[openssh.git] / contrib / caldera / openssh.spec


# Some of this will need re-evaluation post-LSB.  The SVIdir is there
# because the link appeared broken.  The rest is for easy compilation,
# the tradeoff open to discussion.  (LC957)

%define	SVIdir		/etc/rc.d/init.d
%{!?_defaultdocdir:%define	_defaultdocdir	%{_prefix}/share/doc/packages}
%{!?SVIcdir:%define		SVIcdir		/etc/sysconfig/daemons}

%define _mandir		%{_prefix}/share/man/en
%define _sysconfdir	/etc/ssh
%define	_libexecdir	%{_libdir}/ssh

# Do we want to disable root_login? (1=yes 0=no)
%define no_root_login 0

#old cvs stuff.  please update before use.  may be deprecated.
%define use_stable	1
%if %{use_stable}
  %define version 	3.7.1p2
  %define cvs		%{nil}
  %define release 	1
%else
  %define version 	2.9.9p2
  %define cvs		cvs20011009
  %define release 	0r1
%endif
%define xsa		x11-ssh-askpass		
%define askpass		%{xsa}-1.2.4.1

# OpenSSH privilege separation requires a user & group ID
%define sshd_uid    67
%define sshd_gid    67

Name        	: openssh
Version     	: %{version}%{cvs}
Release     	: %{release}
Group       	: System/Network

Summary     	: OpenSSH free Secure Shell (SSH) implementation.
Summary(de) 	: OpenSSH - freie Implementation der Secure Shell (SSH).
Summary(es) 	: OpenSSH implementaci�n libre de Secure Shell (SSH).
Summary(fr) 	: Impl�mentation libre du shell s�curis� OpenSSH (SSH).
Summary(it) 	: Implementazione gratuita OpenSSH della Secure Shell.
Summary(pt) 	: Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH).
Summary(pt_BR) 	: Implementa��o livre OpenSSH do protocolo Secure Shell (SSH).

Copyright   	: BSD
Packager    	: Raymund Will <ray@caldera.de>
URL         	: http://www.openssh.com/

Obsoletes   	: ssh, ssh-clients, openssh-clients

BuildRoot   	: /tmp/%{name}-%{version}
BuildRequires	: XFree86-imake

# %{use_stable}==1:	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
# %{use_stable}==0:	:pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
Source0: see-above:/.../openssh-%{version}.tar.gz
%if %{use_stable}
Source1: see-above:/.../openssh-%{version}.tar.gz.sig
%endif
Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz
Source3: http://www.openssh.com/faq.html

%Package server
Group       	: System/Network
Requires    	: openssh = %{version}
Obsoletes   	: ssh-server

Summary     	: OpenSSH Secure Shell protocol server (sshd).
Summary(de) 	: OpenSSH Secure Shell Protocol-Server (sshd).
Summary(es) 	: Servidor del protocolo OpenSSH Secure Shell (sshd).
Summary(fr) 	: Serveur de protocole du shell s�curis� OpenSSH (sshd).
Summary(it) 	: Server OpenSSH per il protocollo Secure Shell (sshd).
Summary(pt) 	: Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
Summary(pt_BR) 	: Servidor do protocolo Secure Shell OpenSSH (sshd).


%Package askpass
Group       	: System/Network
Requires    	: openssh = %{version}
URL       	: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/
Obsoletes   	: ssh-extras

Summary     	: OpenSSH X11 pass-phrase dialog.
Summary(de) 	: OpenSSH X11 Passwort-Dialog.
Summary(es) 	: Aplicaci�n de petici�n de frase clave OpenSSH X11.
Summary(fr) 	: Dialogue pass-phrase X11 d'OpenSSH.
Summary(it) 	: Finestra di dialogo X11 per la frase segreta di OpenSSH.
Summary(pt) 	: Di�logo de pedido de senha para X11 do OpenSSH.
Summary(pt_BR) 	: Di�logo de pedido de senha para X11 do OpenSSH.


