]>
Commit | Line | Data |
---|---|---|
e00da40d | 1 | # Default values for additional components |
2 | %define build_x11_askpass 1 | |
3 | ||
4 | # Define the UID/GID to use for privilege separation | |
5 | %define sshd_gid 65 | |
6 | %define sshd_uid 71 | |
7 | ||
8 | # The version of x11-ssh-askpass to use | |
9 | %define xversion 1.2.4.1 | |
10 | ||
11 | # Allow the ability to override defaults with -D skip_xxx=1 | |
12 | %{?skip_x11_askpass:%define build_x11_askpass 0} | |
13 | ||
14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation | |
15 | Name: openssh | |
2e437378 | 16 | Version: 4.5p1 |
e00da40d | 17 | URL: http://www.openssh.com/ |
18 | Release: 1 | |
19 | Source0: openssh-%{version}.tar.gz | |
20 | Source1: x11-ssh-askpass-%{xversion}.tar.gz | |
21 | License: BSD | |
22 | Group: Productivity/Networking/SSH | |
23 | BuildRoot: %{_tmppath}/openssh-%{version}-buildroot | |
24 | PreReq: openssl | |
25 | Obsoletes: ssh | |
26 | Provides: ssh | |
3c0ef626 | 27 | # |
28 | # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) | |
29 | # building prerequisites -- stuff for | |
30 | # OpenSSL (openssl-devel), | |
31 | # TCP Wrappers (nkitb), | |
32 | # and Gnome (glibdev, gtkdev, and gnlibsd) | |
33 | # | |
e00da40d | 34 | BuildPrereq: openssl |
35 | BuildPrereq: nkitb | |
36 | #BuildPrereq: glibdev | |
37 | #BuildPrereq: gtkdev | |
38 | #BuildPrereq: gnlibsd | |
39 | ||
40 | %package askpass | |
41 | Summary: A passphrase dialog for OpenSSH and the X window System. | |
42 | Group: Productivity/Networking/SSH | |
43 | Requires: openssh = %{version} | |
44 | Obsoletes: ssh-extras | |
45 | Provides: openssh:${_libdir}/ssh/ssh-askpass | |
46 | ||
47 | %if %{build_x11_askpass} | |
48 | BuildPrereq: XFree86-devel | |
49 | %endif | |
3c0ef626 | 50 | |
51 | %description | |
e00da40d | 52 | Ssh (Secure Shell) is a program for logging into a remote machine and for |
3c0ef626 | 53 | executing commands in a remote machine. It is intended to replace |
54 | rlogin and rsh, and provide secure encrypted communications between | |
55 | two untrusted hosts over an insecure network. X11 connections and | |
56 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
57 | ||
58 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
416fd2a8 | 59 | up to date in terms of security and features, as well as removing all |
3c0ef626 | 60 | patented algorithms to seperate libraries (OpenSSL). |
61 | ||
62 | This package includes all files necessary for both the OpenSSH | |
e00da40d | 63 | client and server. |
64 | ||
65 | %description askpass | |
66 | Ssh (Secure Shell) is a program for logging into a remote machine and for | |
67 | executing commands in a remote machine. It is intended to replace | |
68 | rlogin and rsh, and provide secure encrypted communications between | |
69 | two untrusted hosts over an insecure network. X11 connections and | |
70 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
71 | ||
72 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
73 | up to date in terms of security and features, as well as removing all | |
74 | patented algorithms to seperate libraries (OpenSSL). | |
75 | ||
76 | This package contains an X Window System passphrase dialog for OpenSSH. | |
3c0ef626 | 77 | |
78 | %changelog | |
e00da40d | 79 | * Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov> |
80 | - Removed accidental inclusion of --without-zlib-version-check | |
81 | * Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov> | |
82 | - Overhaul to deal with newer versions of SuSE and OpenSSH | |
3c0ef626 | 83 | * Mon Jun 12 2000 Damien Miller <djm@mindrot.org> |
84 | - Glob manpages to catch compressed files | |
85 | * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> | |
86 | - Updated for new location | |
87 | - Updated for new gnome-ssh-askpass build | |
