diff --git a/openssh-askpass-gnome.spec b/openssh-askpass-gnome.spec index 47739a1..f23d861 100644 --- a/openssh-askpass-gnome.spec +++ b/openssh-askpass-gnome.spec @@ -15,7 +15,7 @@ BuildRequires: gtk2-devel krb5-devel opensc-devel openssh openssl-devel pam-dev License: Other License(s), see package Group: Productivity/Networking/SSH Version: 4.5p1 -Release: 11 +Release: 16 Requires: openssh = %{version} openssh-askpass = %{version} Autoreqprov: on Summary: A GNOME-Based Passphrase Dialog for OpenSSH @@ -110,7 +110,7 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root) %attr(0755,root,root) /usr/%_lib/ssh/gnome-ssh-askpass -%changelog -n openssh-askpass-gnome +%changelog * Tue Dec 12 2006 - anicka@suse.cz - update to 4.5p1 * Use privsep_pw if we have it, but only require it if we diff --git a/openssh.changes b/openssh.changes index 653fd89..9a42939 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Feb 21 11:21:48 CET 2007 - anicka@suse.cz + +- add firewall definition [#246921], FATE #300687, + source: sshd.fw + ------------------------------------------------------------------- Sat Jan 6 12:30:16 CET 2007 - anicka@suse.cz diff --git a/openssh.spec b/openssh.spec index f40f385..13ca91c 100644 --- a/openssh.spec +++ b/openssh.spec @@ -28,7 +28,7 @@ PreReq: /usr/sbin/groupadd /usr/sbin/useradd %insserv_prereq %fillup_pr Conflicts: nonfreessh Autoreqprov: on Version: 4.5p1 -Release: 11 +Release: 16 %define xversion 1.2.4.1 Summary: Secure Shell Client and Server (Remote Login Program) URL: http://www.openssh.com/ @@ -41,6 +41,7 @@ Source5: converter.tar.bz2 Source6: README.kerberos Source7: ssh.reg Source8: ssh-askpass +Source9: sshd.fw Patch: %{name}-%{version}.dif Patch1: %{name}-%{version}-addrlist.dif Patch12: %{name}-%{version}-askpass-fix.diff @@ -218,6 +219,10 @@ rm -rf $RPM_BUILD_ROOT/usr/%_lib/ssh/ssh-askpass sed -e "s@usr/lib/ssh@usr/%_lib/ssh@" < %{S:8} > $RPM_BUILD_ROOT/usr/%_lib/ssh/ssh-askpass rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin sed -i -e s@/usr/libexec@/usr/%{_lib}@g $RPM_BUILD_ROOT/etc/ssh/sshd_config +#install firewall definitions format is described here: +#/usr/share/SuSEfirewall2/services/TEMPLATE +mkdir -p $RPM_BUILD_ROOT/usr/share/SuSEfirewall2/services/ +install -m 755 %{S:9} $RPM_BUILD_ROOT/usr/share/SuSEfirewall2/services/sshd %pre /usr/sbin/groupadd -g 65 -o -r sshd 2> /dev/null || : @@ -274,6 +279,7 @@ rm -rf $RPM_BUILD_ROOT %dir /etc/slp.reg.d /etc/slp.reg.d/ssh.reg /var/adm/fillup-templates/sysconfig.ssh +/usr/share/SuSEfirewall2/services/sshd %files askpass %defattr(-,root,root) @@ -283,7 +289,10 @@ rm -rf $RPM_BUILD_ROOT %doc %_mandir/man1/x11-ssh-askpass.1x.gz %config %_appdefdir/SshAskpass -%changelog -n openssh +%changelog +* Wed Feb 21 2007 - anicka@suse.cz +- add firewall definition [#246921], FATE #300687, + source: sshd.fw * Sat Jan 06 2007 - anicka@suse.cz - disable SSHv1 protocol in default configuration [#231808] * Tue Dec 12 2006 - anicka@suse.cz diff --git a/sshd.fw b/sshd.fw new file mode 100644 index 0000000..11a4a16 --- /dev/null +++ b/sshd.fw @@ -0,0 +1,5 @@ +## Name: Secure Shell Server +## Description: Open ports for for Secure Shell Server + +# space separated list of allowed TCP ports +TCP="ssh"