]>
Commit | Line | Data |
---|---|---|
8b63a194 | 1 | ############################################################################### |
802ea3af MT |
2 | # IPFire.org - An Open Source Firewall Solution # |
3 | # Copyright (C) - IPFire Development Team <info@ipfire.org> # | |
8b63a194 | 4 | ############################################################################### |
5 | ||
802ea3af | 6 | name = openssh |
43c69e28 SS |
7 | version = 6.1p1 |
8 | release = 1 | |
8b63a194 | 9 | |
802ea3af MT |
10 | groups = Application/Internet |
11 | url = http://www.openssh.com/portable.html | |
12 | license = MIT | |
13 | summary = An open source implementation of SSH protocol versions 1 and 2. | |
8b63a194 | 14 | |
802ea3af | 15 | description |
9d8fd3ad SS |
16 | SSH (Secure SHell) is a program for logging into and executing |
17 | commands on a remote machine. SSH is intended to replace rlogin and | |
18 | rsh, and to provide secure encrypted communications between two | |
8b63a194 | 19 | untrusted hosts over an insecure network. |
802ea3af | 20 | end |
8b63a194 | 21 | |
9d8fd3ad | 22 | source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ |
8b63a194 | 23 | |
802ea3af MT |
24 | build |
25 | requires | |
26 | audit-devel | |
9d8fd3ad SS |
27 | autoconf |
28 | automake | |
e78de92e MT |
29 | groff |
30 | libedit-devel | |
802ea3af | 31 | libselinux-devel |
e78de92e MT |
32 | ncurses-devel |
33 | openldap-devel | |
34 | openssl-devel >= 1.0.0d-2 | |
802ea3af | 35 | pam-devel |
e78de92e | 36 | util-linux |
802ea3af MT |
37 | zlib-devel |
38 | end | |
ba2e7991 | 39 | |
802ea3af MT |
40 | # Apply patches in a special order |
41 | patches | |
43c69e28 | 42 | openssh-6.1p1-coverity.patch |
802ea3af | 43 | openssh-5.8p1-fingerprint.patch |
9d8fd3ad SS |
44 | openssh-5.8p1-getaddrinfo.patch |
45 | openssh-5.8p1-packet.patch | |
43c69e28 SS |
46 | openssh-6.1p1-authenticationmethods.patch |
47 | openssh-6.1p1-role-mls.patch | |
9d8fd3ad | 48 | openssh-5.9p1-sftp-chroot.patch |
43c69e28 | 49 | openssh-6.1p1-akc.patch |
802ea3af | 50 | openssh-5.2p1-allow-ip-opts.patch |
9d8fd3ad SS |
51 | openssh-5.9p1-randclean.patch |
52 | openssh-5.8p1-keyperm.patch | |
53 | openssh-5.8p2-remove-stale-control-socket.patch | |
54 | openssh-5.9p1-ipv6man.patch | |
55 | openssh-5.8p2-sigpipe.patch | |
43c69e28 | 56 | openssh-6.1p1-askpass-ld.patch |
802ea3af MT |
57 | openssh-5.5p1-x11.patch |
58 | openssh-5.6p1-exit-deadlock.patch | |
59 | openssh-5.1p1-askpass-progress.patch | |
60 | openssh-4.3p2-askpass-grab-info.patch | |
9d8fd3ad | 61 | openssh-5.9p1-edns.patch |
802ea3af | 62 | openssh-5.1p1-scp-manpage.patch |
9d8fd3ad SS |
63 | openssh-5.8p1-localdomain.patch |
64 | openssh-5.9p1-ipfire.patch | |
43c69e28 SS |
65 | openssh-6.0p1-entropy.patch |
66 | openssh-6.1p1-vendor.patch | |
9d8fd3ad | 67 | openssh-5.8p2-force_krb.patch |
43c69e28 SS |
68 | openssh-6.1p1-kuserok.patch |
69 | openssh-6.1p1-required-authentications.patch | |
802ea3af | 70 | end |
ba2e7991 | 71 | |
802ea3af | 72 | configure_options += \ |
e78de92e MT |
73 | --sysconfdir=%{sysconfdir}/ssh \ |
74 | --datadir=%{datadir}/sshd \ | |
75 | --libexecdir=%{libdir}/openssh \ | |
76 | --with-default-path=/usr/local/bin:/bin:/usr/bin \ | |
77 | --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ | |
78 | --with-privsep-path=/var/empty/sshd \ | |
79 | --enable-vendor-patchlevel="%{DISTRO_NAME} %{thisver}" \ | |
80 | --disable-strip \ | |
81 | --with-ssl-engine \ | |
82 | --with-authorized-keys-command \ | |
83 | --with-ipaddr-display \ | |
802ea3af | 84 | --with-pam \ |
e78de92e | 85 | --with-libedit \ |
802ea3af | 86 | --with-selinux \ |
802ea3af | 87 | --with-audit=linux |
b771887d | 88 | |
9d8fd3ad | 89 | prepare_cmds |
e78de92e | 90 | autoreconf -vfi |
9d8fd3ad SS |
91 | end |
92 | ||
802ea3af | 93 | install_cmds |
cdfe238b MT |
94 | # Disable GSS API authentication because KRB5 is required for that. |
95 | sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config | |
99c42052 | 96 | |
802ea3af | 97 | # Install scriptfile for key generation |
e78de92e MT |
