Accepting request 841947 from network
- Work around %service_add_post disabling sshd on upgrade with package name change (bsc#1177039). - Use of DISABLE_RESTART_ON_UPDATE is deprecated. Replace it with %service_del_postun_without_restart (forwarded request 840337 from hpjansson) OBS-URL: https://build.opensuse.org/request/show/841947 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=143
This commit is contained in:
commit
8bacc30c33
@ -1,3 +1,13 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Sep 17 20:41:39 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
||||||
|
|
||||||
|
- Upgrade some old specfile constructs/macros.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Sep 10 22:44:00 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
||||||
|
|
||||||
|
- Supplement openssh-clients instead of openssh (bsc#1176434).
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com>
|
Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com>
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh-askpass-gnome
|
# spec file for package openssh-askpass-gnome
|
||||||
#
|
#
|
||||||
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2020 SUSE LLC
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -27,7 +27,7 @@ URL: http://www.openssh.com/
|
|||||||
Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz
|
Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz
|
||||||
Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc
|
Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc
|
||||||
Requires: %{_name} = %{version}
|
Requires: %{_name} = %{version}
|
||||||
Supplements: packageand(openssh:libgtk-3-0)
|
Supplements: packageand(openssh-clients:libgtk-3-0)
|
||||||
%if 0%{?suse_version} >= 1550
|
%if 0%{?suse_version} >= 1550
|
||||||
BuildRequires: gtk3-devel
|
BuildRequires: gtk3-devel
|
||||||
%else
|
%else
|
||||||
@ -40,15 +40,15 @@ for executing commands on a remote machine. This package contains a
|
|||||||
GNOME-based passphrase dialog for OpenSSH.
|
GNOME-based passphrase dialog for OpenSSH.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n %{_name}-%{version}
|
%autosetup -p1 -n %{_name}-%{version}
|
||||||
|
|
||||||
%build
|
%build
|
||||||
cd contrib
|
cd contrib
|
||||||
export CFLAGS="%{optflags}"
|
export CFLAGS="%{optflags}"
|
||||||
%if 0%{?suse_version} >= 1550
|
%if 0%{?suse_version} >= 1550
|
||||||
make %{?_smp_mflags} gnome-ssh-askpass3
|
%make_build gnome-ssh-askpass3
|
||||||
%else
|
%else
|
||||||
make %{?_smp_mflags} gnome-ssh-askpass2
|
%make_build gnome-ssh-askpass2
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%install
|
%install
|
||||||
|
@ -1,3 +1,43 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Oct 8 21:38:27 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
||||||
|
|
||||||
|
- Work around %service_add_post disabling sshd on upgrade with
|
||||||
|
package name change (bsc#1177039).
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Sep 25 13:40:51 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||||
|
|
||||||
|
- Fix fillup-template usage:
|
||||||
|
+ %post server needs to reference ssh (not sshd), which matches
|
||||||
|
the sysconfig.ssh file name the package ships.
|
||||||
|
+ %post client does not need any fillup_ calls, as there is no
|
||||||
|
client-relevant sysconfig file present. The naming of the
|
||||||
|
sysconfig file (ssh instead of sshd) is unfortunate.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Sep 25 10:59:50 UTC 2020 - Franck Bui <fbui@suse.com>
|
||||||
|
|
||||||
|
- Use of DISABLE_RESTART_ON_UPDATE is deprecated.
|
||||||
|
|
||||||
|
Replace it with %service_del_postun_without_restart
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Sep 17 20:41:39 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
|
||||||
|
|
||||||
|
- Move some Requires to the right subpackage.
|
||||||
|
- Avoid ">&" bashism in %post.
|
||||||
|
- Upgrade some old specfile constructs/macros and drop unnecessary
|
||||||
|
%{?systemd_*}.
|
||||||
|
- Trim descriptions and straighten out the grammar.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Sep 10 21:38:30 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
||||||
|
|
||||||
|
- Split openssh package into openssh, openssh-common,
|
||||||
|
openssh-server and openssh-clients. This allows for the ssh
|
||||||
|
clients to be installed without the server component
|
||||||
|
(bsc#1176434).
