1180740Sdes# Default values for additional components 2180740Sdes%define build_x11_askpass 1 3180740Sdes 4180740Sdes# Define the UID/GID to use for privilege separation 5180740Sdes%define sshd_gid 65 6180740Sdes%define sshd_uid 71 7180740Sdes 8180740Sdes# The version of x11-ssh-askpass to use 9180740Sdes%define xversion 1.2.4.1 10180740Sdes 11180740Sdes# Allow the ability to override defaults with -D skip_xxx=1 12180740Sdes%{?skip_x11_askpass:%define build_x11_askpass 0} 13180740Sdes 14180740SdesSummary: OpenSSH, a free Secure Shell (SSH) protocol implementation 15180740SdesName: openssh 16263970SdesVersion: 6.6p1 17180740SdesURL: http://www.openssh.com/ 18180740SdesRelease: 1 19180740SdesSource0: openssh-%{version}.tar.gz 20180740SdesSource1: x11-ssh-askpass-%{xversion}.tar.gz 21180740SdesLicense: BSD 22180740SdesGroup: Productivity/Networking/SSH 23180740SdesBuildRoot: %{_tmppath}/openssh-%{version}-buildroot 24180740SdesPreReq: openssl 25180740SdesObsoletes: ssh 26180740SdesProvides: ssh 27180740Sdes# 28180740Sdes# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) 29180740Sdes# building prerequisites -- stuff for 30180740Sdes# OpenSSL (openssl-devel), 31225825Sdes# TCP Wrappers (tcpd-devel), 32180740Sdes# and Gnome (glibdev, gtkdev, and gnlibsd) 33180740Sdes# 34180740SdesBuildPrereq: openssl 35225825SdesBuildPrereq: tcpd-devel 36225825SdesBuildPrereq: zlib-devel 37180740Sdes#BuildPrereq: glibdev 38180740Sdes#BuildPrereq: gtkdev 39180740Sdes#BuildPrereq: gnlibsd 40180740Sdes 41180740Sdes%package askpass 42180740SdesSummary: A passphrase dialog for OpenSSH and the X window System. 43180740SdesGroup: Productivity/Networking/SSH 44180740SdesRequires: openssh = %{version} 45180740SdesObsoletes: ssh-extras 46180740SdesProvides: openssh:${_libdir}/ssh/ssh-askpass 47180740Sdes 48180740Sdes%if %{build_x11_askpass} 49180740SdesBuildPrereq: XFree86-devel 50180740Sdes%endif 51180740Sdes 52180740Sdes%description 53180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for 54180740Sdesexecuting commands in a remote machine. It is intended to replace 55180740Sdesrlogin and rsh, and provide secure encrypted communications between 56180740Sdestwo untrusted hosts over an insecure network. X11 connections and 57180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel. 58180740Sdes 59180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 60180740Sdesup to date in terms of security and features, as well as removing all 61180740Sdespatented algorithms to seperate libraries (OpenSSL). 62180740Sdes 63180740SdesThis package includes all files necessary for both the OpenSSH 64180740Sdesclient and server. 65180740Sdes 66180740Sdes%description askpass 67180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for 68180740Sdesexecuting commands in a remote machine. It is intended to replace 69180740Sdesrlogin and rsh, and provide secure encrypted communications between 70180740Sdestwo untrusted hosts over an insecure network. X11 connections and 71180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel. 72180740Sdes 73180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 74180740Sdesup to date in terms of security and features, as well as removing all 75180740Sdespatented algorithms to seperate libraries (OpenSSL). 76180740Sdes 77180740SdesThis package contains an X Window System passphrase dialog for OpenSSH. 78180740Sdes 79180740Sdes%changelog 80180740Sdes* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov> 81180740Sdes- Removed accidental inclusion of --without-zlib-version-check 82180740Sdes* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov> 83180740Sdes- Overhaul to deal with newer versions of SuSE and OpenSSH 84180740Sdes* Mon Jun 12 2000 Damien Miller <djm@mindrot.org> 85180740Sdes- Glob manpages to catch compressed files 86180740Sdes* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> 87180740Sdes- Updated for new location 88180740Sdes- Updated for new gnome-ssh-askpass build 89180740Sdes* Sun Dec 26 1999 Chris Saia <csaia@wtower.com> 90180740Sdes- Made symlink to gnome-ssh-askpass called ssh-askpass 91180740Sdes* Wed Nov 24 1999 Chris Saia <csaia@wtower.com> 92180740Sdes- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and 93180740Sdes /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into 94180740Sdes his released tarfile 95180740Sdes- Changed permissions on ssh_config in the install procedure to 644 from 600 96180740Sdes even though it was correct in the %files section and thus right in the RPMs 97180740Sdes- Postinstall script for the server now only prints "Generating SSH host 98180740Sdes key..." if we need to actually do this, in order to eliminate a confusing 99180740Sdes message if an SSH host key is already in place 100180740Sdes- Marked all manual pages as %doc(umentation) 101180740Sdes* Mon Nov 22 1999 Chris Saia <csaia@wtower.com> 102180740Sdes- Added flag to configure daemon with TCP Wrappers support 103180740Sdes- Added building prerequisites (works in RPM 3.0 and newer) 104180740Sdes* Thu Nov 18 1999 Chris Saia <csaia@wtower.com> 105180740Sdes- Made this package correct for SuSE. 106180740Sdes- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly 107180740Sdes with SuSE, and lib_pwdb.so isn't installed by default. 108180740Sdes* Mon Nov 15 1999 Damien Miller <djm@mindrot.org> 109180740Sdes- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> 110180740Sdes* Sat Nov 13 1999 Damien Miller <djm@mindrot.org> 111180740Sdes- Added 'Obsoletes' directives 112180740Sdes* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> 113180740Sdes- Use make install 114180740Sdes- Subpackages 115180740Sdes* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> 116180740Sdes- Added links for slogin 117180740Sdes- Fixed perms on manpages 118180740Sdes* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> 119180740Sdes- Renamed init script 120180740Sdes* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> 121180740Sdes- Back to old binary names 122180740Sdes* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> 123180740Sdes- Use autoconf 124180740Sdes- New binary names 125180740Sdes* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> 126180740Sdes- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. 