OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=142
This commit is contained in:
parent
0b6a0633f1
commit
3ce85325a2
@ -1,13 +1,3 @@
|
|||||||
-------------------------------------------------------------------
|
|
||||||
Thu Sep 17 20:41:39 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
|
||||||
|
|
||||||
- Upgrade some old specfile constructs/macros.
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Thu Sep 10 22:44:00 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
|
||||||
|
|
||||||
- Supplement openssh-clients instead of openssh (bsc#1176434).
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com>
|
Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com>
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh-askpass-gnome
|
# spec file for package openssh-askpass-gnome
|
||||||
#
|
#
|
||||||
# Copyright (c) 2020 SUSE LLC
|
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -27,7 +27,7 @@ URL: http://www.openssh.com/
|
|||||||
Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz
|
Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz
|
||||||
Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc
|
Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc
|
||||||
Requires: %{_name} = %{version}
|
Requires: %{_name} = %{version}
|
||||||
Supplements: packageand(openssh-clients:libgtk-3-0)
|
Supplements: packageand(openssh:libgtk-3-0)
|
||||||
%if 0%{?suse_version} >= 1550
|
%if 0%{?suse_version} >= 1550
|
||||||
BuildRequires: gtk3-devel
|
BuildRequires: gtk3-devel
|
||||||
%else
|
%else
|
||||||
@ -40,15 +40,15 @@ for executing commands on a remote machine. This package contains a
|
|||||||
GNOME-based passphrase dialog for OpenSSH.
|
GNOME-based passphrase dialog for OpenSSH.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -p1 -n %{_name}-%{version}
|
%setup -q -n %{_name}-%{version}
|
||||||
|
|
||||||
%build
|
%build
|
||||||
cd contrib
|
cd contrib
|
||||||
export CFLAGS="%{optflags}"
|
export CFLAGS="%{optflags}"
|
||||||
%if 0%{?suse_version} >= 1550
|
%if 0%{?suse_version} >= 1550
|
||||||
%make_build gnome-ssh-askpass3
|
make %{?_smp_mflags} gnome-ssh-askpass3
|
||||||
%else
|
%else
|
||||||
%make_build gnome-ssh-askpass2
|
make %{?_smp_mflags} gnome-ssh-askpass2
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%install
|
%install
|
||||||
|
@ -1,30 +1,3 @@
|
|||||||
-------------------------------------------------------------------
|
|
||||||
Fri Sep 25 13:40:51 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
|
|
||||||
|
|
||||||
- Fix fillup-template usage:
|
|
||||||
+ %post server needs to reference ssh (not sshd), which matches
|
|
||||||
the sysconfig.ssh file name the package ships.
|
|
||||||
+ %post client does not need any fillup_ calls, as there is no
|
|
||||||
client-relevant sysconfig file present. The naming of the
|
|
||||||
sysconfig file (ssh instead of sshd) is unfortunate.
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Thu Sep 17 20:41:39 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
|
||||||
|
|
||||||
- Move some Requires to the right subpackage.
|
|
||||||
- Avoid ">&" bashism in %post.
|
|
||||||
- Upgrade some old specfile constructs/macros and drop unnecessary
|
|
||||||
%{?systemd_*}.
|
|
||||||
- Trim descriptions and straighten out the grammar.
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Thu Sep 10 21:38:30 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
|
||||||
|
|
||||||
- Split openssh package into openssh, openssh-common,
|
|
||||||
openssh-server and openssh-clients. This allows for the ssh
|
|
||||||
clients to be installed without the server component
|
|
||||||
(bsc#1176434).
