openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

- switch to PAM disabled by default - if PAM is enabled, use "pam"/"PAM" package

master
Dr. Ralf S. Engelschall 24 years ago
parent
76d70ad9e3
commit
90c666cab2
1 changed files with 25 additions and 39 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 64
      openssh/openssh.spec

64
openssh/openssh.spec
Unescape View File

@ -23,7 +23,8 @@
## SUCH DAMAGE.
##
%define with_pcre yes
%define with_pam yes
%define with_pcre no
%define with_skey no
# package information
@ -36,7 +37,7 @@ Distribution: OpenPKG [REL]
Group: Cryptography
License: BSD
Version: 3.1p1
Release: 20020309
Release: 20020311
# list of sources
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
@ -50,6 +51,9 @@ Source5: ssh-askpass
Prefix: %{l_prefix}
BuildRoot: %{l_buildroot}
BuildPreReq: OpenPKG, openpkg >= 20020206, perl, openssl, zlib
%if "%{with_pam}" == "yes"
BuildPreReq: PAM
%endif
%if "%{with_pcre}" == "yes"
BuildPreReq: pcre
%endif
@ -71,6 +75,8 @@ AutoReqProv: no
terms of security and features, as well as removing all patented
algorithms to separate libraries (OpenSSL).
Options: with_pam=%{with_pam}, with_pcre=%{with_pcre}, with_skey=%{with_skey}
%prep
%setup0 -q -c -a 0
%setup1 -q -T -D -a 1
@ -88,10 +94,16 @@ AutoReqProv: no
# build OpenSSH
( cd openssh-%{version}
inc="-I%{l_prefix}/include"
lib="-L%{l_prefix}/lib -L$fakesyslogdir"
%if "%{with_pam}" == "yes"
inc="$inc -I`%{l_prefix}/etc/rc --query pam_incdir`"
lib="$lib -L`%{l_prefix}/etc/rc --query pam_libdir`"
%endif
CC="%{l_cc}" \
CFLAGS="%{l_cflags -O} -I%{l_prefix}/include" \
CPPFLAGS="-I%{l_prefix}/include" \
LDFLAGS="-L%{l_prefix}/lib -L$fakesyslogdir" \
CFLAGS="%{l_cflags -O} $inc" \
CPPFLAGS="$inc" \
LDFLAGS="$lib" \
LIBS="-lcrypt -lfakesyslog" \
./configure \
--prefix=%{l_prefix} \
@ -109,10 +121,14 @@ AutoReqProv: no
%if "%{with_skey}" == "yes"
--with-skey=%{l_prefix} \
%endif
%if "%{with_pam}" == "yes"
--with-pam \
%else
--without-pam \
%endif
--with-md5-passwords \
--with-zlib=%{l_prefix} \
--with-ipv4-default \
--with-md5-passwords \
--with-pam \
--without-smartcard \
--without-kerberos4 \
--disable-suid-ssh \
@ -194,39 +210,9 @@ AutoReqProv: no
fi
# add PAM configuration entry
if [ -f /etc/pam.conf ]; then
( case "%{l_target}" in
*-freebsd* )
echo "sshd auth sufficient pam_skey.so"
echo "sshd auth required pam_unix.so try_first_pass"
echo "sshd account required pam_unix.so"
echo "sshd password required pam_permit.so"
echo "sshd session required pam_permit.so"
;;
*-linux* )
echo "sshd auth required /lib/security/pam_unix_auth.so shadow nodelay"
echo "sshd auth required /lib/security/pam_nologin.so"
echo "sshd account required /lib/security/pam_unix_acct.so"
echo "sshd password required /lib/security/pam_unix_passwd.so shadow nullok use_authtok"
echo "sshd session required /lib/security/pam_unix_session.so"
echo "sshd session required /lib/security/pam_limits.so"
;;
*-solaris* )
echo "sshd auth required /usr/lib/security/pam_unix.so try_first_pass"
echo "sshd account required /usr/lib/security/pam_unix.so"
echo "sshd password required /usr/lib/security/pam_unix.so"
echo "sshd session required /usr/lib/security/pam_unix.so"
;;
esac
) |\
$RPM_INSTALL_PREFIX/sbin/rpmtool config \
-a -s -i "$RPM_INSTALL_PREFIX:openssh" /etc/pam.conf
fi
$RPM_INSTALL_PREFIX/sbin/pamtool -a -s -n "openssh"
%preun
# remove PAM configuration entry
if [ -f /etc/pam.conf ]; then
$RPM_INSTALL_PREFIX/sbin/rpmtool config \
-r -s -i "$RPM_INSTALL_PREFIX:openssh" /etc/pam.conf
fi
$RPM_INSTALL_PREFIX/sbin/pamtool -r -s -n "openssh"

Write Preview
Loading…
Cancel
Save