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
|
||||||
|
|
||||||
|
217
openssh.spec
217
openssh.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh
|
# spec file for package openssh
|
||||||
#
|
#
|
||||||
# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2020 SUSE LLC
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -30,6 +30,9 @@
|
|||||||
%define _appdefdir %( grep "configdirspec=" $( which xmkmf ) | sed -r 's,^[^=]+=.*-I(.*)/config.*$,\\1/app-defaults,' )
|
%define _appdefdir %( grep "configdirspec=" $( which xmkmf ) | sed -r 's,^[^=]+=.*-I(.*)/config.*$,\\1/app-defaults,' )
|
||||||
%define CHECKSUM_SUFFIX .hmac
|
%define CHECKSUM_SUFFIX .hmac
|
||||||
%define CHECKSUM_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE"
|
%define CHECKSUM_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE"
|
||||||
|
%define _tmpenableddir %{_localstatedir}/lib/sshd
|
||||||
|
%define _tmpenabledfile %{_tmpenableddir}/is-enabled.rpmtmp
|
||||||
|
|
||||||
#Compat macro for new _fillupdir macro introduced in Nov 2017
|
#Compat macro for new _fillupdir macro introduced in Nov 2017
|
||||||
%if ! %{defined _fillupdir}
|
%if ! %{defined _fillupdir}
|
||||||
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
||||||
@ -113,14 +116,8 @@ BuildRequires: pkgconfig
|
|||||||
BuildRequires: zlib-devel
|
BuildRequires: zlib-devel
|
||||||
BuildRequires: pkgconfig(libfido2)
|
BuildRequires: pkgconfig(libfido2)
|
||||||
BuildRequires: pkgconfig(libsystemd)
|
BuildRequires: pkgconfig(libsystemd)
|
||||||
Requires(post): %fillup_prereq
|
Requires: %{name}-clients = %{version}-%{release}
|
||||||
Requires(pre): shadow
|
Requires: %{name}-server = %{version}-%{release}
|
||||||
Recommends: %{name}-helpers = %{version}-%{release}
|
|
||||||
Recommends: audit
|
|
||||||
Conflicts: %{name}-fips < %{version}-%{release}
|
|
||||||
Conflicts: %{name}-fips > %{version}-%{release}
|
|
||||||
Conflicts: nonfreessh
|
|
||||||
%{?systemd_requires}
|
|
||||||
%if %{with tirpc}
|
%if %{with tirpc}
|
||||||
BuildRequires: libtirpc-devel
|
BuildRequires: libtirpc-devel
|
||||||
%endif
|
%endif
|
||||||
@ -132,40 +129,112 @@ BuildRequires: krb5-mini-devel
|
|||||||
|
|
||||||
%description
|
%description
|
||||||
SSH (Secure Shell) is a program for logging into and executing commands
|
SSH (Secure Shell) is a program for logging into and executing commands
|
||||||
on a remote machine. It is intended to replace rsh (rlogin and rsh) and
|
on a remote machine. It replaces rsh (rlogin and rsh) and
|
||||||
provides openssl (secure encrypted communication) between two untrusted
|
provides secure encrypted communication between two untrusted
|
||||||
hosts over an insecure network.
|
hosts over an insecure network.
|
||||||
|
|
||||||
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
||||||
also be forwarded over the secure channel.
|
also be forwarded over the secure channel.
|
||||||
|
|
||||||
|
This is a dummy package that pulls in both the client and server
|
||||||
|
components.
|
||||||
|
|
||||||
|
%package common
|
||||||
|
Summary: SSH (Secure Shell) common files
|
||||||
|
Group: Productivity/Networking/SSH
|
||||||
|
Conflicts: nonfreessh
|
||||||
|
Conflicts: %{name}-fips < %{version}-%{release}
|
||||||
|
Conflicts: %{name}-fips > %{version}-%{release}
|
||||||
|
|
||||||
|
%description common
|
||||||
|
SSH (Secure Shell) is a program for logging into and executing commands
|
||||||
|
on a remote machine. It replaces rsh (rlogin and rsh) and
|
||||||
|
provides secure encrypted communication between two untrusted
|
||||||
|
hosts over an insecure network.
|
||||||
|
|
||||||
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
||||||
|
also be forwarded over the secure channel.
|
||||||
|
|
||||||
|
This package contains common files for the Secure Shell server and
|
||||||
|
clients.
