# # spec file for package openssh # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: openssh %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services %define _appdefdir %{_prefix}/share/X11/app-defaults BuildRequires: audit-devel krb5-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel BuildRequires: libselinux-devel License: BSD3c(or similar) ; MIT License (or similar) Group: Productivity/Networking/SSH Requires: /bin/netstat PreReq: pwdutils %insserv_prereq %fillup_prereq coreutils Conflicts: nonfreessh AutoReqProv: on Version: 5.8p1 Release: 2 %define xversion 1.2.4.1 Summary: Secure Shell Client and Server (Remote Login Program) Url: http://www.openssh.com/ Source: %{name}-%{version}.tar.bz2 Source1: %{name}-SuSE.tar.bz2 Source2: sshd.pamd Source3: x11-ssh-askpass-%{xversion}.tar.bz2 Source4: README.SuSE Source5: converter.tar.bz2 Source6: README.kerberos Source7: ssh.reg Source8: ssh-askpass Source9: sshd.fw Patch: %{name}-%{version}-sshd_config.diff Patch1: %{name}-%{version}-askpass-fix.diff Patch2: %{name}-%{version}-pam-fix2.diff Patch3: %{name}-%{version}-saveargv-fix.diff Patch4: %{name}-%{version}-pam-fix3.diff Patch5: %{name}-%{version}-gssapimitm.patch Patch6: %{name}-%{version}-eal3.diff Patch7: %{name}-%{version}-engines.diff Patch8: %{name}-%{version}-blocksigalrm.diff Patch9: %{name}-%{version}-send_locale.diff Patch10: %{name}-%{version}-xauthlocalhostname.diff Patch12: %{name}-%{version}-xauth.diff Patch14: %{name}-%{version}-default-protocol.diff Patch15: %{name}-%{version}-audit.patch Patch16: %{name}-%{version}-pts.diff Patch17: %{name}-%{version}-homechroot.patch Patch18: %{name}-%{version}-sshconfig-knownhostschanges.diff Patch19: %{name}-%{version}-host_ident.diff Patch20: %{name}-%{version}-syntax-error.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %package askpass License: BSD3c(or similar) ; MIT License (or similar) Summary: A passphrase dialog for OpenSSH and the X Window System Requires: openssh = %{version} Provides: openssh:/usr/%_lib/ssh/ssh-askpass Group: Productivity/Networking/SSH %description SSH (Secure Shell) is a program for logging into and executing commands on a remote machine. It is intended to replace rsh (rlogin and rsh) and provides openssl (secure encrypted communication) between two untrusted hosts over an insecure network. xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. %description askpass Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. This package contains an X Window System passphrase dialog for OpenSSH. %define prefix /usr %prep %setup -q -b 3 -a 1 -a 5 %patch %patch2 %patch3 %patch4 %patch5 %patch6 -p1 %patch7 -p1 %patch8 %patch9 %patch10 %patch12 %patch14 %patch15 -p1 %patch16 %patch17 %patch18 %patch19 -p1 %patch20 -p1 cp -v %{SOURCE4} . cp -v %{SOURCE6} . cd ../x11-ssh-askpass-%{xversion} %patch1 %build # This package failed when testing with -Wl,-as-needed being default. # So we disable it here, if you want to retest, just delete this comment and the line below. export SUSE_ASNEEDED=0 %{?suse_update_config:%{suse_update_config}} aclocal autoheader autoconf %ifarch s390 s390x %sparc PIEFLAGS="-fPIE" %else PIEFLAGS="-fpie" %endif #Obsoleted CFLAGS="-DUSE_POSIX_THREADS $RPM_OPT_FLAGS" CXXFLAGS="-DUSE_POSIX_THREADS $RPM_O \ #Obsoleted LDFLAGS="-lpthread" \ LDFLAGS="-pie" CFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" CXXFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" \ ./configure --with-ssl-engine \ --mandir=%{_mandir} \ --prefix=%{prefix} \ --infodir=%{_infodir} \ --sysconfdir=/etc/ssh \ --libexecdir=%{prefix}/%_lib/ssh \ --with-tcp-wrappers \ --with-selinux \ --with-pam \ --with-kerberos5=/usr \ --with-privsep-path=/var/lib/empty \ --disable-strip \ --with-linux-audit \ --with-xauth=%{_prefix}/bin/xauth \ --target=%{_target_cpu}-suse-linux # --with-afs=/usr \ make %{?