openssh.spec revision 189006
1 2# Some of this will need re-evaluation post-LSB. The SVIdir is there 3# because the link appeared broken. The rest is for easy compilation, 4# the tradeoff open to discussion. (LC957) 5 6%define SVIdir /etc/rc.d/init.d 7%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages} 8%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons} 9 10%define _mandir %{_prefix}/share/man/en 11%define _sysconfdir /etc/ssh 12%define _libexecdir %{_libdir}/ssh 13 14# Do we want to disable root_login? (1=yes 0=no) 15%define no_root_login 0 16 17#old cvs stuff. please update before use. may be deprecated. 18%define use_stable 1 19%if %{use_stable} 20 %define version 5.2p1 21 %define cvs %{nil} 22 %define release 1 23%else 24 %define version 5.2p1 25 %define cvs cvs20050315 26 %define release 0r1 27%endif 28%define xsa x11-ssh-askpass 29%define askpass %{xsa}-1.2.4.1 30 31# OpenSSH privilege separation requires a user & group ID 32%define sshd_uid 67 33%define sshd_gid 67 34 35Name : openssh 36Version : %{version}%{cvs} 37Release : %{release} 38Group : System/Network 39 40Summary : OpenSSH free Secure Shell (SSH) implementation. 41Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH). 42Summary(es) : OpenSSH implementaci�n libre de Secure Shell (SSH). 43Summary(fr) : Impl�mentation libre du shell s�curis� OpenSSH (SSH). 44Summary(it) : Implementazione gratuita OpenSSH della Secure Shell. 45Summary(pt) : Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH). 46Summary(pt_BR) : Implementa��o livre OpenSSH do protocolo Secure Shell (SSH). 47 48Copyright : BSD 49Packager : Raymund Will <ray@caldera.de> 50URL : http://www.openssh.com/ 51 52Obsoletes : ssh, ssh-clients, openssh-clients 53 54BuildRoot : /tmp/%{name}-%{version} 55BuildRequires : XFree86-imake 56 57# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable 58# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs 59Source0: see-above:/.../openssh-%{version}.tar.gz 60%if %{use_stable} 61Source1: see-above:/.../openssh-%{version}.tar.gz.sig 62%endif 63Source2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz 64Source3: http://www.openssh.com/faq.html 65 66%Package server 67Group : System/Network 68Requires : openssh = %{version} 69Obsoletes : ssh-server 70 71Summary : OpenSSH Secure Shell protocol server (sshd). 72Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd). 73Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd). 74Summary(fr) : Serveur de protocole du shell s�curis� OpenSSH (sshd). 75Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd). 76Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd). 77Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd). 78 79 80%Package askpass 81Group : System/Network 82Requires : openssh = %{version} 83URL : http://www.jmknoble.net/software/x11-ssh-askpass/ 84Obsoletes : ssh-extras 85 86Summary : OpenSSH X11 pass-phrase dialog. 87Summary(de) : OpenSSH X11 Passwort-Dialog. 88Summary(es) : Aplicaci�n de petici�n de frase clave OpenSSH X11. 89Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH. 90Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH. 91Summary(pt) : Di�logo de pedido de senha para X11 do OpenSSH. 92Summary(pt_BR) : Di�logo de pedido de senha para X11 do OpenSSH. 93 94 95%Description 96OpenSSH (Secure Shell) provides access to a remote system. It replaces 97telnet, rlogin, rexec, and rsh, and provides secure encrypted 98communications between two untrusted hosts over an insecure network. 99X11 connections and arbitrary TCP/IP ports can also be forwarded over 100the secure channel. 101 102%Description -l de 103OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt 104telnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte 105Verbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres 106Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso 107�ber den sicheren Channel weitergeleitet werden. 