diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | contrib/caldera/openssh.spec | 593 | ||||
-rwxr-xr-x | contrib/caldera/ssh-host-keygen | 36 | ||||
-rw-r--r-- | contrib/caldera/sshd.daemons | 6 | ||||
-rwxr-xr-x | contrib/caldera/sshd.init | 206 |
5 files changed, 422 insertions, 423 deletions
@@ -10,6 +10,8 @@ | |||
10 | - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen | 10 | - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen |
11 | <vinschen@redhat.com> | 11 | <vinschen@redhat.com> |
12 | - (bal) version.h synced, RPM specs updated for 2.9 | 12 | - (bal) version.h synced, RPM specs updated for 2.9 |
13 | - (tim) update contrib/caldera files with what Caldera is using. | ||
14 | <sps@caldera.de> | ||
13 | 15 | ||
14 | 20010425 | 16 | 20010425 |
15 | - OpenBSD CVS Sync | 17 | - OpenBSD CVS Sync |
@@ -5265,4 +5267,4 @@ | |||
5265 | - Wrote replacements for strlcpy and mkdtemp | 5267 | - Wrote replacements for strlcpy and mkdtemp |
5266 | - Released 1.0pre1 | 5268 | - Released 1.0pre1 |
5267 | 5269 | ||
5268 | $Id: ChangeLog,v 1.1177 2001/04/27 02:15:00 mouring Exp $ | 5270 | $Id: ChangeLog,v 1.1178 2001/04/27 05:50:48 tim Exp $ |
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index defe1c237..f40b22ed8 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec | |||
@@ -1,340 +1,281 @@ | |||
1 | # Version of OpenSSH | 1 | %define askpass 1.2.0 |
2 | %define oversion 2.9p1 | 2 | |
3 | 3 | Name : openssh | |
4 | # Version of ssh-askpass | 4 | Version : 2.9p1 |
5 | %define aversion 1.2.0 | 5 | Release : 1 |
6 | 6 | Group : System/Network | |
7 | # Do we want to disable building of x11-askpass? (1=yes 0=no) | 7 | |
8 | %define no_x11_askpass 0 | 8 | Summary : OpenSSH free Secure Shell (SSH) implementation. |
9 | 9 | Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH). | |
10 | # Do we want to disable building of gnome-askpass? (1=yes 0=no) | 10 | Summary(es) : OpenSSH implementación libre de Secure Shell (SSH). |
11 | %define no_gnome_askpass 1 | 11 | Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH). |
12 | 12 | Summary(it) : Implementazione gratuita OpenSSH della Secure Shell. | |
13 | # Do we want to include contributed programs? (1=yes 0=no) | 13 | Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH). |
14 | %define contrib_programs 1 | 14 | |
15 | 15 | Copyright : BSD | |
16 | Summary: OpenSSH free Secure Shell (SSH) implementation | 16 | Packager : Stephan Seyboth <sps@caldera.de> |
17 | Name: openssh | 17 | #Icon : . |
18 | Version: %{oversion} | 18 | URL : http://www.openssh.com/ |
19 | Release: 1 | 19 | |
20 | Packager: Damien Miller <djm@mindrot.org> | 20 | Obsoletes : ssh, ssh-clients, openssh-clients |
21 | URL: http://www.openssh.com/ | 21 | |
22 | Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{oversion}.tar.gz | 22 | BuildRoot : /tmp/%{Name}-%{Version} |
23 | Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz | 23 | |
24 | Copyright: BSD | 24 | Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{Version}.tar.gz |
25 | Group: Applications/Internet | 25 | Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{askpass}.tar.gz |
26 | BuildRoot: /var/tmp/openssh-%{Version}-buildroot | 26 | |
27 | #BuildRoot: /tmp/openssh-%{Version}-buildroot | 27 | |
28 | Obsoletes: ssh | 28 | %Package server |
29 | PreReq: openssl >= 0.9.5a | 29 | Group : System/Network |
30 | Requires: openssl >= 0.9.5a | 30 | Requires : openssh = %{Version} |
31 | BuildPreReq: perl, openssl-devel, tcp_wrappers | 31 | Obsoletes : ssh-server |
32 | BuildPreReq: /bin/login, /usr/bin/rsh, /usr/include/security/pam_appl.h | 32 | |
33 | %if ! %{no_gnome_askpass} | 33 | Summary : OpenSSH Secure Shell protocol server (sshd). |
34 | BuildPreReq: gnome-libs-devel | 34 | Summary(de) : OpenSSH Secure Shell Protocol Server (sshd). |
35 | %endif | 35 | Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd). |
36 | 36 | Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd). | |
37 | %package clients | 37 | Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd). |
38 | Summary: OpenSSH Secure Shell protocol clients | 38 | Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd). |
39 | Requires: openssh = %{Version}-%{release} | 39 | |
40 | Group: Applications/Internet | 40 | |
41 | Obsoletes: ssh-clients | 41 | %Package askpass |
42 | 42 | Group : System/Network | |
