2401590e48
- Add systemd startup units OBS-URL: https://build.opensuse.org/request/show/94377 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=16
266 lines
8.9 KiB
RPMSpec
266 lines
8.9 KiB
RPMSpec
#
|
|
# spec file for package openssh
|
|
#
|
|
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
|
|
Name: openssh
|
|
%define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services
|
|
%define _appdefdir %{_prefix}/share/X11/app-defaults
|
|
BuildRequires: audit-devel krb5-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel
|
|
BuildRequires: libselinux-devel
|
|
BuildRequires: libedit-devel
|
|
License: BSD3c(or similar) ; MIT License (or similar)
|
|
Group: Productivity/Networking/SSH
|
|
Requires: /bin/netstat
|
|
PreReq: pwdutils %{insserv_prereq} %{fillup_prereq} coreutils
|
|
Conflicts: nonfreessh
|
|
Version: 5.9p1
|
|
Release: 1
|
|
%define xversion 1.2.4.1
|
|
Summary: Secure Shell Client and Server (Remote Login Program)
|
|
Url: http://www.openssh.com/
|
|
Source: %{name}-%{version}.tar.bz2
|
|
Source1: sshd.init
|
|
Source2: sshd.pamd
|
|
Source3: x11-ssh-askpass-%{xversion}.tar.bz2
|
|
Source4: README.SuSE
|
|
Source5: converter.tar.bz2
|
|
Source6: README.kerberos
|
|
Source7: ssh.reg
|
|
Source8: ssh-askpass
|
|
Source9: sshd.fw
|
|
Source10: sysconfig.ssh
|
|
Source11: sshd-gen-keys-start
|
|
Source12: sshd.service
|
|
Patch: %{name}-5.9p1-sshd_config.diff
|
|
Patch1: %{name}-5.9p1-askpass-fix.diff
|
|
Patch2: %{name}-5.9p1-pam-fix2.diff
|
|
Patch3: %{name}-5.9p1-saveargv-fix.diff
|
|
Patch4: %{name}-5.9p1-pam-fix3.diff
|
|
Patch5: %{name}-5.9p1-gssapimitm.patch
|
|
Patch6: %{name}-5.9p1-eal3.diff
|
|
Patch7: %{name}-5.9p1-engines.diff
|
|
Patch8: %{name}-5.9p1-blocksigalrm.diff
|
|
Patch9: %{name}-5.9p1-send_locale.diff
|
|
Patch10: %{name}-5.9p1-xauthlocalhostname.diff
|
|
Patch12: %{name}-5.9p1-xauth.diff
|
|
Patch14: %{name}-5.9p1-default-protocol.diff
|
|
Patch15: %{name}-5.9p1-audit.patch
|
|
Patch16: %{name}-5.9p1-pts.diff
|
|
Patch17: %{name}-5.9p1-homechroot.patch
|
|
Patch18: %{name}-5.9p1-sshconfig-knownhostschanges.diff
|
|
Patch19: %{name}-5.9p1-host_ident.diff
|
|
Patch20: converter-linking.patch
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
%if 0%{?suse_version} > 1140
|
|
BuildRequires: systemd
|
|
%{?systemd_requires}
|
|
%define has_systemd 1
|
|
%endif
|
|
|
|
%package askpass
|
|
License: BSD3c(or similar) ; MIT License (or similar)
|
|
Summary: A passphrase dialog for OpenSSH and the X Window System
|
|
Requires: openssh = %{version}
|
|
Provides: openssh:%{_libexecdir}/ssh/ssh-askpass
|
|
Group: Productivity/Networking/SSH
|
|
|
|
%description
|
|
SSH (Secure Shell) is a program for logging into and executing commands
|
|
on a remote machine. It is intended to replace rsh (rlogin and rsh) and
|
|
provides openssl (secure encrypted communication) between two untrusted
|
|
hosts over an insecure network.
|
|
|
|
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
|
|
also be forwarded over the secure channel.
|
|
|
|
%description askpass
|
|
Ssh (Secure Shell) is a program for logging into a remote machine and
|
|
for executing commands on a remote machine. This package contains an X
|
|
Window System passphrase dialog for OpenSSH.