108 109%Description -l es 110OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a 111telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas 112entre dos equipos entre los que no se ha establecido confianza a trav�s de una 113red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden 114ser canalizadas sobre el canal seguro. 115 116%Description -l fr 117OpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace 118telnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es 119securis�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des 120connexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre 121transmis sur le canal s�curis�. 122 123%Description -l it 124OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto. 125Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure 126e crittate tra due host non fidati su una rete non sicura. Le connessioni 127X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso 128un canale sicuro. 129 130%Description -l pt 131OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o 132telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas 133entre duas m�quinas sem confian�a m�tua sobre uma rede insegura. 134Liga��es X11 e portos TCP/IP arbitr�rios tamb�m poder ser reenviados 135pelo canal seguro. 136 137%Description -l pt_BR 138O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o 139telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas 140entre duas m�quinas sem confian�a m�tua sobre uma rede insegura. 141Liga��es X11 e portas TCP/IP arbitr�rias tamb�m podem ser reenviadas 142pelo canal seguro. 143 144%Description server 145This package installs the sshd, the server portion of OpenSSH. 146 147%Description -l de server 148Dieses Paket installiert den sshd, den Server-Teil der OpenSSH. 149 150%Description -l es server 151Este paquete instala sshd, la parte servidor de OpenSSH. 152 153%Description -l fr server 154Ce paquetage installe le 'sshd', partie serveur de OpenSSH. 155 156%Description -l it server 157Questo pacchetto installa sshd, il server di OpenSSH. 158 159%Description -l pt server 160Este pacote intala o sshd, o servidor do OpenSSH. 161 162%Description -l pt_BR server 163Este pacote intala o sshd, o servidor do OpenSSH. 164 165%Description askpass 166This package contains an X11-based pass-phrase dialog used per 167default by ssh-add(1). It is based on %{askpass} 168by Jim Knoble <jmknoble@pobox.com>. 169 170 171%Prep 172%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2 173%if ! %{use_stable} 174 autoreconf 175%endif 176 177 178%Build 179CFLAGS="$RPM_OPT_FLAGS" \ 180%configure \ 181 --with-pam \ 182 --with-tcp-wrappers \ 183 --with-privsep-path=%{_var}/empty/sshd \ 184 #leave this line for easy edits. 185 186%__make CFLAGS="$RPM_OPT_FLAGS" 187 188cd %{askpass} 189%configure \ 190 #leave this line for easy edits. 191 192xmkmf 193%__make includes 194%__make 195 196 197%Install 198[ %{buildroot} != "/" ] && rm -rf %{buildroot} 199 200make install DESTDIR=%{buildroot} 201%makeinstall -C %{askpass} \ 202 BINDIR=%{_libexecdir} \ 203 MANPATH=%{_mandir} \ 204 DESTDIR=%{buildroot} 205 206# OpenLinux specific configuration 207mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}} 208mkdir -p %{buildroot}%{_var}/empty/sshd 209 210# enabling X11 forwarding on the server is convenient and okay, 211# on the client side it's a potential security risk! 212%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \ 213 %{buildroot}%{_sysconfdir}/sshd_config 214 215%if %{no_root_login} 216%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \ 217 %{buildroot}%{_sysconfdir}/sshd_config 218%endif 219 220install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd 221# FIXME: disabled, find out why this doesn't work with nis 222%__perl -pi -e 's:(.*pam_limits.