- (djm) [contrib/suse/openssh.spec contrib/suse/rc.

sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init files from imorgan AT nas.nasa.gov
author: Damien Miller <djm@mindrot.org> 2005-10-30 11:55:45 +1100
committer: Damien Miller <djm@mindrot.org> 2005-10-30 11:55:45 +1100
commit: 88edf6255bbc6c0ba87239608bb9b80656391330 (patch)
tree: a11a1f6fa6d3640f8a9e76239bf3ab62aea09b84
parent: a841dceb4c506fd21cd4278bd2dbf04fc4f13fc2 (diff)
4 files changed, 255 insertions, 138 deletions
diff --git a/ChangeLog b/ChangeLog
index d786b1d5b..3571cb2dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+20051030
+ - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
+   sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init 
+   files from imorgan AT nas.nasa.gov
 20051025
 - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
   sizeof(long long) checks, to make fixing bug #1104 easier (no changes
@@ -3115,4 +3120,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.3923 2005/10/25 08:55:00 dtucker Exp $
+$Id: ChangeLog,v 1.3924 2005/10/30 00:55:45 djm Exp $
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index 6ad862fad..27d043e3b 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -1,14 +1,29 @@
-Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
+# Default values for additional components
-Name: openssh
+%define build_x11_askpass       1
-Version: 4.2p1
-URL: http://www.openssh.com/
+# Define the UID/GID to use for privilege separation
-Release: 1
+%define sshd_gid        65
-Source0: openssh-%{version}.tar.gz
+%define sshd_uid        71
-Copyright: BSD
-Group: Applications/Internet
+# The version of x11-ssh-askpass to use
-BuildRoot: /tmp/openssh-%{version}-buildroot
+%define xversion        1.2.4.1
-PreReq: openssl
-Obsoletes: ssh
+# Allow the ability to override defaults with -D skip_xxx=1
+%{?skip_x11_askpass:%define build_x11_askpass 0}
+Summary:        OpenSSH, a free Secure Shell (SSH) protocol implementation
+Name:           openssh
+Version:        4.2p1
+URL:            http://www.openssh.com/
+Release:        1
+Source0:        openssh-%{version}.tar.gz
+Source1:        x11-ssh-askpass-%{xversion}.tar.gz
+License:        BSD
+Group:          Productivity/Networking/SSH
+BuildRoot:      %{_tmppath}/openssh-%{version}-buildroot
+PreReq:         openssl
+Obsoletes:      ssh
+Provides:       ssh
 #
 # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
 # building prerequisites -- stuff for
@@ -16,14 +31,25 @@ Obsoletes: ssh
 #   TCP Wrappers (nkitb),
 #   and Gnome (glibdev, gtkdev, and gnlibsd)
 #
-BuildPrereq: openssl
+BuildPrereq:    openssl
-BuildPrereq: nkitb
+BuildPrereq:    nkitb
-BuildPrereq: glibdev
+#BuildPrereq:   glibdev
-BuildPrereq: gtkdev
+#BuildPrereq:   gtkdev
-BuildPrereq: gnlibsd
+#BuildPrereq:   gnlibsd
+%package        askpass
+Summary:        A passphrase dialog for OpenSSH and the X window System.
+Group:          Productivity/Networking/SSH
+Requires:       openssh = %{version}
+Obsoletes:      ssh-extras
+Provides:       openssh:${_libdir}/ssh/ssh-askpass
+%if %{build_x11_askpass}
+BuildPrereq:    XFree86-devel
+%endif
 %description
-Ssh (Secure Shell) a program for logging into a remote machine and for
+Ssh (Secure Shell) is a program for logging into a remote machine and for
 executing commands in a remote machine.  It is intended to replace
 rlogin and rsh, and provide secure encrypted communications between
 two untrusted hosts over an insecure network.  X11 connections and
@@ -34,10 +60,26 @@ up to date in terms of security and features, as well as removing all
 patented algorithms to seperate libraries (OpenSSL).
 This package includes all files necessary for both the OpenSSH
-client and server. Additionally, this package contains the GNOME
+client and server.
-passphrase dialog.
+%description askpass
+Ssh (Secure Shell) is a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to seperate libraries (OpenSSL).
+This package contains an X Window System passphrase dialog for OpenSSH.
 %changelog
+* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov>
+- Removed accidental inclusion of --without-zlib-version-check
+* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov>
+- Overhaul to deal with newer versions of SuSE and OpenSSH
 * Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
 - Glob manpages to catch compressed files
 * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
@@ -84,116 +126,124 @@ passphrase dialog.
