]>
Commit | Line | Data |
---|---|---|
ff2d7a98 | 1 | |
2 | # Some of this will need re-evaluation post-LSB. The SVIdir is there | |
3 | # because the link appeared broken. The rest is for easy compilation, | |
4 | # the tradeoff open to discussion. (LC957) | |
5 | ||
6 | %define SVIdir /etc/rc.d/init.d | |
7 | %{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages} | |
8 | %{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons} | |
9 | ||
10 | %define _mandir %{_prefix}/share/man/en | |
11 | %define _sysconfdir /etc/ssh | |
12 | %define _libexecdir %{_libdir}/ssh | |
13 | ||
14 | # Do we want to disable root_login? (1=yes 0=no) | |
15 | %define no_root_login 0 | |
16 | ||
17 | #old cvs stuff. please update before use. may be deprecated. | |
18 | %define use_stable 1 | |
19 | %if %{use_stable} | |
2e437378 | 20 | %define version 4.5p1 |
3c0ef626 | 21 | %define cvs %{nil} |
70791e56 | 22 | %define release 1 |
3c0ef626 | 23 | %else |
34fee935 | 24 | %define version 4.1p1 |
25 | %define cvs cvs20050315 | |
3c0ef626 | 26 | %define release 0r1 |
27 | %endif | |
28 | %define xsa x11-ssh-askpass | |
29 | %define askpass %{xsa}-1.2.4.1 | |
30 | ||
ff2d7a98 | 31 | # OpenSSH privilege separation requires a user & group ID |
32 | %define sshd_uid 67 | |
33 | %define sshd_gid 67 | |
34 | ||
3c0ef626 | 35 | Name : openssh |
36 | Version : %{version}%{cvs} | |
37 | Release : %{release} | |
38 | Group : System/Network | |
39 | ||
40 | Summary : OpenSSH free Secure Shell (SSH) implementation. | |
ff2d7a98 | 41 | Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH). |
42 | Summary(es) : OpenSSH implementación libre de Secure Shell (SSH). | |
43 | Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH). | |
44 | Summary(it) : Implementazione gratuita OpenSSH della Secure Shell. | |
45 | Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH). | |
46 | Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH). | |
3c0ef626 | 47 | |
48 | Copyright : BSD | |
49 | Packager : Raymund Will <ray@caldera.de> | |
50 | URL : http://www.openssh.com/ | |
51 | ||
52 | Obsoletes : ssh, ssh-clients, openssh-clients | |
53 | ||
ff2d7a98 | 54 | BuildRoot : /tmp/%{name}-%{version} |
55 | BuildRequires : XFree86-imake | |
3c0ef626 | 56 | |
ff2d7a98 | 57 | # %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable |
58 | # %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs | |
59 | Source0: see-above:/.../openssh-%{version}.tar.gz | |
60 | %if %{use_stable} | |
61 | Source1: see-above:/.../openssh-%{version}.tar.gz.sig | |
3c0ef626 | 62 | %endif |
1b56ff3d | 63 | Source2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz |
3c0ef626 | 64 | Source3: http://www.openssh.com/faq.html |
65 | ||
3c0ef626 | 66 | %Package server |
67 | Group : System/Network | |
ff2d7a98 | 68 | Requires : openssh = %{version} |
3c0ef626 | 69 | Obsoletes : ssh-server |
70 | ||
71 | Summary : OpenSSH Secure Shell protocol server (sshd). | |
ff2d7a98 | 72 | Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd). |
73 | Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd). | |
74 | Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd). | |
75 | Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd). | |
76 | Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd). | |
77 | Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd). | |
3c0ef626 | 78 | |
79 | ||
80 | %Package askpass | |
81 | Group : System/Network | |
ff2d7a98 | 82 | Requires : openssh = %{version} |
1b56ff3d | 83 | URL : http://www.jmknoble.net/software/x11-ssh-askpass/ |
3c0ef626 | 84 | Obsoletes : ssh-extras |
85 | ||
86 | Summary : OpenSSH X11 pass-phrase dialog. | |
ff2d7a98 | 87 | Summary(de) : OpenSSH X11 Passwort-Dialog. |
88 | Summary(es) : Aplicación de petición de frase clave OpenSSH X11. | |