|
||||||
|
|
||||||
|
%package server
|
||||||
|
Summary: SSH (Secure Shell) server
|
||||||
|
Group: Productivity/Networking/SSH
|
||||||
|
Requires: %{name}-common = %{version}-%{release}
|
||||||
|
Recommends: audit
|
||||||
|
Requires(pre): shadow
|
||||||
|
Requires(post): %fillup_prereq
|
||||||
|
Requires(post): permissions
|
||||||
|
Provides: openssh:%{_sbindir}/sshd
|
||||||
|
|
||||||
|
%description server
|
||||||
|
SSH (Secure Shell) is a program for logging into and executing commands
|
||||||
|
on a remote machine. It replaces rsh (rlogin and rsh) and
|
||||||
|
provides secure encrypted communication between two untrusted
|
||||||
|
hosts over an insecure network.
|
||||||
|
|
||||||
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
||||||
|
also be forwarded over the secure channel.
|
||||||
|
|
||||||
|
This package contains the Secure Shell daemon, which allows clients to
|
||||||
|
securely connect to your server.
|
||||||
|
|
||||||
|
%package clients
|
||||||
|
Summary: SSH (Secure Shell) client applications
|
||||||
|
Group: Productivity/Networking/SSH
|
||||||
|
Requires: %{name}-common = %{version}-%{release}
|
||||||
|
Provides: openssh:%{_bindir}/ssh
|
||||||
|
|
||||||
|
%description clients
|
||||||
|
SSH (Secure Shell) is a program for logging into and executing commands
|
||||||
|
on a remote machine. It replaces rsh (rlogin and rsh) and
|
||||||
|
provides secure encrypted communication between two untrusted
|
||||||
|
hosts over an insecure network.
|
||||||
|
|
||||||
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
||||||
|
also be forwarded over the secure channel.
|
||||||
|
|
||||||
|
This package contains clients for making secure connections to Secure
|
||||||
|
Shell servers.
|
||||||
|
|
||||||
%package helpers
|
%package helpers
|
||||||
Summary: OpenSSH AuthorizedKeysCommand helpers
|
Summary: OpenSSH AuthorizedKeysCommand helpers
|
||||||
Group: Productivity/Networking/SSH
|
Group: Productivity/Networking/SSH
|
||||||
Requires: %{name} = %{version}-%{release}
|
Requires: %{name}-common = %{version}-%{release}
|
||||||
|
|
||||||
%description helpers
|
%description helpers
|
||||||
Helper applications for OpenSSH which retrieve keys from various sources.
|
SSH (Secure Shell) is a program for logging into and executing commands
|
||||||
|
on a remote machine. It replaces rsh (rlogin and rsh) and
|
||||||
|
provides secure encrypted communication between two untrusted
|
||||||
|
hosts over an insecure network.
|
||||||
|
|
||||||
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
||||||
|
also be forwarded over the secure channel.
|
||||||
|
|
||||||
|
This package contains helper applications for OpenSSH which retrieve
|
||||||
|
keys from various sources.
|
||||||
|
|
||||||
%package fips
|
%package fips
|
||||||
Summary: OpenSSH FIPS crypto module HMACs
|
Summary: OpenSSH FIPS crypto module HMACs
|
||||||
Group: Productivity/Networking/SSH
|
Group: Productivity/Networking/SSH
|
||||||
Requires: %{name} = %{version}-%{release}
|
Requires: %{name}-common = %{version}-%{release}
|
||||||
Conflicts: %{name} < %{version}-%{release}
|
Conflicts: %{name}-common < %{version}-%{release}
|
||||||
Conflicts: %{name} > %{version}-%{release}
|
Conflicts: %{name}-common > %{version}-%{release}
|
||||||
Obsoletes: %{name}-hmac
|
Obsoletes: %{name}-hmac
|
||||||
|
|
||||||
%description fips
|
%description fips
|
||||||
Hashes that together with the main package form the FIPS certifiable
|
This package contains hashes that, together with the main openssh packages,
|
||||||
cryptomodule.
|
form the FIPS certifiable crypto module.
