openssh.spec revision 180740 
1180740Sdes# Default values for additional components
2180740Sdes%define build_x11_askpass	1
3180740Sdes
4180740Sdes# Define the UID/GID to use for privilege separation
5180740Sdes%define sshd_gid	65
6180740Sdes%define sshd_uid	71
7180740Sdes
8180740Sdes# The version of x11-ssh-askpass to use
9180740Sdes%define xversion	1.2.4.1
10180740Sdes
11180740Sdes# Allow the ability to override defaults with -D skip_xxx=1
12180740Sdes%{?skip_x11_askpass:%define build_x11_askpass 0}
13180740Sdes
14180740SdesSummary:	OpenSSH, a free Secure Shell (SSH) protocol implementation
15180740SdesName:		openssh
16180740SdesVersion:	4.6p1
17180740SdesURL:		http://www.openssh.com/
18180740SdesRelease:	1
19180740SdesSource0:	openssh-%{version}.tar.gz
20180740SdesSource1:	x11-ssh-askpass-%{xversion}.tar.gz
21180740SdesLicense:	BSD
22180740SdesGroup:		Productivity/Networking/SSH
23180740SdesBuildRoot:	%{_tmppath}/openssh-%{version}-buildroot
24180740SdesPreReq:		openssl
25180740SdesObsoletes:	ssh
26180740SdesProvides:	ssh
27180740Sdes#
28180740Sdes# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
29180740Sdes# building prerequisites -- stuff for
30180740Sdes#   OpenSSL (openssl-devel),
31180740Sdes#   TCP Wrappers (nkitb),
32180740Sdes#   and Gnome (glibdev, gtkdev, and gnlibsd)
33180740Sdes#
34180740SdesBuildPrereq:	openssl
35180740SdesBuildPrereq:	nkitb
36180740Sdes#BuildPrereq:	glibdev
37180740Sdes#BuildPrereq:	gtkdev
38180740Sdes#BuildPrereq:	gnlibsd
39180740Sdes
40180740Sdes%package	askpass
41180740SdesSummary:	A passphrase dialog for OpenSSH and the X window System.
42180740SdesGroup:		Productivity/Networking/SSH
43180740SdesRequires:	openssh = %{version}
44180740SdesObsoletes:	ssh-extras
45180740SdesProvides:	openssh:${_libdir}/ssh/ssh-askpass
46180740Sdes
47180740Sdes%if %{build_x11_askpass}
48180740SdesBuildPrereq:	XFree86-devel
49180740Sdes%endif
50180740Sdes
51180740Sdes%description
52180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for
53180740Sdesexecuting commands in a remote machine.  It is intended to replace
54180740Sdesrlogin and rsh, and provide secure encrypted communications between
55180740Sdestwo untrusted hosts over an insecure network.  X11 connections and
56180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel.
57180740Sdes
58180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
59180740Sdesup to date in terms of security and features, as well as removing all
60180740Sdespatented algorithms to seperate libraries (OpenSSL).
61180740Sdes
62180740SdesThis package includes all files necessary for both the OpenSSH
63180740Sdesclient and server.
64180740Sdes
65180740Sdes%description askpass
66180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for
67180740Sdesexecuting commands in a remote machine.  It is intended to replace
68180740Sdesrlogin and rsh, and provide secure encrypted communications between
69180740Sdestwo untrusted hosts over an insecure network.  X11 connections and
70180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel.
71180740Sdes
72180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
73180740Sdesup to date in terms of security and features, as well as removing all
74180740Sdespatented algorithms to seperate libraries (OpenSSL).
75180740Sdes
76180740SdesThis package contains an X Window System passphrase dialog for OpenSSH.
77180740Sdes
78180740Sdes%changelog
79180740Sdes* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov>
80180740Sdes- Removed accidental inclusion of --without-zlib-version-check
81180740Sdes* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov>
82180740Sdes- Overhaul to deal with newer versions of SuSE and OpenSSH
83180740Sdes* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
84180740Sdes- Glob manpages to catch compressed files
85180740Sdes* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
86180740Sdes- Updated for new location
87180740Sdes- Updated for new gnome-ssh-askpass build
88180740Sdes* Sun Dec 26 1999 Chris Saia <csaia@wtower.com>
89180740Sdes- Made symlink to gnome-ssh-askpass called ssh-askpass
90180740Sdes* Wed Nov 24 1999 Chris Saia <csaia@wtower.com>
91180740Sdes- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and
92180740Sdes  /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into
93180740Sdes  his released tarfile
94180740Sdes- Changed permissions on ssh_config in the install procedure to 644 from 600
95180740Sdes  even though it was correct in the %files section and thus right in the RPMs
96180740Sdes- Postinstall script for the server now only prints "Generating SSH host
97180740Sdes  key..." if we need to actually do this, in order to eliminate a confusing
98180740Sdes  message if an SSH host key is already in place
99180740Sdes- Marked all manual pages as %doc(umentation)
100180740Sdes* Mon Nov 22 1999 Chris Saia <csaia@wtower.com>
101180740Sdes- Added flag to configure daemon with TCP Wrappers support
102180740Sdes- Added building prerequisites (works in RPM 3.0 and newer)
103180740Sdes* Thu Nov 18 1999 Chris Saia <csaia@wtower.com>
104180740Sdes- Made this package correct for SuSE.
105180740Sdes- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly
106180740Sdes  with SuSE, and lib_pwdb.so isn't installed by default.
