Accepting request 536578 from home:jsegitz:branches:network
- sshd_config is has now permissions 0600 in secure mode OBS-URL: https://build.opensuse.org/request/show/536578 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=120
This commit is contained in:
parent
a1a66bf54b
commit
c84af5da00
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh-askpass-gnome
|
# spec file for package openssh-askpass-gnome
|
||||||
#
|
#
|
||||||
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Oct 25 15:09:06 UTC 2017 - jsegitz@suse.com
|
||||||
|
|
||||||
|
- sshd_config is has now permissions 0600 in secure mode
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon May 15 20:47:29 UTC 2017 - pcerny@suse.com
|
Mon May 15 20:47:29 UTC 2017 - pcerny@suse.com
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package openssh
|
# spec file for package openssh
|
||||||
#
|
#
|
||||||
# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -392,6 +392,7 @@ getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d /var/lib/sshd
|
|||||||
%else
|
%else
|
||||||
%{fillup_and_insserv -n ssh sshd}
|
%{fillup_and_insserv -n ssh sshd}
|
||||||
%endif
|
%endif
|
||||||
|
%set_permissions /etc/ssh/sshd_config
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%if %{uses_systemd}
|
%if %{uses_systemd}
|
||||||
@ -415,6 +416,9 @@ rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
|||||||
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
|
%triggerin -n openssh-fips -- %{name} = %{version}-%{release}
|
||||||
%restart_on_update sshd
|
%restart_on_update sshd
|
||||||
|
|
||||||
|
%verifyscript
|
||||||
|
%verify_permissions -e /etc/ssh/sshd_config
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%exclude %{_bindir}/ssh%{CHECKSUM_SUFFIX}
|
%exclude %{_bindir}/ssh%{CHECKSUM_SUFFIX}
|
||||||
@ -426,7 +430,7 @@ rpm -q openssh-fips >& /dev/null && DISABLE_RESTART_ON_UPDATE=yes
|
|||||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
||||||
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
%verify(not mode) %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||||
%verify(not mode) %attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
%verify(not mode) %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/pam.d/sshd
|
||||||
%if %{uses_systemd}
|
%if %{uses_systemd}
|
||||||
%doc sshd.init
|
%doc sshd.init
|
||||||
|
Loading…
Reference in New Issue
Block a user