88 | * Sun Dec 26 1999 Chris Saia <csaia@wtower.com> | |
89 | - Made symlink to gnome-ssh-askpass called ssh-askpass | |
90 | * Wed Nov 24 1999 Chris Saia <csaia@wtower.com> | |
91 | - Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and | |
92 | /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into | |
93 | his released tarfile | |
94 | - Changed permissions on ssh_config in the install procedure to 644 from 600 | |
95 | even though it was correct in the %files section and thus right in the RPMs | |
96 | - Postinstall script for the server now only prints "Generating SSH host | |
97 | key..." if we need to actually do this, in order to eliminate a confusing | |
98 | message if an SSH host key is already in place | |
99 | - Marked all manual pages as %doc(umentation) | |
100 | * Mon Nov 22 1999 Chris Saia <csaia@wtower.com> | |
101 | - Added flag to configure daemon with TCP Wrappers support | |
102 | - Added building prerequisites (works in RPM 3.0 and newer) | |
103 | * Thu Nov 18 1999 Chris Saia <csaia@wtower.com> | |
104 | - Made this package correct for SuSE. | |
105 | - Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly | |
106 | with SuSE, and lib_pwdb.so isn't installed by default. | |
107 | * Mon Nov 15 1999 Damien Miller <djm@mindrot.org> | |
108 | - Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> | |
109 | * Sat Nov 13 1999 Damien Miller <djm@mindrot.org> | |
110 | - Added 'Obsoletes' directives | |
111 | * Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> | |
112 | - Use make install | |
113 | - Subpackages | |
114 | * Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> | |
115 | - Added links for slogin | |
116 | - Fixed perms on manpages | |
117 | * Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> | |
118 | - Renamed init script | |
119 | * Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> | |
120 | - Back to old binary names | |
121 | * Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> | |
122 | - Use autoconf | |
123 | - New binary names | |
124 | * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> | |
125 | - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. | |
126 | ||
127 | %prep | |
128 | ||
e00da40d | 129 | %if %{build_x11_askpass} |
130 | %setup -q -a 1 | |
131 | %else | |
3c0ef626 | 132 | %setup -q |
e00da40d | 133 | %endif |
3c0ef626 | 134 | |
135 | %build | |
136 | CFLAGS="$RPM_OPT_FLAGS" \ | |
e00da40d | 137 | %configure --prefix=/usr \ |
138 | --sysconfdir=%{_sysconfdir}/ssh \ | |
139 | --mandir=%{_mandir} \ | |
140 | --with-privsep-path=/var/lib/empty \ | |
3c0ef626 | 141 | --with-pam \ |
3c0ef626 | 142 | --with-tcp-wrappers \ |
e00da40d | 143 | --libexecdir=%{_libdir}/ssh |
3c0ef626 | 144 | make |
145 | ||
e00da40d | 146 | %if %{build_x11_askpass} |
147 | cd x11-ssh-askpass-%{xversion} | |
148 | %configure --mandir=/usr/X11R6/man \ | |
149 | --libexecdir=%{_libdir}/ssh | |
150 | xmkmf -a | |
151 | make | |
3c0ef626 | 152 | cd .. |
e00da40d | 153 | %endif |
3c0ef626 | 154 | |
155 | %install | |
156 | rm -rf $RPM_BUILD_ROOT | |
157 | make install DESTDIR=$RPM_BUILD_ROOT/ | |
3c0ef626 | 158 | install -d $RPM_BUILD_ROOT/etc/pam.d/ |
e00da40d | 159 | install -d $RPM_BUILD_ROOT/etc/init.d/ |
3c0ef626 | 160 | install -d $RPM_BUILD_ROOT/var/adm/fillup-templates |
3c0ef626 | 161 | install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd |
e00da40d | 162 | install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd |
163 | install -m744 contrib/suse/sysconfig.ssh \ | |
3c0ef626 | 164 | $RPM_BUILD_ROOT/var/adm/fillup-templates |
165 | ||
e00da40d | 166 | %if %{build_x11_askpass} |
167 | cd x11-ssh-askpass-%{xversion} | |
168 | make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/ | |
169 | rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin | |
170 | %endif | |
171 | ||
3c0ef626 | 172 | %clean |