*):#$1:' \ 223 %{buildroot}/etc/pam.d/sshd 224 225install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd 226 227# the last one is needless, but more future-proof 228find %{buildroot}%{SVIdir} -type f -exec \ 229 %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\ 230 s:\@sysconfdir\@:%{_sysconfdir}:g; \ 231 s:/usr/sbin:%{_sbindir}:g'\ 232 \{\} \; 233 234cat <<-EoD > %{buildroot}%{SVIcdir}/sshd 235 IDENT=sshd 236 DESCRIPTIVE="OpenSSH secure shell daemon" 237 # This service will be marked as 'skipped' on boot if there 238 # is no host key. Use ssh-host-keygen to generate one 239 ONBOOT="yes" 240 OPTIONS="" 241EoD 242 243SKG=%{buildroot}%{_sbindir}/ssh-host-keygen 244install -m 0755 contrib/caldera/ssh-host-keygen $SKG 245# Fix up some path names in the keygen toy^Hol 246 %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \ 247 s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \ 248 %{buildroot}%{_sbindir}/ssh-host-keygen 249 250# This looks terrible. Expect it to change. 251# install remaining docs 252DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}" 253mkdir -p $DocD/%{askpass} 254cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO PROTOCOL* $DocD 255install -p -m 0444 %{SOURCE3} $DocD/faq.html 256cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass} 257%if %{use_stable} 258 cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1 259%else 260 cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1 261 ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1 262%endif 263 264find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf 265rm %{buildroot}%{_mandir}/man1/slogin.1 && \ 266 ln -s %{_mandir}/man1/ssh.1.gz \ 267 %{buildroot}%{_mandir}/man1/slogin.1.gz 268 269 270%Clean 271#%{rmDESTDIR} 272[ %{buildroot} != "/" ] && rm -rf %{buildroot} 273 274%Post 275# Generate host key when none is present to get up and running, 276# both client and server require this for host-based auth! 277# ssh-host-keygen checks for existing keys. 278/usr/sbin/ssh-host-keygen 279: # to protect the rpm database 280 281%pre server 282%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || : 283%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \ 284 -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || : 285: # to protect the rpm database 286 287%Post server 288if [ -x %{LSBinit}-install ]; then 289 %{LSBinit}-install sshd 290else 291 lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6 292fi 293 294! %{SVIdir}/sshd status || %{SVIdir}/sshd restart 295: # to protect the rpm database 296 297 298%PreUn server 299[ "$1" = 0 ] || exit 0 300! %{SVIdir}/sshd status || %{SVIdir}/sshd stop 301if [ -x %{LSBinit}-remove ]; then 302 %{LSBinit}-remove sshd 303else 304 lisa --SysV-init remove sshd $1 305fi 306: # to protect the rpm database 307 308%Files 309%defattr(-,root,root) 310%dir %{_sysconfdir} 311%config %{_sysconfdir}/ssh_config 312%{_bindir}/scp 313%{_bindir}/sftp 314%{_bindir}/ssh 315%{_bindir}/slogin 316%{_bindir}/ssh-add 317%attr(2755,root,nobody) %{_bindir}/ssh-agent 318%{_bindir}/ssh-keygen 319%{_bindir}/ssh-keyscan 320%dir %{_libexecdir} 321%attr(4711,root,root) %{_libexecdir}/ssh-keysign 322%{_sbindir}/ssh-host-keygen 323%dir %{_defaultdocdir}/%{name}-%{version} 324%{_defaultdocdir}/%{name}-%{version}/CREDITS 325%{_defaultdocdir}/%{name}-%{version}/ChangeLog 326%{_defaultdocdir}/%{name}-%{version}/LICENCE 327%{_defaultdocdir}/%{name}-%{version}/OVERVIEW 328%{_defaultdocdir}/%{name}-%{version}/README* 329%{_defaultdocdir}/%{name}-%{version}/TODO 330%{_defaultdocdir}/%{name}-%{version}/faq.html 331%{_mandir}/man1/* 332%{_mandir}/man8/ssh-keysign.8.gz 333%{_mandir}/man5/ssh_config.5.gz 334 335%Files server 336%defattr(-,root,root) 337%dir %{_var}/empty/sshd 338%config %{SVIdir}/sshd 339%config /etc/pam.d/sshd 340%config %{_sysconfdir}/moduli 341%config %{_sysconfdir}/sshd_config 342%config %{SVIcdir}/sshd 343%{_libexecdir}/sftp-server 344%{_sbindir}/sshd 345%{_mandir}/man5/moduli.5.gz 346%{_mandir}/man5/sshd_config.5.gz 347%{_mandir}/man8/sftp-server.8.gz 348%{_mandir}/man8/sshd.8.gz 349 350%Files askpass 351%defattr(-,root,root) 352%{_libexecdir}/ssh-askpass 353%{_libexecdir}/x11-ssh-askpass 354%{_defaultdocdir}/%{name}-%{version}/%{askpass} 355 356 357%ChangeLog 358* Mon Jan 01 1998 ... 359Template Version: 1.31 360 361$Id: openssh.spec,v 1.66 2009/02/21 07:03:05 djm Exp $ 362