%Description
OpenSSH (Secure Shell) provides access to a remote system. It replaces
telnet, rlogin,  rexec, and rsh, and provides secure encrypted 
communications between two untrusted hosts over an insecure network.  
X11 connections and arbitrary TCP/IP ports can also be forwarded over 
the secure channel.

%Description -l de
OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
telnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte
Verbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres
Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso
�ber den sicheren Channel weitergeleitet werden.

%Description -l es
OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
entre dos equipos entre los que no se ha establecido confianza a trav�s de una
red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden
ser canalizadas sobre el canal seguro.

%Description -l fr
OpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace
telnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es
securis�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des
connexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre
transmis sur le canal s�curis�.

%Description -l it
OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
e crittate tra due host non fidati su una rete non sicura. Le connessioni
X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
un canale sicuro.

%Description -l pt
OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas
entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
Liga��es X11 e portos TCP/IP arbitr�rios tamb�m poder ser reenviados
pelo canal seguro.

%Description -l pt_BR
O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas
entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
Liga��es X11 e portas TCP/IP arbitr�rias tamb�m podem ser reenviadas
pelo canal seguro.

%Description server
This package installs the sshd, the server portion of OpenSSH. 

%Description -l de server
Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.

%Description -l es server
Este paquete instala sshd, la parte servidor de OpenSSH.

%Description -l fr server
Ce paquetage installe le 'sshd', partie serveur de OpenSSH.

%Description -l it server
Questo pacchetto installa sshd, il server di OpenSSH.

%Description -l pt server
Este pacote intala o sshd, o servidor do OpenSSH.

%Description -l pt_BR server
Este pacote intala o sshd, o servidor do OpenSSH.

%Description askpass
This package contains an X11-based pass-phrase dialog used per
default by ssh-add(1). It is based on %{askpass}
by Jim Knoble <jmknoble@pobox.com>.


%Prep
%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2
%if ! %{use_stable}
  autoreconf
%endif


%Build
CFLAGS="$RPM_OPT_FLAGS" \
%configure \
            --with-pam \
            --with-tcp-wrappers \
            --with-ipv4-default \
	    --with-privsep-path=%{_var}/empty/sshd \
	    #leave this line for easy edits.

%__make CFLAGS="$RPM_OPT_FLAGS"

cd %{askpass}
%configure \
	    #leave this line for easy edits.

xmkmf
%__make includes
%__make


%Install
[ %{buildroot} != "/" ] && rm -rf %{buildroot}

make install DESTDIR=%{buildroot}
%makeinstall -C %{askpass} \
    BINDIR=%{_libexecdir} \
    MANPATH=%{_mandir} \
    DESTDIR=%{buildroot}

# OpenLinux specific configuration
mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
mkdir -p %{buildroot}%{_var}/empty/sshd

# enabling X11 forwarding on the server is convenient and okay,
# on the client side it's a potential security risk!
%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
    %{buildroot}%{_sysconfdir}/sshd_config

%if %{no_root_login}
%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
    %{buildroot}%{_sysconfdir}/sshd_config
%endif

install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
# FIXME: disabled, find out why this doesn't work with nis
%__perl -pi -e 's:(.*pam_limits.*):#$1:' \
    %{buildroot}/etc/pam.d/sshd

install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd

# the last one is needless, but more future-proof
find %{buildroot}%{SVIdir} -type f -exec \
    %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
		    s:\@sysconfdir\@:%{_sysconfdir}:g; \
		    s:/usr/sbin:%{_sbindir}:g'\
    \{\} \;

cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
	IDENT=sshd
	DESCRIPTIVE="OpenSSH secure shell daemon"
	# This service will be marked as 'skipped' on boot if there
	# is no host key. Use ssh-host-keygen to generate one
	ONBOOT="yes"
	OPTIONS=""
EoD

SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
install -m 0755 contrib/caldera/ssh-host-keygen $SKG
# Fix up some path names in the keygen toy^Hol
    %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
		    s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
	%{buildroot}%{_sbindir}/ssh-host-keygen

# This looks terrible.  Expect it to change.
# install remaining docs
DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
mkdir -p $DocD/%{askpass}
cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO  $DocD
install -p -m 0444 %{SOURCE3}  $DocD/faq.html
cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad}  $DocD/%{askpass}
%if %{use_stable}
  cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
%else
  cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
  ln -s  %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
%endif

find %{buildroot}%{_mandir} -type f -not -name	'*.gz' -print0 | xargs -0r %__gzip -9nf
rm %{buildroot}%{_mandir}/man1/slogin.1 && \
    ln -s %{_mandir}/man1/ssh.1.gz \
    %{buildroot}%{_mandir}/man1/slogin.1.gz


%Clean
#%{rmDESTDIR}
[ %{buildroot} != "/" ] && rm -rf %{buildroot}

%Post
# Generate host key when none is present to get up and running,
# both client and server require this for host-based auth!
# ssh-host-keygen checks for existing keys.
/usr/sbin/ssh-host-keygen
: # to protect the rpm database

%pre server
%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || :
%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
	-c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || :
: # to protect the rpm database

%Post server
if [ -x %{LSBinit}-install ]; then
  %{LSBinit}-install sshd
else
  lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
fi

! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
: # to protect the rpm database


%PreUn server
[ "$1" = 0 ] || exit 0

! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
: # to protect the rpm database


%PostUn server
if [ -x %{LSBinit}-remove ]; then
  %{LSBinit}-remove sshd
else
  lisa --SysV-init remove sshd $1
fi
: # to protect the rpm database


%Files 
%defattr(-,root,root)
%dir %{_sysconfdir}
%config %{_sysconfdir}/ssh_config
%{_bindir}/scp
%{_bindir}/sftp
%{_bindir}/ssh
%{_bindir}/slogin
%{_bindir}/ssh-add
%attr(2755,root,nobody) %{_bindir}/ssh-agent
%{_bindir}/ssh-keygen
%{_bindir}/ssh-keyscan
%dir %{_libexecdir}
%attr(4711,root,root) %{_libexecdir}/ssh-keysign
%{_sbindir}/ssh-host-keygen
%dir %{_defaultdocdir}/%{name}-%{version}
%{_defaultdocdir}/%{name}-%{version}/CREDITS
%{_defaultdocdir}/%{name}-%{version}/ChangeLog
%{_defaultdocdir}/%{name}-%{version}/LICENCE
%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
%{_defaultdocdir}/%{name}-%{version}/README*
%{_defaultdocdir}/%{name}-%{version}/TODO
%{_defaultdocdir}/%{name}-%{version}/faq.html
%{_mandir}/man1/*
%{_mandir}/man8/ssh-keysign.8.gz
%{_mandir}/man5/ssh_config.5.gz
 
%Files server
%defattr(-,root,root)
%dir %{_var}/empty/sshd
%config %{SVIdir}/sshd
%config /etc/pam.d/sshd
%config %{_sysconfdir}/moduli
%config %{_sysconfdir}/sshd_config
%config %{SVIcdir}/sshd
%{_libexecdir}/sftp-server
%{_sbindir}/sshd
%{_mandir}/man5/sshd_config.5.gz
%{_mandir}/man8/sftp-server.8.gz
%{_mandir}/man8/sshd.8.gz
 
%Files askpass
%defattr(-,root,root)
%{_libexecdir}/ssh-askpass
%{_libexecdir}/x11-ssh-askpass
%{_defaultdocdir}/%{name}-%{version}/%{askpass}
 