173 | rm -rf $RPM_BUILD_ROOT | |
174 | ||
e00da40d | 175 | %pre |
176 | /usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || : | |
177 | /usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : | |
178 | ||
3c0ef626 | 179 | %post |
3c0ef626 | 180 | if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then |
e00da40d | 181 | echo "Generating SSH RSA host key..." |
182 | /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2 | |
3c0ef626 | 183 | fi |
184 | if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then | |
416fd2a8 | 185 | echo "Generating SSH DSA host key..." |
e00da40d | 186 | /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2 |
3c0ef626 | 187 | fi |
e00da40d | 188 | %{fillup_and_insserv -n -s -y ssh sshd START_SSHD} |
189 | %run_permissions | |
190 | ||
191 | %verifyscript | |
192 | %verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh | |
3c0ef626 | 193 | |
194 | %preun | |
e00da40d | 195 | %stop_on_removal sshd |
196 | ||
197 | %postun | |
198 | %restart_on_update sshd | |
199 | %{insserv_cleanup} | |
3c0ef626 | 200 | |
201 | %files | |
202 | %defattr(-,root,root) | |
416fd2a8 | 203 | %doc ChangeLog OVERVIEW README* |
2980ea68 | 204 | %doc RFC.nroff TODO CREDITS LICENCE |
e00da40d | 205 | %attr(0755,root,root) %dir %{_sysconfdir}/ssh |
206 | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config | |
207 | %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config | |
208 | %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli | |
209 | %attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd | |
210 | %attr(0755,root,root) %config /etc/init.d/sshd | |
211 | %attr(0755,root,root) %{_bindir}/ssh-keygen | |
212 | %attr(0755,root,root) %{_bindir}/scp | |
213 | %attr(0755,root,root) %{_bindir}/ssh | |
214 | %attr(-,root,root) %{_bindir}/slogin | |
215 | %attr(0755,root,root) %{_bindir}/ssh-agent | |
216 | %attr(0755,root,root) %{_bindir}/ssh-add | |
217 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | |
218 | %attr(0755,root,root) %{_bindir}/sftp | |
219 | %attr(0755,root,root) %{_sbindir}/sshd | |
220 | %attr(0755,root,root) %dir %{_libdir}/ssh | |
221 | %attr(0755,root,root) %{_libdir}/ssh/sftp-server | |
222 | %attr(4711,root,root) %{_libdir}/ssh/ssh-keysign | |
223 | %attr(0644,root,root) %doc %{_mandir}/man1/scp.1* | |
224 | %attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* | |
225 | %attr(-,root,root) %doc %{_mandir}/man1/slogin.1* | |
226 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* | |
227 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* | |
228 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* | |
229 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1* | |
230 | %attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* | |
231 | %attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5* | |
232 | %attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5* | |
233 | %attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8* | |
234 | %attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8* | |
235 | %attr(0644,root,root) %doc %{_mandir}/man8/sshd.8* | |
236 | %attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh | |
3c0ef626 | 237 | |
e00da40d | 238 | %if %{build_x11_askpass} |
239 | %files askpass | |
240 | %defattr(-,root,root) | |
241 | %doc x11-ssh-askpass-%{xversion}/README | |
242 | %doc x11-ssh-askpass-%{xversion}/ChangeLog | |
243 | %doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad | |
244 | %attr(0755,root,root) %{_libdir}/ssh/ssh-askpass | |
245 | %attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass | |
246 | %attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x* | |
247 | %attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x* | |
248 | %attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass | |
249 | %endif |