Accepting request 867202 from home:kukuk:branches:network

- Add support for /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d
  (openssh-8.4p1-ssh_config_d.patch)

If the user changes are separated from the distribution changes, updating will be much easier, especially for MicroOS/SLE Micro. I implemented it like other distributions, especially Fedora, are alreading doing since a longer time.

OBS-URL: https://build.opensuse.org/request/show/867202
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=226
This commit is contained in:
Hans Petter Jansson 2021-01-27 19:14:20 +00:00 committed by Git OBS Bridge
parent b459802ca3
commit 26f62b4c7e
3 changed files with 44 additions and 1 deletions

View File

@ -0,0 +1,32 @@
diff -ur openssh-8.4p1.orig/ssh_config openssh-8.4p1/ssh_config
--- openssh-8.4p1.orig/ssh_config 2021-01-27 14:43:22.698144889 +0100
+++ openssh-8.4p1/ssh_config 2021-01-27 14:40:46.170143382 +0100
@@ -17,6 +17,12 @@
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
+# To modify the system-wide ssh configuration, create a "*.conf" file under
+# "/etc/ssh/ssh_config.d/" which will be automatically included below.
+# Don't edit this configuration file itself if possible to avoid update
+# problems.
+Include /etc/ssh/ssh_config.d/*.conf
+
Host *
# ForwardAgent no
# ForwardX11 no
diff -ur openssh-8.4p1.orig/sshd_config openssh-8.4p1/sshd_config
--- openssh-8.4p1.orig/sshd_config 2020-09-27 09:25:01.000000000 +0200
+++ openssh-8.4p1/sshd_config 2021-01-27 14:21:23.070132184 +0100
@@ -10,6 +10,12 @@
# possible, but leave them commented. Uncommented options override the
# default value.
+# To modify the system-wide sshd configuration, create a "*.conf" file under
+# "/etc/ssh/sshd_config.d/" which will be automatically included below.
+# Don't edit this configuration file itself if possible to avoid update
+# problems.
+Include /etc/ssh/sshd_config.d/*.conf
+
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Jan 27 14:09:08 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
- Add support for /etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d
(openssh-8.4p1-ssh_config_d.patch)
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Jan 23 18:28:19 UTC 2021 - Hans Petter Jansson <hpj@suse.com> Sat Jan 23 18:28:19 UTC 2021 - Hans Petter Jansson <hpj@suse.com>

View File

@ -110,6 +110,7 @@ Patch41: openssh-fips-ensure-approved-moduli.patch
Patch42: openssh-link-with-sk.patch Patch42: openssh-link-with-sk.patch
Patch43: openssh-reenable-dh-group14-sha1-default.patch Patch43: openssh-reenable-dh-group14-sha1-default.patch
Patch44: openssh-fix-ssh-copy-id.patch Patch44: openssh-fix-ssh-copy-id.patch
Patch45: openssh-8.4p1-ssh_config_d.patch
BuildRequires: audit-devel BuildRequires: audit-devel
BuildRequires: automake BuildRequires: automake
BuildRequires: groff BuildRequires: groff
@ -308,6 +309,8 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d
install -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/sshd install -m 644 %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/sshd
%endif %endif
install -d -m 755 %{buildroot}%{_localstatedir}/lib/sshd install -d -m 755 %{buildroot}%{_localstatedir}/lib/sshd
install -d -m 755 %{buildroot}%{_sysconfdir}/ssh/ssh_config.d
install -d -m 755 %{buildroot}%{_sysconfdir}/ssh/sshd_config.d
install -d -m 755 %{buildroot}%{_sysconfdir}/slp.reg.d/ install -d -m 755 %{buildroot}%{_sysconfdir}/slp.reg.d/
install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/slp.reg.d/ install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/slp.reg.d/
install -D -m 0644 %{SOURCE10} %{buildroot}%{_unitdir}/sshd.service install -D -m 0644 %{SOURCE10} %{buildroot}%{_unitdir}/sshd.service
@ -445,7 +448,8 @@ test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd
%attr(0755,root,root) %{_sbindir}/sshd %attr(0755,root,root) %{_sbindir}/sshd
%attr(0755,root,root) %{_sbindir}/rcsshd %attr(0755,root,root) %{_sbindir}/rcsshd
%attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start %attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd %dir %attr(0755,root,root) %{_localstatedir}/lib/sshd
%dir %attr(0755,root,root) %{_sysconfdir}/ssh/sshd_config.d
%verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
%if %{defined _distconfdir} %if %{defined _distconfdir}
%attr(0644,root,root) %{_distconfdir}/pam.d/sshd %attr(0644,root,root) %{_distconfdir}/pam.d/sshd
@ -468,6 +472,7 @@ test -f /etc/pam.d/sshd.rpmsave && mv -v /etc/pam.d/sshd.rpmsave /etc/pam.d/sshd
%endif %endif
%files clients %files clients
%dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config %verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%attr(0755,root,root) %{_bindir}/ssh %attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/scp* %attr(0755,root,root) %{_bindir}/scp*