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
||||||
|
|
||||||
|
186
openssh.spec
186
openssh.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh
|
# spec file for package openssh
|
||||||
#
|
#
|
||||||
# Copyright (c) 2020 SUSE LLC
|
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -113,8 +113,14 @@ BuildRequires: pkgconfig
|
|||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
BuildRequires: pkgconfig(libfido2)
|
BuildRequires: pkgconfig(libfido2)
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
Requires: %{name}-clients = %{version}-%{release}
|
Requires(post): %fillup_prereq
|
||||||
Requires: %{name}-server = %{version}-%{release}
|
Requires(pre): shadow
|
||||||
|
Recommends: %{name}-helpers = %{version}-%{release}
|
||||||
|
Recommends: audit
|
||||||
|
Conflicts: %{name}-fips < %{version}-%{release}
|
||||||
|
Conflicts: %{name}-fips > %{version}-%{release}
|
||||||
|
Conflicts: nonfreessh
|
||||||
|
%{?systemd_requires}
|
||||||
%if %{with tirpc}
|
%if %{with tirpc}
|
||||||
BuildRequires: libtirpc-devel
|
BuildRequires: libtirpc-devel
|
||||||
%endif
|
%endif
|
||||||
@ -126,112 +132,40 @@ BuildRequires: krb5-mini-devel
|
|||||||
|
|
||||||
%description
|
%description
|
||||||
SSH (Secure Shell) is a program for logging into and executing commands
|
SSH (Secure Shell) is a program for logging into and executing commands
|
||||||
on a remote machine. It replaces rsh (rlogin and rsh) and
|
on a remote machine. It is intended to replace rsh (rlogin and rsh) and
|
||||||
provides a secure encrypted communication between two untrusted
|
provides openssl (secure encrypted communication) between two untrusted
|
||||||
hosts over an insecure network.
|
hosts over an insecure network.
|
||||||
|
|
||||||
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
||||||
also be forwarded over the secure channel.
|
also be forwarded over the secure channel.
|
||||||
|
|
||||||
This is a dummy package that pulls in both the client and server
|
|
||||||
components.
|
|
||||||
|
|
||||||
%package common
|
|
||||||
Summary: SSH (Secure Shell) common files
|
|
||||||
Group: Productivity/Networking/SSH
|
|
||||||
Conflicts: nonfreessh
|
|
||||||
Conflicts: %{name}-fips < %{version}-%{release}
|
|
||||||
Conflicts: %{name}-fips > %{version}-%{release}
|
|
||||||
|
|
||||||
%description common
|
|
||||||
SSH (Secure Shell) is a program for logging into and executing commands
|
|
||||||
on a remote machine. It replaces rsh (rlogin and rsh) and
|
|
||||||
provides a secure encrypted communication between two untrusted
|
|
||||||
hosts over an insecure network.
|
|
||||||
|
|
||||||
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
|
||||||
also be forwarded over the secure channel.
|
|
||||||
|
|
||||||
This package contains common files for the Secure Shell server and
|
|
||||||
clients.
|
|
||||||
|
|
||||||
%package server
|
|
||||||
Summary: SSH (Secure Shell) server
|
|
||||||
Group: Productivity/Networking/SSH
|
|
||||||
Requires: %{name}-common = %{version}-%{release}
|
|
||||||
Recommends: audit
|
|
||||||
Requires(pre): shadow
|
|
||||||
Requires(post): %fillup_prereq
|
|
||||||
Requires(post): permissions
|
|
||||||
Provides: openssh:%{_sbindir}/sshd
|
|
||||||
|
|
||||||
%description server
|
|
||||||
SSH (Secure Shell) is a program for logging into and executing commands
|
|
||||||
on a remote machine. It replaces rsh (rlogin and rsh) and
|
|
||||||
provides a secure encrypted communication between two untrusted
|
|
||||||
hosts over an insecure network.
|
|
||||||
|
|
||||||
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
|
||||||
also be forwarded over the secure channel.
|
|
||||||
|
|
||||||
This package contains the Secure Shell daemon, which allows clients to
|
|
||||||
securely connect to your server.
|
|
||||||
|
|
||||||
%package clients
|
|
||||||
Summary: SSH (Secure Shell) client applications
|
|
||||||
Group: Productivity/Networking/SSH
|
|
||||||
Requires: %{name}-common = %{version}-%{release}
|
|
||||||
Provides: openssh:%{_bindir}/ssh
|
|
||||||
|
|
||||||
%description clients
|
|
||||||
SSH (Secure Shell) is a program for logging into and executing commands
|
|
||||||
on a remote machine. It replaces rsh (rlogin and rsh) and
|
|
||||||
provides a secure encrypted communication between two untrusted
|
|
||||||
hosts over an insecure network.
|
|
||||||
|
|
||||||
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
|
||||||
also be forwarded over the secure channel.
|
|
||||||
|
|
||||||
This package contains clients for making secure connections to Secure
|
|
||||||
Shell servers.
