tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-09-25 19:08:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

- (djm) [contrib/suse/openssh.spec contrib/suse/rc.

Browse Source 
sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
   files from imorgan AT nas.nasa.gov
This commit is contained in:
Damien Miller 2005-10-30 11:55:45 +11:00
parent a841dceb4c
commit 88edf6255b
4 changed files with 256 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -1,3 +1,8 @@
20051030
- (djm) [contrib/suse/openssh.spec contrib/suse/rc.
sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
files from imorgan AT nas.nasa.gov
20051025 20051025
- (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
sizeof(long long) checks, to make fixing bug #1104 easier (no changes sizeof(long long) checks, to make fixing bug #1104 easier (no changes
@ -3115,4 +3120,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3923 2005/10/25 08:55:00 dtucker Exp $ $Id: ChangeLog,v 1.3924 2005/10/30 00:55:45 djm Exp $

244
contrib/suse/openssh.spec
View File

@ -1,14 +1,29 @@
Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation # Default values for additional components
Name: openssh %define build_x11_askpass 1
Version: 4.2p1
URL: http://www.openssh.com/ # Define the UID/GID to use for privilege separation
Release: 1 %define sshd_gid 65
Source0: openssh-%{version}.tar.gz %define sshd_uid 71
Copyright: BSD
Group: Applications/Internet # The version of x11-ssh-askpass to use
BuildRoot: /tmp/openssh-%{version}-buildroot %define xversion 1.2.4.1
PreReq: openssl
Obsoletes: ssh # Allow the ability to override defaults with -D skip_xxx=1
%{?skip_x11_askpass:%define build_x11_askpass 0}
Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
Name: openssh
Version: 4.2p1
URL: http://www.openssh.com/
Release: 1
Source0: openssh-%{version}.tar.gz
Source1: x11-ssh-askpass-%{xversion}.tar.gz
License: BSD
Group: Productivity/Networking/SSH
BuildRoot: %{_tmppath}/openssh-%{version}-buildroot
PreReq: openssl
Obsoletes: ssh
Provides: ssh
# #
# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
# building prerequisites -- stuff for # building prerequisites -- stuff for
@ -16,14 +31,25 @@ Obsoletes: ssh
# TCP Wrappers (nkitb), # TCP Wrappers (nkitb),
# and Gnome (glibdev, gtkdev, and gnlibsd) # and Gnome (glibdev, gtkdev, and gnlibsd)
# #
BuildPrereq: openssl BuildPrereq: openssl
BuildPrereq: nkitb BuildPrereq: nkitb
BuildPrereq: glibdev #BuildPrereq: glibdev
BuildPrereq: gtkdev #BuildPrereq: gtkdev
BuildPrereq: gnlibsd #BuildPrereq: gnlibsd
%package askpass
Summary: A passphrase dialog for OpenSSH and the X window System.
Group: Productivity/Networking/SSH
Requires: openssh = %{version}
Obsoletes: ssh-extras
Provides: openssh:${_libdir}/ssh/ssh-askpass
%if %{build_x11_askpass}
BuildPrereq: XFree86-devel
%endif
%description %description
Ssh (Secure Shell) a program for logging into a remote machine and for Ssh (Secure Shell) is a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between rlogin and rsh, and provide secure encrypted communications between
two untrusted hosts over an insecure network. X11 connections and two untrusted hosts over an insecure network. X11 connections and
@ -34,10 +60,26 @@ up to date in terms of security and features, as well as removing all
patented algorithms to seperate libraries (OpenSSL). patented algorithms to seperate libraries (OpenSSL).
This package includes all files necessary for both the OpenSSH This package includes all files necessary for both the OpenSSH
client and server. Additionally, this package contains the GNOME client and server.
passphrase dialog.
%description askpass
Ssh (Secure Shell) is a program for logging into a remote machine and for
executing commands in a remote machine. It is intended to replace
rlogin and rsh, and provide secure encrypted communications between
two untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
