new package: lsh 2.0 (GNU Secure Shell (SSH) Implementation)

lsh/fsl.lsh

@@ -0,0 +1,16 @@
+##
+##  fsl.lsh -- OSSP fsl configuration
+##
+
+ident (lsh(d|-.+))/.+ q{
+    prefix(
+        prefix="%b %d %H:%M:%S %N <%L> $1[%P]: "
+    )
+    -> {
+        debug: file(
+            path="@l_prefix@/var/lsh/lsh.log",
+            perm=0644
+        )
+    }
+};
+

lsh/lsh.cfg

@@ -0,0 +1,13 @@
+##
+##  lsh.cfg
+##
+
+--port=22
+--dh-keyexchange
+--srp-keyexchange
+--password
+--publickey
+--root-login
+--no-tcpip-forward
+--no-x11-forward
+

lsh/lsh.spec

@@ -0,0 +1,172 @@
+##
+##  lsh.spec -- OpenPKG RPM Specification
+##  Copyright (c) 2000-2004 The OpenPKG Project <http://www.openpkg.org/>
+##  Copyright (c) 2000-2004 Ralf S. Engelschall <rse@engelschall.com>
+##  Copyright (c) 2000-2004 Cable & Wireless <http://www.cw.com/>
+##
+##  Permission to use, copy, modify, and distribute this software for
+##  any purpose with or without fee is hereby granted, provided that
+##  the above copyright notice and this permission notice appear in all
+##  copies.
+##
+##  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+##  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+##  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+##  IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
+##  CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+##  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+##  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+##  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+##  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+##  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+##  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+##  SUCH DAMAGE.
+##
+
+#   package information
+Name:         lsh
+Summary:      GNU Secure Shell (SSH) Implementation
+URL:          http://www.lysator.liu.se/~nisse/lsh/
+Vendor:       Niels Möller
+Packager:     The OpenPKG Project
+Distribution: OpenPKG
+Class:        EVAL
+Group:        Network
+License:      GPL
+Version:      2.0
+Release:      20041209
+
+#   list of sources
+Source0:      ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-%{version}.tar.gz
+Source1:      rc.lsh
+Source2:      fsl.lsh
+Source3:      lsh.cfg
+
+#   build information
+Prefix:       %{l_prefix}
+BuildRoot:    %{l_buildroot}
+BuildPreReq:  OpenPKG, openpkg >= 20040130, make, gcc, m4
+PreReq:       OpenPKG, openpkg >= 20040130
+BuildPreReq:  gmp, liboop, zlib, readline
+PreReq:       gmp, liboop, zlib, readline
+AutoReq:      no
+AutoReqProv:  no
+
+%description
+    LSH is GNU's free implementation of the SSH version 2 protocol,
+    currently being standardised by the IETF SECSH working group.
+
+%track
+    prog lsh = {
+        version   = %{version}
+        url       = ftp://ftp.lysator.liu.se/pub/security/lsh/
+        regex     = lsh-(__VER__)\.tar\.gz
+    }
+
+%prep
+    %setup -q
+
+%build
+    #   configure program
+    %{l_shtool} subst \
+        -e 's;/var/run;%{l_prefix}/var/lsh;g' \
+        -e 's;/var/spool/lsh;%{l_prefix}/var/lsh;g' \
+        -e 's;/var/spool/lsh;%{l_prefix}/var/lsh;g' \
+        src/daemon.c src/environ.h src/lsh-make-seed.c src/unix_random.c
+    CC="%{l_cc}" \
+    CFLAGS="%{l_cflags -O}" \
+    CPPFLAGS="%{l_cppflags}" \
+    LDFLAGS="%{l_ldflags}" \
+    ./configure \
+        --prefix=%{l_prefix} \
+        --sysconfdir=%{l_prefix}/etc/lsh \
+        --enable-tcp-forward \
+        --enable-x11-forward \
+        --enable-agent-forward \
+        --enable-utmp \
+        --enable-srp \
+        --disable-gss \
+        --disable-kerberos \
+        --disable-pam \
+        --disable-ipv6 \
+        --disable-dependency-tracking
+
+    #   build program
+    %{l_make} %{l_mflags -O}
+
+%install
+    rm -rf $RPM_BUILD_ROOT
+
+    #   install program
+    %{l_make} %{l_mflags} install AM_MAKEFLAGS="DESTDIR=$RPM_BUILD_ROOT"
+
+    #   strip down installation
+    strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true
+    rm -f  $RPM_BUILD_ROOT%{l_prefix}/bin/nettle*
+    rm -rf $RPM_BUILD_ROOT%{l_prefix}/include
+    rm -rf $RPM_BUILD_ROOT%{l_prefix}/lib
+    rm -f  $RPM_BUILD_ROOT%{l_prefix}/info/dir
+    rm -f  $RPM_BUILD_ROOT%{l_prefix}/info/nettle.info
+
+    #   resolve conflicts with other packages
+    mv $RPM_BUILD_ROOT%{l_prefix}/sbin/sftp-server \
+       $RPM_BUILD_ROOT%{l_prefix}/sbin/lsh-sftp-server
+    mv $RPM_BUILD_ROOT%{l_prefix}/man/man8/sftp-server.8 \
+       $RPM_BUILD_ROOT%{l_prefix}/man/man8/lsh-sftp-server.8
+
+    #   install server configuration
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/lsh
+    %{l_shtool} install -c -m 644 %{l_value -s -a} \
+        %{SOURCE lsh.cfg} $RPM_BUILD_ROOT%{l_prefix}/etc/lsh/
+
+    #   install run-command script
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
+    %{l_shtool} install -c -m 755 %{l_value -s -a} \
+        %{SOURCE rc.lsh} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
+
+    #   install OSSP fsl configuration
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/etc/fsl
+    %{l_shtool} install -c -m 644 %{l_value -s -a} \
+        %{SOURCE fsl.lsh} $RPM_BUILD_ROOT%{l_prefix}/etc/fsl/
+
+    #   create data directory
+    %{l_shtool} mkdir -f -p -m 755 \
+        $RPM_BUILD_ROOT%{l_prefix}/var/lsh
+
+    #   determine installation files
+    %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
+        %{l_files_std} \
+        '%config %{l_prefix}/etc/lsh/*'
+
+%files -f files
+
+%clean
+    rm -rf $RPM_BUILD_ROOT
+
+%post
+    #   generate server key
+    if [ ! -f "$RPM_INSTALL_PREFIX/etc/lsh/lsh.key" -o \
+         ! -s "$RPM_INSTALL_PREFIX/etc/lsh/lsh.key" ]; then
+        echo "Generating LSH RSA host key:"
+        $RPM_INSTALL_PREFIX/bin/lsh-make-seed --server --sloppy --quiet || true
+        $RPM_INSTALL_PREFIX/bin/lsh-keygen    --server | \
+        $RPM_INSTALL_PREFIX/bin/lsh-writekey  --server \
+            -o $RPM_INSTALL_PREFIX/etc/lsh/lsh.key
+    fi
+
+    #   after upgrade, restart service
+    [ $1 -eq 2 ] || exit 0
+    eval `%{l_rc} lsh status 2>/dev/null`
+    [ ".$lsh_active" = .yes ] && %{l_rc} lsh restart
+    exit 0
+
+%preun
+    #   before erase, stop service and remove log files
+    [ $1 -eq 0 ] || exit 0
+    %{l_rc} lsh stop 2>/dev/null
+    rm -f $RPM_INSTALL_PREFIX/var/lsh/*
+    exit 0
+

