]>
Commit | Line | Data |
---|---|---|
1 | # Version of OpenSSH | |
2 | %define oversion 2.9p1 | |
3 | ||
4 | # Version of ssh-askpass | |
5 | %define aversion 1.2.0 | |
6 | ||
7 | # Do we want to disable building of x11-askpass? (1=yes 0=no) | |
8 | %define no_x11_askpass 0 | |
9 | ||
10 | # Do we want to disable building of gnome-askpass? (1=yes 0=no) | |
11 | %define no_gnome_askpass 0 | |
12 | ||
13 | # Do we want to link against a static libcrypto? (1=yes 0=no) | |
14 | %define static_libcrypto 0 | |
15 | ||
16 | # Use Redhat 7.0 pam control file | |
17 | %define redhat7 0 | |
18 | ||
19 | # Reserve options to override askpass settings with: | |
20 | # rpm -ba|--rebuild --define 'skip_xxx 1' | |
21 | %{?skip_x11_askpass:%define no_x11_askpass 1} | |
22 | %{?skip_gnome_askpass:%define no_gnome_askpass 1} | |
23 | ||
24 | # Options for Redhat version: | |
25 | # rpm -ba|--rebuild --define "rh7 1" | |
26 | %{?rh7:%define redhat7 1} | |
27 | ||
28 | # Options for static OpenSSL link: | |
29 | # rpm -ba|--rebuild --define "static_openssl 1" | |
30 | %{?static_openssl:%define static_libcrypto 1} | |
31 | ||
32 | %define exact_openssl_version %(rpm -q openssl | cut -d - -f 2) | |
33 | ||
34 | Summary: OpenSSH free Secure Shell (SSH) implementation | |
35 | Name: openssh | |
36 | Version: %{oversion} | |
37 | Release: 1 | |
38 | Packager: Damien Miller <djm@mindrot.org> | |
39 | URL: http://www.openssh.com/ | |
40 | Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{oversion}.tar.gz | |
41 | %if ! %{no_x11_askpass} | |
42 | Source1: http://www.jmknoble.cx/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz | |
43 | %endif | |
44 | Copyright: BSD | |
45 | Group: Applications/Internet | |
46 | BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot | |
47 | Obsoletes: ssh | |
48 | BuildPreReq: perl, openssl-devel, tcp_wrappers | |
49 | BuildPreReq: /bin/login, /usr/include/security/pam_appl.h | |
50 | BuildPreReq: rpm >= 3.0.5 | |
51 | %if ! %{no_gnome_askpass} | |
52 | BuildPreReq: gnome-libs-devel | |
53 | %endif | |
54 | %if ! %{static_libcrypto} | |
55 | PreReq: openssl >= 0.9.5a | |
56 | PreReq: openssl = %{exact_openssl_version} | |
57 | Requires: openssl >= 0.9.5a | |
58 | %endif | |
59 | Requires: rpm >= 3.0.5 | |
60 | ||
61 | %package clients | |
62 | Summary: OpenSSH Secure Shell protocol clients | |
63 | Requires: openssh = %{version}-%{release} | |
64 | Group: Applications/Internet | |
65 | Obsoletes: ssh-clients | |
66 | ||
67 | %package server | |
68 | Summary: OpenSSH Secure Shell protocol server (sshd) | |
69 | Group: System Environment/Daemons | |
70 | Obsoletes: ssh-server | |
71 | PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 | |
72 | %if %{redhat7} | |
73 | Requires: /etc/pam.d/system-auth | |
74 | %endif | |
75 | ||
76 | %package askpass | |
77 | Summary: OpenSSH X11 passphrase dialog | |
78 | Group: Applications/Internet | |
79 | Requires: openssh = %{version}-%{release} | |
80 | Obsoletes: ssh-extras | |
81 | ||
82 | %package askpass-gnome | |
83 | Summary: OpenSSH GNOME passphrase dialog | |
84 | Group: Applications/Internet | |
85 | Requires: openssh = %{version}-%{release} | |
86 | Obsoletes: ssh-extras | |
87 | ||
88 | %description | |
89 | Ssh (Secure Shell) a program for logging into a remote machine and for | |
90 | executing commands in a remote machine. It is intended to replace | |
91 | rlogin and rsh, and provide secure encrypted communications between | |
92 | two untrusted hosts over an insecure network. X11 connections and | |
93 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
94 | ||
95 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
96 | up to date in terms of security and features, as well as removing all | |
97 | patented algorithms to separate libraries (OpenSSL). | |
98 | ||
99 | This package includes the core files necessary for both the OpenSSH | |
100 | client and server. To make this package useful, you should also | |
101 | install openssh-clients, openssh-server, or both. | |
102 | ||
103 | %description clients | |
104 | Ssh (Secure Shell) a program for logging into a remote machine and for | |
105 | executing commands in a remote machine. It is intended to replace | |
106 | rlogin and rsh, and provide secure encrypted communications between | |
107 | two untrusted hosts over an insecure network. X11 connections and | |
108 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
109 | ||
110 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
111 | up to date in terms of security and features, as well as removing all | |
112 | patented algorithms to separate libraries (OpenSSL). | |
113 | ||
114 | This package includes the clients necessary to make encrypted connections | |