98 | mkdir -pv %{BUILDROOT}%{sbindir} |
99 | install -m 754 %{DIR_SOURCE}/sshd-keygen %{BUILDROOT}%{sbindir} | |
100 | ||
101 | # Install ssh-copy-id. | |
102 | install -m755 contrib/ssh-copy-id %{BUILDROOT}%{bindir} | |
103 | install contrib/ssh-copy-id.1 %{BUILDROOT}%{mandir}/man1/ | |
802ea3af MT |
104 | end |
105 | end | |
99c42052 | 106 | |
802ea3af MT |
107 | packages |
108 | package openssh | |
e78de92e MT |
109 | prerequires |
110 | shadow-utils | |
111 | end | |
112 | ||
e78de92e MT |
113 | configfiles |
114 | %{sysconfdir}/ssh/moduli | |
115 | end | |
116 | ||
117 | script prein | |
eccf0dae | 118 | getent group ssh_keys >/dev/null || groupadd -r ssh_keys |
802ea3af MT |
119 | end |
120 | end | |
1f9bc2f0 | 121 | |
802ea3af MT |
122 | package openssh-clients |
123 | summary = OpenSSH client applications. | |
124 | description = %{summary} | |
1f9bc2f0 | 125 | |
e78de92e MT |
126 | requires = openssh = %{thisver} |
127 | ||
802ea3af | 128 | files |
e78de92e MT |
129 | %{sysconfdir}/ssh/ssh_config |
130 | %{bindir}/scp | |
131 | %{bindir}/sftp | |
132 | %{bindir}/slogin | |
133 | %{bindir}/ssh | |
134 | %{bindir}/ssh-add | |
135 | %{bindir}/ssh-agent | |
136 | %{bindir}/ssh-copy-id | |
137 | %{bindir}/ssh-keyscan | |
138 | %{libdir}/openssh/ssh-pkcs11-helper | |
139 | %{mandir}/man1/scp.1* | |
140 | %{mandir}/man1/sftp.1* | |
141 | %{mandir}/man1/slogin.1* | |
142 | %{mandir}/man1/ssh-add.1* | |
143 | %{mandir}/man1/ssh-agent.1* | |
144 | %{mandir}/man1/ssh-copy-id.1* | |
145 | %{mandir}/man1/ssh-keyscan.1* | |
146 | %{mandir}/man1/ssh.1* | |
147 | %{mandir}/man5/ssh_config.5* | |
148 | %{mandir}/man8/ssh-pkcs11-helper.8* | |
802ea3af | 149 | end |
cdfe238b MT |
150 | |
151 | configfiles | |
e78de92e | 152 | %{sysconfdir}/ssh/ssh_config |
cdfe238b | 153 | end |
802ea3af | 154 | end |
1f9bc2f0 | 155 | |
802ea3af MT |
156 | package openssh-server |
157 | summary = OpenSSH server applications. | |
158 | description = %{summary} | |
1f9bc2f0 | 159 | |
23a87d82 MT |
160 | requires |
161 | audit | |
162 | openssh = %{thisver} | |
163 | end | |
1f9bc2f0 | 164 | |
802ea3af | 165 | files |
e78de92e MT |
166 | %{sysconfdir}/pam.d/sshd |
167 | %{sysconfdir}/ssh/sshd_config | |
839658bf | 168 | %{unitdir}/sshd.service |
43c69e28 | 169 | %{unitdir}/sshd-keygen.service |
e78de92e MT |
170 | %{libdir}/openssh/sftp-server |
171 | %{sbindir}/sshd-keygen | |
172 | %{sbindir}/sshd | |
173 | %{mandir}/man5/sshd_config.5* | |
174 | %{mandir}/man5/moduli.5* | |
175 | %{mandir}/man8/sshd.8* | |
176 | %{mandir}/man8/sftp-server.8* | |
177 | /var/empty/sshd | |
802ea3af | 178 | end |
65de838d | 179 | |
cdfe238b | 180 | configfiles |
e78de92e | 181 | %{sysconfdir}/ssh/sshd_config |
cdfe238b MT |
182 | end |
183 | ||
4d26274c SS |
184 | prerequires |
185 | shadow-utils | |
186 | systemd-units | |
187 | end | |
65de838d MT |
188 | |
189 | script prein | |
802ea3af | 190 | # Create unprivileged user and group. |
e78de92e MT |
191 | getent group sshd >/dev/null || groupadd -r sshd |
192 | getent passwd sshd >/dev/null || useradd -r -g sshd \ | |
193 | -c "Privilege-separated SSH" \ | |
194 | -d /var/empty/sshd -s /sbin/nologin sshd | |
802ea3af | 195 | end |
65de838d MT |
196 | |
197 | script postin | |
198 | /bin/systemctl daemon-reload >/dev/null 2>&1 || : | |
199 | end | |
200 | ||
201 | script preun | |
e78de92e | 202 | /bin/systemctl --no-reload disable sshd.service >/dev/null 2>&1 || : |
e78de92e | 203 | /bin/systemctl stop sshd.service >/dev/null 2>&1 || : |
65de838d MT |
204 | end |
205 | ||
206 | script postun | |
207 | /bin/systemctl daemon-reload >/dev/null 2>&1 || : | |
208 | end | |
209 | ||
210 | script postup | |
211 | /bin/systemctl daemon-reload >/dev/null 2>&1 || : | |
e78de92e MT |
212 | |
213 | /bin/systemctl try-restart sshd.service >/dev/null 2>&1 || : | |
214 | /bin/systemctl try-restart sshd-keygen.service >/dev/null 2>&1 || : | |
65de838d | 215 | end |
802ea3af | 216 | end |
1f9bc2f0 MT |
217 | |
218 | package %{name}-debuginfo | |
219 | template DEBUGINFO | |
220 | end | |
802ea3af | 221 | end |