openssh.spec revision 180740
1180740Sdes# Default values for additional components 2180740Sdes%define build_x11_askpass 1 3180740Sdes 4180740Sdes# Define the UID/GID to use for privilege separation 5180740Sdes%define sshd_gid 65 6180740Sdes%define sshd_uid 71 7180740Sdes 8180740Sdes# The version of x11-ssh-askpass to use 9180740Sdes%define xversion 1.2.4.1 10180740Sdes 11180740Sdes# Allow the ability to override defaults with -D skip_xxx=1 12180740Sdes%{?skip_x11_askpass:%define build_x11_askpass 0} 13180740Sdes 14180740SdesSummary: OpenSSH, a free Secure Shell (SSH) protocol implementation 15180740SdesName: openssh 16180740SdesVersion: 4.6p1 17180740SdesURL: http://www.openssh.com/ 18180740SdesRelease: 1 19180740SdesSource0: openssh-%{version}.tar.gz 20180740SdesSource1: x11-ssh-askpass-%{xversion}.tar.gz 21180740SdesLicense: BSD 22180740SdesGroup: Productivity/Networking/SSH 23180740SdesBuildRoot: %{_tmppath}/openssh-%{version}-buildroot 24180740SdesPreReq: openssl 25180740SdesObsoletes: ssh 26180740SdesProvides: ssh 27180740Sdes# 28180740Sdes# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) 29180740Sdes# building prerequisites -- stuff for 30180740Sdes# OpenSSL (openssl-devel), 31180740Sdes# TCP Wrappers (nkitb), 32180740Sdes# and Gnome (glibdev, gtkdev, and gnlibsd) 33180740Sdes# 34180740SdesBuildPrereq: openssl 35180740SdesBuildPrereq: nkitb 36180740Sdes#BuildPrereq: glibdev 37180740Sdes#BuildPrereq: gtkdev 38180740Sdes#BuildPrereq: gnlibsd 39180740Sdes 40180740Sdes%package askpass 41180740SdesSummary: A passphrase dialog for OpenSSH and the X window System. 42180740SdesGroup: Productivity/Networking/SSH 43180740SdesRequires: openssh = %{version} 44180740SdesObsoletes: ssh-extras 45180740SdesProvides: openssh:${_libdir}/ssh/ssh-askpass 46180740Sdes 47180740Sdes%if %{build_x11_askpass} 48180740SdesBuildPrereq: XFree86-devel 49180740Sdes%endif 50180740Sdes 51180740Sdes%description 52180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for 53180740Sdesexecuting commands in a remote machine. It is intended to replace 54180740Sdesrlogin and rsh, and provide secure encrypted communications between 55180740Sdestwo untrusted hosts over an insecure network. X11 connections and 56180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel. 57180740Sdes 58180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 59180740Sdesup to date in terms of security and features, as well as removing all 60180740Sdespatented algorithms to seperate libraries (OpenSSL). 61180740Sdes 62180740SdesThis package includes all files necessary for both the OpenSSH 63180740Sdesclient and server. 64180740Sdes 65180740Sdes%description askpass 66180740SdesSsh (Secure Shell) is a program for logging into a remote machine and for 67180740Sdesexecuting commands in a remote machine. It is intended to replace 68180740Sdesrlogin and rsh, and provide secure encrypted communications between 69180740Sdestwo untrusted hosts over an insecure network. X11 connections and 70180740Sdesarbitrary TCP/IP ports can also be forwarded over the secure channel. 71180740Sdes 72180740SdesOpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 73180740Sdesup to date in terms of security and features, as well as removing all 74180740Sdespatented algorithms to seperate libraries (OpenSSL). 75180740Sdes 76180740SdesThis package contains an X Window System passphrase dialog for OpenSSH. 