89 | Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH. | |
90 | Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH. | |
91 | Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH. | |
92 | Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH. | |
3c0ef626 | 93 | |
94 | ||
ff2d7a98 | 95 | %Description |
96 | OpenSSH (Secure Shell) provides access to a remote system. It replaces | |
97 | telnet, rlogin, rexec, and rsh, and provides secure encrypted | |
98 | communications between two untrusted hosts over an insecure network. | |
99 | X11 connections and arbitrary TCP/IP ports can also be forwarded over | |
100 | the secure channel. | |
3c0ef626 | 101 | |
ff2d7a98 | 102 | %Description -l de |
103 | OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt | |
104 | telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte | |
105 | Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres | |
106 | Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso | |
107 | über den sicheren Channel weitergeleitet werden. | |
108 | ||
109 | %Description -l es | |
110 | OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a | |
111 | telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas | |
112 | entre dos equipos entre los que no se ha establecido confianza a través de una | |
113 | red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden | |
114 | ser canalizadas sobre el canal seguro. | |
115 | ||
116 | %Description -l fr | |
117 | OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace | |
118 | telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées | |
119 | securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des | |
120 | connexions X11 et des ports TCP/IP arbitraires peuvent également être | |
121 | transmis sur le canal sécurisé. | |
122 | ||
123 | %Description -l it | |
124 | OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto. | |
125 | Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure | |
126 | e crittate tra due host non fidati su una rete non sicura. Le connessioni | |
127 | X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso | |
128 | un canale sicuro. | |
129 | ||
130 | %Description -l pt | |
131 | OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o | |
132 | telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas | |
133 | entre duas máquinas sem confiança mútua sobre uma rede insegura. | |
134 | Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados | |
135 | pelo canal seguro. | |
136 | ||
137 | %Description -l pt_BR | |
138 | O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o | |
139 | telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas | |
140 | entre duas máquinas sem confiança mútua sobre uma rede insegura. | |
141 | Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas | |
142 | pelo canal seguro. | |
143 | ||
144 | %Description server | |
145 | This package installs the sshd, the server portion of OpenSSH. | |
146 | ||
147 | %Description -l de server | |
148 | Dieses Paket installiert den sshd, den Server-Teil der OpenSSH. | |
149 | ||
150 | %Description -l es server | |
151 | Este paquete instala sshd, la parte servidor de OpenSSH. | |
152 | ||
153 | %Description -l fr server | |
154 | Ce paquetage installe le 'sshd', partie serveur de OpenSSH. | |
155 | ||
156 | %Description -l it server | |
157 | Questo pacchetto installa sshd, il server di OpenSSH. | |
158 | ||
159 | %Description -l pt server | |
160 | Este pacote intala o sshd, o servidor do OpenSSH. | |
161 | ||
162 | %Description -l pt_BR server | |
163 | Este pacote intala o sshd, o servidor do OpenSSH. | |
164 | ||
165 | %Description askpass | |
166 | This package contains an X11-based pass-phrase dialog used per | |
167 | default by ssh-add(1). It is based on %{askpass} | |