|
|
||||||
|
|
||||||
%package helpers
|
%package helpers
|
||||||
Summary: OpenSSH AuthorizedKeysCommand helpers
|
Summary: OpenSSH AuthorizedKeysCommand helpers
|
||||||
Group: Productivity/Networking/SSH
|
Group: Productivity/Networking/SSH
|
||||||
Requires: %{name}-common = %{version}-%{release}
|
Requires: %{name} = %{version}-%{release}
|
||||||
|
|
||||||
%description helpers
|
%description helpers
|
||||||
SSH (Secure Shell) is a program for logging into and executing commands
|
Helper applications for OpenSSH which retrieve keys from various sources.
|
||||||
on a remote machine. It replaces rsh (rlogin and rsh) and
|
|
||||||
provides a secure encrypted communication between two untrusted
|
|
||||||
hosts over an insecure network.
|
|
||||||
|
|
||||||
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
|
||||||
also be forwarded over the secure channel.
|
|
||||||
|
|
||||||
This package contains helper applications for OpenSSH which retrieve
|
|
||||||
keys from various sources.
|
|
||||||
|
|
||||||
%package fips
|
%package fips
|
||||||
Summary: OpenSSH FIPS crypto module HMACs
|
Summary: OpenSSH FIPS cryptomodule HMACs
|
||||||
Group: Productivity/Networking/SSH
|
Group: Productivity/Networking/SSH
|
||||||
Requires: %{name}-common = %{version}-%{release}
|
Requires: %{name} = %{version}-%{release}
|
||||||
Conflicts: %{name}-common < %{version}-%{release}
|
Conflicts: %{name} < %{version}-%{release}
|
||||||
Conflicts: %{name}-common > %{version}-%{release}
|
Conflicts: %{name} > %{version}-%{release}
|
||||||
Obsoletes: %{name}-hmac
|
Obsoletes: %{name}-hmac
|
||||||
|
|
||||||
%description fips
|
%description fips
|
||||||
This package contains hashes that, together with the main openssh packages,
|
Hashes that together with the main package form the FIPS certifiable
|
||||||
form the FIPS certifiable crypto module.
|
cryptomodule.
|
||||||
|
|
||||||
%package cavs
|
%package cavs
|
||||||
Summary: OpenSSH FIPS crypto module CAVS tests
|
Summary: OpenSSH FIPS cryptomodule CAVS tests
|
||||||
Group: Productivity/Networking/SSH
|
Group: Productivity/Networking/SSH
|
||||||
Requires: %{name}-common = %{version}-%{release}
|
Requires: %{name} = %{version}-%{release}
|
||||||
|
|
||||||
%description cavs
|
%description cavs
|
||||||
This package contains the FIPS140 CAVS (Cryptographic Algorithm
|
FIPS140 CAVS tests related parts of the OpenSSH package
|
||||||
Validation Program/Suite) related tests of OpenSSH.
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
@ -330,58 +264,56 @@ done
|
|||||||
|
|
||||||
}}
|
}}
|
||||||
|
|
||||||
%pre server
|
%pre
|
||||||
getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd
|
getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd
|
||||||
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d %{_localstatedir}/lib/sshd -s /bin/false -c "SSH daemon" sshd
|
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d %{_localstatedir}/lib/sshd -s /bin/false -c "SSH daemon" sshd
|
||||||
%service_add_pre sshd.service
|
%service_add_pre sshd.service
|
||||||
|
|
||||||
%post server
|
%post
|
||||||
%{fillup_only -n ssh}
|
%{fillup_only -n ssh sshd}
|
||||||
%service_add_post sshd.service
|
%service_add_post sshd.service
|
||||||
%set_permissions %{_sysconfdir}/ssh/sshd_config
|
%set_permissions %{_sysconfdir}/ssh/sshd_config
|
||||||
|
|
||||||
%preun server
|
%preun
|
||||||
%service_del_preun sshd.service
|
%service_del_preun sshd.service
|
||||||
|
|
||||||
%postun server
|
%postun
|
||||||
# The openssh-fips trigger script for openssh will normally restart sshd once
|
# The openssh-fips trigger script for openssh will normally restart sshd once
|
||||||
# it gets installed, so only restart the service here is openssh-fips is not
|
# it gets installed, so only restart the service here is openssh-fips is not
|
||||||
# present
|
# present
|
||||||
rpm -q openssh-fips >/dev/null 2>/dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
