• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1
2# Some of this will need re-evaluation post-LSB.  The SVIdir is there
3# because the link appeared broken.  The rest is for easy compilation,
4# the tradeoff open to discussion.  (LC957)
5
6%define	SVIdir		/etc/rc.d/init.d
7%{!?_defaultdocdir:%define	_defaultdocdir	%{_prefix}/share/doc/packages}
8%{!?SVIcdir:%define		SVIcdir		/etc/sysconfig/daemons}
9
10%define _mandir		%{_prefix}/share/man/en
11%define _sysconfdir	/etc/ssh
12%define	_libexecdir	%{_libdir}/ssh
13
14# Do we want to disable root_login? (1=yes 0=no)
15%define no_root_login 0
16
17#old cvs stuff.  please update before use.  may be deprecated.
18%define use_stable	1
19%define version 	5.9p1
20%if %{use_stable}
21  %define cvs		%{nil}
22  %define release 	1
23%else
24  %define cvs		cvs20050315
25  %define release 	0r1
26%endif
27%define xsa		x11-ssh-askpass
28%define askpass		%{xsa}-1.2.4.1
29
30# OpenSSH privilege separation requires a user & group ID
31%define sshd_uid    67
32%define sshd_gid    67
33
34Name        	: openssh
35Version     	: %{version}%{cvs}
36Release     	: %{release}
37Group       	: System/Network
38
39Summary     	: OpenSSH free Secure Shell (SSH) implementation.
40Summary(de) 	: OpenSSH - freie Implementation der Secure Shell (SSH).
41Summary(es) 	: OpenSSH implementacin libre de Secure Shell (SSH).
42Summary(fr) 	: Implmentation libre du shell scurisOpenSSH (SSH).
43Summary(it) 	: Implementazione gratuita OpenSSH della Secure Shell.
44Summary(pt) 	: Implementa��o livre OpenSSH do protocolo 'Secure Shell' (SSH).
45Summary(pt_BR) 	: Implementa��o livre OpenSSH do protocolo Secure Shell (SSH).
46
47Copyright   	: BSD
48Packager    	: Raymund Will <ray@caldera.de>
49URL         	: http://www.openssh.com/
50
51Obsoletes   	: ssh, ssh-clients, openssh-clients
52
53BuildRoot   	: /tmp/%{name}-%{version}
54BuildRequires	: XFree86-imake
55
56# %{use_stable}==1:	ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
57# %{use_stable}==0:	:pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
58Source0: see-above:/.../openssh-%{version}.tar.gz
59%if %{use_stable}
60Source1: see-above:/.../openssh-%{version}.tar.gz.asc
61%endif
62Source2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz
63Source3: http://www.openssh.com/faq.html
64
65%Package server
66Group       	: System/Network
67Requires    	: openssh = %{version}
68Obsoletes   	: ssh-server
69
70Summary     	: OpenSSH Secure Shell protocol server (sshd).
71Summary(de) 	: OpenSSH Secure Shell Protocol-Server (sshd).
72Summary(es) 	: Servidor del protocolo OpenSSH Secure Shell (sshd).
73Summary(fr) 	: Serveur de protocole du shell scurisOpenSSH (sshd).
74Summary(it) 	: Server OpenSSH per il protocollo Secure Shell (sshd).
75Summary(pt) 	: Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
76Summary(pt_BR) 	: Servidor do protocolo Secure Shell OpenSSH (sshd).
77
78
79%Package askpass
80Group       	: System/Network
81Requires    	: openssh = %{version}
82URL       	: http://www.jmknoble.net/software/x11-ssh-askpass/
83Obsoletes   	: ssh-extras
84
85Summary     	: OpenSSH X11 pass-phrase dialog.
86Summary(de) 	: OpenSSH X11 Passwort-Dialog.
87Summary(es) 	: Aplicacin de peticin de frase clave OpenSSH X11.
88Summary(fr) 	: Dialogue pass-phrase X11 d'OpenSSH.
89Summary(it) 	: Finestra di dialogo X11 per la frase segreta di OpenSSH.
90Summary(pt) 	: Di�logo de pedido de senha para X11 do OpenSSH.
91Summary(pt_BR) 	: Di�logo de pedido de senha para X11 do OpenSSH.
92
93
94%Description
95OpenSSH (Secure Shell) provides access to a remote system. It replaces
96telnet, rlogin,  rexec, and rsh, and provides secure encrypted
97communications between two untrusted hosts over an insecure network.
98X11 connections and arbitrary TCP/IP ports can also be forwarded over
99the secure channel.