168 | by Jim Knoble <jmknoble@pobox.com>. | |
169 | ||
170 | ||
171 | %Prep | |
172 | %setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2 | |
173 | %if ! %{use_stable} | |
3c0ef626 | 174 | autoreconf |
175 | %endif | |
176 | ||
177 | ||
178 | %Build | |
179 | CFLAGS="$RPM_OPT_FLAGS" \ | |
ff2d7a98 | 180 | %configure \ |
3c0ef626 | 181 | --with-pam \ |
182 | --with-tcp-wrappers \ | |
ff2d7a98 | 183 | --with-privsep-path=%{_var}/empty/sshd \ |
184 | #leave this line for easy edits. | |
3c0ef626 | 185 | |
ff2d7a98 | 186 | %__make CFLAGS="$RPM_OPT_FLAGS" |
3c0ef626 | 187 | |
188 | cd %{askpass} | |
ff2d7a98 | 189 | %configure \ |
190 | #leave this line for easy edits. | |
191 | ||
3c0ef626 | 192 | xmkmf |
ff2d7a98 | 193 | %__make includes |
194 | %__make | |
3c0ef626 | 195 | |
196 | ||
197 | %Install | |
ff2d7a98 | 198 | [ %{buildroot} != "/" ] && rm -rf %{buildroot} |
3c0ef626 | 199 | |
1c14df9e | 200 | make install DESTDIR=%{buildroot} |
ff2d7a98 | 201 | %makeinstall -C %{askpass} \ |
202 | BINDIR=%{_libexecdir} \ | |
203 | MANPATH=%{_mandir} \ | |
204 | DESTDIR=%{buildroot} | |
3c0ef626 | 205 | |
206 | # OpenLinux specific configuration | |
ff2d7a98 | 207 | mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}} |
208 | mkdir -p %{buildroot}%{_var}/empty/sshd | |
3c0ef626 | 209 | |
210 | # enabling X11 forwarding on the server is convenient and okay, | |
ff2d7a98 | 211 | # on the client side it's a potential security risk! |
212 | %__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \ | |
213 | %{buildroot}%{_sysconfdir}/sshd_config | |
214 | ||
215 | %if %{no_root_login} | |
216 | %__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \ | |
217 | %{buildroot}%{_sysconfdir}/sshd_config | |
218 | %endif | |
3c0ef626 | 219 | |
ff2d7a98 | 220 | install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd |
221 | # FIXME: disabled, find out why this doesn't work with nis | |
222 | %__perl -pi -e 's:(.*pam_limits.*):#$1:' \ | |
223 | %{buildroot}/etc/pam.d/sshd | |
3c0ef626 | 224 | |
ff2d7a98 | 225 | install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd |
3c0ef626 | 226 | |
ff2d7a98 | 227 | # the last one is needless, but more future-proof |
228 | find %{buildroot}%{SVIdir} -type f -exec \ | |
229 | %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\ | |
230 | s:\@sysconfdir\@:%{_sysconfdir}:g; \ | |
231 | s:/usr/sbin:%{_sbindir}:g'\ | |
232 | \{\} \; | |
233 | ||
234 | cat <<-EoD > %{buildroot}%{SVIcdir}/sshd | |
3c0ef626 | 235 | IDENT=sshd |
236 | DESCRIPTIVE="OpenSSH secure shell daemon" | |
237 | # This service will be marked as 'skipped' on boot if there | |
ff2d7a98 | 238 | # is no host key. Use ssh-host-keygen to generate one |
3c0ef626 | 239 | ONBOOT="yes" |
240 | OPTIONS="" | |
241 | EoD | |
242 | ||
ff2d7a98 | 243 | SKG=%{buildroot}%{_sbindir}/ssh-host-keygen |
3c0ef626 | 244 | install -m 0755 contrib/caldera/ssh-host-keygen $SKG |
ff2d7a98 | 245 | # Fix up some path names in the keygen toy^Hol |
246 | %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \ | |
247 | s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \ | |
248 | %{buildroot}%{_sbindir}/ssh-host-keygen | |
3c0ef626 | 249 | |
ff2d7a98 | 250 | # This looks terrible. Expect it to change. |
3c0ef626 | 251 | # install remaining docs |
ff2d7a98 | 252 | DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}" |
3c0ef626 | 253 | mkdir -p $DocD/%{askpass} |
ff2d7a98 | 254 | cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $DocD |
255 | install -p -m 0444 %{SOURCE3} $DocD/faq.html | |
3c0ef626 | 256 | cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass} |
ff2d7a98 | 257 | %if %{use_stable} |
258 | cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1 | |
259 | %else | |
260 | cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1 | |