 %prep
+%if %{build_x11_askpass}
+%setup -q -a 1
+%else
 %setup -q
+%endif
 %build
 CFLAGS="$RPM_OPT_FLAGS" \
-./configure     --prefix=/usr \
+%configure      --prefix=/usr \
-                --sysconfdir=/etc/ssh \
+                --sysconfdir=%{_sysconfdir}/ssh \
-                --datadir=/usr/share/openssh \
+                --mandir=%{_mandir} \
+                --with-privsep-path=/var/lib/empty \
                --with-pam \
-                --with-gnome-askpass \
                --with-tcp-wrappers \
-                --with-ipv4-default \
+                --libexecdir=%{_libdir}/ssh
-                --libexecdir=/usr/lib/ssh
 make
-cd contrib
+%if %{build_x11_askpass}
-gcc -O -g `gnome-config --cflags gnome gnomeui` \
+cd x11-ssh-askpass-%{xversion}
-        gnome-ssh-askpass.c -o gnome-ssh-askpass \
+%configure      --mandir=/usr/X11R6/man \
-        `gnome-config --libs gnome gnomeui`
+                --libexecdir=%{_libdir}/ssh
+xmkmf -a
+make
 cd ..
+%endif
 %install
 rm -rf $RPM_BUILD_ROOT
 make install DESTDIR=$RPM_BUILD_ROOT/
-install -d $RPM_BUILD_ROOT/etc/ssh/
 install -d $RPM_BUILD_ROOT/etc/pam.d/
-install -d $RPM_BUILD_ROOT/sbin/init.d/
+install -d $RPM_BUILD_ROOT/etc/init.d/
 install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
-install -d $RPM_BUILD_ROOT/usr/lib/ssh
 install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
-install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd
+install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd
-ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd
+install -m744 contrib/suse/sysconfig.ssh \
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/gnome-ssh-askpass
-ln -s gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/ssh-askpass
-install -m744 contrib/suse/rc.config.sshd \
   $RPM_BUILD_ROOT/var/adm/fillup-templates
+%if %{build_x11_askpass}
+cd x11-ssh-askpass-%{xversion}
+make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/
+rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
+%endif
 %clean
 rm -rf $RPM_BUILD_ROOT
+%pre
+/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || :
+/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
 %post
-if [ "$1" = 1 ]; then
-  echo "Creating SSH stop/start scripts in the rc directories..."
-  ln -s ../sshd /sbin/init.d/rc2.d/K20sshd
-  ln -s ../sshd /sbin/init.d/rc2.d/S20sshd
-  ln -s ../sshd /sbin/init.d/rc3.d/K20sshd
-  ln -s ../sshd /sbin/init.d/rc3.d/S20sshd
-fi
-echo "Updating /etc/rc.config..."
-if [ -x /bin/fillup ] ; then
-  /bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.sshd
-else
-  echo "ERROR: fillup not found.  This should NOT happen in SuSE Linux."
-  echo "Update /etc/rc.config by hand from the following template file:"
-  echo "  /var/adm/fillup-templates/rc.config.sshd"
-fi
 if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
-        echo "Generating SSH host key..."
+        echo "Generating SSH RSA host key..."
-        /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
+        /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
 fi
 if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
        echo "Generating SSH DSA host key..."
-        /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2
+        /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
-fi
-if test -r /var/run/sshd.pid
-then
-        echo "Restarting the running SSH daemon..."
-        /usr/sbin/rcsshd restart >&2
 fi
+%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
+%run_permissions
+%verifyscript
+%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
 %preun
-if [ "$1" = 0 ]
+%stop_on_removal sshd
-then
-        echo "Stopping the SSH daemon..."
+%postun
-        /usr/sbin/rcsshd stop >&2
+%restart_on_update sshd
-        echo "Removing SSH stop/start scripts from the rc directories..."
+%{insserv_cleanup}
-        rm /sbin/init.d/rc2.d/K20sshd
-        rm /sbin/init.d/rc2.d/S20sshd
-        rm /sbin/init.d/rc3.d/K20sshd
-        rm /sbin/init.d/rc3.d/S20sshd
-fi
 %files
 %defattr(-,root,root)
 %doc ChangeLog OVERVIEW README*
 %doc RFC.nroff TODO CREDITS LICENCE
-%attr(0755,root,root) %dir /etc/ssh
+%attr(0755,root,root) %dir %{_sysconfdir}/ssh
-%attr(0644,root,root) %config /etc/ssh/ssh_config
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
-%attr(0600,root,root) %config /etc/ssh/sshd_config
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
-%attr(0600,root,root) %config /etc/ssh/moduli
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
-%attr(0644,root,root) %config /etc/pam.d/sshd
+%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
-%attr(0755,root,root) %config /sbin/init.d/sshd
+%attr(0755,root,root) %config /etc/init.d/sshd
-%attr(0755,root,root) /usr/bin/ssh-keygen
+%attr(0755,root,root) %{_bindir}/ssh-keygen
-%attr(0755,root,root) /usr/bin/scp
+%attr(0755,root,root) %{_bindir}/scp
-%attr(4755,root,root) /usr/bin/ssh
+%attr(0755,root,root) %{_bindir}/ssh
-%attr(-,root,root) /usr/bin/slogin
+%attr(-,root,root) %{_bindir}/slogin
-%attr(0755,root,root) /usr/bin/ssh-agent
+%attr(0755,root,root) %{_bindir}/ssh-agent
-%attr(0755,root,root) /usr/bin/ssh-add
+%attr(0755,root,root) %{_bindir}/ssh-add
-%attr(0755,root,root) /usr/bin/ssh-keyscan
+%attr(0755,root,root) %{_bindir}/ssh-keyscan
-%attr(0755,root,root) /usr/bin/sftp
+%attr(0755,root,root) %{_bindir}/sftp