43 | %package server | 43 | Requires : openssh = %{Version} |
44 | Summary: OpenSSH Secure Shell protocol server (sshd) | 44 | Obsoletes : ssh-extras |
45 | Group: System Environment/Daemons | 45 | |
46 | Obsoletes: ssh-server | 46 | Summary : OpenSSH X11 pass-phrase dialog. |
47 | #PreReq: openssh chkconfig >= 0.9 | 47 | Summary(de) : OpenSSH X11 Passwort-Dialog. |
48 | 48 | Summary(es) : Aplicación de petición de frase clave OpenSSH X11. | |
49 | %package askpass | 49 | Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH. |
50 | Summary: OpenSSH X11 passphrase dialog | 50 | Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH. |
51 | Group: Applications/Internet | 51 | Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH. |
52 | Requires: openssh = %{Version}-%{release} | 52 | |
53 | Obsoletes: ssh-extras | 53 | |
54 | 54 | %Description | |
55 | %package askpass-gnome | 55 | OpenSSH (Secure Shell) provides access to a remote system. It replaces |
56 | Summary: OpenSSH GNOME passphrase dialog | 56 | telnet, rlogin, rexec, and rsh, and provides secure encrypted |
57 | Group: Applications/Internet | 57 | communications between two untrusted hosts over an insecure network. |
58 | Requires: openssh = %{Version}-%{release} | 58 | X11 connections and arbitrary TCP/IP ports can also be forwarded over |
59 | Obsoletes: ssh-extras | 59 | the secure channel. |
60 | 60 | ||
61 | %description | 61 | %Description -l de |
62 | Ssh (Secure Shell) a program for logging into a remote machine and for | 62 | OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt |
63 | executing commands in a remote machine. It is intended to replace | 63 | telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte |
64 | rlogin and rsh, and provide secure encrypted communications between | 64 | Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres |
65 | two untrusted hosts over an insecure network. X11 connections and | 65 | Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso |
66 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | 66 | über den sicheren Channel weitergeleitet werden. |
67 | 67 | ||
68 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | 68 | %Description -l es |
69 | up to date in terms of security and features, as well as removing all | 69 | OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a |
70 | patented algorithms to separate libraries (OpenSSL). | 70 | telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas |
71 | 71 | entre dos equipos entre los que no se ha establecido confianza a través de una | |
72 | This package includes the core files necessary for both the OpenSSH | 72 | red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden |
73 | client and server. To make this package useful, you should also | 73 | ser canalizadas sobre el canal seguro. |
74 | install openssh-clients, openssh-server, or both. | 74 | |
75 | 75 | %Description -l fr | |
76 | %description clients | 76 | OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace |
77 | Ssh (Secure Shell) a program for logging into a remote machine and for | 77 | telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées |
78 | executing commands in a remote machine. It is intended to replace | 78 | securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des |
79 | rlogin and rsh, and provide secure encrypted communications between | 79 | connexions X11 et des ports TCP/IP arbitraires peuvent également être |
80 | two untrusted hosts over an insecure network. X11 connections and | 80 | transmis sur le canal sécurisé. |
81 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | 81 | |
82 | 82 | %Description -l it | |
83 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | 83 | OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto. |
84 | up to date in terms of security and features, as well as removing all | 84 | Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure |
85 | patented algorithms to separate libraries (OpenSSL). | 85 | e crittate tra due host non fidati su una rete non sicura. Le connessioni |
86 | 86 | X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso | |
87 | This package includes the clients necessary to make encrypted connections | 87 | un canale sicuro. |
88 | to SSH servers. | 88 | |
89 | 89 | %Description -l pt | |
90 | %description server | 90 | OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o |