261 | ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1 | |
262 | %endif | |
3c0ef626 | 263 | |
ff2d7a98 | 264 | find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf |
265 | rm %{buildroot}%{_mandir}/man1/slogin.1 && \ | |
266 | ln -s %{_mandir}/man1/ssh.1.gz \ | |
267 | %{buildroot}%{_mandir}/man1/slogin.1.gz | |
3c0ef626 | 268 | |
269 | ||
270 | %Clean | |
ff2d7a98 | 271 | #%{rmDESTDIR} |
272 | [ %{buildroot} != "/" ] && rm -rf %{buildroot} | |
3c0ef626 | 273 | |
274 | %Post | |
275 | # Generate host key when none is present to get up and running, | |
276 | # both client and server require this for host-based auth! | |
277 | # ssh-host-keygen checks for existing keys. | |
278 | /usr/sbin/ssh-host-keygen | |
279 | : # to protect the rpm database | |
280 | ||
ff2d7a98 | 281 | %pre server |
282 | %{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || : | |
283 | %{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \ | |
284 | -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || : | |
285 | : # to protect the rpm database | |
3c0ef626 | 286 | |
287 | %Post server | |
288 | if [ -x %{LSBinit}-install ]; then | |
289 | %{LSBinit}-install sshd | |
290 | else | |
2980ea68 | 291 | lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6 |
3c0ef626 | 292 | fi |
293 | ||
294 | ! %{SVIdir}/sshd status || %{SVIdir}/sshd restart | |
295 | : # to protect the rpm database | |
296 | ||
297 | ||
298 | %PreUn server | |
299 | [ "$1" = 0 ] || exit 0 | |
3c0ef626 | 300 | ! %{SVIdir}/sshd status || %{SVIdir}/sshd stop |
3c0ef626 | 301 | if [ -x %{LSBinit}-remove ]; then |
302 | %{LSBinit}-remove sshd | |
303 | else | |
304 | lisa --SysV-init remove sshd $1 | |
305 | fi | |
306 | : # to protect the rpm database | |
307 | ||
ff2d7a98 | 308 | %Files |
3c0ef626 | 309 | %defattr(-,root,root) |
ff2d7a98 | 310 | %dir %{_sysconfdir} |
311 | %config %{_sysconfdir}/ssh_config | |
1c14df9e | 312 | %{_bindir}/scp |
313 | %{_bindir}/sftp | |
314 | %{_bindir}/ssh | |
315 | %{_bindir}/slogin | |
316 | %{_bindir}/ssh-add | |
317 | %attr(2755,root,nobody) %{_bindir}/ssh-agent | |
318 | %{_bindir}/ssh-keygen | |
319 | %{_bindir}/ssh-keyscan | |
ff2d7a98 | 320 | %dir %{_libexecdir} |
1c14df9e | 321 | %attr(4711,root,root) %{_libexecdir}/ssh-keysign |
ff2d7a98 | 322 | %{_sbindir}/ssh-host-keygen |
323 | %dir %{_defaultdocdir}/%{name}-%{version} | |
324 | %{_defaultdocdir}/%{name}-%{version}/CREDITS | |
325 | %{_defaultdocdir}/%{name}-%{version}/ChangeLog | |
326 | %{_defaultdocdir}/%{name}-%{version}/LICENCE | |
327 | %{_defaultdocdir}/%{name}-%{version}/OVERVIEW | |
328 | %{_defaultdocdir}/%{name}-%{version}/README* | |
329 | %{_defaultdocdir}/%{name}-%{version}/TODO | |
330 | %{_defaultdocdir}/%{name}-%{version}/faq.html | |
331 | %{_mandir}/man1/* | |
1c14df9e | 332 | %{_mandir}/man8/ssh-keysign.8.gz |
333 | %{_mandir}/man5/ssh_config.5.gz | |
ff2d7a98 | 334 | |
335 | %Files server | |
3c0ef626 | 336 | %defattr(-,root,root) |
1c14df9e | 337 | %dir %{_var}/empty/sshd |
ff2d7a98 | 338 | %config %{SVIdir}/sshd |
339 | %config /etc/pam.d/sshd | |
340 | %config %{_sysconfdir}/moduli | |
341 | %config %{_sysconfdir}/sshd_config | |
342 | %config %{SVIcdir}/sshd | |
343 | %{_libexecdir}/sftp-server | |
344 | %{_sbindir}/sshd | |
1c14df9e | 345 | %{_mandir}/man5/sshd_config.5.gz |
ff2d7a98 | 346 | %{_mandir}/man8/sftp-server.8.gz |
347 | %{_mandir}/man8/sshd.8.gz | |
348 | ||
349 | %Files askpass | |
3c0ef626 | 350 | %defattr(-,root,root) |
ff2d7a98 | 351 | %{_libexecdir}/ssh-askpass |
352 | %{_libexecdir}/x11-ssh-askpass | |
353 | %{_defaultdocdir}/%{name}-%{version}/%{askpass} | |
354 | ||
3c0ef626 | 355 | |
356 | %ChangeLog | |
357 | * Mon Jan 01 1998 ... | |
ff2d7a98 | 358 | Template Version: 1.31 |
3c0ef626 | 359 | |
360 | $Id$ |