-%attr(0755,root,root) /usr/sbin/sshd
+%attr(0755,root,root) %{_sbindir}/sshd
-%attr(-,root,root) /usr/sbin/rcsshd
+%attr(0755,root,root) %dir %{_libdir}/ssh
-%attr(0755,root,root) %dir /usr/lib/ssh
+%attr(0755,root,root) %{_libdir}/ssh/sftp-server
-%attr(0755,root,root) /usr/lib/ssh/ssh-askpass
+%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
-%attr(0755,root,root) /usr/lib/ssh/gnome-ssh-askpass
+%attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
-%attr(0644,root,root) %doc /usr/man/man1/scp.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh.1*
+%attr(-,root,root) %doc %{_mandir}/man1/slogin.1*
-%attr(-,root,root) %doc /usr/man/man1/slogin.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh-agent.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh-add.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh-keygen.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1*
-%attr(0644,root,root) %doc /usr/man/man8/sshd.8*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
-%attr(0644,root,root) /var/adm/fillup-templates/rc.config.sshd
+%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5*
+%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
+%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
+%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
+%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
+%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh
+%if %{build_x11_askpass}
+%files askpass
+%defattr(-,root,root)
+%doc x11-ssh-askpass-%{xversion}/README
+%doc x11-ssh-askpass-%{xversion}/ChangeLog
+%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad
+%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass
+%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass
+%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x*
+%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x*
+%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass
+%endif
diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd
index f7d431ebb..573960bfa 100644
--- a/contrib/suse/rc.sshd
+++ b/contrib/suse/rc.sshd
@@ -1,80 +1,133 @@
 #! /bin/sh
-# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany.
+# Copyright (c) 1995-2000 SuSE GmbH Nuernberg, Germany.
 #
-# Author: Chris Saia <csaia@wtower.com>
+# Author: Jiri Smid <feedback@suse.de>
 #
-# /sbin/init.d/sshd
+# /etc/init.d/sshd
 #
 #   and symbolic its link
 #
-# /sbin/rcsshd
+# /usr/sbin/rcsshd
 #
+### BEGIN INIT INFO
+# Provides: sshd
+# Required-Start: $network $remote_fs
+# Required-Stop: $network $remote_fs
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 6
+# Description: Start the sshd daemon
+### END INIT INFO
-. /etc/rc.config
+SSHD_BIN=/usr/sbin/sshd
+test -x $SSHD_BIN || exit 5
-# Determine the base and follow a runlevel link name.
+SSHD_SYSCONFIG=/etc/sysconfig/ssh
-base=${0##*/}
+test -r $SSHD_SYSCONFIG || exit 6
-link=${base#*[SK][0-9][0-9]}
+. $SSHD_SYSCONFIG
-# Force execution if not called by a runlevel directory.
+SSHD_PIDFILE=/var/run/sshd.init.pid
-test $link = $base && START_SSHD=yes
-test "$START_SSHD" = yes || exit 0
+. /etc/rc.status
+# Shell functions sourced from /etc/rc.status:
+#      rc_check         check and set local and overall rc status
+#      rc_status        check and set local and overall rc status
+#      rc_status -v     ditto but be verbose in local rc status
+#      rc_status -v -r  ditto and clear the local rc status
+#      rc_failed        set local and overall rc status to failed
+#      rc_reset         clear local rc status (overall remains)
+#      rc_exit          exit appropriate to overall rc status
+# First reset status of this service
+rc_reset
-# The echo return value for success (defined in /etc/rc.config).
-return=$rc_done
 case "$1" in
    start)
-        echo -n "Starting service sshd"
+        if ! test -f /etc/ssh/ssh_host_key ; then
+            echo Generating /etc/ssh/ssh_host_key.
+            ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
+        fi
+        if ! test -f /etc/ssh/ssh_host_dsa_key ; then
+            echo Generating /etc/ssh/ssh_host_dsa_key.
+            
+            ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ''
+        fi
+        if ! test -f /etc/ssh/ssh_host_rsa_key ; then
+            echo Generating /etc/ssh/ssh_host_rsa_key.
+            
+            ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
+        fi
+        echo -n "Starting SSH daemon"
        ## Start daemon with startproc(8). If this fails
        ## the echo return value is set appropriate.
-        startproc /usr/sbin/sshd || return=$rc_failed
+        startproc -f -p $SSHD_PIDFILE /usr/sbin/sshd $SSHD_OPTS -o "PidFile=$SSHD_PIDFILE" 
-        echo -e "$return"
+        # Remember status and be verbose
+        rc_status -v
        ;;
    stop)
-        echo -n "Stopping service sshd"
+        echo -n "Shutting down SSH daemon"
        ## Stop daemon with killproc(8) and if this fails
        ## set echo the echo return value.
-        killproc -TERM /usr/sbin/sshd || return=$rc_failed
+        killproc -p $SSHD_PIDFILE -TERM /usr/sbin/sshd
-        echo -e "$return"
+        # Remember status and be verbose
+        rc_status -v
        ;;
+    try-restart)
+        ## Stop the service and if this succeeds (i.e. the 
+        ## service was running before), start it again.