|
|
|
|
%prep
|
|
%setup -q -b 3 -a 5
|
|
%patch
|
|
%patch2
|
|
%patch3
|
|
%patch4
|
|
%patch5
|
|
%patch6 -p1
|
|
%patch7 -p1
|
|
%patch8
|
|
%patch9
|
|
%patch10
|
|
%patch12
|
|
%patch14
|
|
%patch15 -p1
|
|
%patch16
|
|
%patch17
|
|
%patch18
|
|
%patch19 -p1
|
|
%patch20
|
|
cp -v %{SOURCE4} .
|
|
cp -v %{SOURCE6} .
|
|
cd ../x11-ssh-askpass-%{xversion}
|
|
%patch1
|
|
|
|
%build
|
|
autoreconf -fiv
|
|
%ifarch s390 s390x %sparc
|
|
PIEFLAGS="-fPIE"
|
|
%else
|
|
PIEFLAGS="-fpie"
|
|
%endif
|
|
export CFLAGS="%{optflags} $PIEFLAGS -fstack-protector"
|
|
export CXXFLAGS="%{optflags} $PIEFLAGS -fstack-protector"
|
|
export LDFLAGS="-pie"
|
|
%configure \
|
|
--with-ssl-engine \
|
|
%if 0%{suse_version} >= 1140
|
|
--with-libedit \
|
|
%endif
|
|
--sysconfdir=%{_sysconfdir}/ssh \
|
|
--libexecdir=%{_libexecdir}/ssh \
|
|
--with-tcp-wrappers \
|
|
--with-selinux \
|
|
--with-pam \
|
|
--with-kerberos5=/usr \
|
|
--with-privsep-path=/var/lib/empty \
|
|
--with-sandbox=rlimit \
|
|
--disable-strip \
|
|
--with-linux-audit \
|
|
--with-xauth=%{_prefix}/bin/xauth \
|
|
--target=%{_target_cpu}-suse-linux
|
|
# --with-afs=/usr \
|
|
make %{?_smp_mflags}
|
|
(cd converter; make %{?_smp_mflags})
|
|
cd contrib
|
|
cd ../../x11-ssh-askpass-%{xversion}
|
|
%configure \
|
|
--libexecdir=%{_libdir}/ssh
|
|
xmkmf
|
|
make includes USRLIBDIR=%{_libdir}
|
|
make %{?_smp_mflags} USRLIBDIR=%{_libdir} CCOPTIONS="%{optflags}"
|
|
|
|
%install
|
|
make DESTDIR=%{buildroot}/ install
|
|
install -d -m 755 %{buildroot}%{_sysconfdir}/pam.d
|
|
install -d -m 755 %{buildroot}/var/lib/sshd
|
|
install -m 644 %{S:2} %{buildroot}%{_sysconfdir}/pam.d/sshd
|
|
install -d -m 755 %{buildroot}%{_sysconfdir}/slp.reg.d/
|
|
install -m 644 %{S:7} %{buildroot}%{_sysconfdir}/slp.reg.d/
|
|
install -d -m 755 %{buildroot}/etc/init.d
|
|
install -m 755 %{S:1} %{buildroot}/etc/init.d/sshd
|
|
ln -vs ../../etc/init.d/sshd %{buildroot}/usr/sbin/rcsshd
|
|
install -d -m 755 %{buildroot}/var/adm/fillup-templates
|
|
install -m 644 %{S:10} %{buildroot}/var/adm/fillup-templates
|
|
# install shell script to automate the process of adding your public key to a remote machine
|
|
install -m 755 contrib/ssh-copy-id %{buildroot}%{_bindir}
|
|
install -m 644 contrib/ssh-copy-id.1 %{buildroot}%{_mandir}/man1
|
|
( cd converter; make install DESTDIR=%{buildroot} )
|
|
cd ../x11-ssh-askpass-%{xversion}
|
|
make BINDIR=%{_libexecdir}/ssh DESTDIR=%{buildroot} install install.man
|
|
rm -rf %{buildroot}%{_libexecdir}/ssh/ssh-askpass
|
|
sed -e "s,@LIBEXEC@,%{_libexecdir},g" < %{S:8} > %{buildroot}%{_libexecdir}/ssh/ssh-askpass
|
|
rm -f %{buildroot}%{_datadir}/Ssh.bin
|
|
sed -i -e s@/usr/libexec@%{_libexecdir}@g %{buildroot}%{_sysconfdir}/ssh/sshd_config
|
|
#install firewall definitions format is described here:
|
|
#%{_datadir}/SuSEfirewall2/services/TEMPLATE
|
|
mkdir -p %{buildroot}%{_fwdefdir}
|
|
install -m 644 %{S:9} %{buildroot}%{_fwdefdir}/sshd
