]> git.ipfire.org Git - people/stevee/ipfire-3.x.git/blob - openssh/openssh.nm
projects / people / stevee / ipfire-3.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
guile: Update to 2.2.4
[people/stevee/ipfire-3.x.git] / openssh / openssh.nm
1 ###############################################################################
2 # IPFire.org - An Open Source Firewall Solution #
3 # Copyright (C) - IPFire Development Team <info@ipfire.org> #
4 ###############################################################################
5
6 name = openssh
7 version = 7.5p1
8 release = 1
9
10 groups = Application/Internet
11 url = http://www.openssh.com/portable.html
12 license = MIT
13 summary = An open source implementation of SSH protocol versions 1 and 2.
14
15 description
16 SSH (Secure SHell) is a program for logging into and executing
17 commands on a remote machine. SSH is intended to replace rlogin and
18 rsh, and to provide secure encrypted communications between two
19 untrusted hosts over an insecure network.
20 end
21
22 source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
23
24 build
25 requires
26 autoconf
27 automake
28 groff
29 libedit-devel
30 ncurses-devel
31 openldap-devel
32 openssl-devel >= 1.0.2
33 pam-devel
34 util-linux
35 zlib-devel
36 end
37
38 configure_options += \
39 --sysconfdir=%{sysconfdir}/ssh \
40 --datadir=%{datadir}/sshd \
41 --libexecdir=%{libdir}/openssh \
42 --with-default-path=/usr/local/bin:/bin:/usr/bin \
43 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
44 --with-privsep-path=/var/empty/sshd \
45 --enable-vendor-patchlevel="%{DISTRO_NAME} %{thisver}" \
46 --disable-strip \
47 --with-ssl-engine \
48 --with-authorized-keys-command \
49 --with-ipaddr-display \
50 --with-pam \
51 --with-libedit
52
53 prepare_cmds
54 autoreconf -vfi
55 end
56
57 install_cmds
58 # Disable GSS API authentication because KRB5 is required for that.
59 sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config
60
61 # Enable PAM usage, disable ChallengeResponseAuthentication, enable root login and disable Motd.
62 sed \
63 -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \
64 -e '/^#PrintMotd yes$/c PrintMotd no' \
65 -e '/^#UsePAM no$/c UsePAM yes' \
66 -e '/^#PermitRootLogin prohibit-password$/c PermitRootLogin yes' \
67 -i %{BUILDROOT}/etc/ssh/sshd_config
68
69 # Install scriptfile for key generation
70 mkdir -pv %{BUILDROOT}%{sbindir}
71 install -m 754 %{DIR_SOURCE}/sshd-keygen %{BUILDROOT}%{sbindir}
72
73 # Install ssh-copy-id.
74 install -m755 contrib/ssh-copy-id %{BUILDROOT}%{bindir}
75 install contrib/ssh-copy-id.1 %{BUILDROOT}%{mandir}/man1/
76 end
77 end
78
79 packages
80 package openssh
81 prerequires
82 shadow-utils
83 end
84
85 configfiles
86 %{sysconfdir}/ssh/moduli
87 end
88
89 script prein
90 getent group ssh_keys >/dev/null || groupadd -r ssh_keys
91 end
92 end
93
94 package openssh-clients
95 summary = OpenSSH client applications.
96 description = %{summary}
97
98 requires = openssh = %{thisver}
99
100 files
101 %{sysconfdir}/ssh/ssh_config
102 %{bindir}/scp
103 %{bindir}/sftp
104 %{bindir}/slogin
105 %{bindir}/ssh
106 %{bindir}/ssh-add
107 %{bindir}/ssh-agent
108 %{bindir}/ssh-copy-id
109 %{bindir}/ssh-keyscan
110 %{libdir}/openssh/ssh-pkcs11-helper
111 %{mandir}/man1/scp.1*
112 %{mandir}/man1/sftp.1*
113 %{mandir}/man1/slogin.1*
114 %{mandir}/man1/ssh-add.1*
115 %{mandir}/man1/ssh-agent.1*
116 %{mandir}/man1/ssh-copy-id.1*
117 %{mandir}/man1/ssh-keyscan.1*
118 %{mandir}/man1/ssh.1*
119 %{mandir}/man5/ssh_config.5*
120 %{mandir}/man8/ssh-pkcs11-helper.8*
121 end
122
123 configfiles
124 %{sysconfdir}/ssh/ssh_config
125 end
126 end
127
128 package openssh-server
129 summary = OpenSSH server applications.
130 description = %{summary}
131
132 requires
133 audit
134 openssh = %{thisver}
135 end
136
137 files
138 %{sysconfdir}/pam.d/sshd
139 %{sysconfdir}/ssh/sshd_config
140 %{unitdir}/sshd.service
141 %{unitdir}/sshd-keygen.service
142 %{unitdir}/sshd@.service
143 %{unitdir}/sshd.socket
144 %{libdir}/openssh/sftp-server
145 %{sbindir}/sshd-keygen
146 %{sbindir}/sshd
147 %{mandir}/man5/sshd_config.5*
148 %{mandir}/man5/moduli.5*
149 %{mandir}/man8/sshd.8*
150 %{mandir}/man8/sftp-server.8*
151 /var/empty/sshd
152 end
153
154 configfiles
155 %{sysconfdir}/ssh/sshd_config
156 end
157
158 prerequires
159 shadow-utils
160 systemd-units
161 end
162
163 script prein
164 # Create unprivileged user and group.
165 getent group sshd >/dev/null || groupadd -r sshd
166 getent passwd sshd >/dev/null || useradd -r -g sshd \
167 -c "Privilege-separated SSH" \
168 -d /var/empty/sshd -s /sbin/nologin sshd
169 end
170
171 script postin
172 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
173 end
174
175 script preun
176 /bin/systemctl --no-reload disable sshd.service >/dev/null 2>&1 || :
177 /bin/systemctl --no-reload disable sshd.socket
178 /bin/systemctl stop sshd.service >/dev/null 2>&1 || :
179 /bin/systemctl stop sshd.socket >/dev/null 2>&1 || :
180 end
181
182 script postun
183 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
184 end
185
186 script postup
187 # Enable root login.
188 sed -e '/^#PermitRootLogin prohibit-password$/c PermitRootLogin yes' \
189 -i %{sysconfdir}/ssh/sshd_config
190
191 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
192
193 /bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
194 /bin/systemctl try-restart sshd-keygen.service >/dev/null 2>&1 || :
195 end
196 end
197
198 package %{name}-debuginfo
199 template DEBUGINFO
200 end
201 end
Stefan's tree of IPFire 3.x.