107180740Sdes* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
108180740Sdes- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
109180740Sdes* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
110180740Sdes- Added 'Obsoletes' directives
111180740Sdes* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
112180740Sdes- Use make install
113180740Sdes- Subpackages
114180740Sdes* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
115180740Sdes- Added links for slogin
116180740Sdes- Fixed perms on manpages
117180740Sdes* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
118180740Sdes- Renamed init script
119180740Sdes* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
120180740Sdes- Back to old binary names
121180740Sdes* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
122180740Sdes- Use autoconf
123180740Sdes- New binary names
124180740Sdes* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
125180740Sdes- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
126180740Sdes
127180740Sdes%prep
128180740Sdes
129180740Sdes%if %{build_x11_askpass}
130180740Sdes%setup -q -a 1
131180740Sdes%else
132180740Sdes%setup -q
133180740Sdes%endif
134180740Sdes
135180740Sdes%build
136180740SdesCFLAGS="$RPM_OPT_FLAGS" \
137180740Sdes%configure	--prefix=/usr \
138180740Sdes		--sysconfdir=%{_sysconfdir}/ssh \
139180740Sdes		--mandir=%{_mandir} \
140180740Sdes		--with-privsep-path=/var/lib/empty \
141180740Sdes		--with-pam \
142180740Sdes		--with-tcp-wrappers \
143180740Sdes		--libexecdir=%{_libdir}/ssh
144180740Sdesmake
145180740Sdes
146180740Sdes%if %{build_x11_askpass}
147180740Sdescd x11-ssh-askpass-%{xversion}
148180740Sdes%configure	--mandir=/usr/X11R6/man \
149180740Sdes		--libexecdir=%{_libdir}/ssh
150180740Sdesxmkmf -a
151180740Sdesmake
152180740Sdescd ..
153180740Sdes%endif
154180740Sdes
155180740Sdes%install
156180740Sdesrm -rf $RPM_BUILD_ROOT
157180740Sdesmake install DESTDIR=$RPM_BUILD_ROOT/
158180740Sdesinstall -d $RPM_BUILD_ROOT/etc/pam.d/
159180740Sdesinstall -d $RPM_BUILD_ROOT/etc/init.d/
160180740Sdesinstall -d $RPM_BUILD_ROOT/var/adm/fillup-templates
161180740Sdesinstall -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
162180740Sdesinstall -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd
163180740Sdesinstall -m744 contrib/suse/sysconfig.ssh \
164180740Sdes   $RPM_BUILD_ROOT/var/adm/fillup-templates
165180740Sdes
166180740Sdes%if %{build_x11_askpass}
167180740Sdescd x11-ssh-askpass-%{xversion}
168180740Sdesmake install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/
169180740Sdesrm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
170180740Sdes%endif
171180740Sdes
172180740Sdes%clean
173180740Sdesrm -rf $RPM_BUILD_ROOT
174180740Sdes
175180740Sdes%pre
176180740Sdes/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || :
177180740Sdes/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
178180740Sdes
179180740Sdes%post
180180740Sdesif [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
181180740Sdes	echo "Generating SSH RSA host key..."
182180740Sdes	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
183180740Sdesfi
184180740Sdesif [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
185180740Sdes	echo "Generating SSH DSA host key..."
186180740Sdes	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
187180740Sdesfi
188180740Sdes%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
189180740Sdes%run_permissions
190180740Sdes
191180740Sdes%verifyscript
192180740Sdes%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
193180740Sdes
194180740Sdes%preun
195180740Sdes%stop_on_removal sshd
196180740Sdes
197180740Sdes%postun
198180740Sdes%restart_on_update sshd
199180740Sdes%{insserv_cleanup}
200180740Sdes
201180740Sdes%files
202180740Sdes%defattr(-,root,root)
203180740Sdes%doc ChangeLog OVERVIEW README*
204180740Sdes%doc RFC.nroff TODO CREDITS LICENCE
205180740Sdes%attr(0755,root,root) %dir %{_sysconfdir}/ssh
206180740Sdes%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
207180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
208180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
209180740Sdes%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
210180740Sdes%attr(0755,root,root) %config /etc/init.d/sshd
211180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keygen
212180740Sdes%attr(0755,root,root) %{_bindir}/scp
213180740Sdes%attr(0755,root,root) %{_bindir}/ssh
214180740Sdes%attr(-,root,root) %{_bindir}/slogin
215180740Sdes%attr(0755,root,root) %{_bindir}/ssh-agent
216180740Sdes%attr(0755,root,root) %{_bindir}/ssh-add
217180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keyscan
218180740Sdes%attr(0755,root,root) %{_bindir}/sftp
219180740Sdes%attr(0755,root,root) %{_sbindir}/sshd
220180740Sdes%attr(0755,root,root) %dir %{_libdir}/ssh
221180740Sdes%attr(0755,root,root) %{_libdir}/ssh/sftp-server
222180740Sdes%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
223180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
224180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
225180740Sdes%attr(-,root,root) %doc %{_mandir}/man1/slogin.1*
226180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1*
227180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1*
228180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1*
229180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1*
230180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
231180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5*
232180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
233180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
234180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
235180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
236180740Sdes%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh
237180740Sdes
238180740Sdes%if %{build_x11_askpass}
239180740Sdes%files askpass
240180740Sdes%defattr(-,root,root)
241180740Sdes%doc x11-ssh-askpass-%{xversion}/README
242180740Sdes%doc x11-ssh-askpass-%{xversion}/ChangeLog
243180740Sdes%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad
244180740Sdes%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass
245180740Sdes%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass
246180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x*
247180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x*
248180740Sdes%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass
249180740Sdes%endif
250