178064Sume 257522Sshin# Some of this will need re-evaluation post-LSB. The SVIdir is there 378064Sume# because the link appeared broken. The rest is for easy compilation, 478064Sume# the tradeoff open to discussion. (LC957) 578064Sume 678064Sume%define SVIdir /etc/rc.d/init.d 757522Sshin%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages} 8122115Sume%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons} 9164224Sbz 10164224Sbz%define _mandir %{_prefix}/share/man/en 11164224Sbz%define _sysconfdir /etc/ssh 12164224Sbz%define _libexecdir %{_libdir}/ssh 13122115Sume 14122115Sume# Do we want to disable root_login? (1=yes 0=no) 15122115Sume%define no_root_login 0 16122115Sume 17122115Sume#old cvs stuff. please update before use. may be deprecated. 18122115Sume%define use_stable 1 19122115Sume%define version 6.6p1 20122115Sume%if %{use_stable} 21122115Sume %define cvs %{nil} 22122115Sume %define release 1 23122115Sume%else 24122115Sume %define cvs cvs20050315 25122115Sume %define release 0r1 26122115Sume%endif 27122115Sume%define xsa x11-ssh-askpass 28122115Sume%define askpass %{xsa}-1.2.4.1 29122115Sume 30122115Sume# OpenSSH privilege separation requires a user & group ID 31122115Sume%define sshd_uid 67 32122115Sume%define sshd_gid 67 33122115Sume 34122115SumeName : openssh 35122115SumeVersion : %{version}%{cvs} 36122115SumeRelease : %{release} 37122115SumeGroup : System/Network 38122115Sume 39122115SumeSummary : OpenSSH free Secure Shell (SSH) implementation. 40122115SumeSummary(de) : OpenSSH - freie Implementation der Secure Shell (SSH). 41122115SumeSummary(es) : OpenSSH implementaci�n libre de Secure Shell (SSH). 42122115SumeSummary(fr) : Impl�mentation libre du shell s�curis� OpenSSH (SSH). 43122115SumeSummary(it) : Implementazione gratuita OpenSSH della Secure Shell. 44122115SumeSummary(pt) : Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH). 45122115SumeSummary(pt_BR) : Implementa��o livre OpenSSH do protocolo Secure Shell (SSH). 46122115Sume 47122115SumeCopyright : BSD 48122115SumePackager : Raymund Will <ray@caldera.de> 49122115SumeURL : http://www.openssh.com/ 50122115Sume 51122115SumeObsoletes : ssh, ssh-clients, openssh-clients 52122115Sume 53122115SumeBuildRoot : /tmp/%{name}-%{version} 54122115SumeBuildRequires : XFree86-imake 55122115Sume 56122115Sume# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable 57122115Sume# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs 58122115SumeSource0: see-above:/.../openssh-%{version}.tar.gz 59122115Sume%if %{use_stable} 60122115SumeSource1: see-above:/.../openssh-%{version}.tar.gz.asc 61122115Sume%endif 62122115SumeSource2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz 63122115SumeSource3: http://www.openssh.com/faq.html 64122115Sume 65122115Sume%Package server 66122115SumeGroup : System/Network 67122115SumeRequires : openssh = %{version} 68122115SumeObsoletes : ssh-server 69122115Sume 70122115SumeSummary : OpenSSH Secure Shell protocol server (sshd). 71122115SumeSummary(de) : OpenSSH Secure Shell Protocol-Server (sshd). 72122115SumeSummary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd). 73122115SumeSummary(fr) : Serveur de protocole du shell s�curis� OpenSSH (sshd). 74122115SumeSummary(it) : Server OpenSSH per il protocollo Secure Shell (sshd). 75122115SumeSummary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd). 76122115SumeSummary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd). 77122115Sume 78122115Sume 79122115Sume%Package askpass 80122115SumeGroup : System/Network 81122115SumeRequires : openssh = %{version} 82122115SumeURL : http://www.jmknoble.net/software/x11-ssh-askpass/ 83122115SumeObsoletes : ssh-extras 84122115Sume 85122115SumeSummary : OpenSSH X11 pass-phrase dialog. 86164224SbzSummary(de) : OpenSSH X11 Passwort-Dialog. 87164224SbzSummary(es) : Aplicaci�n de petici�n de frase clave OpenSSH X11. 88122115SumeSummary(fr) : Dialogue pass-phrase X11 d'OpenSSH. 