]>
Commit | Line | Data |
---|---|---|
8b63a194 | 1 | ############################################################################### |
802ea3af MT |
2 | # IPFire.org - An Open Source Firewall Solution # |
3 | # Copyright (C) - IPFire Development Team <info@ipfire.org> # | |
8b63a194 | 4 | ############################################################################### |
5 | ||
802ea3af | 6 | name = openssh |
9d8fd3ad | 7 | version = 5.9p1 |
4d26274c | 8 | release = 3 |
8b63a194 | 9 | |
802ea3af MT |
10 | groups = Application/Internet |
11 | url = http://www.openssh.com/portable.html | |
12 | license = MIT | |
13 | summary = An open source implementation of SSH protocol versions 1 and 2. | |
8b63a194 | 14 | |
802ea3af | 15 | description |
9d8fd3ad SS |
16 | SSH (Secure SHell) is a program for logging into and executing |
17 | commands on a remote machine. SSH is intended to replace rlogin and | |
18 | rsh, and to provide secure encrypted communications between two | |
8b63a194 | 19 | untrusted hosts over an insecure network. |
802ea3af | 20 | end |
8b63a194 | 21 | |
9d8fd3ad | 22 | source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ |
8b63a194 | 23 | |
802ea3af MT |
24 | build |
25 | requires | |
26 | audit-devel | |
9d8fd3ad SS |
27 | autoconf |
28 | automake | |
802ea3af MT |
29 | libselinux-devel |
30 | nss-devel | |
31 | openssl-devel>=1.0.0d-2 | |
32 | pam-devel | |
33 | zlib-devel | |
34 | end | |
ba2e7991 | 35 | |
802ea3af MT |
36 | # Apply patches in a special order |
37 | patches | |
9d8fd3ad | 38 | openssh-5.9p1-coverity.patch |
802ea3af | 39 | openssh-5.8p1-fingerprint.patch |
9d8fd3ad SS |
40 | openssh-5.8p1-getaddrinfo.patch |
41 | openssh-5.8p1-packet.patch | |
42 | openssh-5.9p1-2auth.patch | |
43 | openssh-5.9p1-role.patch | |
44 | openssh-5.9p1-mls.patch | |
45 | openssh-5.9p1-sftp-chroot.patch | |
46 | openssh-5.9p1-akc.patch | |
47 | openssh-5.9p1-keygen.patch | |
802ea3af | 48 | openssh-5.2p1-allow-ip-opts.patch |
9d8fd3ad SS |
49 | openssh-5.9p1-randclean.patch |
50 | openssh-5.8p1-keyperm.patch | |
51 | openssh-5.8p2-remove-stale-control-socket.patch | |
52 | openssh-5.9p1-ipv6man.patch | |
53 | openssh-5.8p2-sigpipe.patch | |
54 | openssh-5.8p2-askpass-ld.patch | |
802ea3af MT |
55 | openssh-5.5p1-x11.patch |
56 | openssh-5.6p1-exit-deadlock.patch | |
57 | openssh-5.1p1-askpass-progress.patch | |
58 | openssh-4.3p2-askpass-grab-info.patch | |
9d8fd3ad | 59 | openssh-5.9p1-edns.patch |
802ea3af | 60 | openssh-5.1p1-scp-manpage.patch |
9d8fd3ad SS |
61 | openssh-5.8p1-localdomain.patch |
62 | openssh-5.9p1-ipfire.patch | |
63 | openssh-5.9p1-entropy.patch | |
64 | openssh-5.9p1-vendor.patch | |
65 | openssh-5.8p2-force_krb.patch | |
66 | openssh-5.9p1-kuserok.patch | |
802ea3af | 67 | end |
ba2e7991 | 68 | |
802ea3af MT |
69 | configure_options += \ |
70 | --sysconfdir=/etc/ssh \ | |
71 | --datadir=/usr/share/sshd \ | |
72 | --libexecdir=/usr/lib/openssh \ | |
73 | --with-md5-passwords \ | |
74 | --with-privsep-path=/var/lib/sshd \ | |
75 | --with-pam \ | |
76 | --with-selinux \ | |
802ea3af | 77 | --with-audit=linux |
b771887d | 78 | |
9d8fd3ad SS |
79 | prepare_cmds |
80 | autoreconf | |
81 | end | |
82 | ||
802ea3af | 83 | install_cmds |
cdfe238b MT |
84 | # Disable GSS API authentication because KRB5 is required for that. |