|
||||||
|
|
||||||
%package cavs
|
%package cavs
|
||||||
Summary: OpenSSH FIPS crypto module CAVS tests
|
Summary: OpenSSH FIPS crypto module CAVS tests
|
||||||
Group: Productivity/Networking/SSH
|
Group: Productivity/Networking/SSH
|
||||||
Requires: %{name} = %{version}-%{release}
|
Requires: %{name}-common = %{version}-%{release}
|
||||||
|
|
||||||
%description cavs
|
%description cavs
|
||||||
FIPS140 CAVS tests related parts of the OpenSSH package
|
This package contains the FIPS-140 CAVS (Cryptographic Algorithm
|
||||||
|
Validation Program/Suite) related tests of OpenSSH.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
@ -265,55 +334,87 @@ done
|
|||||||
}}
|
}}
|
||||||
|
|
||||||
%pre
|
%pre
|
||||||
|
# Remember whether the sshd service was enabled prior to an upgrade. This
|
||||||
|
# is needed when upgrading to a split-off openssh-server package. The
|
||||||
|
# %%service_add_post scriptlet (in %%post server) will see it as a new service
|
||||||
|
# and apply the preset, disabling it. We need to reenable it afterwards if
|
||||||
|
# necessary.
|
||||||
|
if [ -x %{_bindir}/systemctl ]; then
|
||||||
|
mkdir -p %{_tmpenableddir} || :
|
||||||
|
%{_bindir}/systemctl is-enabled sshd > %{_tmpenabledfile} || :
|
||||||
|
fi
|
||||||
|
|
||||||
|
%pre server
|
||||||
getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd
|
getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd
|
||||||
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d %{_localstatedir}/lib/sshd -s /bin/false -c "SSH daemon" sshd
|
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d %{_localstatedir}/lib/sshd -s /bin/false -c "SSH daemon" sshd
|
||||||
|
|
||||||
|
# See %%pre.
|
||||||
|
if [ -x %{_bindir}/systemctl ]; then
|
||||||
|
mkdir -p %{_tmpenableddir} || :
|
||||||
|
%{_bindir}/systemctl is-enabled sshd > %{_tmpenabledfile} || :
|
||||||
|
fi
|
||||||
|
|
||||||
%service_add_pre sshd.service
|
%service_add_pre sshd.service
|
||||||
|
|
||||||
%post
|
%post server
|
||||||
%{fillup_only -n ssh sshd}
|
%{fillup_only -n ssh}
|
||||||
%service_add_post sshd.service
|
%service_add_post sshd.service
|
||||||
%set_permissions %{_sysconfdir}/ssh/sshd_config
|
%set_permissions %{_sysconfdir}/ssh/sshd_config
|
||||||
|
|
||||||
%preun
|
# Work around %%service_add_post disabling the service on upgrades where
|
||||||
|
# the package name changed.
|
||||||
|
if [ -x %{_bindir}/systemctl ] && [ -f %{_tmpenabledfile} ] \
|
||||||
|
&& [ x$(cat %{_tmpenabledfile} || :) == "xenabled" ]; then
|
||||||
|
systemctl enable sshd || :
|
||||||
|
fi
|
||||||
|
|
||||||
|
rm -f %{_tmpenabledfile}
|
||||||
|
|
||||||
|
%preun server
|
||||||
%service_del_preun sshd.service
|
%service_del_preun sshd.service
|
||||||
|
|
||||||
%postun
|
%postun server
|
||||||
# The openssh-fips trigger script for openssh will normally restart sshd once
|
# The openssh-fips trigger script for openssh will normally restart sshd once
|
||||||
# it gets installed, so only restart the service here is openssh-fips is not
|
# it gets installed, so only restart the service here if openssh-fips is not
|
||||||
# present
|
# present.
|
||||||
rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
if rpm -q openssh-fips >/dev/null 2>/dev/null; then
|
||||||
|
%service_del_postun_without_restart sshd.service
|
||||||
|
else
|
||||||
%service_del_postun sshd.service
|
%service_del_postun sshd.service
|
||||||
|
fi
|
||||||
|
|
||||||
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
|
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
|
||||||
%restart_on_update sshd
|
%restart_on_update sshd
|
||||||
|
|
||||||
%verifyscript
|
%verifyscript server
|
||||||
%verify_permissions -e %{_sysconfdir}/ssh/sshd_config
|
%verify_permissions -e %{_sysconfdir}/ssh/sshd_config
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%exclude %{_bindir}/ssh%{CHECKSUM_SUFFIX}