+        $0 status >/dev/null &&  $0 restart
+        # Remember status and be quiet
+        rc_status
+        ;;
    restart)
-        ## If first returns OK call the second, if first or
+        ## Stop the service and regardless of whether it was
-        ## second command fails, set echo return value.
+        ## running or not, start it again.
-        $0 stop  &&  $0 start  ||  return=$rc_failed
+        $0 stop
-        ;;
+        $0 start
-    reload)
-        ## Choose ONE of the following two cases:
-        ## First possibility: A few services accepts a signal
+        # Remember status and be quiet
-        ## to reread the (changed) configuration.
+        rc_status
+        ;;
+    force-reload|reload)
+        ## Signal the daemon to reload its config. Most daemons
+        ## do this on signal 1 (SIGHUP).
        echo -n "Reload service sshd"
-        killproc -HUP /usr/sbin/sshd || return=$rc_failed
-        echo -e "$return"
+        killproc -p $SSHD_PIDFILE -HUP /usr/sbin/sshd
-        ;;
+        rc_status -v
+        ;;
    status)
-        echo -n "Checking for service sshd"
+        echo -n "Checking for service sshd "
-        ## Check status with checkproc(8), if process is running
+        ## Check status with checkproc(8), if process is running
-        ## checkproc will return with exit status 0.
+        ## checkproc will return with exit status 0.
-        checkproc /usr/sbin/sshd && echo OK || echo No process
+        # Status has a slightly different for the status command:
+        # 0 - service running
+        # 1 - service dead, but /var/run/  pid  file exists
+        # 2 - service dead, but /var/lock/ lock file exists
+        # 3 - service not running
+        checkproc -p $SSHD_PIDFILE /usr/sbin/sshd
+        rc_status -v
        ;;
    probe)
        ## Optional: Probe for the necessity of a reload,
        ## give out the argument which is required for a reload.
-        test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload
+        test /etc/ssh/sshd_config -nt $SSHD_PIDFILE && echo reload
        ;;
    *)
-        echo "Usage: $0 {start|stop|status|restart|reload[|probe]}"
+        echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
        exit 1
        ;;
 esac
+rc_exit
-# Inform the caller not only verbosely and set an exit status.
-test "$return" = "$rc_done" || exit 1
-exit 0
diff --git a/contrib/suse/sysconfig.ssh b/contrib/suse/sysconfig.ssh
new file mode 100644
index 000000000..c6a37e5cb
--- /dev/null
+++ b/contrib/suse/sysconfig.ssh
@@ -0,0 +1,9 @@
+## Path:        Network/Remote access/SSH
+## Description: SSH server settings
+## Type:        string
+## Default:     ""
+## ServiceRestart: sshd
+#
+# Options for sshd
+#
+SSHD_OPTS=""
author	Damien Miller <djm@mindrot.org>	2005-10-30 11:55:45 +1100
committer	Damien Miller <djm@mindrot.org>	2005-10-30 11:55:45 +1100
commit	88edf6255bbc6c0ba87239608bb9b80656391330 (patch)
tree	a11a1f6fa6d3640f8a9e76239bf3ab62aea09b84
parent	a841dceb4c506fd21cd4278bd2dbf04fc4f13fc2 (diff)

diff --git a/ChangeLog b/ChangeLog index d786b1d5b..3571cb2dc 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -1,3 +1,8 @@
		1	20051030
		2	- (djm) [contrib/suse/openssh.spec contrib/suse/rc.
		3	sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
		4	files from imorgan AT nas.nasa.gov
		5
1	20051025	6	20051025
2	- (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the	7	- (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
3	sizeof(long long) checks, to make fixing bug #1104 easier (no changes	8	sizeof(long long) checks, to make fixing bug #1104 easier (no changes
@@ -3115,4 +3120,4 @@
3115	- (djm) Trim deprecated options from INSTALL. Mention UsePAM	3120	- (djm) Trim deprecated options from INSTALL. Mention UsePAM
3116	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	3121	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
3117		3122
3118	$Id: ChangeLog,v 1.3923 2005/10/25 08:55:00 dtucker Exp $	3123	$Id: ChangeLog,v 1.3924 2005/10/30 00:55:45 djm Exp $


diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 6ad862fad..27d043e3b 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec
@@ -1,14 +1,29 @@
1	Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation	1	# Default values for additional components
2	Name: openssh	2	%define build_x11_askpass 1
3	Version: 4.2p1	3
4	URL: http://www.openssh.com/	4	# Define the UID/GID to use for privilege separation
5	Release: 1	5	%define sshd_gid 65
6	Source0: openssh-%{version}.tar.gz	6	%define sshd_uid 71
7	Copyright: BSD	7
8	Group: Applications/Internet	8	# The version of x11-ssh-askpass to use
9	BuildRoot: /tmp/openssh-%{version}-buildroot	9	%define xversion 1.2.4.1
10	PreReq: openssl	10
11	Obsoletes: ssh	11	# Allow the ability to override defaults with -D skip_xxx=1
		12	%{?skip_x11_askpass:%define build_x11_askpass 0}
		13
		14	Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
		15	Name: openssh
		16	Version: 4.2p1
		17	URL: http://www.openssh.com/
		18	Release: 1
		19	Source0: openssh-%{version}.tar.gz
		20	Source1: x11-ssh-askpass-%{xversion}.tar.gz
		21	License: BSD
		22	Group: Productivity/Networking/SSH
		23	BuildRoot: %{_tmppath}/openssh-%{version}-buildroot
		24	PreReq: openssl
		25	Obsoletes: ssh
		26	Provides: ssh
12	#	27	#
13	# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)	28	# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
14	# building prerequisites -- stuff for	29	# building prerequisites -- stuff for
@@ -16,14 +31,25 @@ Obsoletes: ssh
16	# TCP Wrappers (nkitb),	31	# TCP Wrappers (nkitb),
17	# and Gnome (glibdev, gtkdev, and gnlibsd)	32	# and Gnome (glibdev, gtkdev, and gnlibsd)
