Accepting request 833579 from home:hpjansson:sle-14821

- Split openssh package into openssh, openssh-server and
  openssh-clients. This allows for the ssh clients to be installed
  without the server component (bsc#1176434).

- Supplement openssh-clients instead of openssh (bsc#1176434).

OBS-URL: https://build.opensuse.org/request/show/833579
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=213
This commit is contained in:
Marcus Meissner 2020-09-14 10:47:29 +00:00 committed by Git OBS Bridge
parent dbcbd30908
commit c5fddd4115
4 changed files with 83 additions and 24 deletions

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Thu Sep 10 22:44:00 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
- Supplement openssh-clients instead of openssh (bsc#1176434).
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com> Thu Jul 18 14:07:56 UTC 2019 - Fabian Vogt <fvogt@suse.com>

View File

@ -27,7 +27,7 @@ URL: http://www.openssh.com/
Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz Source: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz
Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc Source42: http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{_name}-%{version}.tar.gz.asc
Requires: %{_name} = %{version} Requires: %{_name} = %{version}
Supplements: packageand(openssh:libgtk-3-0) Supplements: packageand(openssh-clients:libgtk-3-0)
%if 0%{?suse_version} >= 1550 %if 0%{?suse_version} >= 1550
BuildRequires: gtk3-devel BuildRequires: gtk3-devel
%else %else

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Sep 10 21:38:30 UTC 2020 - Hans Petter Jansson <hpj@suse.com>
- Split openssh package into openssh, openssh-server and
openssh-clients. This allows for the ssh clients to be installed
without the server component (bsc#1176434).
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com> Fri Jun 5 00:36:08 UTC 2020 - Hans Petter Jansson <hpj@suse.com>