%ChangeLog
* Mon Jan 01 1998 ...
Template Version: 1.31

$Id$
Commit	Line	Data
cbaa3d44	1
	2	# Some of this will need re-evaluation post-LSB. The SVIdir is there
	3	# because the link appeared broken. The rest is for easy compilation,
	4	# the tradeoff open to discussion. (LC957)
	5
	6	%define SVIdir /etc/rc.d/init.d
	7	%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages}
	8	%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons}
	9
	10	%define _mandir %{_prefix}/share/man/en
	11	%define _sysconfdir /etc/ssh
	12	%define _libexecdir %{_libdir}/ssh
	13
8029e7fc	14	# Do we want to disable root_login? (1=yes 0=no)
	15	%define no_root_login 0
	16
cbaa3d44	17	#old cvs stuff. please update before use. may be deprecated.
	18	%define use_stable 1
	19	%if %{use_stable}
67c4ea7d	20	%define version 3.7.1p2
7c6d759d	21	%define cvs %{nil}
263c65df	22	%define release 1
7c6d759d	23	%else
cbaa3d44	24	%define version 2.9.9p2
cbaa3d44	25	%define cvs cvs20011009
7c6d759d	26	%define release 0r1
	27	%endif
	28	%define xsa x11-ssh-askpass
	29	%define askpass %{xsa}-1.2.4.1
b1e2a48c	30
8029e7fc	31	# OpenSSH privilege separation requires a user & group ID
	32	%define sshd_uid 67
	33	%define sshd_gid 67
	34
b1e2a48c	35	Name : openssh
7c6d759d	36	Version : %{version}%{cvs}
7c6d759d	37	Release : %{release}
b1e2a48c	38	Group : System/Network
b1e2a48c	39
7c6d759d	40	Summary : OpenSSH free Secure Shell (SSH) implementation.
cbaa3d44	41	Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
	42	Summary(es) : OpenSSH implementaci�n libre de Secure Shell (SSH).
	43	Summary(fr) : Impl�mentation libre du shell s�curis� OpenSSH (SSH).
	44	Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
	45	Summary(pt) : Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH).
	46	Summary(pt_BR) : Implementa��o livre OpenSSH do protocolo Secure Shell (SSH).
b1e2a48c	47
b1e2a48c	48	Copyright : BSD
7c6d759d	49	Packager : Raymund Will <ray@caldera.de>
b1e2a48c	50	URL : http://www.openssh.com/
	51
	52	Obsoletes : ssh, ssh-clients, openssh-clients
	53
cbaa3d44	54	BuildRoot : /tmp/%{name}-%{version}
cbaa3d44	55	BuildRequires : XFree86-imake
b1e2a48c	56
cbaa3d44	57	# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
	58	# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
	59	Source0: see-above:/.../openssh-%{version}.tar.gz
	60	%if %{use_stable}
	61	Source1: see-above:/.../openssh-%{version}.tar.gz.sig
7c6d759d	62	%endif
	63	Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz
	64	Source3: http://www.openssh.com/faq.html
b1e2a48c	65
b1e2a48c	66	%Package server
b1e2a48c	67	Group : System/Network
cbaa3d44	68	Requires : openssh = %{version}
b1e2a48c	69	Obsoletes : ssh-server
	70
	71	Summary : OpenSSH Secure Shell protocol server (sshd).
cbaa3d44	72	Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd).
	73	Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
	74	Summary(fr) : Serveur de protocole du shell s�curis� OpenSSH (sshd).
	75	Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
	76	Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
	77	Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd).
b1e2a48c	78
	79
	80	%Package askpass
	81	Group : System/Network
cbaa3d44	82	Requires : openssh = %{version}
7c6d759d	83	URL : http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/
b1e2a48c	84	Obsoletes : ssh-extras
	85
	86	Summary : OpenSSH X11 pass-phrase dialog.
cbaa3d44	87	Summary(de) : OpenSSH X11 Passwort-Dialog.