100
101%Description -l de
102OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
103telnet, rlogin, rexec und rsh und stellt eine sichere, verschl�sselte
104Verbindung zwischen zwei nicht vertrauensw�rdigen Hosts �ber eine unsicheres
105Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports k�nnen ebenso
106�ber den sicheren Channel weitergeleitet werden.
107
108%Description -l es
109OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
110telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
111entre dos equipos entre los que no se ha establecido confianza a trav�s de una
112red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios tambi�n pueden
113ser canalizadas sobre el canal seguro.
114
115%Description -l fr
116OpenSSH (Secure Shell) fournit un acc�s � un syst�me distant. Il remplace
117telnet, rlogin, rexec et rsh, tout en assurant des communications crypt�es
118securis�es entre deux h�tes non fiabilis�s sur un r�seau non s�curis�. Des
119connexions X11 et des ports TCP/IP arbitraires peuvent �galement �tre
120transmis sur le canal s�curis�.
121
122%Description -l it
123OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
124Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
125e crittate tra due host non fidati su una rete non sicura. Le connessioni
126X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
127un canale sicuro.
128
129%Description -l pt
130OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
131telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e cifradas
132entre duas mquinas sem confiana mtua sobre uma rede insegura.
133Liga��es X11 e portos TCP/IP arbitrrios tambm poder ser reenviados
134pelo canal seguro.
135
136%Description -l pt_BR
137O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
138telnet, rlogin, rexec, e o rsh e fornece comunica��es seguras e criptografadas
139entre duas mquinas sem confiana mtua sobre uma rede insegura.
140Liga��es X11 e portas TCP/IP arbitrrias tambm podem ser reenviadas
141pelo canal seguro.
142
143%Description server
144This package installs the sshd, the server portion of OpenSSH.
145
146%Description -l de server
147Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
148
149%Description -l es server
150Este paquete instala sshd, la parte servidor de OpenSSH.
151
152%Description -l fr server
153Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
154
155%Description -l it server
156Questo pacchetto installa sshd, il server di OpenSSH.
157
158%Description -l pt server
159Este pacote intala o sshd, o servidor do OpenSSH.
160
161%Description -l pt_BR server
162Este pacote intala o sshd, o servidor do OpenSSH.
163
164%Description askpass
165This package contains an X11-based pass-phrase dialog used per
166default by ssh-add(1). It is based on %{askpass}
167by Jim Knoble <jmknoble@pobox.com>.
168
169
170%Prep
171%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2
172%if ! %{use_stable}
173  autoreconf
174%endif
175
176
177%Build
178CFLAGS="$RPM_OPT_FLAGS" \
179%configure \
180            --with-pam \
181            --with-tcp-wrappers \
182	    --with-privsep-path=%{_var}/empty/sshd \
183	    #leave this line for easy edits.
184
185%__make
186
187cd %{askpass}
188%configure \
189	    #leave this line for easy edits.
190
191xmkmf
192%__make includes
193%__make
194
195
196%Install
197[ %{buildroot} != "/" ] && rm -rf %{buildroot}
198
199make install DESTDIR=%{buildroot}
200%makeinstall -C %{askpass} \
201    BINDIR=%{_libexecdir} \
202    MANPATH=%{_mandir} \
203    DESTDIR=%{buildroot}
204
205# OpenLinux specific configuration
206mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
207mkdir -p %{buildroot}%{_var}/empty/sshd
208
209# enabling X11 forwarding on the server is convenient and okay,
210# on the client side it's a potential security risk!
211%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
212    %{buildroot}%{_sysconfdir}/sshd_config
213
214%if %{no_root_login}
215%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
216    %{buildroot}%{_sysconfdir}/sshd_config
217%endif
218
219install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
220# FIXME: disabled, find out why this doesn't work with nis
221%__perl -pi -e 's:(.*pam_limits.*):#$1:' \
222    %{buildroot}/etc/pam.d/sshd
223
224install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd
225
226# the last one is needless, but more future-proof
227find %{buildroot}%{SVIdir} -type f -exec \
228    %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
229		    s:\@sysconfdir\@:%{_sysconfdir}:g; \
230		    s:/usr/sbin:%{_sbindir}:g'\
231    \{\} \;
232
233cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
234	IDENT=sshd
235	DESCRIPTIVE="OpenSSH secure shell daemon"
236	# This service will be marked as 'skipped' on boot if there
237	# is no host key. Use ssh-host-keygen to generate one
238	ONBOOT="yes"
239	OPTIONS=""
240EoD
241
242SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
243install -m 0755 contrib/caldera/ssh-host-keygen $SKG
244# Fix up some path names in the keygen toy^Hol
245    %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
246		    s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
247	%{buildroot}%{_sbindir}/ssh-host-keygen
248
249# This looks terrible.  Expect it to change.