91 | Ssh (Secure Shell) a program for logging into a remote machine and for | 91 | telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas |
92 | executing commands in a remote machine. It is intended to replace | 92 | entre duas máquinas sem confiança mútua sobre uma rede insegura. |
93 | rlogin and rsh, and provide secure encrypted communications between | 93 | Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados |
94 | two untrusted hosts over an insecure network. X11 connections and | 94 | pelos porto seguro. |
95 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | 95 | |
96 | 96 | %Description server | |
97 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | 97 | This package installs the sshd, the server portion of OpenSSH. |
98 | up to date in terms of security and features, as well as removing all | 98 | |
99 | patented algorithms to separate libraries (OpenSSL). | 99 | %Description -l de server |
100 | 100 | Dieses Paket installiert den sshd, den Server-Teil der OpenSSH. | |
101 | This package contains the secure shell daemon. The sshd is the server | 101 | |
102 | part of the secure shell protocol and allows ssh clients to connect to | 102 | %Description -l es server |
103 | your host. | 103 | Este paquete instala sshd, la parte servidor de OpenSSH. |
104 | 104 | ||
105 | %description askpass | 105 | %Description -l fr server |
106 | Ssh (Secure Shell) a program for logging into a remote machine and for | 106 | Ce paquetage installe le 'sshd', partie serveur de OpenSSH. |
107 | executing commands in a remote machine. It is intended to replace | 107 | |
108 | rlogin and rsh, and provide secure encrypted communications between | 108 | %Description -l it server |
109 | two untrusted hosts over an insecure network. X11 connections and | 109 | Questo pacchetto installa sshd, il server di OpenSSH. |
110 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | 110 | |
111 | 111 | %Description -l pt server | |
112 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | 112 | Este pacote intala o sshd, o servidor do OpenSSH. |
113 | up to date in terms of security and features, as well as removing all | 113 | |
114 | patented algorithms to separate libraries (OpenSSL). | 114 | %Description askpass |
115 | 115 | This package contains an X11-based passphrase dialog. | |
116 | This package contains Jim Knoble's <jmknoble@pobox.com> X11 passphrase | 116 | |
117 | dialog. | 117 | %Description -l de askpass |
118 | 118 | Dieses Paket enthält einen X11-basierten Passwort Dialog. | |
119 | %description askpass-gnome | 119 | |
120 | Ssh (Secure Shell) a program for logging into a remote machine and for | 120 | %Description -l es askpass |
121 | executing commands in a remote machine. It is intended to replace | 121 | Este paquete contiene una aplicación para petición de frases-contraseña basada |
122 | rlogin and rsh, and provide secure encrypted communications between | 122 | en X11. |
123 | two untrusted hosts over an insecure network. X11 connections and | 123 | |
124 | arbitrary TCP/IP ports can also be forwarded over the secure channel. | 124 | %Description -l fr askpass |
125 | 125 | Ce paquetage contient un dialogue de passphrase basé sur X11. | |
126 | OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it | 126 | |
127 | up to date in terms of security and features, as well as removing all | 127 | %Description -l it askpass |
128 | patented algorithms to separate libraries (OpenSSL). | 128 | Questo pacchetto contiene una finestra di X11 che chiede la frase segreta. |
129 | 129 | ||
130 | This package contains the GNOME passphrase dialog. | 130 | %Description -l pt askpass |
131 | 131 | Este pacote contém um diálogo de senha para o X11. | |
132 | %prep | 132 | |
133 | 133 | %Prep | |
134 | %setup -a 1 | 134 | %setup |
135 | 135 | %setup -D -T -a1 | |
136 | %build | 136 | |
137 | 137 | ||
138 | %define _sysconfdir /etc/ssh | 138 | %Build |
139 | 139 | CFLAGS="$RPM_OPT_FLAGS" \ | |
140 | CFLAGS="$RPM_OPT_FLAGS" \ | 140 | ./configure \ |
141 | ./configure \ | 141 | --prefix=/usr \ |
142 | --prefix=/usr \ | 142 | --sysconfdir=/etc/ssh \ |
143 | --sysconfdir=/etc/ssh \ | 143 | --libexecdir=/usr/lib/ssh \ |
144 | --libexecdir=%{_libexecdir}/openssh \ | 144 | --with-pam \ |
145 | --with-pam \ | 145 | --with-tcp-wrappers \ |
