summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--contrib/redhat/openssh.spec22
-rwxr-xr-xcontrib/redhat/sshd.init71
-rw-r--r--contrib/suse/openssh.spec16
-rw-r--r--contrib/suse/rc.sshd16
5 files changed, 28 insertions, 100 deletions
diff --git a/ChangeLog b/ChangeLog
index 8b1269324..7d323f69e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@
2 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context 2 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
3 change error by reporting old and new context names Patch from 3 change error by reporting old and new context names Patch from
4 jchadima at redhat. 4 jchadima at redhat.
5 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
6 [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
7 init scrips from imorgan AT nas.nasa.gov
5 8
620110807 920110807
7 - (dtucker) OpenBSD CVS Sync 10 - (dtucker) OpenBSD CVS Sync
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 23657eacd..2b927f177 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -84,24 +84,24 @@ Obsoletes: ssh
84%if %{build6x} 84%if %{build6x}
85PreReq: initscripts >= 5.00 85PreReq: initscripts >= 5.00
86%else 86%else
87PreReq: initscripts >= 5.20 87Requires: initscripts >= 5.20
88%endif 88%endif
89BuildPreReq: perl, openssl-devel, tcp_wrappers 89BuildRequires: perl, openssl-devel, tcp_wrappers
90BuildPreReq: /bin/login 90BuildRequires: /bin/login
91%if ! %{build6x} 91%if ! %{build6x}
92BuildPreReq: glibc-devel, pam 92BuildPreReq: glibc-devel, pam
93%else 93%else
94BuildPreReq: /usr/include/security/pam_appl.h 94BuildRequires: /usr/include/security/pam_appl.h
95%endif 95%endif
96%if ! %{no_x11_askpass} 96%if ! %{no_x11_askpass}
97BuildPreReq: /usr/include/X11/Xlib.h 97BuildRequires: /usr/include/X11/Xlib.h
98%endif 98%endif
99%if ! %{no_gnome_askpass} 99%if ! %{no_gnome_askpass}
100BuildPreReq: pkgconfig 100BuildRequires: pkgconfig
101%endif 101%endif
102%if %{kerberos5} 102%if %{kerberos5}
103BuildPreReq: krb5-devel 103BuildRequires: krb5-devel
104BuildPreReq: krb5-libs 104BuildRequires: krb5-libs
105%endif 105%endif
106 106
107%package clients 107%package clients
@@ -114,7 +114,7 @@ Obsoletes: ssh-clients
114Summary: The OpenSSH server daemon. 114Summary: The OpenSSH server daemon.
115Group: System Environment/Daemons 115Group: System Environment/Daemons
116Obsoletes: ssh-server 116Obsoletes: ssh-server
117PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 117Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
118%if ! %{build6x} 118%if ! %{build6x}
119Requires: /etc/pam.d/system-auth 119Requires: /etc/pam.d/system-auth
120%endif 120%endif
@@ -712,7 +712,7 @@ fi
712 it generates. 712 it generates.
713 713
714* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com> 714* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
715- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always 715- Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always
716 build PAM authentication in. 716 build PAM authentication in.
717- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed. 717- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
718- Clean out no-longer-used patches. 718- Clean out no-longer-used patches.
@@ -721,7 +721,7 @@ fi
721 721
722* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com> 722* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com>
723- Update x11-askpass to 1.0.2. (#17835) 723- Update x11-askpass to 1.0.2. (#17835)
724- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will 724- Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will
725 always find them in the right place. (#17909) 725 always find them in the right place. (#17909)
726- Set the default path to be the same as the one supplied by /bin/login, but 726- Set the default path to be the same as the one supplied by /bin/login, but
727 add /usr/X11R6/bin. (#17909) 727 add /usr/X11R6/bin. (#17909)
diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init
index 854aff665..2334d8142 100755
--- a/contrib/redhat/sshd.init
+++ b/contrib/redhat/sshd.init
@@ -22,70 +22,9 @@ RETVAL=0
22prog="sshd" 22prog="sshd"
23 23
24# Some functions to make the below more readable 24# Some functions to make the below more readable
25KEYGEN=/usr/bin/ssh-keygen
26SSHD=/usr/sbin/sshd 25SSHD=/usr/sbin/sshd
27RSA1_KEY=/etc/ssh/ssh_host_key
28RSA_KEY=/etc/ssh/ssh_host_rsa_key
29DSA_KEY=/etc/ssh/ssh_host_dsa_key
30PID_FILE=/var/run/sshd.pid 26PID_FILE=/var/run/sshd.pid
31 27