18	#	33	#
19	BuildPrereq: openssl	34	BuildPrereq: openssl
20	BuildPrereq: nkitb	35	BuildPrereq: nkitb
21	BuildPrereq: glibdev	36	#BuildPrereq: glibdev
22	BuildPrereq: gtkdev	37	#BuildPrereq: gtkdev
23	BuildPrereq: gnlibsd	38	#BuildPrereq: gnlibsd
		39
		40	%package askpass
		41	Summary: A passphrase dialog for OpenSSH and the X window System.
		42	Group: Productivity/Networking/SSH
		43	Requires: openssh = %{version}
		44	Obsoletes: ssh-extras
		45	Provides: openssh:${_libdir}/ssh/ssh-askpass
		46
		47	%if %{build_x11_askpass}
		48	BuildPrereq: XFree86-devel
		49	%endif
24		50
25	%description	51	%description
26	Ssh (Secure Shell) a program for logging into a remote machine and for	52	Ssh (Secure Shell) is a program for logging into a remote machine and for
27	executing commands in a remote machine. It is intended to replace	53	executing commands in a remote machine. It is intended to replace
28	rlogin and rsh, and provide secure encrypted communications between	54	rlogin and rsh, and provide secure encrypted communications between
29	two untrusted hosts over an insecure network. X11 connections and	55	two untrusted hosts over an insecure network. X11 connections and
@@ -34,10 +60,26 @@ up to date in terms of security and features, as well as removing all
34	patented algorithms to seperate libraries (OpenSSL).	60	patented algorithms to seperate libraries (OpenSSL).
35		61
36	This package includes all files necessary for both the OpenSSH	62	This package includes all files necessary for both the OpenSSH
37	client and server. Additionally, this package contains the GNOME	63	client and server.
38	passphrase dialog.	64
		65	%description askpass
		66	Ssh (Secure Shell) is a program for logging into a remote machine and for
		67	executing commands in a remote machine. It is intended to replace
		68	rlogin and rsh, and provide secure encrypted communications between
		69	two untrusted hosts over an insecure network. X11 connections and
		70	arbitrary TCP/IP ports can also be forwarded over the secure channel.
		71
		72	OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
		73	up to date in terms of security and features, as well as removing all
		74	patented algorithms to seperate libraries (OpenSSL).
		75
		76	This package contains an X Window System passphrase dialog for OpenSSH.
39		77
40	%changelog	78	%changelog
		79	* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov>
		80	- Removed accidental inclusion of --without-zlib-version-check
		81	* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov>
		82	- Overhaul to deal with newer versions of SuSE and OpenSSH
41	* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>	83	* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
42	- Glob manpages to catch compressed files	84	- Glob manpages to catch compressed files
43	* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>	85	* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
@@ -84,116 +126,124 @@ passphrase dialog.
84		126
85	%prep	127	%prep
86		128
		129	%if %{build_x11_askpass}
		130	%setup -q -a 1
		131	%else
87	%setup -q	132	%setup -q
		133	%endif
88		134
89	%build	135	%build
90	CFLAGS="$RPM_OPT_FLAGS" \	136	CFLAGS="$RPM_OPT_FLAGS" \
91	./configure --prefix=/usr \	137	%configure --prefix=/usr \
92	--sysconfdir=/etc/ssh \	138	--sysconfdir=%{_sysconfdir}/ssh \
93	--datadir=/usr/share/openssh \	139	--mandir=%{_mandir} \
		140	--with-privsep-path=/var/lib/empty \
94	--with-pam \	141	--with-pam \
95	--with-gnome-askpass \
96	--with-tcp-wrappers \	142	--with-tcp-wrappers \
97	--with-ipv4-default \	143	--libexecdir=%{_libdir}/ssh
98	--libexecdir=/usr/lib/ssh
99	make	144	make
100		145
101	cd contrib	146	%if %{build_x11_askpass}
102	gcc -O -g `gnome-config --cflags gnome gnomeui` \	147	cd x11-ssh-askpass-%{xversion}
103	gnome-ssh-askpass.c -o gnome-ssh-askpass \	148	%configure --mandir=/usr/X11R6/man \
104	`gnome-config --libs gnome gnomeui`	149	--libexecdir=%{_libdir}/ssh
		150	xmkmf -a
		151	make
105	cd ..	152	cd ..