	88	Summary(es) : Aplicaci�n de petici�n de frase clave OpenSSH X11.
	89	Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
	90	Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
	91	Summary(pt) : Di�logo de pedido de senha para X11 do OpenSSH.
	92	Summary(pt_BR) : Di�logo de pedido de senha para X11 do OpenSSH.
b1e2a48c	93
b1e2a48c	94
cbaa3d44	95	%Description
	96	OpenSSH (Secure Shell) provides access to a remote system. It replaces
	97	telnet, rlogin, rexec, and rsh, and provides secure encrypted
	98	communications between two untrusted hosts over an insecure network.
	99	X11 connections and arbitrary TCP/IP ports can also be forwarded over
	100	the secure channel.
	101
	102	%Description -l de
	103	OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
	104	telnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte
	105	Verbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres
	106	Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso
	107	�ber den sicheren Channel weitergeleitet werden.
	108
	109	%Description -l es
	110	OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
	111	telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
	112	entre dos equipos entre los que no se ha establecido confianza a trav�s de una
	113	red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden
	114	ser canalizadas sobre el canal seguro.
	115
	116	%Description -l fr
	117	OpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace
	118	telnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es
	119	securis�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des
	120	connexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre
	121	transmis sur le canal s�curis�.
	122
	123	%Description -l it
	124	OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
	125	Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
	126	e crittate tra due host non fidati su una rete non sicura. Le connessioni
	127	X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
	128	un canale sicuro.
	129
	130	%Description -l pt
	131	OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
	132	telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas
	133	entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
	134	Liga��es X11 e portos TCP/IP arbitr�rios tamb�m poder ser reenviados
	135	pelo canal seguro.
	136
	137	%Description -l pt_BR
	138	O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
	139	telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas
	140	entre duas m�quinas sem confian�a m�tua sobre uma rede insegura.
	141	Liga��es X11 e portas TCP/IP arbitr�rias tamb�m podem ser reenviadas
	142	pelo canal seguro.
	143
	144	%Description server
	145	This package installs the sshd, the server portion of OpenSSH.
	146
	147	%Description -l de server
	148	Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
	149
	150	%Description -l es server
	151	Este paquete instala sshd, la parte servidor de OpenSSH.
	152
	153	%Description -l fr server
	154	Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
	155
	156	%Description -l it server
	157	Questo pacchetto installa sshd, il server di OpenSSH.
	158
159	%Description -l pt server
160	Este pacote intala o sshd, o servidor do OpenSSH.
161
162	%Description -l pt_BR server
163	Este pacote intala o sshd, o servidor do OpenSSH.
164
165	%Description askpass
166	This package contains an X11-based pass-phrase dialog used per
167	default by ssh-add(1). It is based on %{askpass}
168	by Jim Knoble <jmknoble@pobox.com>.
