbitr�rias tamb�m podem ser reenviadas
pelo canal seguro.

%Description server
This package installs the sshd, the server portion of OpenSSH. 

%Description -l de server
Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.

%Description -l es server
Este paquete instala sshd, la parte servidor de OpenSSH.

%Description -l fr server
Ce paquetage installe le 'sshd', partie serveur de OpenSSH.

%Description -l it server
Questo pacchetto installa sshd, il server di OpenSSH.

%Description -l pt server
Este pacote intala o sshd, o servidor do OpenSSH.

%Description -l pt_BR server
Este pacote intala o sshd, o servidor do OpenSSH.

%Description askpass
This package contains an X11-based pass-phrase dialog used per
default by ssh-add(1). It is based on %{askpass}
by Jim Knoble <jmknoble@pobox.com>.


%Prep
%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2
%if ! %{use_stable}
  autoreconf
%endif


%Build
CFLAGS="$RPM_OPT_FLAGS" \
%configure \
            --with-pam \
            --with-tcp-wrappers \
	    --with-privsep-path=%{_var}/empty/sshd \
	    #leave this line for easy edits.

%__make CFLAGS="$RPM_OPT_FLAGS"

cd %{askpass}
%configure \
	    #leave this line for easy edits.

xmkmf
%__make includes
%__make


%Install
[ %{buildroot} != "/" ] && rm -rf %{buildroot}

make install DESTDIR=%{buildroot}
%makeinstall -C %{askpass} \
    BINDIR=%{_libexecdir} \
    MANPATH=%{_mandir} \
    DESTDIR=%{buildroot}

# OpenLinux specific configuration
mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
mkdir -p %{buildroot}%{_var}/empty/sshd

# enabling X11 forwarding on the server is convenient and okay,
# on the client side it's a potential security risk!
%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
    %{buildroot}%{_sysconfdir}/sshd_config

%if %{no_root_login}
%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
    %{buildroot}%{_sysconfdir}/sshd_config
%endif

install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
# FIXME: disabled, find out why this doesn't work with nis
%__perl -pi -e 's:(.*pam_limits.*):#$1:' \
    %{buildroot}/etc/pam.d/sshd

install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd

# the last one is needless, but more future-proof
find %{buildroot}%{SVIdir} -type f -exec \
    %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
		    s:\@sysconfdir\@:%{_sysconfdir}:g; \
		    s:/usr/sbin:%{_sbindir}:g'\
    \{\} \;

cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
	IDENT=sshd
	DESCRIPTIVE="OpenSSH secure shell daemon"
	# This service will be marked as 'skipped' on boot if there
	# is no host key. Use ssh-host-keygen to generate one
	ONBOOT="yes"
	OPTIONS=""
EoD

SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
install -m 0755 contrib/caldera/ssh-host-keygen $SKG
# Fix up some path names in the keygen toy^Hol
    %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
		    s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
	%{buildroot}%{_sbindir}/ssh-host-keygen

# This looks terrible.  Expect it to change.
# install remaining docs
DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
mkdir -p $DocD/%{askpass}
cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO PROTOCOL* $DocD
install -p -m 0444 %{SOURCE3}  $DocD/faq.html
cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad}  $DocD/%{askpass}
%if %{use_stable}
  cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
%else
  cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
  ln -s  %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
%endif

find %{buildroot}%{_mandir} -type f -not -name	'*.gz' -print0 | xargs -0r %__gzip -9nf
rm %{buildroot}%{_mandir}/man1/slogin.1 && \
    ln -s %{_mandir}/man1/ssh.1.gz \
    %{buildroot}%{_mandir}/man1/slogin.1.gz


%Clean
#%{rmDESTDIR}
[ %{buildroot} != "/" ] && rm -rf %{buildroot}

%Post
# Generate host key when none is present to get up and running,
# both client and server require this for host-based auth!
# ssh-host-keygen checks for existing keys.
/usr/sbin/ssh-host-keygen
: # to protect the rpm database

%pre server
%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || :
%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
	-c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || :
: # to protect the rpm database

%Post server
if [ -x %{LSBinit}-install ]; then
  %{LSBinit}-install sshd
else
  lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
fi

! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
: # to protect the rpm database