		153	%endif
106		154
107	%install	155	%install
108	rm -rf $RPM_BUILD_ROOT	156	rm -rf $RPM_BUILD_ROOT
109	make install DESTDIR=$RPM_BUILD_ROOT/	157	make install DESTDIR=$RPM_BUILD_ROOT/
110	install -d $RPM_BUILD_ROOT/etc/ssh/
111	install -d $RPM_BUILD_ROOT/etc/pam.d/	158	install -d $RPM_BUILD_ROOT/etc/pam.d/
112	install -d $RPM_BUILD_ROOT/sbin/init.d/	159	install -d $RPM_BUILD_ROOT/etc/init.d/
113	install -d $RPM_BUILD_ROOT/var/adm/fillup-templates	160	install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
114	install -d $RPM_BUILD_ROOT/usr/lib/ssh
115	install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd	161	install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
116	install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd	162	install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd
117	ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd	163	install -m744 contrib/suse/sysconfig.ssh \
118	install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/gnome-ssh-askpass
119	ln -s gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/ssh-askpass
120	install -m744 contrib/suse/rc.config.sshd \
121	$RPM_BUILD_ROOT/var/adm/fillup-templates	164	$RPM_BUILD_ROOT/var/adm/fillup-templates
122		165
		166	%if %{build_x11_askpass}
		167	cd x11-ssh-askpass-%{xversion}
		168	make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/
		169	rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
		170	%endif
		171
123	%clean	172	%clean
124	rm -rf $RPM_BUILD_ROOT	173	rm -rf $RPM_BUILD_ROOT
125		174
		175	%pre
		176	/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null \|\| :
		177	/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null \|\| :
		178
126	%post	179	%post
127	if [ "$1" = 1 ]; then
128	echo "Creating SSH stop/start scripts in the rc directories..."
129	ln -s ../sshd /sbin/init.d/rc2.d/K20sshd
130	ln -s ../sshd /sbin/init.d/rc2.d/S20sshd
131	ln -s ../sshd /sbin/init.d/rc3.d/K20sshd
132	ln -s ../sshd /sbin/init.d/rc3.d/S20sshd
133	fi
134	echo "Updating /etc/rc.config..."
135	if [ -x /bin/fillup ] ; then
136	/bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.sshd
137	else
138	echo "ERROR: fillup not found. This should NOT happen in SuSE Linux."
139	echo "Update /etc/rc.config by hand from the following template file:"
140	echo " /var/adm/fillup-templates/rc.config.sshd"
141	fi
142	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then	180	if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
143	echo "Generating SSH host key..."	181	echo "Generating SSH RSA host key..."
144	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2	182	/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
145	fi	183	fi
146	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then	184	if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
147	echo "Generating SSH DSA host key..."	185	echo "Generating SSH DSA host key..."
148	/usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2	186	/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
149	fi
150	if test -r /var/run/sshd.pid
151	then
152	echo "Restarting the running SSH daemon..."
153	/usr/sbin/rcsshd restart >&2
154	fi	187	fi
		188	%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
		189	%run_permissions
		190
		191	%verifyscript
		192	%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
155		193
156	%preun	194	%preun
157	if [ "$1" = 0 ]	195	%stop_on_removal sshd
158	then	196
159	echo "Stopping the SSH daemon..."	197	%postun
160	/usr/sbin/rcsshd stop >&2	198	%restart_on_update sshd
161	echo "Removing SSH stop/start scripts from the rc directories..."	199	%{insserv_cleanup}
162	rm /sbin/init.d/rc2.d/K20sshd
163	rm /sbin/init.d/rc2.d/S20sshd
164	rm /sbin/init.d/rc3.d/K20sshd
165	rm /sbin/init.d/rc3.d/S20sshd
166	fi
167		200
168	%files	201	%files
169	%defattr(-,root,root)	202	%defattr(-,root,root)
170	%doc ChangeLog OVERVIEW README*	203	%doc ChangeLog OVERVIEW README*
171	%doc RFC.nroff TODO CREDITS LICENCE	204	%doc RFC.nroff TODO CREDITS LICENCE
172	%attr(0755,root,root) %dir /etc/ssh	205	%attr(0755,root,root) %dir %{_sysconfdir}/ssh
173	%attr(0644,root,root) %config /etc/ssh/ssh_config	206	%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
174	%attr(0600,root,root) %config /etc/ssh/sshd_config	207	%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
175	%attr(0600,root,root) %config /etc/ssh/moduli	208	%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
176	%attr(0644,root,root) %config /etc/pam.d/sshd	209	%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
177	%attr(0755,root,root) %config /sbin/init.d/sshd	210	%attr(0755,root,root) %config /etc/init.d/sshd
178	%attr(0755,root,root) /usr/bin/ssh-keygen	211	%attr(0755,root,root) %{_bindir}/ssh-keygen
179	%attr(0755,root,root) /usr/bin/scp	212	%attr(0755,root,root) %{_bindir}/scp
