]> git.ipfire.org Git - people/amarx/ipfire-3.x.git/blob - openssh/openssh.nm
projects / people / amarx / ipfire-3.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'stevee/openvswitch-systemd'
[people/amarx/ipfire-3.x.git] / openssh / openssh.nm
1 ###############################################################################
2 # IPFire.org - An Open Source Firewall Solution #
3 # Copyright (C) - IPFire Development Team <info@ipfire.org> #
4 ###############################################################################
5
6 name = openssh
7 version = 5.9p1
8 release = 6
9
10 groups = Application/Internet
11 url = http://www.openssh.com/portable.html
12 license = MIT
13 summary = An open source implementation of SSH protocol versions 1 and 2.
14
15 description
16 SSH (Secure SHell) is a program for logging into and executing
17 commands on a remote machine. SSH is intended to replace rlogin and
18 rsh, and to provide secure encrypted communications between two
19 untrusted hosts over an insecure network.
20 end
21
22 source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
23
24 build
25 requires
26 audit-devel
27 autoconf
28 automake
29 groff
30 libedit-devel
31 libselinux-devel
32 ncurses-devel
33 openldap-devel
34 openssl-devel >= 1.0.0d-2
35 pam-devel
36 util-linux
37 zlib-devel
38 end
39
40 # Apply patches in a special order
41 patches
42 openssh-5.9p1-coverity.patch
43 openssh-5.8p1-fingerprint.patch
44 openssh-5.8p1-getaddrinfo.patch
45 openssh-5.8p1-packet.patch
46 openssh-5.9p1-2auth.patch
47 openssh-5.9p1-role.patch
48 openssh-5.9p1-mls.patch
49 openssh-5.9p1-sftp-chroot.patch
50 openssh-5.9p1-akc.patch
51 openssh-5.9p1-keygen.patch
52 openssh-5.2p1-allow-ip-opts.patch
53 openssh-5.9p1-randclean.patch
54 openssh-5.8p1-keyperm.patch
55 openssh-5.8p2-remove-stale-control-socket.patch
56 openssh-5.9p1-ipv6man.patch
57 openssh-5.8p2-sigpipe.patch
58 openssh-5.8p2-askpass-ld.patch
59 openssh-5.5p1-x11.patch
60 openssh-5.6p1-exit-deadlock.patch
61 openssh-5.1p1-askpass-progress.patch
62 openssh-4.3p2-askpass-grab-info.patch
63 openssh-5.9p1-edns.patch
64 openssh-5.1p1-scp-manpage.patch
65 openssh-5.8p1-localdomain.patch
66 openssh-5.9p1-ipfire.patch
67 openssh-5.9p1-entropy.patch
68 openssh-5.9p1-vendor.patch
69 openssh-5.8p2-force_krb.patch
70 openssh-5.9p1-kuserok.patch
71 end
72
73 configure_options += \
74 --sysconfdir=%{sysconfdir}/ssh \
75 --datadir=%{datadir}/sshd \
76 --libexecdir=%{libdir}/openssh \
77 --with-default-path=/usr/local/bin:/bin:/usr/bin \
78 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
79 --with-privsep-path=/var/empty/sshd \
80 --enable-vendor-patchlevel="%{DISTRO_NAME} %{thisver}" \
81 --disable-strip \
82 --with-ssl-engine \
83 --with-authorized-keys-command \
84 --with-ipaddr-display \
85 --with-ldap \
86 --with-pam \
87 --with-libedit \
88 --with-selinux \
89 --with-audit=linux
90
91 prepare_cmds
92 autoreconf -vfi
93 end
94
95 install_cmds
96 # Disable GSS API authentication because KRB5 is required for that.
97 sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config
98
99 # Install scriptfile for key generation
100 mkdir -pv %{BUILDROOT}%{sbindir}
101 install -m 754 %{DIR_SOURCE}/sshd-keygen %{BUILDROOT}%{sbindir}
102
103 # Install ssh-copy-id.
104 install -m755 contrib/ssh-copy-id %{BUILDROOT}%{bindir}
105 install contrib/ssh-copy-id.1 %{BUILDROOT}%{mandir}/man1/
106 end
107 end
108
109 packages
110 package openssh
111 prerequires
112 shadow-utils
113 end
114
115 requires
116 openssh-clients = %{thisver}
117 openssh-server = %{thisver}
118 end
119
120 configfiles
121 %{sysconfdir}/ssh/moduli
122 end
123
124 script prein
125 getent group ssh_keys >/dev/null || groupadd -r ssh_keys
126 end
127 end
128
129 package openssh-clients
130 summary = OpenSSH client applications.
131 description = %{summary}
132
133 requires = openssh = %{thisver}
134
135 files
136 %{sysconfdir}/ssh/ssh_config
137 %{bindir}/scp
138 %{bindir}/sftp
139 %{bindir}/slogin
140 %{bindir}/ssh
141 %{bindir}/ssh-add
142 %{bindir}/ssh-agent
143 %{bindir}/ssh-copy-id
144 %{bindir}/ssh-keyscan
145 %{libdir}/openssh/ssh-pkcs11-helper
146 %{mandir}/man1/scp.1*
147 %{mandir}/man1/sftp.1*
148 %{mandir}/man1/slogin.1*
149 %{mandir}/man1/ssh-add.1*
150 %{mandir}/man1/ssh-agent.1*
151 %{mandir}/man1/ssh-copy-id.1*
152 %{mandir}/man1/ssh-keyscan.1*
153 %{mandir}/man1/ssh.1*
154 %{mandir}/man5/ssh_config.5*
155 %{mandir}/man8/ssh-pkcs11-helper.8*
156 end
157
158 configfiles
159 %{sysconfdir}/ssh/ssh_config
160 end
161 end
162
163 package openssh-server
164 summary = OpenSSH server applications.
165 description = %{summary}
166
167 requires
168 audit
169 openssh = %{thisver}
170 end
171
172 files
173 %{sysconfdir}/pam.d/sshd
174 %{sysconfdir}/ssh/sshd_config
175 /lib/systemd
176 %{libdir}/openssh/sftp-server
177 %{sbindir}/sshd-keygen
178 %{sbindir}/sshd
179 %{mandir}/man5/sshd_config.5*
180 %{mandir}/man5/moduli.5*
181 %{mandir}/man8/sshd.8*
182 %{mandir}/man8/sftp-server.8*
183 /var/empty/sshd
184 end
185
186 configfiles
187 %{sysconfdir}/ssh/sshd_config
188 end
189
190 prerequires
191 shadow-utils
192 systemd-units
193 end
194
195 script prein
196 # Create unprivileged user and group.
197 getent group sshd >/dev/null || groupadd -r sshd
198 getent passwd sshd >/dev/null || useradd -r -g sshd \
199 -c "Privilege-separated SSH" \
200 -d /var/empty/sshd -s /sbin/nologin sshd
201 end
202
203 script postin
204 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
205 end
206
207 script preun
208 /bin/systemctl --no-reload disable sshd.service >/dev/null 2>&1 || :
209 /bin/systemctl stop sshd.service >/dev/null 2>&1 || :
210 end
211
212 script postun
213 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
214 end
215
216 script postup
217 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
218
219 /bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
220 /bin/systemctl try-restart sshd-keygen.service >/dev/null 2>&1 || :
221 end
222 end
223
224 package %{name}-debuginfo
225 template DEBUGINFO
226 end
227 end
Alex's tree of IPFire 3.x