146 | --with-tcp-wrappers \ | 146 | --with-ipv4-default \ |
147 | --with-ipv4-default \ | ||
148 | --with-rsh=/usr/bin/rsh | ||
149 | 147 | ||
150 | make | 148 | make |
151 | 149 | ||
152 | %if ! %{no_x11_askpass} | 150 | cd x11-ssh-askpass-%{askpass} |
153 | cd x11-ssh-askpass-%{aversion} | ||
154 | xmkmf -a | 151 | xmkmf -a |
155 | make | 152 | make |
156 | cd .. | 153 | |
157 | %endif | 154 | |
158 | 155 | %Install | |
159 | %if ! %{no_gnome_askpass} | 156 | %{mkDESTDIR} |
160 | cd contrib | 157 | |
161 | gcc -O -g `gnome-config --cflags gnome gnomeui` \ | 158 | make DESTDIR="$DESTDIR" install |
162 | gnome-ssh-askpass.c -o gnome-ssh-askpass \ | 159 | |
163 | `gnome-config --libs gnome gnomeui` | 160 | make -C x11-ssh-askpass-%{askpass} DESTDIR="$DESTDIR" \ |
164 | cd .. | 161 | BINDIR="/usr/lib/ssh" install |
165 | %endif | 162 | |
166 | 163 | %{fixManPages} | |
167 | %install | 164 | |
168 | rm -rf $RPM_BUILD_ROOT | 165 | # install remaining docs |
169 | make install DESTDIR=$RPM_BUILD_ROOT/ | 166 | NV="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}" |
170 | 167 | mkdir -p $NV | |
171 | # setup the environment we want | 168 | cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $NV |
172 | perl -pi -e "s,PermitRootLogin yes,PermitRootLogin no,;" \ | 169 | mkdir -p $NV/x11-ssh-askpass-%{askpass} |
173 | -e "s,X11Forwarding no,X11Forwarding yes,;" \ | 170 | cp -a x11-ssh-askpass-%{askpass}/{README,ChangeLog,SshAskpass*.ad} \ |
174 | -e "s,CheckMail no,CheckMail yes,;" \ | 171 | $NV/x11-ssh-askpass-%{askpass} |
175 | -e "s,^#Subsystem sftp,Subsystem sftp,;" \ | 172 | |
176 | $RPM_BUILD_ROOT/etc/ssh/sshd_config | 173 | |
177 | 174 | # OpenLinux specific configuration | |
178 | install -d $RPM_BUILD_ROOT/etc/pam.d/ | 175 | mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}} |
179 | install -d $RPM_BUILD_ROOT/etc/rc.d/init.d | 176 | |
180 | install -d $RPM_BUILD_ROOT/etc/sysconfig/daemons | 177 | # enabling X11 forwarding on the server is convenient and okay, |
181 | install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh | 178 | # on the client side it's a potential security risk! |
182 | install -d $RPM_BUILD_ROOT/usr/local/bin | 179 | %{fixUP} -vg $DESTDIR/etc/ssh/sshd_config 'X11Forwarding no' \ |
183 | install -d $RPM_BUILD_ROOT/usr/local/man/man1 | 180 | 'X11Forwarding yes' |
184 | install -m644 contrib/caldera/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd | 181 | |
185 | install -m755 contrib/caldera/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd | 182 | install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd |
186 | install -m755 contrib/caldera/sshd.daemons $RPM_BUILD_ROOT/etc/sysconfig/daemons/sshd | 183 | # FIXME: disabled, find out why this doesn't work with nis |
187 | perl -pi -e "s,\@OPENSSH_VERSION\@,%{Name}-%{Version},g" \ | 184 | %{fixUP} -vg $DESTDIR/etc/pam.d/sshd '(.*pam_limits.*)' '#$1' |
188 | $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd | 185 | |
189 | perl -pi -e "s,\@OPENSSH_VERSION\@,%{Name}-%{Version},g" \ | 186 | install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd |
190 | $RPM_BUILD_ROOT/etc/sysconfig/daemons/sshd | 187 | %{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}:' |
191 | %if %{contrib_programs} | 188 | %{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@sysconfdir\@:/etc/ssh:' |
192 | install -m755 contrib/make-ssh-known-hosts.pl $RPM_BUILD_ROOT/usr/local/bin | 189 | |
193 | install -m644 contrib/make-ssh-known-hosts.1 $RPM_BUILD_ROOT/usr/local/man/man1 | 190 | cat <<-EoD > $DESTDIR%{SVIcdir}/sshd |
194 | install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/local/bin | 191 | IDENT=sshd |
195 | install -m644 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/usr/local/man/man1 | 192 | DESCRIPTIVE="OpenSSH secure shell daemon" |
196 | %endif | 193 | # This service will be marked as 'skipped' on boot if there |
197 | 194 | # is no host key. Use ssh-host-keygen to generate one | |
198 | %if ! %{no_x11_askpass} | 195 | ONBOOT="yes" |
199 | install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/x11-ssh-askpass | 196 | OPTIONS="" |
200 | ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/ssh-askpass | 197 | EoD |
201 | install -d $RPM_BUILD_ROOT/usr/X11R6/man/man1 | 198 | |