180	%attr(4755,root,root) /usr/bin/ssh	213	%attr(0755,root,root) %{_bindir}/ssh
181	%attr(-,root,root) /usr/bin/slogin	214	%attr(-,root,root) %{_bindir}/slogin
182	%attr(0755,root,root) /usr/bin/ssh-agent	215	%attr(0755,root,root) %{_bindir}/ssh-agent
183	%attr(0755,root,root) /usr/bin/ssh-add	216	%attr(0755,root,root) %{_bindir}/ssh-add
184	%attr(0755,root,root) /usr/bin/ssh-keyscan	217	%attr(0755,root,root) %{_bindir}/ssh-keyscan
185	%attr(0755,root,root) /usr/bin/sftp	218	%attr(0755,root,root) %{_bindir}/sftp
186	%attr(0755,root,root) /usr/sbin/sshd	219	%attr(0755,root,root) %{_sbindir}/sshd
187	%attr(-,root,root) /usr/sbin/rcsshd	220	%attr(0755,root,root) %dir %{_libdir}/ssh
188	%attr(0755,root,root) %dir /usr/lib/ssh	221	%attr(0755,root,root) %{_libdir}/ssh/sftp-server
189	%attr(0755,root,root) /usr/lib/ssh/ssh-askpass	222	%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
190	%attr(0755,root,root) /usr/lib/ssh/gnome-ssh-askpass	223	%attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
191	%attr(0644,root,root) %doc /usr/man/man1/scp.1*	224	%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
192	%attr(0644,root,root) %doc /usr/man/man1/ssh.1*	225	%attr(-,root,root) %doc %{_mandir}/man1/slogin.1*
193	%attr(-,root,root) %doc /usr/man/man1/slogin.1*	226	%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1*
194	%attr(0644,root,root) %doc /usr/man/man1/ssh-agent.1*	227	%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1*
195	%attr(0644,root,root) %doc /usr/man/man1/ssh-add.1*	228	%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1*
196	%attr(0644,root,root) %doc /usr/man/man1/ssh-keygen.1*	229	%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1*
197	%attr(0644,root,root) %doc /usr/man/man8/sshd.8*	230	%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
198	%attr(0644,root,root) /var/adm/fillup-templates/rc.config.sshd	231	%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5*
		232	%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
		233	%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
		234	%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
		235	%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
		236	%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh
199		237
		238	%if %{build_x11_askpass}
		239	%files askpass
		240	%defattr(-,root,root)
		241	%doc x11-ssh-askpass-%{xversion}/README
		242	%doc x11-ssh-askpass-%{xversion}/ChangeLog
		243	%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad
		244	%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass
		245	%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass
		246	%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x*
		247	%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x*
		248	%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass
		249	%endif


diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd index f7d431ebb..573960bfa 100644 --- a/contrib/suse/rc.sshd +++ b/contrib/suse/rc.sshd
@@ -1,80 +1,133 @@
1	#! /bin/sh	1	#! /bin/sh
2	# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany.	2	# Copyright (c) 1995-2000 SuSE GmbH Nuernberg, Germany.
3	#	3	#
4	# Author: Chris Saia <csaia@wtower.com>	4	# Author: Jiri Smid <feedback@suse.de>
5	#	5	#
6	# /sbin/init.d/sshd	6	# /etc/init.d/sshd
7	#	7	#
8	# and symbolic its link	8	# and symbolic its link
9	#	9	#
10	# /sbin/rcsshd	10	# /usr/sbin/rcsshd
11	#	11	#
		12	### BEGIN INIT INFO
		13	# Provides: sshd
		14	# Required-Start: $network $remote_fs
		15	# Required-Stop: $network $remote_fs
		16	# Default-Start: 3 5
		17	# Default-Stop: 0 1 2 6
		18	# Description: Start the sshd daemon
		19	### END INIT INFO
12		20
13	. /etc/rc.config	21	SSHD_BIN=/usr/sbin/sshd
		22	test -x $SSHD_BIN \|\| exit 5
14		23
15	# Determine the base and follow a runlevel link name.	24	SSHD_SYSCONFIG=/etc/sysconfig/ssh
16	base=${0##*/}	25	test -r $SSHD_SYSCONFIG \|\| exit 6
17	link=${base#*[SK][0-9][0-9]}	26	. $SSHD_SYSCONFIG
18		27
19	# Force execution if not called by a runlevel directory.	28	SSHD_PIDFILE=/var/run/sshd.init.pid
20	test $link = $base && START_SSHD=yes	29
21	test "$START_SSHD" = yes \|\| exit 0	30	. /etc/rc.status
		31
		32	# Shell functions sourced from /etc/rc.status:
		33	# rc_check check and set local and overall rc status
		34	# rc_status check and set local and overall rc status
		35	# rc_status -v ditto but be verbose in local rc status
		36	# rc_status -v -r ditto and clear the local rc status
		37	# rc_failed set local and overall rc status to failed
		38	# rc_reset clear local rc status (overall remains)
		39	# rc_exit exit appropriate to overall rc status
		40
		41	# First reset status of this service
		42	rc_reset
22		43
23	# The echo return value for success (defined in /etc/rc.config).