169
7c6d759d	170
cbaa3d44	171	%Prep
	172	%setup %([ -z "%{cvs}" ] \|\| echo "-n %{name}_cvs") -a2
	173	%if ! %{use_stable}
7c6d759d	174	autoreconf
7c6d759d	175	%endif
b1e2a48c	176
	177
	178	%Build
	179	CFLAGS="$RPM_OPT_FLAGS" \
cbaa3d44	180	%configure \
b1e2a48c	181	--with-pam \
	182	--with-tcp-wrappers \
	183	--with-ipv4-default \
8029e7fc	184	--with-privsep-path=%{_var}/empty/sshd \
cbaa3d44	185	#leave this line for easy edits.
1877dc0c	186
cbaa3d44	187	%__make CFLAGS="$RPM_OPT_FLAGS"
1877dc0c	188
7c6d759d	189	cd %{askpass}
cbaa3d44	190	%configure \
	191	#leave this line for easy edits.
	192
afb9165e	193	xmkmf
cbaa3d44	194	%__make includes
cbaa3d44	195	%__make
b1e2a48c	196
	197
	198	%Install
cbaa3d44	199	[ %{buildroot} != "/" ] && rm -rf %{buildroot}
b1e2a48c	200
16c14233	201	make install DESTDIR=%{buildroot}
cbaa3d44	202	%makeinstall -C %{askpass} \
	203	BINDIR=%{_libexecdir} \
	204	MANPATH=%{_mandir} \
	205	DESTDIR=%{buildroot}
b1e2a48c	206
b1e2a48c	207	# OpenLinux specific configuration
cbaa3d44	208	mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
8029e7fc	209	mkdir -p %{buildroot}%{_var}/empty/sshd
b1e2a48c	210
b1e2a48c	211	# enabling X11 forwarding on the server is convenient and okay,
cbaa3d44	212	# on the client side it's a potential security risk!
8029e7fc	213	%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
	214	%{buildroot}%{_sysconfdir}/sshd_config
	215
	216	%if %{no_root_login}
	217	%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
cbaa3d44	218	%{buildroot}%{_sysconfdir}/sshd_config
8029e7fc	219	%endif
cbaa3d44	220
	221	install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
	222	# FIXME: disabled, find out why this doesn't work with nis
	223	%__perl -pi -e 's:(.pam_limits.):#$1:' \
	224	%{buildroot}/etc/pam.d/sshd
afb9165e	225
cbaa3d44	226	install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd
b1e2a48c	227
cbaa3d44	228	# the last one is needless, but more future-proof
	229	find %{buildroot}%{SVIdir} -type f -exec \
	230	%__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
	231	s:\@sysconfdir\@:%{_sysconfdir}:g; \
	232	s:/usr/sbin:%{_sbindir}:g'\
	233	\{\} \;
b1e2a48c	234
cbaa3d44	235	cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
b1e2a48c	236	IDENT=sshd
	237	DESCRIPTIVE="OpenSSH secure shell daemon"
	238	# This service will be marked as 'skipped' on boot if there
cbaa3d44	239	# is no host key. Use ssh-host-keygen to generate one
b1e2a48c	240	ONBOOT="yes"
	241	OPTIONS=""
	242	EoD
	243
cbaa3d44	244	SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
b1e2a48c	245	install -m 0755 contrib/caldera/ssh-host-keygen $SKG
cbaa3d44	246	# Fix up some path names in the keygen toy^Hol
	247	%__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
	248	s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
	249	%{buildroot}%{_sbindir}/ssh-host-keygen
7c6d759d	250
cbaa3d44	251	# This looks terrible. Expect it to change.
7c6d759d	252	# install remaining docs
cbaa3d44	253	DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
7c6d759d	254	mkdir -p $DocD/%{askpass}
cbaa3d44	255	cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $DocD
cbaa3d44	256	install -p -m 0444 %{SOURCE3} $DocD/faq.html
7c6d759d	257	cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass}
cbaa3d44	258	%if %{use_stable}
	259	cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
	260	%else
	261	cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