202 | install -c -m 0444 x11-ssh-askpass-%{aversion}/x11-ssh-askpass.man $RPM_BUILD_ROOT/usr/X11R6/man/man1/x11-ssh-askpass.1x | 199 | SKG=$DESTDIR/usr/sbin/ssh-host-keygen |
203 | ln -s /usr/X11R6/man/man1/x11-ssh-askpass.1x $RPM_BUILD_ROOT/usr/X11R6/man/man1/ssh-askpass.1x | 200 | install -m 0755 contrib/caldera/ssh-host-keygen $SKG |
204 | %endif | 201 | %{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh:' |
205 | 202 | %{fixUP} -T $SKG -e 's:\@sshkeygen\@:/usr/bin/ssh-keygen:' | |
206 | %if ! %{no_gnome_askpass} | 203 | |
207 | install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/gnome-ssh-askpass | 204 | |
208 | %endif | 205 | # generate file lists |
209 | 206 | %{mkLists} -c %{Name} | |
210 | %clean | 207 | %{mkLists} -d %{Name} << 'EOF' |
211 | ##rm -rf $RPM_BUILD_ROOT | 208 | /etc/ssh base |
212 | 209 | ^/etc/ IGNORED | |
213 | %post server | 210 | %{_defaultdocdir}/$ IGNORED |
214 | if [ "$1" = 1 ]; then | 211 | askpass askpass |
215 | echo "Creating SSH stop/start scripts in the rc directories..." | 212 | * default |
216 | # /sbin/chkconfig --add sshd | 213 | EOF |
217 | lisa --SysV-init install sshd S90 2:3:4:5 K05 0:1:6 | 214 | %{mkLists} -a -f %{Name} << 'EOF' |
218 | fi | 215 | ^/etc * prefix(%%config) |
219 | if test -r /var/run/sshd.pid | 216 | /usr/X11R6/lib/X11/app-defaults IGNORED |
220 | then | 217 | [Aa]skpass askpass |
221 | echo "Restarting the running SSH daemon..." | 218 | %{_defaultdocdir}/%{Name}-%{Version}/ base |
222 | /etc/rc.d/init.d/sshd restart >&2 | 219 | ssh-keygen base |
220 | sshd server | ||
221 | sftp-server server | ||
222 | .* base | ||
223 | EOF | ||
224 | |||
225 | |||
226 | %Clean | ||
227 | %{rmDESTDIR} | ||
228 | |||
229 | |||
230 | %Post | ||
231 | # Generate host key when none is present to get up and running, | ||
232 | # both client and server require this for host-based auth! | ||
233 | # ssh-host-keygen checks for existing keys. | ||
234 | /usr/sbin/ssh-host-keygen | ||
235 | : # to protect the rpm database | ||
236 | |||
237 | |||
238 | %Post server | ||
239 | if [ -x %{LSBinit}-install ]; then | ||
240 | %{LSBinit}-install sshd | ||
223 | else | 241 | else |
224 | echo "Starting the SSH daemon..." | 242 | lisa --SysV-init install sshd S55 3:4:5 K45 0:1:2:6 |
225 | /etc/rc.d/init.d/sshd start >&2 | ||
226 | fi | 243 | fi |
227 | 244 | ||
228 | %preun server | 245 | ! %{SVIdir}/sshd status || %{SVIdir}/sshd restart |
229 | if [ "$1" = 0 ] ; then | 246 | : # to protect the rpm database |
230 | echo "Stopping the SSH daemon..." | 247 | |
231 | /etc/rc.d/init.d/sshd stop >&2 | 248 | |
232 | echo "Removing SSH stop/start scripts from the rc directories..." | 249 | %PreUn server |
233 | # /sbin/chkconfig --del sshd | 250 | [ "$1" = 0 ] || exit 0 |
234 | lisa --SysV-init remove sshd $1 | 251 | |
252 | ! %{SVIdir}/sshd status || %{SVIdir}/sshd stop | ||
253 | : # to protect the rpm database | ||
254 | |||
255 | |||
256 | %PostUn server | ||
257 | if [ -x %{LSBinit}-remove ]; then | ||
258 | %{LSBinit}-remove sshd | ||
259 | else | ||
260 | lisa --SysV-init remove sshd $1 | ||
235 | fi | 261 | fi |
262 | : # to protect the rpm database | ||
236 | 263 | ||
237 | %files | 264 | |
238 | %defattr(-,root,root) | 265 | %Files -f files-%{Name}-base |
239 | %doc ChangeLog OVERVIEW README* INSTALL | ||
240 | %doc CREDITS LICENCE | ||
241 | %attr(0755,root,root) %{_bindir}/ssh-keygen | ||
242 | %attr(0755,root,root) %{_bindir}/scp | ||
243 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | ||
244 | %attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1* | ||
245 | %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* | ||
246 | %attr(0644,root,root) %{_mandir}/man1/scp.1* | ||
247 | %attr(0755,root,root) %dir %{_sysconfdir} | ||
248 | %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/primes | ||
249 | %attr(0755,root,root) %dir %{_libexecdir}/openssh | ||
250 | |||
251 | %files clients | ||
252 | %defattr(-,root,root) | ||
253 | %attr(4755,root,root) %{_bindir}/ssh | ||
254 | %attr(0755,root,root) %{_bindir}/ssh-agent | ||
255 | %attr(0755,root,root) %{_bindir}/ssh-add | ||
256 | %attr(0755,root,root) %{_bindir}/ssh-keyscan | ||
257 | %attr(0755,root,root) %{_bindir}/sftp | ||
258 | %attr(0644,root,root) %{_mandir}/man1/ssh.1* | ||
259 | %attr(0644,root,root) %{_mandir}/man1/ssh-agent.1* | ||
260 | %attr(0644,root,root) %{_mandir}/man1/ssh-add.1* | ||