115 | to SSH servers. | |
116 | ||
117 | %description server | |
118 | Ssh (Secure Shell) a program for logging into a remote machine and for | |
119 | executing commands in a remote machine. It is intended to replace | |
120 | rlogin and rsh, and provide secure encrypted communications between | |
121 | two untrusted hosts over an insecure network. X11 connections and | |
122 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
123 | ||
124 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
125 | up to date in terms of security and features, as well as removing all | |
126 | patented algorithms to separate libraries (OpenSSL). | |
127 | ||
128 | This package contains the secure shell daemon. The sshd is the server | |
129 | part of the secure shell protocol and allows ssh clients to connect to | |
130 | your host. | |
131 | ||
132 | %description askpass | |
133 | Ssh (Secure Shell) a program for logging into a remote machine and for | |
134 | executing commands in a remote machine. It is intended to replace | |
135 | rlogin and rsh, and provide secure encrypted communications between | |
136 | two untrusted hosts over an insecure network. X11 connections and | |
137 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
138 | ||
139 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
140 | up to date in terms of security and features, as well as removing all | |
141 | patented algorithms to separate libraries (OpenSSL). | |
142 | ||
143 | This package contains Jim Knoble's <jmknoble@jmknoble.cx> X11 passphrase | |
144 | dialog. | |
145 | ||
146 | %description askpass-gnome | |
147 | Ssh (Secure Shell) a program for logging into a remote machine and for | |
148 | executing commands in a remote machine. It is intended to replace | |
149 | rlogin and rsh, and provide secure encrypted communications between | |
150 | two untrusted hosts over an insecure network. X11 connections and | |
151 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | |
152 | ||
153 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | |
154 | up to date in terms of security and features, as well as removing all | |
155 | patented algorithms to separate libraries (OpenSSL). | |
156 | ||
157 | This package contains the GNOME passphrase dialog. | |
158 | ||
159 | %prep | |
160 | ||
161 | %if ! %{no_x11_askpass} | |
162 | %setup -q -a 1 | |
163 | %else | |
164 | %setup -q | |
165 | %endif | |
166 | ||
167 | %build | |
168 | ||
169 | %define _sysconfdir /etc/ssh | |
170 | ||
171 | %configure \ | |
172 | --libexecdir=%{_libexecdir}/openssh \ | |
173 | --with-pam \ | |
174 | --with-tcp-wrappers \ | |
175 | --with-ipv4-default \ | |
176 | --with-rsh=/usr/bin/rsh \ | |
177 | --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin | |
178 | ||
179 | %if %{static_libcrypto} | |
180 | perl -pi -e "s|-lcrypto|/usr/lib/libcrypto.a|g" Makefile | |
181 | %endif | |
182 | ||
183 | make | |
184 | ||
185 | %if ! %{no_x11_askpass} | |
186 | pushd x11-ssh-askpass-%{aversion} | |
187 | xmkmf -a | |
188 | make | |
189 | popd | |
190 | %endif | |
191 | ||
192 | %if ! %{no_gnome_askpass} | |
193 | pushd contrib | |
194 | gcc -O -g `gnome-config --cflags gnome gnomeui` \ | |
195 | gnome-ssh-askpass.c -o gnome-ssh-askpass \ | |
196 | `gnome-config --libs gnome gnomeui` | |
197 | popd | |
198 | %endif | |
199 | ||
200 | %install | |
201 | rm -rf $RPM_BUILD_ROOT | |
202 | %{makeinstall} \ | |
203 | libexecdir=$RPM_BUILD_ROOT%{_libexecdir}/openssh \ | |
204 | DESTDIR=/ # Hack to disable key generation | |
205 | ||
206 | ||
207 | install -d $RPM_BUILD_ROOT/etc/pam.d/ | |
208 | install -d $RPM_BUILD_ROOT/etc/rc.d/init.d | |
209 | install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh | |
210 | %if %{redhat7} | |
211 | install -m644 contrib/redhat/sshd.pam-7.x $RPM_BUILD_ROOT/etc/pam.d/sshd | |
212 | %else | |
213 | install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd | |
214 | %endif | |
215 | install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd | |
216 | ||
217 | %if ! %{no_x11_askpass} | |
218 | install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass | |
219 | ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass | |
220 | %endif | |
221 | ||
222 | %if ! %{no_gnome_askpass} | |
223 | install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass | |
224 | %endif | |
225 | ||
226 | perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* | |
227 | ||
228 | %clean | |
229 | rm -rf $RPM_BUILD_ROOT | |
230 | ||
231 | %post server | |
232 | /sbin/chkconfig --add sshd | |
233 | if test -r /var/run/sshd.pid ; then | |
234 | /etc/rc.d/init.d/sshd restart >&2 | |
235 | fi | |
236 | ||
237 | %preun server | |
