1180740Sdes# Default values for additional components 2180740Sdes%define build_x11_askpass 1 3180740Sdes 4180740Sdes# Define the UID/GID to use for privilege separation 5180740Sdes%define sshd_gid 65 6180740Sdes%define sshd_uid 71 7180740Sdes 8180740Sdes# The version of x11-ssh-askpass to use 9180740Sdes%define xversion 1.2.4.1 10180740Sdes 11180740Sdes# Allow the ability to override defaults with -D skip_xxx=1 12180740Sdes%{?skip_x11_askpass:%define build_x11_askpass 0} 13180740Sdes 14180740SdesSummary: OpenSSH, a free Secure Shell (SSH) protocol implementation 15180740SdesName: openssh 16296633SdesVersion: 7.2p2 17180740SdesURL: http://www.openssh.com/ 18180740SdesRelease: 1 19180740SdesSource0: openssh-%{version}.tar.gz 20180740SdesSource1: x11-ssh-askpass-%{xversion}.tar.gz 21180740SdesLicense: BSD 22180740SdesGroup: Productivity/Networking/SSH 23180740SdesBuildRoot: %{_tmppath}/openssh-%{version}-buildroot 24180740SdesPreReq: openssl 25180740SdesObsoletes: ssh 26180740SdesProvides: ssh 27180740Sdes# 28180740Sdes# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) 29180740Sdes# building prerequisites -- stuff for 30180740Sdes# OpenSSL (openssl-devel), 31180740Sdes# and Gnome (glibdev, gtkdev, and gnlibsd) 32180740Sdes# 33180740SdesBuildPrereq: openssl 34225825SdesBuildPrereq: zlib-devel 35180740Sdes#BuildPrereq: glibdev 36180740Sdes#BuildPrereq: gtkdev 37180740Sdes#BuildPrereq: gnlibsd 38180740Sdes 39180740Sdes%package askpass 40180740SdesSummary: A passphrase dialog for OpenSSH and the X window System. 41180740SdesGroup: Productivity/Networking/SSH 42180740SdesRequires: openssh = %{version} 43180740SdesObsoletes: ssh-extras 44180740SdesProvides: openssh:${_libdir}/ssh/ssh-askpass 45180740Sdes 46180740Sdes%if %{build_x11_askpass} 47180740SdesBuildPrereq: XFree86-devel 48180740Sdes%endif 49180740Sdes 50180740Sdes%description 51180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for 52180740Sdesexecuting commands in a remote machine. It is intended to replace 53180740Sdesrlogin and rsh, and provide secure encrypted communications between 54180740Sdestwo untrusted hosts over an insecure network. X11 connections and 55180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel. 56180740Sdes 57180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 58180740Sdesup to date in terms of security and features, as well as removing all 59180740Sdespatented algorithms to seperate libraries (OpenSSL). 60180740Sdes 61180740SdesThis package includes all files necessary for both the OpenSSH 62180740Sdesclient and server. 63180740Sdes 64180740Sdes%description askpass 65180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for 66180740Sdesexecuting commands in a remote machine. It is intended to replace 67180740Sdesrlogin and rsh, and provide secure encrypted communications between 68180740Sdestwo untrusted hosts over an insecure network. X11 connections and 69180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel. 70180740Sdes 71180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 72180740Sdesup to date in terms of security and features, as well as removing all 73180740Sdespatented algorithms to seperate libraries (OpenSSL). 74180740Sdes 75180740SdesThis package contains an X Window System passphrase dialog for OpenSSH. 76180740Sdes 77180740Sdes%changelog 78180740Sdes* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov> 79180740Sdes- Removed accidental inclusion of --without-zlib-version-check 80180740Sdes* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov> 81180740Sdes- Overhaul to deal with newer versions of SuSE and OpenSSH 82180740Sdes* Mon Jun 12 2000 Damien Miller <djm@mindrot.org> 83180740Sdes- Glob manpages to catch compressed files 84180740Sdes* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> 85180740Sdes- Updated for new location 86180740Sdes- Updated for new gnome-ssh-askpass build 87180740Sdes* Sun Dec 26 1999 Chris Saia <csaia@wtower.com> 88180740Sdes- Made symlink to gnome-ssh-askpass called ssh-askpass 89180740Sdes* Wed Nov 24 1999 Chris Saia <csaia@wtower.com> 90180740Sdes- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and 91180740Sdes /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into 92180740Sdes his released tarfile 93180740Sdes- Changed permissions on ssh_config in the install procedure to 644 from 600 94180740Sdes even though it was correct in the %files section and thus right in the RPMs 95180740Sdes- Postinstall script for the server now only prints "Generating SSH host 96180740Sdes key..." if we need to actually do this, in order to eliminate a confusing 97180740Sdes message if an SSH host key is already in place 98180740Sdes- Marked all manual pages as %doc(umentation) 99180740Sdes* Mon Nov 22 1999 Chris Saia <csaia@wtower.com> 100180740Sdes- Added flag to configure daemon with TCP Wrappers support 101180740Sdes- Added building prerequisites (works in RPM 3.0 and newer) 102180740Sdes* Thu Nov 18 1999 Chris Saia <csaia@wtower.com> 103180740Sdes- Made this package correct for SuSE. 104180740Sdes- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly 105180740Sdes with SuSE, and lib_pwdb.so isn't installed by default. 106180740Sdes* Mon Nov 15 1999 Damien Miller <djm@mindrot.org> 107180740Sdes- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> 108180740Sdes* Sat Nov 13 1999 Damien Miller <djm@mindrot.org> 109180740Sdes- Added 'Obsoletes' directives 110180740Sdes* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> 111180740Sdes- Use make install 112180740Sdes- Subpackages 113180740Sdes* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> 114180740Sdes- Added links for slogin 115180740Sdes- Fixed perms on manpages 116180740Sdes* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> 117180740Sdes- Renamed init script 118180740Sdes* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> 119180740Sdes- Back to old binary names 120180740Sdes* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> 121180740Sdes- Use autoconf 122180740Sdes- New binary names 123180740Sdes* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> 124180740Sdes- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. 