%PreUn server
[ "$1" = 0 ] || exit 0
! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
if [ -x %{LSBinit}-remove ]; then
  %{LSBinit}-remove sshd
else
  lisa --SysV-init remove sshd $1
fi
: # to protect the rpm database

%Files 
%defattr(-,root,root)
%dir %{_sysconfdir}
%config %{_sysconfdir}/ssh_config
%{_bindir}/scp
%{_bindir}/sftp
%{_bindir}/ssh
%{_bindir}/slogin
%{_bindir}/ssh-add
%attr(2755,root,nobody) %{_bindir}/ssh-agent
%{_bindir}/ssh-keygen
%{_bindir}/ssh-keyscan
%dir %{_libexecdir}
%attr(4711,root,root) %{_libexecdir}/ssh-keysign
%{_sbindir}/ssh-host-keygen
%dir %{_defaultdocdir}/%{name}-%{version}
%{_defaultdocdir}/%{name}-%{version}/CREDITS
%{_defaultdocdir}/%{name}-%{version}/ChangeLog
%{_defaultdocdir}/%{name}-%{version}/LICENCE
%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
%{_defaultdocdir}/%{name}-%{version}/README*
%{_defaultdocdir}/%{name}-%{version}/TODO
%{_defaultdocdir}/%{name}-%{version}/faq.html
%{_mandir}/man1/*
%{_mandir}/man8/ssh-keysign.8.gz
%{_mandir}/man5/ssh_config.5.gz
 
%Files server
%defattr(-,root,root)
%dir %{_var}/empty/sshd
%config %{SVIdir}/sshd
%config /etc/pam.d/sshd
%config %{_sysconfdir}/moduli
%config %{_sysconfdir}/sshd_config
%config %{SVIcdir}/sshd
%{_libexecdir}/sftp-server
%{_sbindir}/sshd
%{_mandir}/man5/moduli.5.gz
%{_mandir}/man5/sshd_config.5.gz
%{_mandir}/man8/sftp-server.8.gz
%{_mandir}/man8/sshd.8.gz
 
%Files askpass
%defattr(-,root,root)
%{_libexecdir}/ssh-askpass
%{_libexecdir}/x11-ssh-askpass
%{_defaultdocdir}/%{name}-%{version}/%{askpass}
 

