]> git.ipfire.org Git - people/ms/ipfire-3.x.git/blob - openssh/openssh.nm
projects / people / ms / ipfire-3.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge remote-tracking branch 'stevee/ppp-update'
[people/ms/ipfire-3.x.git] / openssh / openssh.nm
1 ###############################################################################
2 # IPFire.org - An Open Source Firewall Solution #
3 # Copyright (C) - IPFire Development Team <info@ipfire.org> #
4 ###############################################################################
5
6 name = openssh
7 version = 6.1p1
8 release = 1
9
10 groups = Application/Internet
11 url = http://www.openssh.com/portable.html
12 license = MIT
13 summary = An open source implementation of SSH protocol versions 1 and 2.
14
15 description
16 SSH (Secure SHell) is a program for logging into and executing
17 commands on a remote machine. SSH is intended to replace rlogin and
18 rsh, and to provide secure encrypted communications between two
19 untrusted hosts over an insecure network.
20 end
21
22 source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
23
24 build
25 requires
26 audit-devel
27 autoconf
28 automake
29 groff
30 libedit-devel
31 libselinux-devel
32 ncurses-devel
33 openldap-devel
34 openssl-devel >= 1.0.0d-2
35 pam-devel
36 util-linux
37 zlib-devel
38 end
39
40 # Apply patches in a special order
41 patches
42 openssh-6.1p1-coverity.patch
43 openssh-5.8p1-fingerprint.patch
44 openssh-5.8p1-getaddrinfo.patch
45 openssh-5.8p1-packet.patch
46 openssh-6.1p1-authenticationmethods.patch
47 openssh-6.1p1-role-mls.patch
48 openssh-5.9p1-sftp-chroot.patch
49 openssh-6.1p1-akc.patch
50 openssh-5.2p1-allow-ip-opts.patch
51 openssh-5.9p1-randclean.patch
52 openssh-5.8p1-keyperm.patch
53 openssh-5.8p2-remove-stale-control-socket.patch
54 openssh-5.9p1-ipv6man.patch
55 openssh-5.8p2-sigpipe.patch
56 openssh-6.1p1-askpass-ld.patch
57 openssh-5.5p1-x11.patch
58 openssh-5.6p1-exit-deadlock.patch
59 openssh-5.1p1-askpass-progress.patch
60 openssh-4.3p2-askpass-grab-info.patch
61 openssh-5.9p1-edns.patch
62 openssh-5.1p1-scp-manpage.patch
63 openssh-5.8p1-localdomain.patch
64 openssh-5.9p1-ipfire.patch
65 openssh-6.0p1-entropy.patch
66 openssh-6.1p1-vendor.patch
67 openssh-5.8p2-force_krb.patch
68 openssh-6.1p1-kuserok.patch
69 openssh-6.1p1-required-authentications.patch
70 end
71
72 configure_options += \
73 --sysconfdir=%{sysconfdir}/ssh \
74 --datadir=%{datadir}/sshd \
75 --libexecdir=%{libdir}/openssh \
76 --with-default-path=/usr/local/bin:/bin:/usr/bin \
77 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
78 --with-privsep-path=/var/empty/sshd \
79 --enable-vendor-patchlevel="%{DISTRO_NAME} %{thisver}" \
80 --disable-strip \
81 --with-ssl-engine \
82 --with-authorized-keys-command \
83 --with-ipaddr-display \
84 --with-pam \
85 --with-libedit \
86 --with-selinux \
87 --with-audit=linux
88
89 prepare_cmds
90 autoreconf -vfi
91 end
92
93 install_cmds
94 # Disable GSS API authentication because KRB5 is required for that.
95 sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config
96
97 # Install scriptfile for key generation
98 mkdir -pv %{BUILDROOT}%{sbindir}
99 install -m 754 %{DIR_SOURCE}/sshd-keygen %{BUILDROOT}%{sbindir}
100
101 # Install ssh-copy-id.
102 install -m755 contrib/ssh-copy-id %{BUILDROOT}%{bindir}
103 install contrib/ssh-copy-id.1 %{BUILDROOT}%{mandir}/man1/
104 end
105 end
106
107 packages
108 package openssh
109 prerequires
110 shadow-utils
111 end
112
113 configfiles
114 %{sysconfdir}/ssh/moduli
115 end
116
117 script prein
118 getent group ssh_keys >/dev/null || groupadd -r ssh_keys
119 end
120 end
121
122 package openssh-clients
123 summary = OpenSSH client applications.
124 description = %{summary}
125
126 requires = openssh = %{thisver}
127
128 files
129 %{sysconfdir}/ssh/ssh_config
130 %{bindir}/scp
131 %{bindir}/sftp
132 %{bindir}/slogin
133 %{bindir}/ssh
134 %{bindir}/ssh-add
135 %{bindir}/ssh-agent
136 %{bindir}/ssh-copy-id
137 %{bindir}/ssh-keyscan
138 %{libdir}/openssh/ssh-pkcs11-helper
139 %{mandir}/man1/scp.1*
140 %{mandir}/man1/sftp.1*
141 %{mandir}/man1/slogin.1*
142 %{mandir}/man1/ssh-add.1*
143 %{mandir}/man1/ssh-agent.1*
144 %{mandir}/man1/ssh-copy-id.1*
145 %{mandir}/man1/ssh-keyscan.1*
146 %{mandir}/man1/ssh.1*
147 %{mandir}/man5/ssh_config.5*
148 %{mandir}/man8/ssh-pkcs11-helper.8*
149 end
150
151 configfiles
152 %{sysconfdir}/ssh/ssh_config
153 end
154 end
155
156 package openssh-server
157 summary = OpenSSH server applications.
158 description = %{summary}
159
160 requires
161 audit
162 openssh = %{thisver}
163 end
164
165 files
166 %{sysconfdir}/pam.d/sshd
167 %{sysconfdir}/ssh/sshd_config
168 %{unitdir}/sshd.service
169 %{unitdir}/sshd-keygen.service
170 %{libdir}/openssh/sftp-server
171 %{sbindir}/sshd-keygen
172 %{sbindir}/sshd
173 %{mandir}/man5/sshd_config.5*
174 %{mandir}/man5/moduli.5*
175 %{mandir}/man8/sshd.8*
176 %{mandir}/man8/sftp-server.8*
177 /var/empty/sshd
178 end
179
180 configfiles
181 %{sysconfdir}/ssh/sshd_config
182 end
183
184 prerequires
185 shadow-utils
186 systemd-units
187 end
188
189 script prein
190 # Create unprivileged user and group.
191 getent group sshd >/dev/null || groupadd -r sshd
192 getent passwd sshd >/dev/null || useradd -r -g sshd \
193 -c "Privilege-separated SSH" \
194 -d /var/empty/sshd -s /sbin/nologin sshd
195 end
196
197 script postin
198 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
199 end
200
201 script preun
202 /bin/systemctl --no-reload disable sshd.service >/dev/null 2>&1 || :
203 /bin/systemctl stop sshd.service >/dev/null 2>&1 || :
204 end
205
206 script postun
207 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
208 end
209
210 script postup
211 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
212
213 /bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
214 /bin/systemctl try-restart sshd-keygen.service >/dev/null 2>&1 || :
215 end
216 end
217
218 package %{name}-debuginfo
219 template DEBUGINFO
220 end
221 end
Michael's tree of IPFire 3.x.