238 | if [ "$1" = 0 ] ; then | |
239 | /etc/rc.d/init.d/sshd stop >&2 | |
240 | /sbin/chkconfig --del sshd | |
241 | fi | |
242 | ||
243 | %files | |
244 | %defattr(-,root,root) | |
245 | %doc ChangeLog OVERVIEW README* INSTALL | |
246 | %doc CREDITS LICENCE | |
247 | %attr(0755,root,root) %{_bindir}/ssh-keygen | |
248 | %attr(0755,root,root) %{_bindir}/scp | |
249 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | |
250 | %attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1* | |
251 | %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* | |
252 | %attr(0644,root,root) %{_mandir}/man1/scp.1* | |
253 | %attr(0755,root,root) %dir %{_sysconfdir} | |
254 | %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/moduli | |
255 | %attr(0755,root,root) %dir %{_libexecdir}/openssh | |
256 | ||
257 | %files clients | |
258 | %defattr(-,root,root) | |
259 | %attr(4755,root,root) %{_bindir}/ssh | |
260 | %attr(0755,root,root) %{_bindir}/ssh-agent | |
261 | %attr(0755,root,root) %{_bindir}/ssh-add | |
262 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | |
263 | %attr(0755,root,root) %{_bindir}/sftp | |
264 | %attr(0644,root,root) %{_mandir}/man1/ssh.1* | |
265 | %attr(0644,root,root) %{_mandir}/man1/ssh-agent.1* | |
266 | %attr(0644,root,root) %{_mandir}/man1/ssh-add.1* | |
267 | %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* | |
268 | %attr(0644,root,root) %{_mandir}/man1/sftp.1* | |
269 | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh_config | |
270 | %attr(-,root,root) %{_bindir}/slogin | |
271 | %attr(-,root,root) %{_mandir}/man1/slogin.1* | |
272 | ||
273 | %files server | |
274 | %defattr(-,root,root) | |
275 | %attr(0755,root,root) %{_sbindir}/sshd | |
276 | %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server | |
277 | %attr(0644,root,root) %{_mandir}/man8/sshd.8* | |
278 | %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* | |
279 | #%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config | |
280 | %attr(0600,root,root) %config %{_sysconfdir}/sshd_config | |
281 | %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd | |
282 | %attr(0755,root,root) %config /etc/rc.d/init.d/sshd | |
283 | ||
284 | %if ! %{no_x11_askpass} | |
285 | %files askpass | |
286 | %defattr(-,root,root) | |
287 | %doc x11-ssh-askpass-%{aversion}/README | |
288 | %doc x11-ssh-askpass-%{aversion}/ChangeLog | |
289 | %doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad | |
290 | %attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass | |
291 | %attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass | |
292 | %endif | |
293 | ||
294 | %if ! %{no_gnome_askpass} | |
295 | %files askpass-gnome | |
296 | %defattr(-,root,root) | |
297 | %attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass | |
298 | %endif | |
299 | ||
300 | %changelog | |
301 | * Mon Oct 18 2000 Damien Miller <djm@mindrot.org> | |
302 | - Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the | |
303 | Redhat 7.0 spec file | |
304 | * Tue Sep 05 2000 Damien Miller <djm@mindrot.org> | |
305 | - Use RPM configure macro | |
306 | * Tue Aug 08 2000 Damien Miller <djm@mindrot.org> | |
307 | - Some surgery to sshd.init (generate keys at runtime) | |
308 | - Cleanup of groups and removal of keygen calls | |
309 | * Wed Jul 12 2000 Damien Miller <djm@mindrot.org> | |
310 | - Make building of X11-askpass and gnome-askpass optional | |
311 | * Mon Jun 12 2000 Damien Miller <djm@mindrot.org> | |
312 | - Glob manpages to catch compressed files | |
313 | * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> | |
314 | - Updated for new location | |
315 | - Updated for new gnome-ssh-askpass build | |
316 | * Sun Dec 26 1999 Damien Miller <djm@mindrot.org> | |
317 | - Added Jim Knoble's <jmknoble@pobox.com> askpass | |
318 | * Mon Nov 15 1999 Damien Miller <djm@mindrot.org> | |
319 | - Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> | |
320 | * Sat Nov 13 1999 Damien Miller <djm@mindrot.org> | |
321 | - Added 'Obsoletes' directives | |
322 | * Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> | |
323 | - Use make install | |
324 | - Subpackages | |
325 | * Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> | |
326 | - Added links for slogin | |
327 | - Fixed perms on manpages | |
328 | * Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> | |
329 | - Renamed init script | |
330 | * Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> | |
331 | - Back to old binary names | |
332 | * Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> | |
333 | - Use autoconf | |
334 | - New binary names | |
335 | * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> | |
336 | - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. | |
337 |