%ChangeLog
* Mon Jan 01 1998 ...
Template Version: 1.31

$Id$
Commit	Line	Data
680cee3b	1
	2	# Some of this will need re-evaluation post-LSB. The SVIdir is there
	3	# because the link appeared broken. The rest is for easy compilation,
	4	# the tradeoff open to discussion. (LC957)
	5
	6	%define SVIdir /etc/rc.d/init.d
	7	%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages}
	8	%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons}
	9
	10	%define _mandir %{_prefix}/share/man/en
	11	%define _sysconfdir /etc/ssh
	12	%define _libexecdir %{_libdir}/ssh
	13
	14	# Do we want to disable root_login? (1=yes 0=no)
	15	%define no_root_login 0
	16
	17	#old cvs stuff. please update before use. may be deprecated.
	18	%define use_stable 1
	19	%if %{use_stable}
3d738e65	20	%define version 5.3p1
3c0ef626	21	%define cvs %{nil}
0fff78ff	22	%define release 1
3c0ef626	23	%else
3d738e65	24	%define version 5.3p1
dec6d9fe	25	%define cvs cvs20050315
3c0ef626	26	%define release 0r1
	27	%endif
	28	%define xsa x11-ssh-askpass
	29	%define askpass %{xsa}-1.2.4.1
	30
680cee3b	31	# OpenSSH privilege separation requires a user & group ID
	32	%define sshd_uid 67
	33	%define sshd_gid 67
	34
3c0ef626	35	Name : openssh
	36	Version : %{version}%{cvs}
	37	Release : %{release}
	38	Group : System/Network
	39
	40	Summary : OpenSSH free Secure Shell (SSH) implementation.
680cee3b	41	Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
	42	Summary(es) : OpenSSH implementaci�n libre de Secure Shell (SSH).
	43	Summary(fr) : Impl�mentation libre du shell s�curis� OpenSSH (SSH).
	44	Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
	45	Summary(pt) : Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH).
	46	Summary(pt_BR) : Implementa��o livre OpenSSH do protocolo Secure Shell (SSH).
3c0ef626	47
	48	Copyright : BSD
	49	Packager : Raymund Will <ray@caldera.de>
	50	URL : http://www.openssh.com/
	51
	52	Obsoletes : ssh, ssh-clients, openssh-clients
	53
680cee3b	54	BuildRoot : /tmp/%{name}-%{version}
680cee3b	55	BuildRequires : XFree86-imake
3c0ef626	56
680cee3b	57	# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
	58	# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
	59	Source0: see-above:/.../openssh-%{version}.tar.gz
	60	%if %{use_stable}
	61	Source1: see-above:/.../openssh-%{version}.tar.gz.sig
3c0ef626	62	%endif
c9f39d2c	63	Source2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz
3c0ef626	64	Source3: http://www.openssh.com/faq.html
3c0ef626	65
3c0ef626	66	%Package server
3c0ef626	67	Group : System/Network
680cee3b	68	Requires : openssh = %{version}
3c0ef626	69	Obsoletes : ssh-server
	70
	71	Summary : OpenSSH Secure Shell protocol server (sshd).
680cee3b	72	Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd).
	73	Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
	74	Summary(fr) : Serveur de protocole du shell s�curis� OpenSSH (sshd).
	75	Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
	76	Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
	77	Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd).
3c0ef626	78
	79
	80	%Package askpass
	81	Group : System/Network
680cee3b	82	Requires : openssh = %{version}
c9f39d2c	83	URL : http://www.jmknoble.net/software/x11-ssh-askpass/
3c0ef626	84	Obsoletes : ssh-extras
	85
	86	Summary : OpenSSH X11 pass-phrase dialog.
680cee3b	87	Summary(de) : OpenSSH X11 Passwort-Dialog.
	88	Summary(es) : Aplicaci�n de petici�n de frase clave OpenSSH X11.
	89	Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
	90	Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
	91	Summary(pt) : Di�logo de pedido de senha para X11 do OpenSSH.
	92	Summary(pt_BR) : Di�logo de pedido de senha para X11 do OpenSSH.
3c0ef626	93
3c0ef626	94
680cee3b	95	%Description
	96	OpenSSH (Secure Shell) provides access to a remote system. It replaces
	97	telnet, rlogin, rexec, and rsh, and provides secure encrypted
	98	communications between two untrusted hosts over an insecure network.
	99	X11 connections and arbitrary TCP/IP ports can also be forwarded over
	100	the secure channel.
3c0ef626	101
680cee3b	102	%Description -l de
	103	OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
	104	telnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte
	105	Verbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres
	106	Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso
	107	�ber den sicheren Channel weitergeleitet werden.
	108
	109	%Description -l es
	110	OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
	111	telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