125180740Sdes 126180740Sdes%prep 127180740Sdes 128180740Sdes%if %{build_x11_askpass} 129180740Sdes%setup -q -a 1 130180740Sdes%else 131180740Sdes%setup -q 132180740Sdes%endif 133180740Sdes 134180740Sdes%build 135180740SdesCFLAGS="$RPM_OPT_FLAGS" \ 136180740Sdes%configure --prefix=/usr \ 137180740Sdes --sysconfdir=%{_sysconfdir}/ssh \ 138180740Sdes --mandir=%{_mandir} \ 139180740Sdes --with-privsep-path=/var/lib/empty \ 140180740Sdes --with-pam \ 141180740Sdes --libexecdir=%{_libdir}/ssh 142180740Sdesmake 143180740Sdes 144180740Sdes%if %{build_x11_askpass} 145180740Sdescd x11-ssh-askpass-%{xversion} 146180740Sdes%configure --mandir=/usr/X11R6/man \ 147180740Sdes --libexecdir=%{_libdir}/ssh 148180740Sdesxmkmf -a 149180740Sdesmake 150180740Sdescd .. 151180740Sdes%endif 152180740Sdes 153180740Sdes%install 154180740Sdesrm -rf $RPM_BUILD_ROOT 155180740Sdesmake install DESTDIR=$RPM_BUILD_ROOT/ 156180740Sdesinstall -d $RPM_BUILD_ROOT/etc/pam.d/ 157180740Sdesinstall -d $RPM_BUILD_ROOT/etc/init.d/ 158180740Sdesinstall -d $RPM_BUILD_ROOT/var/adm/fillup-templates 159180740Sdesinstall -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd 160180740Sdesinstall -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd 161180740Sdesinstall -m744 contrib/suse/sysconfig.ssh \ 162180740Sdes $RPM_BUILD_ROOT/var/adm/fillup-templates 163180740Sdes 164180740Sdes%if %{build_x11_askpass} 165180740Sdescd x11-ssh-askpass-%{xversion} 166180740Sdesmake install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/ 167180740Sdesrm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin 168180740Sdes%endif 169180740Sdes 170180740Sdes%clean 171180740Sdesrm -rf $RPM_BUILD_ROOT 172180740Sdes 173180740Sdes%pre 174180740Sdes/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || : 175180740Sdes/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : 176180740Sdes 177180740Sdes%post 178225825Sdes/usr/bin/ssh-keygen -A 179225825Sdes%{fillup_and_insserv -n -y ssh sshd} 180180740Sdes%run_permissions 181180740Sdes 182180740Sdes%verifyscript 183180740Sdes%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh 184180740Sdes 185180740Sdes%preun 186180740Sdes%stop_on_removal sshd 187180740Sdes 188180740Sdes%postun 189180740Sdes%restart_on_update sshd 190180740Sdes%{insserv_cleanup} 191180740Sdes 192180740Sdes%files 193180740Sdes%defattr(-,root,root) 194189006Sdes%doc ChangeLog OVERVIEW README* PROTOCOL* 195180750Sdes%doc TODO CREDITS LICENCE 196180740Sdes%attr(0755,root,root) %dir %{_sysconfdir}/ssh 197180740Sdes%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config 198180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config 199180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli 200180740Sdes%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd 201180740Sdes%attr(0755,root,root) %config /etc/init.d/sshd 202180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keygen 203180740Sdes%attr(0755,root,root) %{_bindir}/scp 204180740Sdes%attr(0755,root,root) %{_bindir}/ssh 205180740Sdes%attr(-,root,root) %{_bindir}/slogin 206180740Sdes%attr(0755,root,root) %{_bindir}/ssh-agent 207180740Sdes%attr(0755,root,root) %{_bindir}/ssh-add 208180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keyscan 209180740Sdes%attr(0755,root,root) %{_bindir}/sftp 210180740Sdes%attr(0755,root,root) %{_sbindir}/sshd 211180740Sdes%attr(0755,root,root) %dir %{_libdir}/ssh 212180740Sdes%attr(0755,root,root) %{_libdir}/ssh/sftp-server 213180740Sdes%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign 214204861Sdes%attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper 215180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/scp.1* 216180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* 217180740Sdes%attr(-,root,root) %doc %{_mandir}/man1/slogin.1* 218180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* 219180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* 220180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* 221180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1* 222180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* 223180750Sdes%attr(0644,root,root) %doc %{_mandir}/man5/moduli.5* 224180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5* 225180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5* 226180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8* 227180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8* 228204861Sdes%attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8* 229180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8* 230180740Sdes%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh 231180740Sdes 232180740Sdes%if %{build_x11_askpass} 233180740Sdes%files askpass 234180740Sdes%defattr(-,root,root) 235180740Sdes%doc x11-ssh-askpass-%{xversion}/README 236180740Sdes%doc x11-ssh-askpass-%{xversion}/ChangeLog 237180740Sdes%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad 238180740Sdes%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass 239180740Sdes%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass 240180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x* 241180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x* 242180740Sdes%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass 243180740Sdes%endif 244