| Age | Commit message (Collapse) | Author |
|---|
|
preinst was sufficient to have dpkg replace it without prompting when
moving a conffile between packages were very much mistaken. As far as I
can tell, the only way to do this reliably is to write out the desired
new text of the conffile in the preinst. This is gross, and requires
shipping the text of all conffiles in the preinst too, but there's
nothing for it. Fortunately this nonsense is only required for smooth
upgrades from sarge.
|
|
|
|
|
|
|
|
to avoid unnecessary conffile resolution steps for administrators
(thanks, Jari Aalto; closes: #335259).
|
|
in sshd_config.
* Default client to attempting GSSAPI authentication.
* Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's
found.
|
|
|
|
|
|
debhelper 4 even on sarge anyway for udeb support.
|
|
rather than constructing udebs by steam.
* Require debhelper 5.0.22, which generates correct shared library
dependencies for udebs. This build-dependency can be ignored if building
on sarge.
|
|
|
|
rather than the deb. Fixed.
|
|
to the normal and superuser paths and /usr/games to the normal path.
|
|
the woody-compatibility hack works even with po-debconf 0.9.0.
|
|
|
|
|
|
openssh-server got recompiled with the wrong options during 'debian/rules
install' (closes: #317088, #317238, #317241).
|
|
permissions (closes: #314956).
|
|
|
|
/usr/share/doc/openssh-client.
|
|
|
|
/usr/lib/openssh/sftp-server (closes: #312891).
|
|
are available.
|
|
- Added SELinux capability, and turned it on be default. Added
restorecon calls in preinst and postinst (should not matter if the
machine is not SELinux aware). By and large, the changes made should
have no effect unless the rules file calls --with-selinux; and even
then there should be no performance hit for machines not actively
running SELinux.
- Modified the preinst and postinst to call restorecon to set the
security context for the generated public key files.
- Added a comment to /etc/pam.d/ssh to indicate that an SELinux system
may want to also include pam_selinux.so.
|
|
|
|
|
|
|
|
|
|
to "yes" in /etc/ssh/ssh_config), having a debconf question to ask whether
it should be setuid is overkill, and the question text had got out of date
anyway. Remove this question, ship ssh-keysign setuid in
openssh-client.deb, and set a statoverride if the debconf question was
previously set to false.
|
|
configuration files to match (closes: #87900, #151321).
|
|
(closes: #295757, #308868, and possibly others; may open other bugs).
Use PAM password authentication to avoid #278394. In future I may
provide two sets of binaries built with and without this option, since
it seems I can't win.
|
|
satisfy build-dependencies.
|
|
- Link with -lcrypt.
- Link with -lpthread rather than -pthread.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
|
|
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).
* Shorten the version string from the form "OpenSSH_3.8.1p1 Debian
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH
implementations apparently have problems with the long version string.
This is of course a bug in those implementations, but since the extent
of the problem is unknown it's best to play safe (closes: #275731).
* debconf template translations:
- Add Finnish (thanks, Matti Pöllä; closes: #265339).
- Update Danish (thanks, Morten Brix Pedersen; closes: #275895).
- Update French (thanks, Denis Barbier; closes: #276703).
- Update Japanese (thanks, Kenshi Muto; closes: #277438).
|
|
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH
implementations apparently have problems with the long version string. This
is of course a bug in those implementations, but since the extent of the
problem is unknown it's best to play safe (closes: #275731).
|
|
|
|
many GNOME people tell me it's the wrong thing to be doing. I've left it in
/usr/share/doc/ssh-askpass-gnome/examples/ for now.
|
|
|
|
(closes: #39741). openssh-server depends on openssh-client for some
common functionality; it didn't seem worth creating yet another package
for this.
* New transitional ssh package, depending on openssh-client and
openssh-server. May be removed once nothing depends on it.
* When upgrading from ssh to openssh-{client,server}, it's very difficult
for the maintainer scripts to find out what version we're upgrading from
without dodgy dpkg hackery. I've therefore taken the opportunity to move
a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged
and ssh/user_environment_tell.
* In general, upgrading to this version directly from woody without first
upgrading to the version in sarge is not currently guaranteed to work
very smoothly due to the aforementioned version discovery problems.
|
|
cvs up -jV_3_8_1_P1-4 -jV_3_8_1_P1-8
|
|
Blank's request (closes: #260800).
|
|
|
|
to get openssh-client-udeb to show up as a retrievable debian-installer
component.
|