	112	entre dos equipos entre los que no se ha establecido confianza a trav�s de una
	113	red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden
	114	ser canalizadas sobre el canal seguro.
	115
	116	%Description -l fr
	117	OpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace
	118	telnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es
	119	securis�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des
	120	connexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre
	121	transmis sur le canal s�curis�.
	122
	123	%Description -l it
	124	OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
	125	Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
	126	e crittate tra due host non fidati su una rete non sicura. Le connessioni
	127	X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
	128	un canale sicuro.
	129
	130	%Description -l pt
	131	OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
	132	telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas
	133	entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
	134	Liga��es X11 e portos TCP/IP arbitr�rios tamb�m poder ser reenviados
	135	pelo canal seguro.
	136
	137	%Description -l pt_BR
	138	O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
	139	telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas
	140	entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
	141	Liga��es X11 e portas TCP/IP arbitr�rias tamb�m podem ser reenviadas
	142	pelo canal seguro.
	143
	144	%Description server
	145	This package installs the sshd, the server portion of OpenSSH.
	146
	147	%Description -l de server
	148	Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
	149
	150	%Description -l es server
	151	Este paquete instala sshd, la parte servidor de OpenSSH.
	152
	153	%Description -l fr server
	154	Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
	155
	156	%Description -l it server
	157	Questo pacchetto installa sshd, il server di OpenSSH.
	158
	159	%Description -l pt server
	160	Este pacote intala o sshd, o servidor do OpenSSH.
	161
	162	%Description -l pt_BR server
	163	Este pacote intala o sshd, o servidor do OpenSSH.
	164
	165	%Description askpass
166	This package contains an X11-based pass-phrase dialog used per
167	default by ssh-add(1). It is based on %{askpass}
168	by Jim Knoble <jmknoble@pobox.com>.
169
170
171	%Prep
172	%setup %([ -z "%{cvs}" ] \|\| echo "-n %{name}_cvs") -a2
173	%if ! %{use_stable}
3c0ef626	174	autoreconf
	175	%endif
	176
	177
	178	%Build
	179	CFLAGS="$RPM_OPT_FLAGS" \
680cee3b	180	%configure \
3c0ef626	181	--with-pam \
3c0ef626	182	--with-tcp-wrappers \
680cee3b	183	--with-privsep-path=%{_var}/empty/sshd \
680cee3b	184	#leave this line for easy edits.
3c0ef626	185
680cee3b	186	%__make CFLAGS="$RPM_OPT_FLAGS"
3c0ef626	187
3c0ef626	188	cd %{askpass}
680cee3b	189	%configure \
	190	#leave this line for easy edits.
	191
3c0ef626	192	xmkmf
680cee3b	193	%__make includes
680cee3b	194	%__make
3c0ef626	195
	196
	197	%Install
680cee3b	198	[ %{buildroot} != "/" ] && rm -rf %{buildroot}
3c0ef626	199
6a9b3198	200	make install DESTDIR=%{buildroot}
680cee3b	201	%makeinstall -C %{askpass} \
	202	BINDIR=%{_libexecdir} \
	203	MANPATH=%{_mandir} \
	204	DESTDIR=%{buildroot}
3c0ef626	205
3c0ef626	206	# OpenLinux specific configuration
680cee3b	207	mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
680cee3b	208	mkdir -p %{buildroot}%{_var}/empty/sshd
3c0ef626	209
3c0ef626	210	# enabling X11 forwarding on the server is convenient and okay,
680cee3b	211	# on the client side it's a potential security risk!
	212	%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
	213	%{buildroot}%{_sysconfdir}/sshd_config
	214
	215	%if %{no_root_login}
	216	%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
	217	%{buildroot}%{_sysconfdir}/sshd_config
	218	%endif
3c0ef626	219
680cee3b	220	install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
	221	# FIXME: disabled, find out why this doesn't work with nis
	222	%__perl -pi -e 's:(.pam_limits.):#$1:' \
	223	%{buildroot}/etc/pam.d/sshd
3c0ef626	224
680cee3b	225	install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd
3c0ef626	226
680cee3b	227	# the last one is needless, but more future-proof
	228	find %{buildroot}%{SVIdir} -type f -exec \
	229	%__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
	230	s:\@sysconfdir\@:%{_sysconfdir}:g; \
	231	s:/usr/sbin:%{_sbindir}:g'\
	232	\{\} \;
	233
	234	cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
3c0ef626	235	IDENT=sshd
	236	DESCRIPTIVE="OpenSSH secure shell daemon"