|
# openssh is an empty package that depends on -clients and -server,
|
||||||
%exclude %{_sbindir}/sshd%{CHECKSUM_SUFFIX}
|
# resulting in a clean upgrade path from prior to the split even when
|
||||||
%exclude %{_libexecdir}/ssh/sftp-server%{CHECKSUM_SUFFIX}
|
# recommends are disabled.
|
||||||
%exclude %{_libexecdir}/ssh/cavs*
|
|
||||||
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd
|
%files common
|
||||||
%license LICENCE
|
%license LICENCE
|
||||||
%doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS
|
%doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS
|
||||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
||||||
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
%attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1*
|
||||||
%verify(not mode) %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
%attr(0444,root,root) %{_mandir}/man5/moduli.5*
|
||||||
|
%attr(0755,root,root) %{_bindir}/ssh-keygen*
|
||||||
|
|
||||||
|
%files server
|
||||||
|
%attr(0755,root,root) %{_sbindir}/sshd
|
||||||
|
%attr(0755,root,root) %{_sbindir}/rcsshd
|
||||||
|
%attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start
|
||||||
|
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd
|
||||||
|
%verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
|
||||||
%attr(0644,root,root) %{_unitdir}/sshd.service
|
%attr(0644,root,root) %{_unitdir}/sshd.service
|
||||||
%attr(0755,root,root) %{_bindir}/*
|
%attr(0444,root,root) %{_mandir}/man5/sshd_config*
|
||||||
%attr(0755,root,root) %{_sbindir}/*
|
%attr(0444,root,root) %{_mandir}/man8/sftp-server.8*
|
||||||
%attr(0755,root,root) %dir %{_libexecdir}/ssh
|
%attr(0444,root,root) %{_mandir}/man8/sshd.8*
|
||||||
%exclude %{_libexecdir}/ssh/ssh-ldap*
|
%attr(0755,root,root) %{_libexecdir}/ssh/sftp-server
|
||||||
%attr(0755,root,root) %{_libexecdir}/ssh/*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man1/*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man5/*
|
|
||||||
%attr(0444,root,root) %{_mandir}/man8/*
|
|
||||||
%exclude %{_mandir}/man5/ssh-ldap*
|
|
||||||
%exclude %{_mandir}/man8/ssh-ldap*
|
|
||||||
%dir %{_sysconfdir}/slp.reg.d
|
%dir %{_sysconfdir}/slp.reg.d
|
||||||
%config %{_sysconfdir}/slp.reg.d/ssh.reg
|
%config %{_sysconfdir}/slp.reg.d/ssh.reg
|
||||||
%{_fillupdir}/sysconfig.ssh
|
%{_fillupdir}/sysconfig.ssh
|
||||||
@ -323,6 +424,32 @@ rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
|||||||
%config %{_fwdefdir}/sshd
|
%config %{_fwdefdir}/sshd
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%files clients
|
||||||
|
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||||
|
%attr(0755,root,root) %{_bindir}/ssh
|
||||||
|
%attr(0755,root,root) %{_bindir}/scp*
|
||||||
|
%attr(0755,root,root) %{_bindir}/sftp*
|
||||||
|
%attr(0755,root,root) %{_bindir}/ssh-add*
|
||||||
|
%attr(0755,root,root) %{_bindir}/ssh-agent*
|
||||||
|
%attr(0755,root,root) %{_bindir}/ssh-copy-id*
|
||||||
|
%attr(0755,root,root) %{_bindir}/ssh-keyscan*
|
||||||
|
%attr(0755,root,root) %dir %{_libexecdir}/ssh
|
||||||
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-askpass*
|
||||||
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-keysign*
|
||||||
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-pkcs11-helper*
|
||||||
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-sk-helper*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/scp.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/sftp.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/ssh-add.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/ssh-agent.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/ssh-keyscan.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/ssh.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man1/ssh-copy-id.1*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man5/ssh_config.5*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man8/ssh-sk-helper.8*
|
||||||
|
%attr(0444,root,root) %{_mandir}/man8/ssh-keysign.8*
|
||||||
|
|
||||||
%files helpers
|
%files helpers
|
||||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||||
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf
|
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf
|
||||||
|
Loading…
Reference in New Issue
Block a user