8957522SshinSummary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH. 9057522SshinSummary(pt) : Di�logo de pedido de senha para X11 do OpenSSH. 9157522SshinSummary(pt_BR) : Di�logo de pedido de senha para X11 do OpenSSH. 9257522Sshin 9357522Sshin 9457522Sshin%Description 9557522SshinOpenSSH (Secure Shell) provides access to a remote system. It replaces 9657522Sshintelnet, rlogin, rexec, and rsh, and provides secure encrypted 9757522Sshincommunications between two untrusted hosts over an insecure network. 9857522SshinX11 connections and arbitrary TCP/IP ports can also be forwarded over 9962588Sitojunthe secure channel. 10057522Sshin 10157522Sshin%Description -l de 10257522SshinOpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt 10357522Sshintelnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte 10457522SshinVerbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres 10557522SshinNetzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso 10657522Sshin�ber den sicheren Channel weitergeleitet werden. 10757522Sshin 10878064Sume%Description -l es 10957522SshinOpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a 11057522Sshintelnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas 11157522Sshinentre dos equipos entre los que no se ha establecido confianza a trav�s de una 11257522Sshinred insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden 11357522Sshinser canalizadas sobre el canal seguro. 11457522Sshin 11557522Sshin%Description -l fr 116122115SumeOpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace 11757522Sshintelnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es 11878064Sumesecuris�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des 11957522Sshinconnexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre 12057522Sshintransmis sur le canal s�curis�. 12157522Sshin 12257522Sshin%Description -l it 12357522SshinOpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto. 12457522SshinSostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure 12557522Sshine crittate tra due host non fidati su una rete non sicura. Le connessioni 12657522SshinX11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso 12757522Sshinun canale sicuro. 12857522Sshin 12957522Sshin%Description -l pt 13057522SshinOpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o 13157522Sshintelnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas 13257522Sshinentre duas m�quinas sem confian�a m�tua sobre uma rede insegura. 13357522SshinLiga��es X11 e portos TCP/IP arbitr�rios tamb�m poder ser reenviados 13457522Sshinpelo canal seguro. 135122115Sume 13657522Sshin%Description -l pt_BR 13757522SshinO OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o 13857522Sshintelnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas 13957522Sshinentre duas m�quinas sem confian�a m�tua sobre uma rede insegura. 14057522SshinLiga��es X11 e portas TCP/IP arbitr�rias tamb�m podem ser reenviadas 14157522Sshinpelo canal seguro. 14257522Sshin 14357522Sshin%Description server 14457522SshinThis package installs the sshd, the server portion of OpenSSH. 14557522Sshin 14657522Sshin%Description -l de server 14757522SshinDieses Paket installiert den sshd, den Server-Teil der OpenSSH. 14857522Sshin 149122115Sume%Description -l es server 15078064SumeEste paquete instala sshd, la parte servidor de OpenSSH. 15178064Sume 15278064Sume%Description -l fr server 15378064SumeCe paquetage installe le 'sshd', partie serveur de OpenSSH. 15478064Sume 15578064Sume%Description -l it server 15678064SumeQuesto pacchetto installa sshd, il server di OpenSSH. 15757522Sshin 15857522Sshin%Description -l pt server 15957522SshinEste pacote intala o sshd, o servidor do OpenSSH. 16057522Sshin 16162588Sitojun%Description -l pt_BR server 16262588SitojunEste pacote intala o sshd, o servidor do OpenSSH. 16362588Sitojun 16478064Sume%Description askpass 16578064SumeThis package contains an X11-based pass-phrase dialog used per 16678064Sumedefault by ssh-add(1). It is based on %{askpass} 16778064Sumeby Jim Knoble <jmknoble@pobox.com>. 