261 | %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* | ||
262 | %attr(0644,root,root) %{_mandir}/man1/sftp.1* | ||
263 | %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh_config | ||
264 | %attr(-,root,root) %{_bindir}/slogin | ||
265 | %attr(-,root,root) %{_mandir}/man1/slogin.1* | ||
266 | %if %{contrib_programs} | ||
267 | %attr(0755,root,root) /usr/local/bin/make-ssh-known-hosts.pl | ||
268 | %attr(0644,root,root) /usr/local/man/man1/make-ssh-known-hosts.1 | ||
269 | %attr(0755,root,root) /usr/local/bin/ssh-copy-id | ||
270 | %attr(0644,root,root) /usr/local/man/man1/ssh-copy-id.1 | ||
271 | %endif | ||
272 | |||
273 | %files server | ||
274 | %defattr(-,root,root) | 266 | %defattr(-,root,root) |
275 | %attr(0751,root,root) %{_sbindir}/sshd | 267 | |
276 | %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server | 268 | |
277 | %attr(0644,root,root) %{_mandir}/man8/sshd.8* | 269 | %Files server -f files-%{Name}-server |
278 | %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* | ||
279 | #%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config | ||
280 | %attr(0600,root,root) %config %{_sysconfdir}/sshd_config | ||
281 | %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd | ||
282 | %attr(0755,root,root) %config /etc/rc.d/init.d/sshd | ||
283 | %attr(0755,root,root) %config /etc/sysconfig/daemons/sshd | ||
284 | |||
285 | %if ! %{no_x11_askpass} | ||
286 | %files askpass | ||
287 | %defattr(-,root,root) | 270 | %defattr(-,root,root) |
288 | %doc x11-ssh-askpass-%{aversion}/README | 271 | |
289 | %doc x11-ssh-askpass-%{aversion}/ChangeLog | 272 | |
290 | %doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad | 273 | %Files askpass -f files-%{Name}-askpass |
291 | %attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass | ||
292 | %attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass | ||
293 | %attr(0644,root,root) /usr/X11R6/man/man1/x11-ssh-askpass.1x | ||
294 | %attr(-,root,root) /usr/X11R6/man/man1/ssh-askpass.1x | ||
295 | %endif | ||
296 | |||
297 | %if ! %{no_gnome_askpass} | ||
298 | %files askpass-gnome | ||
299 | %defattr(-,root,root) | 274 | %defattr(-,root,root) |
300 | %attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass | ||
301 | %endif | ||
302 | |||
303 | %changelog | ||
304 | * Mon Oct 18 2000 Damien Miller <djm@mindrot.org> | ||
305 | - Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the | ||
306 | Redhat 7.0 spec file | ||
307 | * Tue Sep 05 2000 Damien Miller <djm@mindrot.org> | ||
308 | - Use RPM configure macro | ||
309 | * Tue Aug 08 2000 Damien Miller <djm@mindrot.org> | ||
310 | - Some surgery to sshd.init (generate keys at runtime) | ||
311 | - Cleanup of groups and removal of keygen calls | ||
312 | * Wed Jul 12 2000 Damien Miller <djm@mindrot.org> | ||
313 | - Make building of X11-askpass and gnome-askpass optional | ||
314 | * Mon Jun 12 2000 Damien Miller <djm@mindrot.org> | ||
315 | - Glob manpages to catch compressed files | ||
316 | * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> | ||
317 | - Updated for new location | ||
318 | - Updated for new gnome-ssh-askpass build | ||
319 | * Sun Dec 26 1999 Damien Miller <djm@mindrot.org> | ||
320 | - Added Jim Knoble's <jmknoble@pobox.com> askpass | ||
321 | * Mon Nov 15 1999 Damien Miller <djm@mindrot.org> | ||
322 | - Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> | ||
323 | * Sat Nov 13 1999 Damien Miller <djm@mindrot.org> | ||
324 | - Added 'Obsoletes' directives | ||
325 | * Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> | ||
326 | - Use make install | ||
327 | - Subpackages | ||
328 | * Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> | ||
329 | - Added links for slogin | ||
330 | - Fixed perms on manpages | ||
331 | * Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> | ||
332 | - Renamed init script | ||
333 | * Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> | ||
334 | - Back to old binary names | ||
335 | * Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> | ||
336 | - Use autoconf | ||
337 | - New binary names | ||
338 | * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> | ||
339 | - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. | ||
340 | 275 | ||
276 | |||
277 | %ChangeLog | ||
278 | * Mon Jan 01 1998 ... | ||
279 | Template Version: 1.31 | ||
280 | |||