_smp_mflags} (cd converter; make %{?_smp_mflags}) cd contrib cd ../../x11-ssh-askpass-%{xversion} CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" ./configure \ --mandir=%{_mandir} \ --prefix=%{_prefix} \ --libexecdir=%{prefix}/%_lib/ssh xmkmf make includes USRLIBDIR=%_prefix/%_lib make %{?_smp_mflags} USRLIBDIR=%_prefix/%_lib CCOPTIONS="$RPM_OPT_FLAGS" %install make DESTDIR=$RPM_BUILD_ROOT/ install install -d -m 755 $RPM_BUILD_ROOT/etc/pam.d install -d -m 755 $RPM_BUILD_ROOT/var/lib/sshd install -m 644 %{S:2} $RPM_BUILD_ROOT/etc/pam.d/sshd install -d -m 755 $RPM_BUILD_ROOT/etc/slp.reg.d/ install -m 644 %{S:7} $RPM_BUILD_ROOT/etc/slp.reg.d/ cp -a SuSE/* $RPM_BUILD_ROOT # install shell script to automate the process of adding your public key to a remote machine install -m 755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin install -m 644 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/%{_mandir}/man1 (cd converter; make install DESTDIR=$RPM_BUILD_ROOT/) cd ../x11-ssh-askpass-%{xversion} make BINDIR=/usr/%_lib/ssh DESTDIR=$RPM_BUILD_ROOT install install.man rm -rf $RPM_BUILD_ROOT/usr/%_lib/ssh/ssh-askpass sed -e "s@usr/lib/ssh@usr/%_lib/ssh@" < %{S:8} > $RPM_BUILD_ROOT/usr/%_lib/ssh/ssh-askpass rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin sed -i -e s@/usr/libexec@/usr/%{_lib}@g $RPM_BUILD_ROOT/etc/ssh/sshd_config #install firewall definitions format is described here: #/usr/share/SuSEfirewall2/services/TEMPLATE mkdir -p $RPM_BUILD_ROOT/%{_fwdefdir} install -m 644 %{S:9} $RPM_BUILD_ROOT/%{_fwdefdir}/sshd %pre getent group sshd >/dev/null || /usr/sbin/groupadd -o -r sshd getent passwd sshd >/dev/null || /usr/sbin/useradd -r -g sshd -d /var/lib/sshd -s /bin/false -c "SSH daemon" sshd %post %{fillup_and_insserv -n ssh sshd} %preun %stop_on_removal sshd %postun %restart_on_update sshd %{insserv_cleanup} %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %dir %attr(755,root,root) /var/lib/sshd %doc README.SuSE README.kerberos ChangeLog OVERVIEW README TODO LICENCE CREDITS %attr(0755,root,root) %dir /etc/ssh %attr(0600,root,root) %config(noreplace) /etc/ssh/moduli %attr(0644,root,root) %config(noreplace) /etc/ssh/ssh_config %attr(0640,root,root) %config(noreplace) /etc/ssh/sshd_config %attr(0644,root,root) %config /etc/pam.d/sshd %attr(0755,root,root) %config /etc/init.d/sshd %attr(0755,root,root) /usr/bin/ssh /usr/bin/scp /usr/bin/sftp /usr/bin/slogin /usr/bin/ssh-* /usr/sbin/* %attr(444,root,root) %doc %{_mandir}/man1/scp.1.gz %attr(444,root,root) %doc %{_mandir}/man1/ssh-keygen.1.gz %attr(444,root,root) %doc /usr/share/man/man1/ssh-keyconverter.1.gz %attr(444,root,root) %doc %{_mandir}/man1/ssh.1.gz %attr(444,root,root) %doc %{_mandir}/man1/slogin.1.gz %attr(444,root,root) %doc %{_mandir}/man1/ssh-agent.1* %attr(444,root,root) %doc %{_mandir}/man1/ssh-add.1* %attr(444,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* %attr(444,root,root) %doc %{_mandir}/man1/sftp.1* %attr(444,root,root) %doc %{_mandir}/man1/ssh-copy-id.1* %attr(444,root,root) %doc %{_mandir}/man5/* %attr(444,root,root) %doc %{_mandir}/man8/* %attr(0755,root,root) %dir /usr/%_lib/ssh %attr(0755,root,root) /usr/%_lib/ssh/sftp-server %attr(0755,root,root) /usr/%_lib/ssh/ssh-keysign %attr(0755,root,root) /usr/%_lib/ssh/ssh-pkcs11-helper %dir /etc/slp.reg.d %config /etc/slp.reg.d/ssh.reg /var/adm/fillup-templates/sysconfig.ssh %config %{_fwdefdir}/sshd %files askpass %defattr(-,root,root) %attr(0755,root,root) /usr/%_lib/ssh/ssh-askpass %attr(0755,root,root) /usr/%_lib/ssh/x11-ssh-askpass %doc %_mandir/man1/ssh-askpass.1x.gz %doc %_mandir/man1/x11-ssh-askpass.1x.gz %_appdefdir/SshAskpass %changelog