	262	ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
	263	%endif
7c6d759d	264
cbaa3d44	265	find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 \| xargs -0r %__gzip -9nf
	266	rm %{buildroot}%{_mandir}/man1/slogin.1 && \
	267	ln -s %{_mandir}/man1/ssh.1.gz \
	268	%{buildroot}%{_mandir}/man1/slogin.1.gz
b1e2a48c	269
	270
	271	%Clean
cbaa3d44	272	#%{rmDESTDIR}
cbaa3d44	273	[ %{buildroot} != "/" ] && rm -rf %{buildroot}
b1e2a48c	274
	275	%Post
	276	# Generate host key when none is present to get up and running,
	277	# both client and server require this for host-based auth!
	278	# ssh-host-keygen checks for existing keys.
	279	/usr/sbin/ssh-host-keygen
	280	: # to protect the rpm database
	281
8029e7fc	282	%pre server
	283	%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null \|\| :
	284	%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
	285	-c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null \|\| :
	286	: # to protect the rpm database
b1e2a48c	287
	288	%Post server
	289	if [ -x %{LSBinit}-install ]; then
	290	%{LSBinit}-install sshd
1877dc0c	291	else
f0c180c3	292	lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
1877dc0c	293	fi
1877dc0c	294
b1e2a48c	295	! %{SVIdir}/sshd status \|\| %{SVIdir}/sshd restart
	296	: # to protect the rpm database
	297
	298
	299	%PreUn server
	300	[ "$1" = 0 ] \|\| exit 0
	301
	302	! %{SVIdir}/sshd status \|\| %{SVIdir}/sshd stop
	303	: # to protect the rpm database
	304
	305
	306	%PostUn server
	307	if [ -x %{LSBinit}-remove ]; then
	308	%{LSBinit}-remove sshd
	309	else
	310	lisa --SysV-init remove sshd $1
1877dc0c	311	fi
b1e2a48c	312	: # to protect the rpm database
1877dc0c	313
b1e2a48c	314
cbaa3d44	315	%Files
1877dc0c	316	%defattr(-,root,root)
cbaa3d44	317	%dir %{_sysconfdir}
cbaa3d44	318	%config %{_sysconfdir}/ssh_config
57872969	319	%{_bindir}/scp
	320	%{_bindir}/sftp
	321	%{_bindir}/ssh
	322	%{_bindir}/slogin
	323	%{_bindir}/ssh-add
	324	%attr(2755,root,nobody) %{_bindir}/ssh-agent
	325	%{_bindir}/ssh-keygen
	326	%{_bindir}/ssh-keyscan
cbaa3d44	327	%dir %{_libexecdir}
16c14233	328	%attr(4711,root,root) %{_libexecdir}/ssh-keysign
cbaa3d44	329	%{_sbindir}/ssh-host-keygen
	330	%dir %{_defaultdocdir}/%{name}-%{version}
	331	%{_defaultdocdir}/%{name}-%{version}/CREDITS
	332	%{_defaultdocdir}/%{name}-%{version}/ChangeLog
	333	%{_defaultdocdir}/%{name}-%{version}/LICENCE
	334	%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
	335	%{_defaultdocdir}/%{name}-%{version}/README*
	336	%{_defaultdocdir}/%{name}-%{version}/TODO
	337	%{_defaultdocdir}/%{name}-%{version}/faq.html
	338	%{_mandir}/man1/*
16c14233	339	%{_mandir}/man8/ssh-keysign.8.gz
16c14233	340	%{_mandir}/man5/ssh_config.5.gz
cbaa3d44	341
cbaa3d44	342	%Files server
1877dc0c	343	%defattr(-,root,root)
57872969	344	%dir %{_var}/empty/sshd
cbaa3d44	345	%config %{SVIdir}/sshd
	346	%config /etc/pam.d/sshd
	347	%config %{_sysconfdir}/moduli
	348	%config %{_sysconfdir}/sshd_config
	349	%config %{SVIcdir}/sshd
	350	%{_libexecdir}/sftp-server
	351	%{_sbindir}/sshd
16c14233	352	%{_mandir}/man5/sshd_config.5.gz
cbaa3d44	353	%{_mandir}/man8/sftp-server.8.gz
	354	%{_mandir}/man8/sshd.8.gz
	355
	356	%Files askpass
1877dc0c	357	%defattr(-,root,root)
cbaa3d44	358	%{_libexecdir}/ssh-askpass
	359	%{_libexecdir}/x11-ssh-askpass
	360	%{_defaultdocdir}/%{name}-%{version}/%{askpass}
	361
7c6d759d	362
b1e2a48c	363	%ChangeLog
b1e2a48c	364	* Mon Jan 01 1998 ...
cbaa3d44	365	Template Version: 1.31
b1e2a48c	366
b1e2a48c	367	$Id$