24	return=$rc_done
25	case "$1" in	44	case "$1" in
26	start)	45	start)
27	echo -n "Starting service sshd"	46	if ! test -f /etc/ssh/ssh_host_key ; then
		47	echo Generating /etc/ssh/ssh_host_key.
		48	ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
		49	fi
		50	if ! test -f /etc/ssh/ssh_host_dsa_key ; then
		51	echo Generating /etc/ssh/ssh_host_dsa_key.
		52
		53	ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ''
		54	fi
		55	if ! test -f /etc/ssh/ssh_host_rsa_key ; then
		56	echo Generating /etc/ssh/ssh_host_rsa_key.
		57
		58	ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
		59	fi
		60	echo -n "Starting SSH daemon"
28	## Start daemon with startproc(8). If this fails	61	## Start daemon with startproc(8). If this fails
29	## the echo return value is set appropriate.	62	## the echo return value is set appropriate.
30		63
31	startproc /usr/sbin/sshd \|\| return=$rc_failed	64	startproc -f -p $SSHD_PIDFILE /usr/sbin/sshd $SSHD_OPTS -o "PidFile=$SSHD_PIDFILE"
32		65
33	echo -e "$return"	66	# Remember status and be verbose
		67	rc_status -v
34	;;	68	;;
35	stop)	69	stop)
36	echo -n "Stopping service sshd"	70	echo -n "Shutting down SSH daemon"
37	## Stop daemon with killproc(8) and if this fails	71	## Stop daemon with killproc(8) and if this fails
38	## set echo the echo return value.	72	## set echo the echo return value.
39		73
40	killproc -TERM /usr/sbin/sshd \|\| return=$rc_failed	74	killproc -p $SSHD_PIDFILE -TERM /usr/sbin/sshd
41		75
42	echo -e "$return"	76	# Remember status and be verbose
		77	rc_status -v
43	;;	78	;;
		79	try-restart)
		80	## Stop the service and if this succeeds (i.e. the
		81	## service was running before), start it again.
		82	$0 status >/dev/null && $0 restart
		83
		84	# Remember status and be quiet
		85	rc_status
		86	;;
44	restart)	87	restart)
45	## If first returns OK call the second, if first or	88	## Stop the service and regardless of whether it was
46	## second command fails, set echo return value.	89	## running or not, start it again.
47	$0 stop && $0 start \|\| return=$rc_failed	90	$0 stop
48	;;	91	$0 start
49	reload)
50	## Choose ONE of the following two cases:
51		92
52	## First possibility: A few services accepts a signal	93	# Remember status and be quiet
53	## to reread the (changed) configuration.	94	rc_status
		95	;;
		96	force-reload\|reload)
		97	## Signal the daemon to reload its config. Most daemons
		98	## do this on signal 1 (SIGHUP).
54		99
55	echo -n "Reload service sshd"	100	echo -n "Reload service sshd"
56	killproc -HUP /usr/sbin/sshd \|\| return=$rc_failed	101
57	echo -e "$return"	102	killproc -p $SSHD_PIDFILE -HUP /usr/sbin/sshd
58	;;	103
		104	rc_status -v
		105
		106	;;
59	status)	107	status)
60	echo -n "Checking for service sshd"	108	echo -n "Checking for service sshd "
61	## Check status with checkproc(8), if process is running	109	## Check status with checkproc(8), if process is running
62	## checkproc will return with exit status 0.	110	## checkproc will return with exit status 0.
63		111
64	checkproc /usr/sbin/sshd && echo OK \|\| echo No process	112	# Status has a slightly different for the status command:
		113	# 0 - service running
		114	# 1 - service dead, but /var/run/ pid file exists
		115	# 2 - service dead, but /var/lock/ lock file exists
		116	# 3 - service not running
		117
		118	checkproc -p $SSHD_PIDFILE /usr/sbin/sshd
		119
		120	rc_status -v
65	;;	121	;;
66	probe)	122	probe)
67	## Optional: Probe for the necessity of a reload,	123	## Optional: Probe for the necessity of a reload,
68	## give out the argument which is required for a reload.	124	## give out the argument which is required for a reload.
69		125
70	test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload	126	test /etc/ssh/sshd_config -nt $SSHD_PIDFILE && echo reload
71	;;	127	;;
72	*)	128	*)
73	echo "Usage: $0 {start\|stop\|status\|restart\|reload[\|probe]}"	129	echo "Usage: $0 {start\|stop\|status\|try-restart\|restart\|force-reload\|reload\|probe}"
74	exit 1	130	exit 1
75	;;	131	;;
76	esac	132	esac
77		133	rc_exit
78	# Inform the caller not only verbosely and set an exit status.
79	test "$return" = "$rc_done" \|\| exit 1
80	exit 0


diff --git a/contrib/suse/sysconfig.ssh b/contrib/suse/sysconfig.ssh new file mode 100644 index 000000000..c6a37e5cb --- /dev/null +++ b/contrib/suse/sysconfig.ssh
@@ -0,0 +1,9 @@
		1	## Path: Network/Remote access/SSH
		2	## Description: SSH server settings
		3	## Type: string
		4	## Default: ""
		5	## ServiceRestart: sshd
		6	#
		7	# Options for sshd
		8	#
		9	SSHD_OPTS=""