1 # Default values for additional components 2 %define build_x11_askpass 1 3 4 # Define the UID/GID to use for privilege separation 5 %define sshd_gid 65 6 %define sshd_uid 71 7 8 # The version of x11-ssh-askpass to use 9 %define xversion 1.2.4.1 10 11 # Allow the ability to override defaults with -D skip_xxx=1 12 %{?skip_x11_askpass:%define build_x11_askpass 0} 13 14 Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 15 Name: openssh 16 Version: 7.1p2 17 URL: http://www.openssh.com/ 18 Release: 1 19 Source0: openssh-%{version}.tar.gz 20 Source1: x11-ssh-askpass-%{xversion}.tar.gz 21 License: BSD 22 Group: Productivity/Networking/SSH 23 BuildRoot: %{_tmppath}/openssh-%{version}-buildroot 24 PreReq: openssl 25 Obsoletes: ssh 26 Provides: ssh 27 # 28 # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) 29 # building prerequisites -- stuff for 30 # OpenSSL (openssl-devel), 31 # and Gnome (glibdev, gtkdev, and gnlibsd) 32 # 33 BuildPrereq: openssl 34 BuildPrereq: zlib-devel 35 #BuildPrereq: glibdev 36 #BuildPrereq: gtkdev 37 #BuildPrereq: gnlibsd 38 39 %package askpass 40 Summary: A passphrase dialog for OpenSSH and the X window System. 41 Group: Productivity/Networking/SSH 42 Requires: openssh = %{version} 43 Obsoletes: ssh-extras 44 Provides: openssh:${_libdir}/ssh/ssh-askpass 45 46 %if %{build_x11_askpass} 47 BuildPrereq: XFree86-devel 48 %endif 49 50 %description 51 Ssh (Secure Shell) is a program for logging into a remote machine and for 52 executing commands in a remote machine. It is intended to replace 53 rlogin and rsh, and provide secure encrypted communications between 54 two untrusted hosts over an insecure network. X11 connections and 55 arbitrary TCP/IP ports can also be forwarded over the secure channel. 56 57 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 58 up to date in terms of security and features, as well as removing all 59 patented algorithms to seperate libraries (OpenSSL). 60 61 This package includes all files necessary for both the OpenSSH 62 client and server. 63 64 %description askpass 65 Ssh (Secure Shell) is a program for logging into a remote machine and for 66 executing commands in a remote machine. It is intended to replace 67 rlogin and rsh, and provide secure encrypted communications between 68 two untrusted hosts over an insecure network. X11 connections and 69 arbitrary TCP/IP ports can also be forwarded over the secure channel. 70 71 OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it 72 up to date in terms of security and features, as well as removing all 73 patented algorithms to seperate libraries (OpenSSL). 74 75 This package contains an X Window System passphrase dialog for OpenSSH. 76 77 %changelog 78 * Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov> 79 - Removed accidental inclusion of --without-zlib-version-check 80 * Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov> 81 - Overhaul to deal with newer versions of SuSE and OpenSSH 82 * Mon Jun 12 2000 Damien Miller <djm@mindrot.org> 83 - Glob manpages to catch compressed files 84 * Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> 85 - Updated for new location 86 - Updated for new gnome-ssh-askpass build 87 * Sun Dec 26 1999 Chris Saia <csaia@wtower.com> 88 - Made symlink to gnome-ssh-askpass called ssh-askpass 89 * Wed Nov 24 1999 Chris Saia <csaia@wtower.com> 90 - Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and 91 /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into 92 his released tarfile 93 - Changed permissions on ssh_config in the install procedure to 644 from 600 94 even though it was correct in the %files section and thus right in the RPMs 95 - Postinstall script for the server now only prints "Generating SSH host 96 key..." if we need to actually do this, in order to eliminate a confusing 97 message if an SSH host key is already in place 98 - Marked all manual pages as %doc(umentation) 99 * Mon Nov 22 1999 Chris Saia <csaia@wtower.com> 100 - Added flag to configure daemon with TCP Wrappers support 101 - Added building prerequisites (works in RPM 3.0 and newer) 102 * Thu Nov 18 1999 Chris Saia <csaia@wtower.com> 103 - Made this package correct for SuSE. 104 - Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly 105 with SuSE, and lib_pwdb.so isn't installed by default. 