77180740Sdes 78180740Sdes%changelog 79180740Sdes* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov> 80180740Sdes- Removed accidental inclusion of --without-zlib-version-check 81180740Sdes* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov> 82180740Sdes- Overhaul to deal with newer versions of SuSE and OpenSSH 83180740Sdes* Mon Jun 12 2000 Damien Miller <djm@mindrot.org> 84180740Sdes- Glob manpages to catch compressed files 85180740Sdes* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> 86180740Sdes- Updated for new location 87180740Sdes- Updated for new gnome-ssh-askpass build 88180740Sdes* Sun Dec 26 1999 Chris Saia <csaia@wtower.com> 89180740Sdes- Made symlink to gnome-ssh-askpass called ssh-askpass 90180740Sdes* Wed Nov 24 1999 Chris Saia <csaia@wtower.com> 91180740Sdes- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and 92180740Sdes /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into 93180740Sdes his released tarfile 94180740Sdes- Changed permissions on ssh_config in the install procedure to 644 from 600 95180740Sdes even though it was correct in the %files section and thus right in the RPMs 96180740Sdes- Postinstall script for the server now only prints "Generating SSH host 97180740Sdes key..." if we need to actually do this, in order to eliminate a confusing 98180740Sdes message if an SSH host key is already in place 99180740Sdes- Marked all manual pages as %doc(umentation) 100180740Sdes* Mon Nov 22 1999 Chris Saia <csaia@wtower.com> 101180740Sdes- Added flag to configure daemon with TCP Wrappers support 102180740Sdes- Added building prerequisites (works in RPM 3.0 and newer) 103180740Sdes* Thu Nov 18 1999 Chris Saia <csaia@wtower.com> 104180740Sdes- Made this package correct for SuSE. 105180740Sdes- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly 106180740Sdes with SuSE, and lib_pwdb.so isn't installed by default. 107180740Sdes* Mon Nov 15 1999 Damien Miller <djm@mindrot.org> 108180740Sdes- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> 109180740Sdes* Sat Nov 13 1999 Damien Miller <djm@mindrot.org> 110180740Sdes- Added 'Obsoletes' directives 111180740Sdes* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> 112180740Sdes- Use make install 113180740Sdes- Subpackages 114180740Sdes* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> 115180740Sdes- Added links for slogin 116180740Sdes- Fixed perms on manpages 117180740Sdes* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> 118180740Sdes- Renamed init script 119180740Sdes* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> 120180740Sdes- Back to old binary names 121180740Sdes* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> 122180740Sdes- Use autoconf 123180740Sdes- New binary names 124180740Sdes* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> 125180740Sdes- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. 126180740Sdes 127180740Sdes%prep 128180740Sdes 129180740Sdes%if %{build_x11_askpass} 130180740Sdes%setup -q -a 1 131180740Sdes%else 132180740Sdes%setup -q 133180740Sdes%endif 134180740Sdes 135180740Sdes%build 136180740SdesCFLAGS="$RPM_OPT_FLAGS" \ 137180740Sdes%configure --prefix=/usr \ 138180740Sdes --sysconfdir=%{_sysconfdir}/ssh \ 139180740Sdes --mandir=%{_mandir} \ 140180740Sdes --with-privsep-path=/var/lib/empty \ 141180740Sdes --with-pam \ 142180740Sdes --with-tcp-wrappers \ 143180740Sdes --libexecdir=%{_libdir}/ssh 144180740Sdesmake 145180740Sdes 146180740Sdes%if %{build_x11_askpass} 147180740Sdescd x11-ssh-askpass-%{xversion} 148180740Sdes%configure --mandir=/usr/X11R6/man \ 149180740Sdes --libexecdir=%{_libdir}/ssh 150180740Sdesxmkmf -a 151180740Sdesmake 152180740Sdescd .. 153180740Sdes%endif 154180740Sdes 155180740Sdes%install 156180740Sdesrm -rf $RPM_BUILD_ROOT 157180740Sdesmake install DESTDIR=$RPM_BUILD_ROOT/ 158180740Sdesinstall -d $RPM_BUILD_ROOT/etc/pam.d/ 159180740Sdesinstall -d $RPM_BUILD_ROOT/etc/init.d/ 160180740Sdesinstall -d $RPM_BUILD_ROOT/var/adm/fillup-templates 161180740Sdesinstall -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd 162180740Sdesinstall -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd 163180740Sdesinstall -m744 contrib/suse/sysconfig.ssh \ 164180740Sdes $RPM_BUILD_ROOT/var/adm/fillup-templates 165180740Sdes 166180740Sdes%if %{build_x11_askpass} 167180740Sdescd x11-ssh-askpass-%{xversion} 168180740Sdesmake install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/ 169180740Sdesrm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin 