]> git.ipfire.org Git - people/ms/ipfire-3.x.git/blob - openssh/openssh.nm
projects / people / ms / ipfire-3.x.git / blob
? search:


f46e85f4e1dbbd971b9b85c52e74416f669abc9a
[people/ms/ipfire-3.x.git] / openssh / openssh.nm
1 ###############################################################################
2 # IPFire.org - An Open Source Firewall Solution #
3 # Copyright (C) - IPFire Development Team <info@ipfire.org> #
4 ###############################################################################
5
6 name = openssh
7 version = 5.9p1
8 release = 8
9
10 groups = Application/Internet
11 url = http://www.openssh.com/portable.html
12 license = MIT
13 summary = An open source implementation of SSH protocol versions 1 and 2.
14
15 description
16 SSH (Secure SHell) is a program for logging into and executing
17 commands on a remote machine. SSH is intended to replace rlogin and
18 rsh, and to provide secure encrypted communications between two
19 untrusted hosts over an insecure network.
20 end
21
22 source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
23
24 build
25 requires
26 audit-devel
27 autoconf
28 automake
29 groff
30 libedit-devel
31 libselinux-devel
32 ncurses-devel
33 openldap-devel
34 openssl-devel >= 1.0.0d-2
35 pam-devel
36 util-linux
37 zlib-devel
38 end
39
40 # Apply patches in a special order
41 patches
42 openssh-5.9p1-coverity.patch
43 openssh-5.8p1-fingerprint.patch
44 openssh-5.8p1-getaddrinfo.patch
45 openssh-5.8p1-packet.patch
46 openssh-5.9p1-2auth.patch
47 openssh-5.9p1-role.patch
48 openssh-5.9p1-mls.patch
49 openssh-5.9p1-sftp-chroot.patch
50 openssh-5.9p1-akc.patch
51 openssh-5.9p1-keygen.patch
52 openssh-5.2p1-allow-ip-opts.patch
53 openssh-5.9p1-randclean.patch
54 openssh-5.8p1-keyperm.patch
55 openssh-5.8p2-remove-stale-control-socket.patch
56 openssh-5.9p1-ipv6man.patch
57 openssh-5.8p2-sigpipe.patch
58 openssh-5.8p2-askpass-ld.patch
59 openssh-5.5p1-x11.patch
60 openssh-5.6p1-exit-deadlock.patch
61 openssh-5.1p1-askpass-progress.patch
62 openssh-4.3p2-askpass-grab-info.patch
63 openssh-5.9p1-edns.patch
64 openssh-5.1p1-scp-manpage.patch
65 openssh-5.8p1-localdomain.patch
66 openssh-5.9p1-ipfire.patch
67 openssh-5.9p1-entropy.patch
68 openssh-5.9p1-vendor.patch
69 openssh-5.8p2-force_krb.patch
70 openssh-5.9p1-kuserok.patch
71 end
72
73 configure_options += \
74 --sysconfdir=%{sysconfdir}/ssh \
75 --datadir=%{datadir}/sshd \
76 --libexecdir=%{libdir}/openssh \
77 --with-default-path=/usr/local/bin:/bin:/usr/bin \
78 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
79 --with-privsep-path=/var/empty/sshd \
80 --enable-vendor-patchlevel="%{DISTRO_NAME} %{thisver}" \
81 --disable-strip \
82 --with-ssl-engine \
83 --with-authorized-keys-command \
84 --with-ipaddr-display \
85 --with-ldap \
86 --with-pam \
87 --with-libedit \
88 --with-selinux \
89 --with-audit=linux
90
91 prepare_cmds
92 autoreconf -vfi
93 end
94
95 install_cmds
96 # Disable GSS API authentication because KRB5 is required for that.
97 sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config
98
99 # Install scriptfile for key generation
100 mkdir -pv %{BUILDROOT}%{sbindir}
101 install -m 754 %{DIR_SOURCE}/sshd-keygen %{BUILDROOT}%{sbindir}
102
103 # Install ssh-copy-id.
104 install -m755 contrib/ssh-copy-id %{BUILDROOT}%{bindir}
105 install contrib/ssh-copy-id.1 %{BUILDROOT}%{mandir}/man1/
106 end
107 end
108
109 packages
110 package openssh
111 prerequires
112 shadow-utils
113 end
114
115 configfiles
116 %{sysconfdir}/ssh/moduli
117 end
118
119 script prein
120 getent group ssh_keys >/dev/null || groupadd -r ssh_keys
121 end
122 end
123
124 package openssh-clients
125 summary = OpenSSH client applications.
126 description = %{summary}
127
128 requires = openssh = %{thisver}
129
130 files
131 %{sysconfdir}/ssh/ssh_config
132 %{bindir}/scp
133 %{bindir}/sftp
134 %{bindir}/slogin
135 %{bindir}/ssh
136 %{bindir}/ssh-add
137 %{bindir}/ssh-agent
138 %{bindir}/ssh-copy-id
139 %{bindir}/ssh-keyscan
140 %{libdir}/openssh/ssh-pkcs11-helper
141 %{mandir}/man1/scp.1*
142 %{mandir}/man1/sftp.1*
143 %{mandir}/man1/slogin.1*
144 %{mandir}/man1/ssh-add.1*
145 %{mandir}/man1/ssh-agent.1*
146 %{mandir}/man1/ssh-copy-id.1*
147 %{mandir}/man1/ssh-keyscan.1*
148 %{mandir}/man1/ssh.1*
149 %{mandir}/man5/ssh_config.5*
150 %{mandir}/man8/ssh-pkcs11-helper.8*
151 end
152
153 configfiles
154 %{sysconfdir}/ssh/ssh_config
155 end
156 end
157
158 package openssh-server
159 summary = OpenSSH server applications.
160 description = %{summary}
161
162 requires
163 audit
164 openssh = %{thisver}
165 end
166
167 files
168 %{sysconfdir}/pam.d/sshd
169 %{sysconfdir}/ssh/sshd_config
170 %{unitdir}/sshd.service
171 %{libdir}/openssh/sftp-server
172 %{sbindir}/sshd-keygen
173 %{sbindir}/sshd
174 %{mandir}/man5/sshd_config.5*
175 %{mandir}/man5/moduli.5*
176 %{mandir}/man8/sshd.8*
177 %{mandir}/man8/sftp-server.8*
178 /var/empty/sshd
179 end
180
181 configfiles
182 %{sysconfdir}/ssh/sshd_config
183 end
184
185 prerequires
186 shadow-utils
187 systemd-units
188 end
189
190 script prein
191 # Create unprivileged user and group.
192 getent group sshd >/dev/null || groupadd -r sshd
193 getent passwd sshd >/dev/null || useradd -r -g sshd \
194 -c "Privilege-separated SSH" \
195 -d /var/empty/sshd -s /sbin/nologin sshd
196 end
197
198 script postin
199 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
200 end
201
202 script preun
203 /bin/systemctl --no-reload disable sshd.service >/dev/null 2>&1 || :
204 /bin/systemctl stop sshd.service >/dev/null 2>&1 || :
205 end
206
207 script postun
208 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
209 end
210
211 script postup
212 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
213
214 /bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
215 /bin/systemctl try-restart sshd-keygen.service >/dev/null 2>&1 || :
216 end
217 end
218
219 package %{name}-debuginfo
220 template DEBUGINFO
221 end
222 end
Michael's tree of IPFire 3.x.