lsh/rc.lsh

@@ -0,0 +1,63 @@
+#!@l_prefix@/lib/openpkg/bash @l_prefix@/etc/rc
+##
+##  rc.lsh -- Run-Commands
+##
+
+%config
+    lsh_enable="$openpkg_rc_def"
+    lsh_log_prolog="true"
+    lsh_log_epilog="true"
+    lsh_log_numfiles="10"
+    lsh_log_minsize="1M"
+    lsh_log_complevel="9"
+
+%common
+    lsh_cfgfile="@l_prefix@/etc/lsh/lsh.cfg"
+    lsh_logfile="@l_prefix@/var/lsh/lsh.log"
+    lsh_pidfile="@l_prefix@/var/lsh/lsh.pid"
+    lsh_signal () {
+        [ -f $lsh_pidfile ] && kill -$1 `cat $lsh_pidfile`
+    }
+
+%status -u @l_susr@ -o
+    lsh_usable="unknown"
+    lsh_active="no"
+    rcService lsh enable yes && \
+        lsh_signal 0 && lsh_active="yes"
+    echo "lsh_enable=\"$lsh_enable\""
+    echo "lsh_usable=\"$lsh_usable\""
+    echo "lsh_active=\"$lsh_active\""
+
+%start -u @l_susr@
+    rcService lsh enable yes || exit 0
+    rcService lsh active yes && exit 0
+    @l_prefix@/bin/lsh-make-seed \
+        --server --sloppy --quiet || true
+    @l_prefix@/sbin/lshd \
+        --daemonic \
+        --pid-file=$lsh_pidfile \
+        --log-file=$lsh_logfile \
+        --host-key=@l_prefix@/etc/lsh/lsh.key \
+        --subsystems=sftp=@l_prefix@/sbin/lsh-sftp-server \
+        `sed -e '/^#.*/d' <$lsh_cfgfile`
+
+%stop -u @l_susr@
+    rcService lsh enable yes || exit 0
+    rcService lsh active no  && exit 0
+    lsh_signal TERM
+    sleep 2
+
+%restart -u @l_susr@
+    rcService lsh enable yes || exit 0
+    rcService lsh active no  && exit 0
+    rc lsh stop start
+
+%daily -u @l_susr@
+    rcService lsh enable yes || exit 0
+    shtool rotate -f \
+        -n ${lsh_log_numfiles} -s ${lsh_log_minsize} -d \
+        -z ${lsh_log_complevel} -m 644 -o @l_susr@ -g @l_mgrp@ \
+        -P "${lsh_log_prolog}" \
+        -E "${lsh_log_epilog}; rc lsh restart" \
+        $lsh_logfile
+