up to date in terms of security and features, as well as removing all
patented algorithms to seperate libraries (OpenSSL).
This package contains an X Window System passphrase dialog for OpenSSH.
%changelog %changelog
* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov>
- Removed accidental inclusion of --without-zlib-version-check
* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov>
- Overhaul to deal with newer versions of SuSE and OpenSSH
* Mon Jun 12 2000 Damien Miller <djm@mindrot.org> * Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
- Glob manpages to catch compressed files - Glob manpages to catch compressed files
* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
@ -84,116 +126,124 @@ passphrase dialog.
%prep %prep
%if %{build_x11_askpass}
%setup -q -a 1
%else
%setup -q %setup -q
%endif
%build %build
CFLAGS="$RPM_OPT_FLAGS" \ CFLAGS="$RPM_OPT_FLAGS" \
./configure --prefix=/usr \ %configure --prefix=/usr \
--sysconfdir=/etc/ssh \ --sysconfdir=%{_sysconfdir}/ssh \
--datadir=/usr/share/openssh \ --mandir=%{_mandir} \
--with-privsep-path=/var/lib/empty \
--with-pam \ --with-pam \
--with-gnome-askpass \
--with-tcp-wrappers \ --with-tcp-wrappers \
--with-ipv4-default \ --libexecdir=%{_libdir}/ssh
--libexecdir=/usr/lib/ssh
make make
cd contrib %if %{build_x11_askpass}
gcc -O -g `gnome-config --cflags gnome gnomeui` \ cd x11-ssh-askpass-%{xversion}
gnome-ssh-askpass.c -o gnome-ssh-askpass \ %configure --mandir=/usr/X11R6/man \
`gnome-config --libs gnome gnomeui` --libexecdir=%{_libdir}/ssh
xmkmf -a
make
cd .. cd ..
%endif
%install %install
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
make install DESTDIR=$RPM_BUILD_ROOT/ make install DESTDIR=$RPM_BUILD_ROOT/
install -d $RPM_BUILD_ROOT/etc/ssh/
install -d $RPM_BUILD_ROOT/etc/pam.d/ install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/sbin/init.d/ install -d $RPM_BUILD_ROOT/etc/init.d/
install -d $RPM_BUILD_ROOT/var/adm/fillup-templates install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
install -d $RPM_BUILD_ROOT/usr/lib/ssh
install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd
ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd install -m744 contrib/suse/sysconfig.ssh \
install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/gnome-ssh-askpass
ln -s gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/ssh-askpass
install -m744 contrib/suse/rc.config.sshd \
$RPM_BUILD_ROOT/var/adm/fillup-templates $RPM_BUILD_ROOT/var/adm/fillup-templates
%if %{build_x11_askpass}
cd x11-ssh-askpass-%{xversion}
make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/
rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
%endif
%clean %clean
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
%pre
/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || :
/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
%post %post
if [ "$1" = 1 ]; then
echo "Creating SSH stop/start scripts in the rc directories..."
ln -s ../sshd /sbin/init.d/rc2.d/K20sshd
ln -s ../sshd /sbin/init.d/rc2.d/S20sshd
ln -s ../sshd /sbin/init.d/rc3.d/K20sshd
ln -s ../sshd /sbin/init.d/rc3.d/S20sshd
fi
echo "Updating /etc/rc.config..."
if [ -x /bin/fillup ] ; then
/bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.sshd
else
echo "ERROR: fillup not found. This should NOT happen in SuSE Linux."
echo "Update /etc/rc.config by hand from the following template file:"
echo " /var/adm/fillup-templates/rc.config.sshd"
fi
if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
echo "Generating SSH host key..." echo "Generating SSH RSA host key..."
/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
fi fi
if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
echo "Generating SSH DSA host key..." echo "Generating SSH DSA host key..."
/usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2 /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
fi