||||||
%service_del_postun sshd.service
|
%service_del_postun sshd.service
|
||||||
|
|
||||||
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
|
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
|
||||||
%restart_on_update sshd
|
%restart_on_update sshd
|
||||||
|
|
||||||
%verifyscript server
|
%verifyscript
|
||||||
%verify_permissions -e %{_sysconfdir}/ssh/sshd_config
|
%verify_permissions -e %{_sysconfdir}/ssh/sshd_config
|
||||||
|
|
||||||
%files
|
%files
|
||||||
# openssh is an empty package that depends on -clients and -server,
|
%exclude %{_bindir}/ssh%{CHECKSUM_SUFFIX}
|
||||||
# resulting in a clean upgrade path from prior to the split even when
|
%exclude %{_sbindir}/sshd%{CHECKSUM_SUFFIX}
|
||||||
# recommends are disabled.
|
%exclude %{_libexecdir}/ssh/sftp-server%{CHECKSUM_SUFFIX}
|
||||||
|
%exclude %{_libexecdir}/ssh/cavs*
|
||||||
%files common
|
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd
|
||||||
%license LICENCE
|
%license LICENCE
|
||||||
%doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS
|
%doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS
|
||||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
||||||
%attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1*
|
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||||
%attr(0444,root,root) %{_mandir}/man5/moduli.5*
|
%verify(not mode) %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-keygen*
|
|
||||||
|
|
||||||
%files server
|
|
||||||
%attr(0755,root,root) %{_sbindir}/sshd
|
|
||||||
%attr(0755,root,root) %{_sbindir}/rcsshd
|
|
||||||
%attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start
|
|
||||||
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd
|
|
||||||
%verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
|
||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
|
||||||
%attr(0644,root,root) %{_unitdir}/sshd.service
|
%attr(0644,root,root) %{_unitdir}/sshd.service
|
||||||
%attr(0444,root,root) %{_mandir}/man5/sshd_config*
|
%attr(0755,root,root) %{_bindir}/*
|
||||||
%attr(0444,root,root) %{_mandir}/man8/sftp-server.8*
|
%attr(0755,root,root) %{_sbindir}/*
|
||||||
%attr(0444,root,root) %{_mandir}/man8/sshd.8*
|
%attr(0755,root,root) %dir %{_libexecdir}/ssh
|
||||||
%attr(0755,root,root) %{_libexecdir}/ssh/sftp-server
|
%exclude %{_libexecdir}/ssh/ssh-ldap*
|
||||||
|
%attr(0755,root,root) %{_libexecdir}/ssh/*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man5/*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man8/*
|
||||||
|
%exclude %{_mandir}/man5/ssh-ldap*
|
||||||
|
%exclude %{_mandir}/man8/ssh-ldap*
|
||||||
%dir %{_sysconfdir}/slp.reg.d
|
%dir %{_sysconfdir}/slp.reg.d
|
||||||
%config %{_sysconfdir}/slp.reg.d/ssh.reg
|
%config %{_sysconfdir}/slp.reg.d/ssh.reg
|
||||||
%{_fillupdir}/sysconfig.ssh
|
%{_fillupdir}/sysconfig.ssh
|
||||||
@ -391,32 +323,6 @@ rpm -q openssh-fips >/dev/null 2>/dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
|||||||
%config %{_fwdefdir}/sshd
|
%config %{_fwdefdir}/sshd
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%files clients
|
|
||||||
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
|
||||||
%attr(0755,root,root) %{_bindir}/ssh
|
|
||||||
%attr(0755,root,root) %{_bindir}/scp*
|
|
||||||
%attr(0755,root,root) %{_bindir}/sftp*
|
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-add*
|
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-agent*
|
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-copy-id*
|
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-keyscan*
|
|
||||||
%attr(0755,root,root) %dir %{_libexecdir}/ssh
|
|
||||||
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-askpass*
|
|
||||||
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-keysign*
|
|
||||||
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-pkcs11-helper*
|
|
||||||
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-sk-helper*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/scp.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/sftp.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/ssh-add.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/ssh-agent.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/ssh-keyscan.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/ssh.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/ssh-copy-id.1*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man5/ssh_config.5*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man8/ssh-sk-helper.8*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man8/ssh-keysign.8*
|
|
||||||
|
|
||||||
%files helpers
|
%files helpers
|
||||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||||
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf
|
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf
|
||||||
|
Loading…
Reference in New Issue
Block a user