85 | sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config | |
99c42052 | 86 | |
802ea3af MT |
87 | # Install scriptfile for key generation |
88 | install -m 754 %{DIR_SOURCE}/ssh-keygen %{BUILDROOT}/usr/lib/openssh/ | |
89 | end | |
90 | end | |
99c42052 | 91 | |
802ea3af MT |
92 | packages |
93 | package openssh | |
94 | requires | |
95 | openssh-clients=%{thisver} | |
96 | openssh-server=%{thisver} | |
97 | end | |
98 | end | |
1f9bc2f0 | 99 | |
802ea3af MT |
100 | package openssh-clients |
101 | summary = OpenSSH client applications. | |
102 | description = %{summary} | |
1f9bc2f0 | 103 | |
802ea3af MT |
104 | files |
105 | /etc/ssh/ssh_config | |
106 | /usr/bin/scp | |
107 | /usr/bin/sftp | |
108 | /usr/bin/slogin | |
109 | /usr/bin/ssh | |
110 | /usr/bin/ssh-add | |
111 | /usr/bin/ssh-agent | |
112 | /usr/bin/ssh-keyscan | |
113 | /usr/lib/openssh/ssh-pkcs11-helper | |
114 | /usr/share/man/cat1/scp.1 | |
115 | /usr/share/man/cat1/sftp.1 | |
116 | /usr/share/man/cat1/slogin.1 | |
117 | /usr/share/man/cat1/ssh-add.1 | |
118 | /usr/share/man/cat1/ssh-agent.1 | |
119 | /usr/share/man/cat1/ssh-keyscan.1 | |
120 | /usr/share/man/cat1/ssh.1 | |
121 | /usr/share/man/cat5/ssh_config.5 | |
122 | /usr/share/man/cat8/ssh-pkcs11-helper.8 | |
123 | end | |
cdfe238b MT |
124 | |
125 | configfiles | |
126 | /etc/ssh/ssh_config | |
127 | end | |
802ea3af | 128 | end |
1f9bc2f0 | 129 | |
802ea3af MT |
130 | package openssh-server |
131 | summary = OpenSSH server applications. | |
132 | description = %{summary} | |
1f9bc2f0 | 133 | |
802ea3af MT |
134 | # /usr/bin/ssh-keygen is needed to generate keys for the ssh server. |
135 | requires = /usr/bin/ssh-keygen | |
1f9bc2f0 | 136 | |
802ea3af MT |
137 | files |
138 | /etc/pam.d/sshd | |
139 | /etc/ssh/moduli | |
140 | /etc/ssh/sshd_config | |
141 | /lib/systemd/system/openssh.service | |
142 | /usr/lib/openssh/sftp-server | |
143 | /usr/lib/openssh/ssh-keygen | |
144 | /usr/sbin/sshd | |
145 | /usr/share/man/cat5/sshd_config.5* | |
146 | /usr/share/man/cat5/moduli.5* | |
147 | /usr/share/man/cat8/sshd.8* | |
148 | /usr/share/man/cat8/sftp-server.8* | |
149 | /var/lib/sshd | |
150 | end | |
65de838d | 151 | |
cdfe238b MT |
152 | configfiles |
153 | /etc/ssh/sshd_config | |
154 | end | |
155 | ||
4d26274c SS |
156 | prerequires |
157 | shadow-utils | |
158 | systemd-units | |
159 | end | |
65de838d MT |
160 | |
161 | script prein | |
802ea3af MT |
162 | # Create unprivileged user and group. |
163 | getent group sshd || groupadd -r sshd | |
164 | getent passwd sshd || useradd -r -g sshd \ | |
165 | -d /var/lib/sshd -s /sbin/nologin sshd | |
802ea3af | 166 | end |
65de838d MT |
167 | |
168 | script postin | |
169 | /bin/systemctl daemon-reload >/dev/null 2>&1 || : | |
170 | end | |
171 | ||
172 | script preun | |
173 | /bin/systemctl --no-reload disable openssh.service >/dev/null 2>&1 || : | |
174 | /bin/systemctl stop openssh.service >/dev/null 2>&1 || : | |
175 | end | |
176 | ||
177 | script postun | |
178 | /bin/systemctl daemon-reload >/dev/null 2>&1 || : | |
179 | end | |
180 | ||
181 | script postup | |
182 | /bin/systemctl daemon-reload >/dev/null 2>&1 || : | |
183 | end | |
802ea3af | 184 | end |
1f9bc2f0 MT |
185 | |
186 | package %{name}-debuginfo | |
187 | template DEBUGINFO | |
188 | end | |
802ea3af | 189 | end |