From 26f62b4c7eff20d017e525038f3485b4d4d46bbce5d5f6e1479f2cc67d37892e Mon Sep 17 00:00:00 2001 From: Hans Petter Jansson Date: Wed, 27 Jan 2021 19:14:20 +0000 Subject: [PATCH] Accepting request 867202 from home:kukuk:branches:network - Add support for /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d (openssh-8.4p1-ssh_config_d.patch) If the user changes are separated from the distribution changes, updating will be much easier, especially for MicroOS/SLE Micro. I implemented it like other distributions, especially Fedora, are alreading doing since a longer time. OBS-URL: https://build.opensuse.org/request/show/867202 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=226 --- openssh-8.4p1-ssh_config_d.patch | 32 ++++++++++++++++++++++++++++++++ openssh.changes | 6 ++++++ openssh.spec | 7 ++++++- 3 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 openssh-8.4p1-ssh_config_d.patch diff --git a/openssh-8.4p1-ssh_config_d.patch b/openssh-8.4p1-ssh_config_d.patch new file mode 100644 index 0000000..4ff4c61 --- /dev/null +++ b/openssh-8.4p1-ssh_config_d.patch @@ -0,0 +1,32 @@ +diff -ur openssh-8.4p1.orig/ssh_config openssh-8.4p1/ssh_config +--- openssh-8.4p1.orig/ssh_config 2021-01-27 14:43:22.698144889 +0100 ++++ openssh-8.4p1/ssh_config 2021-01-27 14:40:46.170143382 +0100 +@@ -17,6 +17,12 @@ + # list of available options, their meanings and defaults, please see the + # ssh_config(5) man page. + ++# To modify the system-wide ssh configuration, create a "*.conf" file under ++# "/etc/ssh/ssh_config.d/" which will be automatically included below. ++# Don't edit this configuration file itself if possible to avoid update ++# problems. ++Include /etc/ssh/ssh_config.d/*.conf ++ + Host * + # ForwardAgent no + # ForwardX11 no +diff -ur openssh-8.4p1.orig/sshd_config openssh-8.4p1/sshd_config +--- openssh-8.4p1.orig/sshd_config 2020-09-27 09:25:01.000000000 +0200 ++++ openssh-8.4p1/sshd_config 2021-01-27 14:21:23.070132184 +0100 +@@ -10,6 +10,12 @@ + # possible, but leave them commented. Uncommented options override the + # default value. + ++# To modify the system-wide sshd configuration, create a "*.conf" file under ++# "/etc/ssh/sshd_config.d/" which will be automatically included below. ++# Don't edit this configuration file itself if possible to avoid update ++# problems. ++Include /etc/ssh/sshd_config.d/*.conf ++ + #Port 22 + #AddressFamily any + #ListenAddress 0.0.0.0 diff --git a/openssh.changes b/openssh.changes index 445993d..658b297 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Jan 27 14:09:08 UTC 2021 - Thorsten Kukuk + +- Add support for /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d + (openssh-8.4p1-ssh_config_d.patch) + ------------------------------------------------------------------- Sat Jan 23 18:28:19 UTC 2021 - Hans Petter Jansson diff --git a/openssh.spec b/openssh.spec index ccc95ba..1f68aa5 100644 --- a/openssh.spec +++ b/openssh.spec @@ -110,6 +110,7 @@ Patch41: openssh-fips-ensure-approved-moduli.patch Patch42: openssh-link-with-sk.patch Patch43: openssh-reenable-dh-group14-sha1-default.patch Patch44: openssh-fix-ssh-copy-id.patch +Patch45: openssh-8.4p1-ssh_config_d.patch BuildRequires: audit-devel BuildRequires: automake BuildRequires: groff @@ -308,6 +309,8 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d install -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/sshd %endif install -d -m 755 %{buildroot}%{_localstatedir}/lib/sshd +install -d -m 755 %{buildroot}%{_sysconfdir}/ssh/ssh_config.d +install -d -m 755 %{buildroot}%{_sysconfdir}/ssh/sshd_config.d install -d -m 755 %{buildroot}%{_sysconfdir}/slp.reg.d/ install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/slp.reg.d/ install -D -m 0644 %{SOURCE10} %{buildroot}%{_unitdir}/sshd.service @@ -445,7 +448,8 @@ test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd %attr(0755,root,root) %{_sbindir}/sshd %attr(0755,root,root) %{_sbindir}/rcsshd %attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start -%dir %attr(755,root,root) %{_localstatedir}/lib/sshd +%dir %attr(0755,root,root) %{_localstatedir}/lib/sshd +%dir %attr(0755,root,root) %{_sysconfdir}/ssh/sshd_config.d %verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %if %{defined _distconfdir} %attr(0644,root,root) %{_distconfdir}/pam.d/sshd @@ -468,6 +472,7 @@ test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd %endif %files clients +%dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d %verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config %attr(0755,root,root) %{_bindir}/ssh %attr(0755,root,root) %{_bindir}/scp*