View File

@ -115,6 +115,9 @@ BuildRequires: pkgconfig(libfido2)
BuildRequires: pkgconfig(libsystemd) BuildRequires: pkgconfig(libsystemd)
Requires(post): %fillup_prereq Requires(post): %fillup_prereq
Requires(pre): shadow Requires(pre): shadow
PreReq: permissions
Recommends: %{name}-server = %{version}-%{release}
Recommends: %{name}-clients = %{version}-%{release}
Recommends: %{name}-helpers = %{version}-%{release} Recommends: %{name}-helpers = %{version}-%{release}
Recommends: audit Recommends: audit
Conflicts: %{name}-fips < %{version}-%{release} Conflicts: %{name}-fips < %{version}-%{release}
@ -139,6 +142,24 @@ hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel. also be forwarded over the secure channel.
%package server
Summary: SSH (Secure Shell) server
Group: Productivity/Networking/SSH
Requires: openssh = %{version}-%{release}
%description server
The SSH (Secure Shell) daemon allows clients to securely connect to your
server.
%package clients
Summary: SSH (Secure Shell) client applications
Group: Productivity/Networking/SSH
Requires: openssh = %{version}-%{release}
%description clients
This package contains clients for making secure connections to SSH (Secure
Shell) servers.
%package helpers %package helpers
Summary: OpenSSH AuthorizedKeysCommand helpers Summary: OpenSSH AuthorizedKeysCommand helpers
Group: Productivity/Networking/SSH Group: Productivity/Networking/SSH
@ -264,20 +285,23 @@ done
}} }}
%pre %pre server
getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd getent group sshd >/dev/null || %{_sbindir}/groupadd -r sshd
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d %{_localstatedir}/lib/sshd -s /bin/false -c "SSH daemon" sshd getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d %{_localstatedir}/lib/sshd -s /bin/false -c "SSH daemon" sshd
%service_add_pre sshd.service %service_add_pre sshd.service
%post %post server
%{fillup_only -n ssh sshd} %{fillup_only -n sshd}
%service_add_post sshd.service %service_add_post sshd.service
%set_permissions %{_sysconfdir}/ssh/sshd_config %set_permissions %{_sysconfdir}/ssh/sshd_config
%preun %post clients
%{fillup_only -n ssh}
%preun server
%service_del_preun sshd.service %service_del_preun sshd.service
%postun %postun server
# The openssh-fips trigger script for openssh will normally restart sshd once # The openssh-fips trigger script for openssh will normally restart sshd once
# it gets installed, so only restart the service here is openssh-fips is not # it gets installed, so only restart the service here is openssh-fips is not
# present # present
@ -287,33 +311,30 @@ rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
%triggerin -n openssh-fips -- %{name} = %{version}-%{release} %triggerin -n openssh-fips -- %{name} = %{version}-%{release}
%restart_on_update sshd %restart_on_update sshd
%verifyscript %verifyscript server
%verify_permissions -e %{_sysconfdir}/ssh/sshd_config %verify_permissions -e %{_sysconfdir}/ssh/sshd_config
%files %files
%exclude %{_bindir}/ssh%{CHECKSUM_SUFFIX}
%exclude %{_sbindir}/sshd%{CHECKSUM_SUFFIX}
%exclude %{_libexecdir}/ssh/sftp-server%{CHECKSUM_SUFFIX}
%exclude %{_libexecdir}/ssh/cavs*
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd
%license LICENCE %license LICENCE
%doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS %doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS
%attr(0755,root,root) %dir %{_sysconfdir}/ssh %attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config %attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1*
%verify(not mode) %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %attr(0444,root,root) %{_mandir}/man5/moduli.5*
%attr(0755,root,root) %{_bindir}/ssh-keygen*
%files server
%attr(0755,root,root) %{_sbindir}/sshd
%attr(0755,root,root) %{_sbindir}/rcsshd
%attr(0755,root,root) %{_sbindir}/sshd-gen-keys-start
%dir %attr(755,root,root) %{_localstatedir}/lib/sshd
%verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
%attr(0644,root,root) %{_unitdir}/sshd.service %attr(0644,root,root) %{_unitdir}/sshd.service
%attr(0755,root,root) %{_bindir}/* %attr(0444,root,root) %{_mandir}/man5/sshd_config*
%attr(0755,root,root) %{_sbindir}/* %attr(0444,root,root) %{_mandir}/man8/sftp-server.8*
%attr(0755,root,root) %dir %{_libexecdir}/ssh %attr(0444,root,root) %{_mandir}/man8/sshd.8*
%exclude %{_libexecdir}/ssh/ssh-ldap* %attr(0755,root,root) %{_libexecdir}/ssh/sftp-server
%attr(0755,root,root) %{_libexecdir}/ssh/*
%attr(0444,root,root) %{_mandir}/man1/*
%attr(0444,root,root) %{_mandir}/man5/*
%attr(0444,root,root) %{_mandir}/man8/*
%exclude %{_mandir}/man5/ssh-ldap*
%exclude %{_mandir}/man8/ssh-ldap*
%dir %{_sysconfdir}/slp.reg.d %dir %{_sysconfdir}/slp.reg.d
%config %{_sysconfdir}/slp.reg.d/ssh.reg %config %{_sysconfdir}/slp.reg.d/ssh.reg
%{_fillupdir}/sysconfig.ssh %{_fillupdir}/sysconfig.ssh
@ -323,6 +344,32 @@ rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
%config %{_fwdefdir}/sshd %config %{_fwdefdir}/sshd
%endif %endif
%files clients
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/scp*
%attr(0755,root,root) %{_bindir}/sftp*
%attr(0755,root,root) %{_bindir}/ssh-add*
%attr(0755,root,root) %{_bindir}/ssh-agent*
%attr(0755,root,root) %{_bindir}/ssh-copy-id*
%attr(0755,root,root) %{_bindir}/ssh-keyscan*
%attr(0755,root,root) %dir %{_libexecdir}/ssh
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-askpass*
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-keysign*
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-pkcs11-helper*
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-sk-helper*
%attr(0444,root,root) %{_mandir}/man1/scp.1*
%attr(0444,root,root) %{_mandir}/man1/sftp.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-add.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-agent.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-keyscan.1*
%attr(0444,root,root) %{_mandir}/man1/ssh.1*
%attr(0444,root,root) %{_mandir}/man1/ssh-copy-id.1*
%attr(0444,root,root) %{_mandir}/man5/ssh_config.5*
%attr(0444,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
%attr(0444,root,root) %{_mandir}/man8/ssh-sk-helper.8*
%attr(0444,root,root) %{_mandir}/man8/ssh-keysign.8*
%files helpers %files helpers
%attr(0755,root,root) %dir %{_sysconfdir}/ssh %attr(0755,root,root) %dir %{_sysconfdir}/ssh
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf %verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ldap.conf