281 | $Id: openssh.spec,v 1.15 2001/04/27 05:50:49 tim Exp $ | ||
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen new file mode 100755 index 000000000..28a97b9b4 --- /dev/null +++ b/contrib/caldera/ssh-host-keygen | |||
@@ -0,0 +1,36 @@ | |||
1 | #! /bin/sh | ||
2 | # | ||
3 | # $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $ | ||
4 | # | ||
5 | # This script is normally run only *once* for a given host | ||
6 | # (in a given period of time) -- on updates/upgrades/recovery | ||
7 | # the ssh_host_key* files _should_ be retained! Otherwise false | ||
8 | # "man-in-the-middle-attack" alerts will frighten unsuspecting | ||
9 | # clients... | ||
10 | |||
11 | keydir=@sysconfdir@ | ||
12 | keygen=@sshkeygen@ | ||
13 | |||
14 | if [ -f $keydir/ssh_host_key -o \ | ||
15 | -f $keydir/ssh_host_key.pub ]; then | ||
16 | echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key." | ||
17 | else | ||
18 | echo "Generating 1024 bit SSH1 RSA host key." | ||
19 | $keygen -b 1024 -t rsa1 -f $keydir/ssh_host_key -C '' -N '' | ||
20 | fi | ||
21 | |||
22 | if [ -f $keydir/ssh_host_rsa_key -o \ | ||
23 | -f $keydir/ssh_host_rsa_key.pub ]; then | ||
24 | echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key." | ||
25 | else | ||
26 | echo "Generating 1024 bit SSH2 RSA host key." | ||
27 | $keygen -b 1024 -t rsa -f $keydir/ssh_host_rsa_key -C '' -N '' | ||
28 | fi | ||
29 | |||
30 | if [ -f $keydir/ssh_host_dsa_key -o \ | ||
31 | -f $keydir/ssh_host_dsa_key.pub ]; then | ||
32 | echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key." | ||
33 | else | ||
34 | echo "Generating SSH2 DSA host key." | ||
35 | $keygen -t dsa -f $keydir/ssh_host_dsa_key -C '' -N '' | ||
36 | fi | ||
diff --git a/contrib/caldera/sshd.daemons b/contrib/caldera/sshd.daemons deleted file mode 100644 index b75150408..000000000 --- a/contrib/caldera/sshd.daemons +++ /dev/null | |||
@@ -1,6 +0,0 @@ | |||
1 | IDENT=sshd | ||
2 | SHORT="sshd" | ||
3 | DESCRIPTIVE="@OPENSSH_VERSION@" | ||
4 | DAEMON=/usr/sbin/sshd | ||
5 | # DAEMON_ARGS="-p some_other_port" | ||
6 | ONBOOT=yes | ||
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init index 17643391b..e60f8afeb 100755 --- a/contrib/caldera/sshd.init +++ b/contrib/caldera/sshd.init | |||
@@ -1,99 +1,125 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/bash |
2 | # | 2 | # |
3 | # Generic network daemon RC script. If installed as /etc/rc.d/init.d/foobar, | 3 | # $Id: sshd.init,v 1.2 2001/04/27 05:50:50 tim Exp $ |
4 | # it source /etc/sysconfig/daemons/foobar and looks at the | ||
5 | # variable definitions (Bourne shell syntax). Variables marked with an | ||
6 | # asterisk are required. | ||
7 | # | 4 | # |
8 | # * IDENT=sshd | 5 | ### BEGIN INIT INFO |
9 | # DESCRIPTIVE="@OPENSSH_VERSION@" | 6 | # Provides: |
10 | # * DAEMON=/usr/sbin/sshd | 7 | # Required-Start: $network |
11 | # DAEMON_ARGS="-p some_other_port" | 8 | # Required-Stop: |
12 | # ONBOOT=yes | 9 | # Default-Start: 3 4 5 |
10 | # Default-Stop: 0 1 2 6 | ||
11 | # Description: sshd | ||
12 | # Bring up/down the OpenSSH secure shell daemon. | ||
13 | ### END INIT INFO | ||
13 | # | 14 | # |
15 | # Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>. | ||
16 | # Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>. | ||
17 | # Modified for OpenLinux by Raymund Will <ray@caldera.de> | ||
14 | 18 | ||
15 | # Source networking configuration. | 19 | NAME=sshd |
16 | . /etc/sysconfig/network | 20 | DAEMON=/usr/sbin/$NAME |
17 | 21 | # Hack-Alert(TM)! This is necessary to get around the 'reload'-problem | |
18 | # Check that networking is up. | 22 | # created by recent OpenSSH daemon/ssd combinations. See Caldera internal |
19 | [ ${NETWORKING} = "no" ] && exit 0 | 23 | # PR [linux/8278] for details... |
20 | 24 | PIDF=/var/run/$NAME.pid | |
21 | # Source function library, check sysconfig/daemon file and source it. | 25 | NAME=$DAEMON |
22 | . /etc/rc.d/init.d/functions | 26 | |
23 | 27 | _status() { | |
24 | [ -x $DAEMON ] || exit 0 | 28 | [ -z "$1" ] || local pidf="$1" |
25 | 29 | local ret=-1 | |
26 | # Some functions to make the below more readable | 30 | local pid |
27 | KEYGEN=/usr/bin/ssh-keygen | 31 | if [ -n "$pidf" ] && [ -r "$pidf" ]; then |
28 | RSA1_KEY=/etc/ssh/ssh_host_key | 32 | pid=$(head -1 $pidf) |
29 | RSA_KEY=/etc/ssh/ssh_host_rsa_key | 33 | else |
30 | DSA_KEY=/etc/ssh/ssh_host_dsa_key | 34 | pid=$(pidof $NAME) |