if test -r /var/run/sshd.pid
then
echo "Restarting the running SSH daemon..."
/usr/sbin/rcsshd restart >&2
fi fi
%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
%run_permissions
%verifyscript
%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
%preun %preun
if [ "$1" = 0 ] %stop_on_removal sshd
then
echo "Stopping the SSH daemon..." %postun
/usr/sbin/rcsshd stop >&2 %restart_on_update sshd
echo "Removing SSH stop/start scripts from the rc directories..." %{insserv_cleanup}
rm /sbin/init.d/rc2.d/K20sshd
rm /sbin/init.d/rc2.d/S20sshd
rm /sbin/init.d/rc3.d/K20sshd
rm /sbin/init.d/rc3.d/S20sshd
fi
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc ChangeLog OVERVIEW README* %doc ChangeLog OVERVIEW README*
%doc RFC.nroff TODO CREDITS LICENCE %doc RFC.nroff TODO CREDITS LICENCE
%attr(0755,root,root) %dir /etc/ssh %attr(0755,root,root) %dir %{_sysconfdir}/ssh
%attr(0644,root,root) %config /etc/ssh/ssh_config %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
%attr(0600,root,root) %config /etc/ssh/sshd_config %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
%attr(0600,root,root) %config /etc/ssh/moduli %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
%attr(0644,root,root) %config /etc/pam.d/sshd %attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
%attr(0755,root,root) %config /sbin/init.d/sshd %attr(0755,root,root) %config /etc/init.d/sshd
%attr(0755,root,root) /usr/bin/ssh-keygen %attr(0755,root,root) %{_bindir}/ssh-keygen
%attr(0755,root,root) /usr/bin/scp %attr(0755,root,root) %{_bindir}/scp
%attr(4755,root,root) /usr/bin/ssh %attr(0755,root,root) %{_bindir}/ssh
%attr(-,root,root) /usr/bin/slogin %attr(-,root,root) %{_bindir}/slogin
%attr(0755,root,root) /usr/bin/ssh-agent %attr(0755,root,root) %{_bindir}/ssh-agent
%attr(0755,root,root) /usr/bin/ssh-add %attr(0755,root,root) %{_bindir}/ssh-add
%attr(0755,root,root) /usr/bin/ssh-keyscan %attr(0755,root,root) %{_bindir}/ssh-keyscan
%attr(0755,root,root) /usr/bin/sftp %attr(0755,root,root) %{_bindir}/sftp
%attr(0755,root,root) /usr/sbin/sshd %attr(0755,root,root) %{_sbindir}/sshd
%attr(-,root,root) /usr/sbin/rcsshd %attr(0755,root,root) %dir %{_libdir}/ssh
%attr(0755,root,root) %dir /usr/lib/ssh %attr(0755,root,root) %{_libdir}/ssh/sftp-server
%attr(0755,root,root) /usr/lib/ssh/ssh-askpass %attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
%attr(0755,root,root) /usr/lib/ssh/gnome-ssh-askpass %attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
%attr(0644,root,root) %doc /usr/man/man1/scp.1* %attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
%attr(0644,root,root) %doc /usr/man/man1/ssh.1* %attr(-,root,root) %doc %{_mandir}/man1/slogin.1*
%attr(-,root,root) %doc /usr/man/man1/slogin.1* %attr(0644,root,root) %doc %{_mandir}/man1/ssh.1*
%attr(0644,root,root) %doc /usr/man/man1/ssh-agent.1* %attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1*
%attr(0644,root,root) %doc /usr/man/man1/ssh-add.1* %attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1*
%attr(0644,root,root) %doc /usr/man/man1/ssh-keygen.1* %attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1*
%attr(0644,root,root) %doc /usr/man/man8/sshd.8* %attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
%attr(0644,root,root) /var/adm/fillup-templates/rc.config.sshd %attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5*
%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh
%if %{build_x11_askpass}
%files askpass
%defattr(-,root,root)
%doc x11-ssh-askpass-%{xversion}/README
%doc x11-ssh-askpass-%{xversion}/ChangeLog
%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad
%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass
%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass
%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x*
%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x*
%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass
%endif