32do_rsa1_keygen() {
33 if [ ! -s $RSA1_KEY ]; then
34 echo -n $"Generating SSH1 RSA host key: "
35 if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
36 chmod 600 $RSA1_KEY
37 chmod 644 $RSA1_KEY.pub
38 if [ -x /sbin/restorecon ]; then
39 /sbin/restorecon $RSA1_KEY.pub
40 fi
41 success $"RSA1 key generation"
42 echo
43 else
44 failure $"RSA1 key generation"
45 echo
46 exit 1
47 fi
48 fi
49}
50
51do_rsa_keygen() {
52 if [ ! -s $RSA_KEY ]; then
53 echo -n $"Generating SSH2 RSA host key: "
54 if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
55 chmod 600 $RSA_KEY
56 chmod 644 $RSA_KEY.pub
57 if [ -x /sbin/restorecon ]; then
58 /sbin/restorecon $RSA_KEY.pub
59 fi
60 success $"RSA key generation"
61 echo
62 else
63 failure $"RSA key generation"
64 echo
65 exit 1
66 fi
67 fi
68}
69
70do_dsa_keygen() {
71 if [ ! -s $DSA_KEY ]; then
72 echo -n $"Generating SSH2 DSA host key: "
73 if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
74 chmod 600 $DSA_KEY
75 chmod 644 $DSA_KEY.pub
76 if [ -x /sbin/restorecon ]; then
77 /sbin/restorecon $DSA_KEY.pub
78 fi
79 success $"DSA key generation"
80 echo
81 else
82 failure $"DSA key generation"
83 echo
84 exit 1
85 fi
86 fi
87}
88
89do_restart_sanity_check() 28do_restart_sanity_check()
90{ 29{
91 $SSHD -t 30 $SSHD -t
@@ -99,9 +38,13 @@ do_restart_sanity_check()
99start() 38start()
100{ 39{
101 # Create keys if necessary 40 # Create keys if necessary
102 do_rsa1_keygen 41 /usr/bin/ssh-keygen -A
103 do_rsa_keygen 42 if [ -x /sbin/restorecon ]; then
104 do_dsa_keygen 43 /sbin/restorcon /etc/ssh/ssh_host_key.pub
44 /sbin/restorcon /etc/ssh/ssh_host_rsa_key.pub
45 /sbin/restorcon /etc/ssh/ssh_host_dsa_key.pub
46 /sbin/restorcon /etc/ssh/ssh_host_ecdsa_key.pub
47 fi
105 48
106 echo -n $"Starting $prog:" 49 echo -n $"Starting $prog:"
107 $SSHD $OPTIONS && success || failure 50 $SSHD $OPTIONS && success || failure
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index db0c127bd..4621f548c 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -28,11 +28,12 @@ Provides: ssh
28# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) 28# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
29# building prerequisites -- stuff for 29# building prerequisites -- stuff for
30# OpenSSL (openssl-devel), 30# OpenSSL (openssl-devel),
31# TCP Wrappers (nkitb), 31# TCP Wrappers (tcpd-devel),
32# and Gnome (glibdev, gtkdev, and gnlibsd) 32# and Gnome (glibdev, gtkdev, and gnlibsd)
33# 33#
34BuildPrereq: openssl 34BuildPrereq: openssl
35BuildPrereq: nkitb 35BuildPrereq: tcpd-devel
36BuildPrereq: zlib-devel
36#BuildPrereq: glibdev 37#BuildPrereq: glibdev
37#BuildPrereq: gtkdev 38#BuildPrereq: gtkdev
38#BuildPrereq: gnlibsd 39#BuildPrereq: gnlibsd
@@ -177,15 +178,8 @@ rm -rf $RPM_BUILD_ROOT
177/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : 178/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
178 179
179%post 180%post
180if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then 181/usr/bin/ssh-keygen -A
181 echo "Generating SSH RSA host key..." 182%{fillup_and_insserv -n -y ssh sshd}
182 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
183fi
184if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
185 echo "Generating SSH DSA host key..."
186 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
187fi
188%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
189%run_permissions 183%run_permissions
190 184
191%verifyscript 185%verifyscript
diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd
index 4d4880d7e..4a3bc41db 100644
--- a/contrib/suse/rc.sshd
+++ b/contrib/suse/rc.sshd
@@ -43,20 +43,8 @@ rc_reset
43 43
44case "$1" in 44case "$1" in
45 start) 45 start)
46 if ! test -f /etc/ssh/ssh_host_key ; then 46 # Generate any missing host keys
47 echo Generating /etc/ssh/ssh_host_key. 47 ssh-keygen -A
48 ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ''
49 fi
50 if ! test -f /etc/ssh/ssh_host_dsa_key ; then
51 echo Generating /etc/ssh/ssh_host_dsa_key.
52
53 ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
54 fi
55 if ! test -f /etc/ssh/ssh_host_rsa_key ; then
56 echo Generating /etc/ssh/ssh_host_rsa_key.
57
58 ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
59 fi
60 echo -n "Starting SSH daemon" 48 echo -n "Starting SSH daemon"
61 ## Start daemon with startproc(8). If this fails 49 ## Start daemon with startproc(8). If this fails
62 ## the echo return value is set appropriate. 50 ## the echo return value is set appropriate.