	237	# This service will be marked as 'skipped' on boot if there
680cee3b	238	# is no host key. Use ssh-host-keygen to generate one
3c0ef626	239	ONBOOT="yes"
	240	OPTIONS=""
	241	EoD
	242
680cee3b	243	SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
3c0ef626	244	install -m 0755 contrib/caldera/ssh-host-keygen $SKG
680cee3b	245	# Fix up some path names in the keygen toy^Hol
	246	%__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
	247	s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
	248	%{buildroot}%{_sbindir}/ssh-host-keygen
3c0ef626	249
680cee3b	250	# This looks terrible. Expect it to change.
3c0ef626	251	# install remaining docs
680cee3b	252	DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
3c0ef626	253	mkdir -p $DocD/%{askpass}
91d9cdd3	254	cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO PROTOCOL* $DocD
680cee3b	255	install -p -m 0444 %{SOURCE3} $DocD/faq.html
3c0ef626	256	cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass}
680cee3b	257	%if %{use_stable}
	258	cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
	259	%else
	260	cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
	261	ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
	262	%endif
3c0ef626	263
680cee3b	264	find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 \| xargs -0r %__gzip -9nf
	265	rm %{buildroot}%{_mandir}/man1/slogin.1 && \
	266	ln -s %{_mandir}/man1/ssh.1.gz \
	267	%{buildroot}%{_mandir}/man1/slogin.1.gz
3c0ef626	268
	269
	270	%Clean
680cee3b	271	#%{rmDESTDIR}
680cee3b	272	[ %{buildroot} != "/" ] && rm -rf %{buildroot}
3c0ef626	273
	274	%Post
	275	# Generate host key when none is present to get up and running,
	276	# both client and server require this for host-based auth!
	277	# ssh-host-keygen checks for existing keys.
	278	/usr/sbin/ssh-host-keygen
	279	: # to protect the rpm database
	280
680cee3b	281	%pre server
	282	%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null \|\| :
	283	%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
	284	-c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null \|\| :
	285	: # to protect the rpm database
3c0ef626	286
	287	%Post server
	288	if [ -x %{LSBinit}-install ]; then
	289	%{LSBinit}-install sshd
	290	else
700318f3	291	lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
3c0ef626	292	fi
	293
	294	! %{SVIdir}/sshd status \|\| %{SVIdir}/sshd restart
	295	: # to protect the rpm database
	296
	297
	298	%PreUn server
	299	[ "$1" = 0 ] \|\| exit 0
3c0ef626	300	! %{SVIdir}/sshd status \|\| %{SVIdir}/sshd stop
3c0ef626	301	if [ -x %{LSBinit}-remove ]; then
	302	%{LSBinit}-remove sshd
	303	else
	304	lisa --SysV-init remove sshd $1
	305	fi
	306	: # to protect the rpm database
	307
680cee3b	308	%Files
3c0ef626	309	%defattr(-,root,root)
680cee3b	310	%dir %{_sysconfdir}
680cee3b	311	%config %{_sysconfdir}/ssh_config
6a9b3198	312	%{_bindir}/scp
	313	%{_bindir}/sftp
	314	%{_bindir}/ssh
	315	%{_bindir}/slogin
	316	%{_bindir}/ssh-add
	317	%attr(2755,root,nobody) %{_bindir}/ssh-agent
	318	%{_bindir}/ssh-keygen
	319	%{_bindir}/ssh-keyscan
680cee3b	320	%dir %{_libexecdir}
6a9b3198	321	%attr(4711,root,root) %{_libexecdir}/ssh-keysign
680cee3b	322	%{_sbindir}/ssh-host-keygen
	323	%dir %{_defaultdocdir}/%{name}-%{version}
	324	%{_defaultdocdir}/%{name}-%{version}/CREDITS
	325	%{_defaultdocdir}/%{name}-%{version}/ChangeLog
	326	%{_defaultdocdir}/%{name}-%{version}/LICENCE
	327	%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
	328	%{_defaultdocdir}/%{name}-%{version}/README*
	329	%{_defaultdocdir}/%{name}-%{version}/TODO
	330	%{_defaultdocdir}/%{name}-%{version}/faq.html
	331	%{_mandir}/man1/*
6a9b3198	332	%{_mandir}/man8/ssh-keysign.8.gz
6a9b3198	333	%{_mandir}/man5/ssh_config.5.gz
680cee3b	334
680cee3b	335	%Files server
3c0ef626	336	%defattr(-,root,root)
6a9b3198	337	%dir %{_var}/empty/sshd
680cee3b	338	%config %{SVIdir}/sshd
	339	%config /etc/pam.d/sshd
	340	%config %{_sysconfdir}/moduli
	341	%config %{_sysconfdir}/sshd_config
	342	%config %{SVIcdir}/sshd
	343	%{_libexecdir}/sftp-server
	344	%{_sbindir}/sshd
22616013	345	%{_mandir}/man5/moduli.5.gz
6a9b3198	346	%{_mandir}/man5/sshd_config.5.gz
680cee3b	347	%{_mandir}/man8/sftp-server.8.gz
	348	%{_mandir}/man8/sshd.8.gz
	349
	350	%Files askpass
3c0ef626	351	%defattr(-,root,root)
680cee3b	352	%{_libexecdir}/ssh-askpass
	353	%{_libexecdir}/x11-ssh-askpass
	354	%{_defaultdocdir}/%{name}-%{version}/%{askpass}
	355
3c0ef626	356
	357	%ChangeLog
	358	* Mon Jan 01 1998 ...
680cee3b	359	Template Version: 1.31
3c0ef626	360
3c0ef626	361	$Id$