135
contrib/suse/rc.sshd
View File

@ -1,80 +1,133 @@
#! /bin/sh #! /bin/sh
# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany. # Copyright (c) 1995-2000 SuSE GmbH Nuernberg, Germany.
# #
# Author: Chris Saia <csaia@wtower.com> # Author: Jiri Smid <feedback@suse.de>
# #
# /sbin/init.d/sshd # /etc/init.d/sshd
# #
# and symbolic its link # and symbolic its link
# #
# /sbin/rcsshd # /usr/sbin/rcsshd
# #
### BEGIN INIT INFO
# Provides: sshd
# Required-Start: $network $remote_fs
# Required-Stop: $network $remote_fs
# Default-Start: 3 5
# Default-Stop: 0 1 2 6
# Description: Start the sshd daemon
### END INIT INFO
. /etc/rc.config SSHD_BIN=/usr/sbin/sshd
test -x $SSHD_BIN || exit 5
# Determine the base and follow a runlevel link name. SSHD_SYSCONFIG=/etc/sysconfig/ssh
base=${0##*/} test -r $SSHD_SYSCONFIG || exit 6
link=${base#*[SK][0-9][0-9]} . $SSHD_SYSCONFIG
# Force execution if not called by a runlevel directory. SSHD_PIDFILE=/var/run/sshd.init.pid
test $link = $base && START_SSHD=yes
test "$START_SSHD" = yes || exit 0 . /etc/rc.status
# Shell functions sourced from /etc/rc.status:
# rc_check check and set local and overall rc status
# rc_status check and set local and overall rc status
# rc_status -v ditto but be verbose in local rc status
# rc_status -v -r ditto and clear the local rc status
# rc_failed set local and overall rc status to failed
# rc_reset clear local rc status (overall remains)
# rc_exit exit appropriate to overall rc status
# First reset status of this service
rc_reset
# The echo return value for success (defined in /etc/rc.config).
return=$rc_done
case "$1" in case "$1" in
start) start)
echo -n "Starting service sshd" if ! test -f /etc/ssh/ssh_host_key ; then
echo Generating /etc/ssh/ssh_host_key.
ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
fi
if ! test -f /etc/ssh/ssh_host_dsa_key ; then
echo Generating /etc/ssh/ssh_host_dsa_key.
ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ''
fi
if ! test -f /etc/ssh/ssh_host_rsa_key ; then
echo Generating /etc/ssh/ssh_host_rsa_key.
ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
fi
echo -n "Starting SSH daemon"
## Start daemon with startproc(8). If this fails ## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate. ## the echo return value is set appropriate.
startproc /usr/sbin/sshd || return=$rc_failed startproc -f -p $SSHD_PIDFILE /usr/sbin/sshd $SSHD_OPTS -o "PidFile=$SSHD_PIDFILE"
echo -e "$return" # Remember status and be verbose
rc_status -v
;; ;;
stop) stop)
echo -n "Stopping service sshd" echo -n "Shutting down SSH daemon"
## Stop daemon with killproc(8) and if this fails ## Stop daemon with killproc(8) and if this fails
## set echo the echo return value. ## set echo the echo return value.
killproc -TERM /usr/sbin/sshd || return=$rc_failed killproc -p $SSHD_PIDFILE -TERM /usr/sbin/sshd
echo -e "$return" # Remember status and be verbose
rc_status -v
;; ;;
try-restart)
## Stop the service and if this succeeds (i.e. the
## service was running before), start it again.
$0 status >/dev/null && $0 restart
# Remember status and be quiet
rc_status
;;
restart) restart)
## If first returns OK call the second, if first or ## Stop the service and regardless of whether it was
## second command fails, set echo return value. ## running or not, start it again.
$0 stop && $0 start || return=$rc_failed $0 stop
;; $0 start
reload)
## Choose ONE of the following two cases:
## First possibility: A few services accepts a signal # Remember status and be quiet
## to reread the (changed) configuration. rc_status
;;
force-reload|reload)
## Signal the daemon to reload its config. Most daemons
## do this on signal 1 (SIGHUP).
echo -n "Reload service sshd" echo -n "Reload service sshd"
killproc -HUP /usr/sbin/sshd || return=$rc_failed
echo -e "$return"
;;
status)
echo -n "Checking for service sshd"
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
checkproc /usr/sbin/sshd && echo OK || echo No process killproc -p $SSHD_PIDFILE -HUP /usr/sbin/sshd
rc_status -v
;;
status)
echo -n "Checking for service sshd "
## Check status with checkproc(8), if process is running
## checkproc will return with exit status 0.
# Status has a slightly different for the status command:
# 0 - service running
# 1 - service dead, but /var/run/ pid file exists
# 2 - service dead, but /var/lock/ lock file exists
# 3 - service not running
checkproc -p $SSHD_PIDFILE /usr/sbin/sshd
rc_status -v
;; ;;
probe) probe)
## Optional: Probe for the necessity of a reload, ## Optional: Probe for the necessity of a reload,
## give out the argument which is required for a reload. ## give out the argument which is required for a reload.
test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload test /etc/ssh/sshd_config -nt $SSHD_PIDFILE && echo reload
;; ;;
*) *)
echo "Usage: $0 {start|stop|status|restart|reload[|probe]}" echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
exit 1 exit 1
;; ;;
esac esac
rc_exit
# Inform the caller not only verbosely and set an exit status.
test "$return" = "$rc_done" || exit 1
exit 0

9
contrib/suse/sysconfig.ssh Normal file
View File

@ -0,0 +1,9 @@
## Path: Network/Remote access/SSH
## Description: SSH server settings
## Type: string
## Default: ""
## ServiceRestart: sshd
#
# Options for sshd
#
SSHD_OPTS=""