summaryrefslogtreecommitdiff
path: root/debian/rules
AgeCommit message (Collapse)Author
2014-03-27Re-enable btmp logging, as its permissions were fixed a long time ago in ↵Colin Watson
response to #370050 (closes: #341883).
2014-03-05Link openssh-sftp-server's documentation directory to openssh-client's.Colin Watson
2014-02-13Remove code related to non-dependency-based sysv-rc ordering, since that is ↵Colin Watson
no longer supported.
2014-02-13Configure --without-hardening on hppa, to work around ↵Colin Watson
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 (closes: #738798).
2014-02-12Tweak dh_systemd_enable invocations to avoid lots of error noise.Colin Watson
2014-02-11Only enable ssh.service for systemd, not both ssh.service and ssh.socket. ↵Colin Watson
Thanks to Michael Biebl for spotting this.
2014-02-10Add systemd support (thanks, Sven Joachim; closes: #676830).Colin Watson
2014-02-10Incorporate default path changes from shadow 1:4.0.18.1-8, removing ↵Colin Watson
/usr/bin/X11 (closes: #644521).
2014-02-09Initialize git-dpmColin Watson
2013-07-02Update config.guess and config.sub automatically at build time.Colin Watson
dh_autoreconf does not take care of that by default because openssh does not use automake.
2013-06-27debian/rules: Include real distribution in SSH_EXTRAVERSION instead ofYolanda Robla
hardcoding Debian (LP: #1195342).
2013-05-22Fix dh_builddeb invocation so that we really use xz compression forColin Watson
binary packages, as intended since 1:6.1p1-2.
2013-05-22Switch to new unified layout for Upstart jobs as documented inColin Watson
https://wiki.ubuntu.com/UpstartCompatibleInitScripts: the init script checks for a running Upstart, and we now let dh_installinit handle most of the heavy lifting in maintainer scripts. Ubuntu users should be essentially unaffected except that sshd may no longer start automatically in chroots if the running Upstart predates 0.9.0; but the main goal is simply not to break when openssh-server is installed in a chroot.
2013-05-21Drop conffile handling for upgrades from pre-split ssh package; this wasColin Watson
originally added in 1:4.3p2-7 / 1:4.3p2-8, and contained a truly ghastly hack around a misbehaviour in sarge's dpkg. Since this is now four Debian releases ago, we can afford to drop this and simplify the packaging.
2013-05-06Use dh-autoreconf.Colin Watson
2013-03-25Add ssh-agent upstart user job. This implements something similar toStéphane Graber
the 90x11-common_ssh-agent Xsession script. That is, start ssh-agent and set the appropriate environment variables (closes: #703906).
2012-11-26Simplify --with-consolekit handling.Colin Watson
2012-11-26Install apport hooks.Colin Watson
2012-11-26Merge Upstart job scripting support from Ubuntu, to handle the Upstart job ↵Colin Watson
being primary there.
2012-11-25Only build with -j if DEB_BUILD_OPTIONS=parallel=* is used (closes:Colin Watson
#694282).
2012-10-31* Merge from Ubuntu:Colin Watson
- Add support for registering ConsoleKit sessions on login. (This is currently enabled only when building for Ubuntu.)
2012-09-28Use xz compression for binary packages.Colin Watson
2012-06-24Tighten libssl1.0.0 and libcrypto1.0.0-udeb dependencies to the currentColin Watson
"fix" version at build time (closes: #678661).
2012-04-02* Fix cross-building:Colin Watson
- Allow using a cross-architecture pkg-config. - Pass default LDFLAGS to contrib/Makefile. - Allow dh_strip to strip gnome-ssh-askpass, rather than calling 'install -s'.
2012-04-01Use dpkg-buildflags, including for hardening support; drop use ofColin Watson
hardening-includes.
2011-09-06* New upstream release (http://www.openssh.org/txt/release-5.9).Colin Watson
- Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455).
2011-07-29Use 'dpkg-vendor --derives-from Ubuntu' to detect Ubuntu systems ratherColin Watson
than 'lsb_release -is' so that Ubuntu derivatives behave the same way as Ubuntu itself.
2011-07-29Only recommend ssh-import-id when built on Ubuntu (closes: #635887).Colin Watson
2010-04-17Use dh_installinit -n, since our maintainer scripts already handle thisColin Watson
more carefully (thanks, Julien Cristau).
2010-04-08Use dh_install more effectively.Colin Watson
2010-04-08remove obsolete Ssh.bin hack, no longer needed with new PKCS#11 smartcard ↵Colin Watson
handling
2010-04-08remove old ssh_prng_cmds handling; we never use this, and it's unnecessary ↵Colin Watson
with debhelper v3 anyway
2010-04-07Convert to dh(1), and use dh_installdocs --link-doc.Colin Watson
2010-03-29Hardcode the location of xauth to /usr/bin/xauth rather thanColin Watson
/usr/bin/X11/xauth (thanks, Aron Griffis; closes: #575725, LP: #8440). xauth no longer depends on x11-common, so we're no longer guaranteed to have the /usr/bin/X11 symlink available. I was taking advantage of the /usr/bin/X11 symlink to smooth X's move to /usr/bin, but this is far enough in the past now that it's probably safe to just use /usr/bin.
2010-03-17Fix substitution of ETC_PAM_D_SSH, following the rename in 1:4.7p1-4.Colin Watson
2010-03-01mark quilt-setup target as phonyColin Watson
2010-03-01Include debian/ssh-askpass-gnome.png in the Debian tarball now thatColin Watson
we're using a source format that permits this, rather than messing around with uudecode.
2010-03-01Fix 'debian/rules quilt-setup' to avoid writing .orig files if someColin Watson
patches apply with offsets.
2010-02-28* Update README.source to match, and add a 'quilt-setup' target toColin Watson
debian/rules for the benefit of those checking out the package from revision control. * All patches are now maintained separately and tagged according to DEP-3.
2010-02-22run dh_installexamples after dh_linkColin Watson
2010-01-31Honour DEB_BUILD_OPTIONS=nocheck.Colin Watson
2010-01-31Use dh_lintian.Colin Watson
2010-01-31Install upstream sshd_config as an example (closes: #415008).Colin Watson
2010-01-31Link with -Wl,--as-needed (closes: #560155).Colin Watson
2010-01-25Drop change from 1:3.8p1-3 to avoid setresuid() and setresgid() systemColin Watson
calls. This only applied to Linux 2.2, which it's no longer feasible to run anyway (see 1:5.2p1-2 changelog).
2010-01-12Don't run tests when cross-compiling.Colin Watson
2010-01-12Use host compiler for ssh-askpass-gnome when cross-compiling.Colin Watson
2010-01-02Use hardening-includes for hardening logic (thanks, Kees Cook; closes:Colin Watson
#561887).
2009-08-28Build with just -fPIC on mips/mipsel, not -fPIE as well (thanks, LIU Qi;Colin Watson
closes: #538313).
2009-07-31Upgrade to debhelper v7.Colin Watson