106 * Mon Nov 15 1999 Damien Miller <djm (at] mindrot.org> 107 - Split subpackages further based on patch from jim knoble <jmknoble (at] pobox.com> 108 * Sat Nov 13 1999 Damien Miller <djm (at] mindrot.org> 109 - Added 'Obsoletes' directives 110 * Tue Nov 09 1999 Damien Miller <djm (at] ibs.com.au> 111 - Use make install 112 - Subpackages 113 * Mon Nov 08 1999 Damien Miller <djm (at] ibs.com.au> 114 - Added links for slogin 115 - Fixed perms on manpages 116 * Sat Oct 30 1999 Damien Miller <djm (at] ibs.com.au> 117 - Renamed init script 118 * Fri Oct 29 1999 Damien Miller <djm (at] ibs.com.au> 119 - Back to old binary names 120 * Thu Oct 28 1999 Damien Miller <djm (at] ibs.com.au> 121 - Use autoconf 122 - New binary names 123 * Wed Oct 27 1999 Damien Miller <djm (at] ibs.com.au> 124 - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. 125 126 %prep 127 128 %if %{build_x11_askpass} 129 %setup -q -a 1 130 %else 131 %setup -q 132 %endif 133 134 %build 135 CFLAGS="$RPM_OPT_FLAGS" \ 136 %configure --prefix=/usr \ 137 --sysconfdir=%{_sysconfdir}/ssh \ 138 --mandir=%{_mandir} \ 139 --with-privsep-path=/var/lib/empty \ 140 --with-pam \ 141 --libexecdir=%{_libdir}/ssh 142 make 143 144 %if %{build_x11_askpass} 145 cd x11-ssh-askpass-%{xversion} 146 %configure --mandir=/usr/X11R6/man \ 147 --libexecdir=%{_libdir}/ssh 148 xmkmf -a 149 make 150 cd .. 151 %endif 152 153 %install 154 rm -rf $RPM_BUILD_ROOT 155 make install DESTDIR=$RPM_BUILD_ROOT/ 156 install -d $RPM_BUILD_ROOT/etc/pam.d/ 157 install -d $RPM_BUILD_ROOT/etc/init.d/ 158 install -d $RPM_BUILD_ROOT/var/adm/fillup-templates 159 install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd 160 install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd 161 install -m744 contrib/suse/sysconfig.ssh \ 162 $RPM_BUILD_ROOT/var/adm/fillup-templates 163 164 %if %{build_x11_askpass} 165 cd x11-ssh-askpass-%{xversion} 166 make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/ 167 rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin 168 %endif 169 170 %clean 171 rm -rf $RPM_BUILD_ROOT 172 173 %pre 174 /usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || : 175 /usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : 176 177 %post 178 /usr/bin/ssh-keygen -A 179 %{fillup_and_insserv -n -y ssh sshd} 180 %run_permissions 181 182 %verifyscript 183 %verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh 184 185 %preun 186 %stop_on_removal sshd 187 188 %postun 189 %restart_on_update sshd 190 %{insserv_cleanup} 191 192 %files 193 %defattr(-,root,root) 194 %doc ChangeLog OVERVIEW README* PROTOCOL* 195 %doc TODO CREDITS LICENCE 196 %attr(0755,root,root) %dir %{_sysconfdir}/ssh 197 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config 198 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config 199 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli 200 %attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd 201 %attr(0755,root,root) %config /etc/init.d/sshd 202 %attr(0755,root,root) %{_bindir}/ssh-keygen 203 %attr(0755,root,root) %{_bindir}/scp 204 %attr(0755,root,root) %{_bindir}/ssh 205 %attr(-,root,root) %{_bindir}/slogin 206 %attr(0755,root,root) %{_bindir}/ssh-agent 207 %attr(0755,root,root) %{_bindir}/ssh-add 208 %attr(0755,root,root) %{_bindir}/ssh-keyscan 209 %attr(0755,root,root) %{_bindir}/sftp 210 %attr(0755,root,root) %{_sbindir}/sshd 211 %attr(0755,root,root) %dir %{_libdir}/ssh 212 %attr(0755,root,root) %{_libdir}/ssh/sftp-server 213 %attr(4711,root,root) %{_libdir}/ssh/ssh-keysign 214 %attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper 215 %attr(0644,root,root) %doc %{_mandir}/man1/scp.1* 216 %attr(0644,root,root) %doc %{_mandir}/man1/sftp.1* 217 %attr(-,root,root) %doc %{_mandir}/man1/slogin.1* 218 %attr(0644,root,root) %doc %{_mandir}/man1/ssh.1* 219 %attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1* 220 %attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1* 221 %attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1* 222 %attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1* 223 %attr(0644,root,root) %doc %{_mandir}/man5/moduli.5* 224 %attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5* 225 %attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5* 226 %attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8* 227 %attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8* 228 %attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8* 229 %attr(0644,root,root) %doc %{_mandir}/man8/sshd.8* 230 %attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh 231 232 %if %{build_x11_askpass} 233 %files askpass 234 %defattr(-,root,root) 235 %doc x11-ssh-askpass-%{xversion}/README 236 %doc x11-ssh-askpass-%{xversion}/ChangeLog 237 %doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad 238 %attr(0755,root,root) %{_libdir}/ssh/ssh-askpass 239 %attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass 240 %attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x* 241 %attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x* 242 %attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass 243 %endif 244