31 | PID_FILE=/var/run/sshd.pid | 35 | fi |
32 | do_rsa1_keygen() { | 36 | |
33 | if ! test -f $RSA1_KEY ; then | 37 | if [ ! -e $SVIlock ]; then |
34 | echo -n "Generating SSH1 RSA host key: " | 38 | # no lock-file => not started == stopped? |
35 | if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then | 39 | ret=3 |
36 | echo "RSA1 key generation success" | 40 | elif { [ -n "$pidf" ] && [ ! -f "$pidf" ] } || [ -z "$pid" ]; then |
37 | else | 41 | # pid-file given but not present or no pid => died, but was not stopped |
38 | echo "RSA1 key generation failure" | 42 | ret=2 |
39 | exit 1 | 43 | elif [ -r /proc/$pid/cmdline ] && |
40 | fi | 44 | echo -ne $NAME'\000' | cmp -s - /proc/$pid/cmdline; then |
41 | fi | 45 | # pid-file given and present or pid found => check process... |
42 | } | 46 | # but don't compare exe, as this will fail after an update! |
43 | do_rsa_keygen() { | 47 | # compares OK => all's well, that ends well... |
44 | if ! test -f $RSA_KEY ; then | 48 | ret=0 |
45 | echo -n "Generating SSH2 RSA host key: " | 49 | else |
46 | if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then | 50 | # no such process or exe does not match => stale pid-file or process died |
47 | echo "RSA key generation success" | 51 | # just recently... |
48 | else | 52 | ret=1 |
49 | echo "RSA key generation failure" | 53 | fi |
50 | exit 1 | 54 | return $ret |
51 | fi | ||
52 | fi | ||
53 | } | ||
54 | do_dsa_keygen() { | ||
55 | if ! test -f $DSA_KEY ; then | ||
56 | echo -n "Generating SSH2 DSA host key: " | ||
57 | if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then | ||
58 | echo "DSA key generation success" | ||
59 | else | ||
60 | echo "DSA key generation failure" | ||
61 | exit 1 | ||
62 | fi | ||
63 | fi | ||
64 | } | 55 | } |
65 | 56 | ||
66 | # See how we were called. | 57 | # Source function library (and set vital variables). |
58 | . @SVIdir@/functions | ||
59 | |||
67 | case "$1" in | 60 | case "$1" in |
68 | start) | 61 | start) |
69 | # Create keys if necessary | 62 | [ ! -e $SVIlock ] || exit 0 |
70 | do_rsa1_keygen | 63 | [ -x $DAEMON ] || exit 5 |
71 | do_rsa_keygen | 64 | SVIemptyConfig @sysconfdir@/sshd_config && exit 6 |
72 | do_dsa_keygen | 65 | |
73 | 66 | if [ ! \( -f @sysconfdir@/ssh_host_key -a \ | |
74 | # Start daemons. | 67 | -f @sysconfdir@/ssh_host_key.pub \) -a \ |
75 | [ ! -e $LOCK ] || exit 1 | 68 | ! \( -f @sysconfdir@/ssh_host_rsa_key -a \ |
76 | echo -n "Starting $SUBSYS services: " | 69 | -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \ |
77 | start-stop-daemon -S -n $IDENT -x $DAEMON -- $DAEMON_ARGS | 70 | ! \( -f @sysconfdir@/ssh_host_dsa_key -a \ |
78 | sleep 1 | 71 | -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then |
79 | echo . | 72 | |
80 | touch $LOCK | 73 | echo "$SVIsubsys: host key not initialized: skipped!" |
81 | ;; | 74 | echo "$SVIsubsys: use ssh-host-keygen to generate one!" |
82 | stop) | 75 | exit 6 |
83 | # Stop daemons. | 76 | fi |
84 | [ -e $LOCK ] || exit 0 | 77 | |
85 | echo -n "Stopping $SUBSYS services: " | 78 | echo -n "Starting $SVIsubsys services: " |
86 | start-stop-daemon -K -n $IDENT -x $DAEMON | 79 | ssd -S -x $DAEMON -n $NAME -- $OPTIONS |
87 | echo | 80 | ret=$? |
88 | rm -f $LOCK | 81 | |
89 | ;; | 82 | echo "." |
90 | restart) | 83 | touch $SVIlock |
91 | $0 stop | 84 | ;; |
92 | $0 start | 85 | |
93 | ;; | 86 | stop) |
94 | *) | 87 | [ -e $SVIlock ] || exit 0 |
95 | echo "Usage: $SUBSYS {start|stop|restart}" | 88 | |
96 | exit 1 | 89 | echo -n "Stopping $SVIsubsys services: " |
90 | ssd -K -p $PIDF -n $NAME | ||
91 | ret=$? | ||
92 | |||
93 | echo "." | ||
94 | rm -f $SVIlock | ||
95 | ;; | ||
96 | |||
97 | force-reload|reload) | ||
98 | [ -e $SVIlock ] || exit 0 | ||
99 | |||
100 | echo "Reloading $SVIsubsys configuration files: " | ||
101 | ssd -K --signal 1 -q -p $PIDF -n $NAME | ||
102 | ret=$? | ||
103 | echo "done." | ||
104 | ;; | ||
105 | |||
106 | restart) | ||
107 | $0 stop | ||
108 | $0 start | ||
109 | ret=$? | ||
110 | ;; | ||
111 | |||
112 | status) | ||
113 | _status $PIDF | ||
114 | ret=$? | ||
115 | ;; | ||
116 | |||
117 | *) | ||
118 | echo "Usage: $SVIscript {[re]start|stop|[force-]reload|status}" | ||
119 | ret=2 | ||
120 | ;; | ||
121 | |||
97 | esac | 122 | esac |
98 | 123 | ||
99 | exit 0 | 124 | exit $ret |
125 | |||