250# install remaining docs
251DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
252mkdir -p $DocD/%{askpass}
253cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO PROTOCOL* $DocD
254install -p -m 0444 %{SOURCE3}  $DocD/faq.html
255cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad}  $DocD/%{askpass}
256%if %{use_stable}
257  cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
258%else
259  cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
260  ln -s  %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
261%endif
262
263find %{buildroot}%{_mandir} -type f -not -name	'*.gz' -print0 | xargs -0r %__gzip -9nf
264rm %{buildroot}%{_mandir}/man1/slogin.1 && \
265    ln -s %{_mandir}/man1/ssh.1.gz \
266    %{buildroot}%{_mandir}/man1/slogin.1.gz
267
268
269%Clean
270#%{rmDESTDIR}
271[ %{buildroot} != "/" ] && rm -rf %{buildroot}
272
273%Post
274# Generate host key when none is present to get up and running,
275# both client and server require this for host-based auth!
276# ssh-host-keygen checks for existing keys.
277/usr/sbin/ssh-host-keygen
278: # to protect the rpm database
279
280%pre server
281%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || :
282%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
283	-c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || :
284: # to protect the rpm database
285
286%Post server
287if [ -x %{LSBinit}-install ]; then
288  %{LSBinit}-install sshd
289else
290  lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
291fi
292
293! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
294: # to protect the rpm database
295
296
297%PreUn server
298[ "$1" = 0 ] || exit 0
299! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
300if [ -x %{LSBinit}-remove ]; then
301  %{LSBinit}-remove sshd
302else
303  lisa --SysV-init remove sshd $1
304fi
305: # to protect the rpm database
306
307%Files
308%defattr(-,root,root)
309%dir %{_sysconfdir}
310%config %{_sysconfdir}/ssh_config
311%{_bindir}/scp
312%{_bindir}/sftp
313%{_bindir}/ssh
314%{_bindir}/slogin
315%{_bindir}/ssh-add
316%attr(2755,root,nobody) %{_bindir}/ssh-agent
317%{_bindir}/ssh-keygen
318%{_bindir}/ssh-keyscan
319%dir %{_libexecdir}
320%attr(4711,root,root) %{_libexecdir}/ssh-keysign
321%{_libexecdir}/ssh-pkcs11-helper
322%{_sbindir}/ssh-host-keygen
323%dir %{_defaultdocdir}/%{name}-%{version}
324%{_defaultdocdir}/%{name}-%{version}/CREDITS
325%{_defaultdocdir}/%{name}-%{version}/ChangeLog
326%{_defaultdocdir}/%{name}-%{version}/LICENCE
327%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
328%{_defaultdocdir}/%{name}-%{version}/README*
329%{_defaultdocdir}/%{name}-%{version}/TODO
330%{_defaultdocdir}/%{name}-%{version}/faq.html
331%{_mandir}/man1/*
332%{_mandir}/man8/ssh-keysign.8.gz
333%{_mandir}/man8/ssh-pkcs11-helper.8.gz
334%{_mandir}/man5/ssh_config.5.gz
335
336%Files server
337%defattr(-,root,root)
338%dir %{_var}/empty/sshd
339%config %{SVIdir}/sshd
340%config /etc/pam.d/sshd
341%config %{_sysconfdir}/moduli
342%config %{_sysconfdir}/sshd_config
343%config %{SVIcdir}/sshd
344%{_libexecdir}/sftp-server
345%{_sbindir}/sshd
346%{_mandir}/man5/moduli.5.gz
347%{_mandir}/man5/sshd_config.5.gz
348%{_mandir}/man8/sftp-server.8.gz
349%{_mandir}/man8/sshd.8.gz
350
351%Files askpass
352%defattr(-,root,root)
353%{_libexecdir}/ssh-askpass
354%{_libexecdir}/x11-ssh-askpass
355%{_defaultdocdir}/%{name}-%{version}/%{askpass}
356
357
358%ChangeLog
359* Tue Jan 18 2011 Tim Rice <tim@multitalents.net>
360- Use CFLAGS from Makefile instead of RPM so build completes.
361- Signatures were changed to .asc since 4.1p1.
362
363* Mon Jan 01 1998 ...
364Template Version: 1.31
365
366$Id: openssh.spec,v 1.75.2.1 2011/09/05 00:28:11 djm Exp $
367