170180740Sdes%endif 171180740Sdes 172180740Sdes%clean 173180740Sdesrm -rf $RPM_BUILD_ROOT 174180740Sdes 175180740Sdes%pre 176180740Sdes/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || : 177180740Sdes/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : 178180740Sdes 179180740Sdes%post 180180740Sdesif [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then 181180740Sdes echo "Generating SSH RSA host key..." 182180740Sdes /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2 183180740Sdesfi 184180740Sdesif [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then 185180740Sdes echo "Generating SSH DSA host key..." 186180740Sdes /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2 187180740Sdesfi 188180740Sdes%{fillup_and_insserv -n -s -y ssh sshd START_SSHD} 189180740Sdes%run_permissions 190180740Sdes 191180740Sdes%verifyscript 192180740Sdes%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh 193180740Sdes 194180740Sdes%preun 195180740Sdes%stop_on_removal sshd 196180740Sdes 197180740Sdes%postun 198180740Sdes%restart_on_update sshd 199180740Sdes%{insserv_cleanup} 200180740Sdes 201180740Sdes%files 202180740Sdes%defattr(-,root,root) 203180740Sdes%doc ChangeLog OVERVIEW README* 204180740Sdes%doc RFC.nroff TODO CREDITS LICENCE 205180740Sdes%attr(0755,root,root) %dir %{_sysconfdir}/ssh 206180740Sdes%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config 207180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config 208180740Sdes%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli 209180740Sdes%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd 210180740Sdes%attr(0755,root,root) %config /etc/init.d/sshd 211180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keygen 212180740Sdes%attr(0755,root,root) %{_bindir}/scp 213180740Sdes%attr(0755,root,root) %{_bindir}/ssh 214180740Sdes%attr(-,root,root) %{_bindir}/slogin 215180740Sdes%attr(0755,root,root) %{_bindir}/ssh-agent 216180740Sdes%attr(0755,root,root) %{_bindir}/ssh-add 217180740Sdes%attr(0755,root,root) %{_bindir}/ssh-keyscan 218180740Sdes%attr(0755,root,root) %{_bindir}/sftp 219180740Sdes%attr(0755,root,root) %{_sbindir}/sshd 220180740Sdes%attr(0755,root,root) %dir %{_libdir}/ssh 221180740Sdes%attr(0755,root,root) %{_libdir}/ssh/sftp-server 222180740Sdes%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign 223180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/scp.1* 224180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* 225180740Sdes%attr(-,root,root) %doc %{_mandir}/man1/slogin.1* 226180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* 227180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* 228180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* 229180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1* 230180740Sdes%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* 231180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5* 232180740Sdes%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5* 233180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8* 234180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8* 235180740Sdes%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8* 236180740Sdes%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh 237180740Sdes 238180740Sdes%if %{build_x11_askpass} 239180740Sdes%files askpass 240180740Sdes%defattr(-,root,root) 241180740Sdes%doc x11-ssh-askpass-%{xversion}/README 242180740Sdes%doc x11-ssh-askpass-%{xversion}/ChangeLog 243180740Sdes%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad 244180740Sdes%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass 245180740Sdes%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass 246180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x* 247180740Sdes%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x* 248180740Sdes%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass 249180740Sdes%endif 250