127180740Sdes 128180740Sdes%prep 129180740Sdes 130180740Sdes%if %{build_x11_askpass} 131180740Sdes%setup -q -a 1 132180740Sdes%else 133180740Sdes%setup -q 134180740Sdes%endif 135180740Sdes 136180740Sdes%build 137180740SdesCFLAGS="$RPM_OPT_FLAGS" \ 138180740Sdes%configure --prefix=/usr \ 139180740Sdes --sysconfdir=%{_sysconfdir}/ssh \ 140180740Sdes --mandir=%{_mandir} \ 141180740Sdes --with-privsep-path=/var/lib/empty \ 142180740Sdes --with-pam \ 143180740Sdes --with-tcp-wrappers \ 144180740Sdes --libexecdir=%{_libdir}/ssh 145180740Sdesmake 146180740Sdes 147180740Sdes%if %{build_x11_askpass} 148180740Sdescd x11-ssh-askpass-%{xversion} 149180740Sdes%configure --mandir=/usr/X11R6/man \ 150180740Sdes --libexecdir=%{_libdir}/ssh 151180740Sdesxmkmf -a 152180740Sdesmake 153180740Sdescd .. 154180740Sdes%endif 155180740Sdes 156180740Sdes%install 157180740Sdesrm -rf $RPM_BUILD_ROOT 158180740Sdesmake install DESTDIR=$RPM_BUILD_ROOT/ 159180740Sdesinstall -d $RPM_BUILD_ROOT/etc/pam.d/ 160180740Sdesinstall -d $RPM_BUILD_ROOT/etc/init.d/ 161180740Sdesinstall -d $RPM_BUILD_ROOT/var/adm/fillup-templates 162180740Sdesinstall -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd 163180740Sdesinstall -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd 164180740Sdesinstall -m744 contrib/suse/sysconfig.ssh \ 165180740Sdes $RPM_BUILD_ROOT/var/adm/fillup-templates 166180740Sdes 167180740Sdes%if %{build_x11_askpass} 168180740Sdescd x11-ssh-askpass-%{xversion} 169180740Sdesmake install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/ 170180740Sdesrm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin 171180740Sdes%endif 172180740Sdes 173180740Sdes%clean 174180740Sdesrm -rf $RPM_BUILD_ROOT 175180740Sdes 176180740Sdes%pre 177180740Sdes/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || : 178180740Sdes/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : 179180740Sdes 180180740Sdes%post 181225825Sdes/usr/bin/ssh-keygen -A 182225825Sdes%{fillup_and_insserv -n -y ssh sshd} 183180740Sdes%run_permissions 184180740Sdes 185180740Sdes%verifyscript 186180740Sdes%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh 187180740Sdes 188180740Sdes%preun 189180740Sdes%stop_on_removal sshd 190180740Sdes 191180740Sdes%postun 192180740Sdes%restart_on_update sshd 193180740Sdes%{insserv_cleanup} 194180740Sdes 195180740Sdes%files 196180740Sdes%defattr(-,root,root) 197189006Sdes%doc ChangeLog OVERVIEW README* PROTOCOL* 198180750Sdes%doc TODO CREDITS LICENCE 199180740Sdes%attr(0755,root,root) %dir %{_sysconfdir}/ssh 200180740Sdes%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config 201180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config 202180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli 203180740Sdes%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd 204180740Sdes%attr(0755,root,root) %config /etc/init.d/sshd 205180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keygen 206180740Sdes%attr(0755,root,root) %{_bindir}/scp 207180740Sdes%attr(0755,root,root) %{_bindir}/ssh 208180740Sdes%attr(-,root,root) %{_bindir}/slogin 209180740Sdes%attr(0755,root,root) %{_bindir}/ssh-agent 210180740Sdes%attr(0755,root,root) %{_bindir}/ssh-add 211180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keyscan 212180740Sdes%attr(0755,root,root) %{_bindir}/sftp 213180740Sdes%attr(0755,root,root) %{_sbindir}/sshd 214180740Sdes%attr(0755,root,root) %dir %{_libdir}/ssh 215180740Sdes%attr(0755,root,root) %{_libdir}/ssh/sftp-server 216180740Sdes%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign 217204861Sdes%attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper 218180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/scp.1* 219180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* 220180740Sdes%attr(-,root,root) %doc %{_mandir}/man1/slogin.1* 221180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* 222180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* 223180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* 224180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1* 225180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* 226180750Sdes%attr(0644,root,root) %doc %{_mandir}/man5/moduli.5* 227180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5* 228180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5* 229180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8* 230180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8* 231204861Sdes%attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8* 232180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8* 233180740Sdes%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh 234180740Sdes 235180740Sdes%if %{build_x11_askpass} 236180740Sdes%files askpass 237180740Sdes%defattr(-,root,root) 238180740Sdes%doc x11-ssh-askpass-%{xversion}/README 239180740Sdes%doc x11-ssh-askpass-%{xversion}/ChangeLog 240180740Sdes%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad 241180740Sdes%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass 242180740Sdes%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass 243180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x* 244180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x* 245180740Sdes%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass 246180740Sdes%endif 247