16878064Sume 16978064Sume 17078064Sume%Prep 17178064Sume%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2 17278064Sume%if ! %{use_stable} 17378064Sume autoreconf 17478064Sume%endif 17578064Sume 17678064Sume 17778064Sume%Build 17878064SumeCFLAGS="$RPM_OPT_FLAGS" \ 17978064Sume%configure \ 18078064Sume --with-pam \ 181148394Sume --with-tcp-wrappers \ 182148394Sume --with-privsep-path=%{_var}/empty/sshd \ 183148394Sume #leave this line for easy edits. 184122115Sume 185122115Sume%__make 186122115Sume 187122115Sumecd %{askpass} 188122115Sume%configure \ 189122115Sume #leave this line for easy edits. 190122115Sume 191122115Sumexmkmf 192122115Sume%__make includes 193122115Sume%__make 194122115Sume 195122115Sume 196122115Sume%Install 197122115Sume[ %{buildroot} != "/" ] && rm -rf %{buildroot} 198122115Sume 199148394Sumemake install DESTDIR=%{buildroot} 200122115Sume%makeinstall -C %{askpass} \ 201122115Sume BINDIR=%{_libexecdir} \ 20278064Sume MANPATH=%{_mandir} \ 20378064Sume DESTDIR=%{buildroot} 204151539Ssuz 205151539Ssuz# OpenLinux specific configuration 206151539Ssuzmkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}} 207151539Ssuzmkdir -p %{buildroot}%{_var}/empty/sshd 208151539Ssuz 209122115Sume# enabling X11 forwarding on the server is convenient and okay, 210151539Ssuz# on the client side it's a potential security risk! 21178064Sume%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \ 212151539Ssuz %{buildroot}%{_sysconfdir}/sshd_config 213151539Ssuz 21478064Sume%if %{no_root_login} 21578064Sume%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \ 21678064Sume %{buildroot}%{_sysconfdir}/sshd_config 21778064Sume%endif 21878064Sume 21978064Sumeinstall -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd 22078064Sume# FIXME: disabled, find out why this doesn't work with nis 221151539Ssuz%__perl -pi -e 's:(.*pam_limits.*):#$1:' \ 222151539Ssuz %{buildroot}/etc/pam.d/sshd 223122115Sume 224122115Sumeinstall -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd 225151539Ssuz 226151539Ssuz# the last one is needless, but more future-proof 227122115Sumefind %{buildroot}%{SVIdir} -type f -exec \ 22878064Sume %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\ 22978064Sume s:\@sysconfdir\@:%{_sysconfdir}:g; \ 23062588Sitojun s:/usr/sbin:%{_sbindir}:g'\ 23162588Sitojun \{\} \; 23262588Sitojun 23362588Sitojuncat <<-EoD > %{buildroot}%{SVIcdir}/sshd 23462588Sitojun IDENT=sshd 23578064Sume DESCRIPTIVE="OpenSSH secure shell daemon" 23678064Sume # This service will be marked as 'skipped' on boot if there 23778064Sume # is no host key. Use ssh-host-keygen to generate one 23857522Sshin ONBOOT="yes" 23957522Sshin OPTIONS="" 24057522SshinEoD 241151539Ssuz 242151539SsuzSKG=%{buildroot}%{_sbindir}/ssh-host-keygen 243151539Ssuzinstall -m 0755 contrib/caldera/ssh-host-keygen $SKG 244151539Ssuz# Fix up some path names in the keygen toy^Hol 245151539Ssuz %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \ 24657522Sshin s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \ 24762588Sitojun %{buildroot}%{_sbindir}/ssh-host-keygen 24862588Sitojun 24962588Sitojun# This looks terrible. Expect it to change. 25057522Sshin# install remaining docs 25157522SshinDocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}" 25257522Sshinmkdir -p $DocD/%{askpass} 25362588Sitojuncp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO PROTOCOL* $DocD 25462588Sitojuninstall -p -m 0444 %{SOURCE3} $DocD/faq.html 255151539Ssuzcp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass} 256151539Ssuz%if %{use_stable} 257151539Ssuz cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1 258151539Ssuz%else 259151539Ssuz cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1 260151539Ssuz ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1 261151539Ssuz%endif 262151539Ssuz 263151539Ssuzfind %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf 264151539Ssuzrm %{buildroot}%{_mandir}/man1/slogin.1 && \ 265151539Ssuz ln -s %{_mandir}/man1/ssh.1.gz \ 266151539Ssuz %{buildroot}%{_mandir}/man1/slogin.1.gz 267151539Ssuz 268151539Ssuz 269151539Ssuz%Clean 27062588Sitojun#%{rmDESTDIR} 27162588Sitojun[ %{buildroot} != "/" ] && rm -rf %{buildroot} 27262588Sitojun 27362588Sitojun%Post 27462588Sitojun# Generate host key when none is present to get up and running, 27562588Sitojun# both client and server require this for host-based auth! 27657522Sshin# ssh-host-keygen checks for existing keys. 27762588Sitojun/usr/sbin/ssh-host-keygen 278151539Ssuz: # to protect the rpm database 279151539Ssuz 280151539Ssuz%pre server 281151539Ssuz%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || : 282151539Ssuz%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \ 283151539Ssuz -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || : 284151539Ssuz: # to protect the rpm database 28557522Sshin 28657522Sshin%Post server 28757522Sshinif [ -x %{LSBinit}-install ]; then 28857522Sshin %{LSBinit}-install sshd 28957522Sshinelse 29057522Sshin lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6 29157522Sshinfi 29257522Sshin 29357522Sshin! %{SVIdir}/sshd status || %{SVIdir}/sshd restart 29457522Sshin: # to protect the rpm database 29557522Sshin 296151539Ssuz 297151539Ssuz%PreUn server 298151539Ssuz[ "$1" = 0 ] || exit 0 29962588Sitojun! %{SVIdir}/sshd status || %{SVIdir}/sshd stop 300151539Ssuzif [ -x %{LSBinit}-remove ]; then 301151539Ssuz %{LSBinit}-remove sshd 302151539Ssuzelse 303151539Ssuz lisa --SysV-init remove sshd $1 30457522Sshinfi 305151539Ssuz: # to protect the rpm database 306151539Ssuz 307151539Ssuz%Files 308151539Ssuz%defattr(-,root,root) 309151539Ssuz%dir %{_sysconfdir} 310151539Ssuz%config %{_sysconfdir}/ssh_config 311151539Ssuz%{_bindir}/scp 312151539Ssuz%{_bindir}/sftp 313151539Ssuz%{_bindir}/ssh 314151539Ssuz%{_bindir}/slogin 315151539Ssuz%{_bindir}/ssh-add 316151539Ssuz%attr(2755,root,nobody) %{_bindir}/ssh-agent 317151539Ssuz%{_bindir}/ssh-keygen 318151539Ssuz%{_bindir}/ssh-keyscan 319151539Ssuz%dir %{_libexecdir} 320151539Ssuz%attr(4711,root,root) %{_libexecdir}/ssh-keysign 321151539Ssuz%{_libexecdir}/ssh-pkcs11-helper 322151539Ssuz%{_sbindir}/ssh-host-keygen 323151539Ssuz%dir %{_defaultdocdir}/%{name}-%{version} 324151539Ssuz%{_defaultdocdir}/%{name}-%{version}/CREDITS 325151539Ssuz%{_defaultdocdir}/%{name}-%{version}/ChangeLog 32657522Sshin%{_defaultdocdir}/%{name}-%{version}/LICENCE 32757522Sshin%{_defaultdocdir}/%{name}-%{version}/OVERVIEW 32857522Sshin%{_defaultdocdir}/%{name}-%{version}/README* 329148394Sume%{_defaultdocdir}/%{name}-%{version}/TODO 33057522Sshin%{_defaultdocdir}/%{name}-%{version}/faq.html 331148394Sume%{_mandir}/man1/* 33257522Sshin%{_mandir}/man8/ssh-keysign.8.gz 33362588Sitojun%{_mandir}/man8/ssh-pkcs11-helper.8.gz 33462588Sitojun%{_mandir}/man5/ssh_config.5.gz 33562588Sitojun 33662588Sitojun%Files server 33762588Sitojun%defattr(-,root,root) 33862588Sitojun%dir %{_var}/empty/sshd 33962588Sitojun%config %{SVIdir}/sshd 34062588Sitojun%config /etc/pam.d/sshd 34162588Sitojun%config %{_sysconfdir}/moduli 34262588Sitojun%config %{_sysconfdir}/sshd_config 34362588Sitojun%config %{SVIcdir}/sshd 34462588Sitojun%{_libexecdir}/sftp-server 34562588Sitojun%{_sbindir}/sshd 34662588Sitojun%{_mandir}/man5/moduli.5.gz 34762588Sitojun%{_mandir}/man5/sshd_config.5.gz 34862588Sitojun%{_mandir}/man8/sftp-server.8.gz 34962588Sitojun%{_mandir}/man8/sshd.8.gz 350151539Ssuz 351151539Ssuz%Files askpass 352151539Ssuz%defattr(-,root,root) 353151539Ssuz%{_libexecdir}/ssh-askpass 354151539Ssuz%{_libexecdir}/x11-ssh-askpass 355151539Ssuz%{_defaultdocdir}/%{name}-%{version}/%{askpass} 356151539Ssuz 35762588Sitojun 35862588Sitojun%ChangeLog 35962588Sitojun* Tue Jan 18 2011 Tim Rice <tim@multitalents.net> 36062588Sitojun- Use CFLAGS from Makefile instead of RPM so build completes. 36162588Sitojun- Signatures were changed to .asc since 4.1p1. 36262588Sitojun 363151539Ssuz* Mon Jan 01 1998 ... 364151539SsuzTemplate Version: 1.31 365151539Ssuz 366151539Ssuz$Id: openssh.spec,v 1.83 2014/02/27 23:03:55 djm Exp $ 367151539Ssuz