|
|
%if 0%{?has_systemd}
|
|
install -D -m 0755 %{SOURCE11} %{buildroot}%{_sbindir}/sshd-gen-keys-start
|
|
install -D -m 0644 %{SOURCE12} %{buildroot}%{_unitdir}/sshd.service
|
|
%endif
|
|
|
|
%pre
|
|
getent group sshd >/dev/null || %{_sbindir}/groupadd -o -r sshd
|
|
getent passwd sshd >/dev/null || %{_sbindir}/useradd -r -g sshd -d /var/lib/sshd -s /bin/false -c "SSH daemon" sshd
|
|
%if 0%{?has_systemd}
|
|
%service_add_pre sshd.service
|
|
%endif
|
|
|
|
%post
|
|
%{fillup_and_insserv -n ssh sshd}
|
|
%if 0%{?has_systemd}
|
|
%service_add_post sshd.service
|
|
%endif
|
|
|
|
%preun
|
|
%stop_on_removal sshd
|
|
%if 0%{?has_systemd}
|
|
%service_del_preun sshd.service
|
|
%endif
|
|
|
|
%postun
|
|
%restart_on_update sshd
|
|
%{insserv_cleanup}
|
|
%if 0%{?has_systemd}
|
|
%service_del_postun sshd.service
|
|
%endif
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%dir %attr(755,root,root) /var/lib/sshd
|
|
%doc README.SuSE README.kerberos ChangeLog OVERVIEW README TODO LICENCE CREDITS
|
|
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
|
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
|
%attr(0640,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
|
%attr(0644,root,root) %config %{_sysconfdir}/pam.d/sshd
|
|
%attr(0755,root,root) %config %{_initddir}/sshd
|
|
%attr(0755,root,root) %{_bindir}/ssh
|
|
%{_bindir}/scp
|
|
%{_bindir}/sftp
|
|
%{_bindir}/slogin
|
|
%{_bindir}/ssh-*
|
|
%{_sbindir}/*
|
|
%attr(444,root,root) %doc %{_mandir}/man1/scp.1.gz
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keygen.1.gz
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keyconverter.1.gz
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh.1.gz
|
|
%attr(444,root,root) %doc %{_mandir}/man1/slogin.1.gz
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh-agent.1*
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh-add.1*
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
|
|
%attr(444,root,root) %doc %{_mandir}/man1/sftp.1*
|
|
%attr(444,root,root) %doc %{_mandir}/man1/ssh-copy-id.1*
|
|
%attr(444,root,root) %doc %{_mandir}/man5/*
|
|
%attr(444,root,root) %doc %{_mandir}/man8/*
|
|
%attr(0755,root,root) %dir %{_libexecdir}/ssh
|
|
%attr(0755,root,root) %{_libexecdir}/ssh/sftp-server
|
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-keysign
|
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-pkcs11-helper
|
|
%dir %{_sysconfdir}/slp.reg.d
|
|
%config %{_sysconfdir}/slp.reg.d/ssh.reg
|
|
/var/adm/fillup-templates/sysconfig.ssh
|
|
%config %{_fwdefdir}/sshd
|
|
%if 0%{?has_systemd}
|
|
%{_sbindir}/sshd-gen-keys-start
|
|
%{_unitdir}/sshd.service
|
|
%endif
|
|
|
|
%files askpass
|
|
%defattr(-,root,root)
|
|
%attr(0755,root,root) %{_libexecdir}/ssh/ssh-askpass
|
|
%attr(0755,root,root) %{_libexecdir}/ssh/x11-ssh-askpass
|
|
%doc %{_mandir}/man1/ssh-askpass.1x.gz
|
|
%doc %{_mandir}/man1/x11-ssh-askpass.1x.gz
|
|
%{_appdefdir}/SshAskpass
|
|
|
|
%changelog
|