| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225 |
- ##
- ## openssh.spec -- OpenPKG RPM Specification
- ## Copyright (c) 2000-2001 Cable & Wireless Deutschland GmbH
- ## Copyright (c) 2000-2001 Ralf S. Engelschall <rse@engelschall.com>
- ##
- ## Permission to use, copy, modify, and distribute this software for
- ## any purpose with or without fee is hereby granted, provided that
- ## the above copyright notice and this permission notice appear in all
- ## copies.
- ##
- ## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- ## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- ## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- ## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
- ## CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- ## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- ## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- ## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- ## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- ## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- ## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- ## SUCH DAMAGE.
- ##
- %define with_pcre yes
- %define with_skey no
- # package information
- Name: openssh
- Summary: Secure Shell (SSH)
- URL: http://www.openssh.com/
- Vendor: The OpenBSD Project
- Packager: The OpenPKG Project
- Distribution: OpenPKG [EXP]
- Group: Cryptography
- License: BSD
- Version: 3.0.1p1
- Release: 20011121.0
- # list of sources
- Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
- Source1: fakesyslog.tar.gz
- Source2: rc.openssh
- Source3: sshd_config
- Source4: ssh_config
- # build information
- Prefix: %{l_prefix}
- BuildRoot: %{l_buildroot}
- BuildPreReq: OpenPKG, openpkg >= 0.9-20011107.0, perl, openssl, zlib
- %if "%{with_pcre}" == "yes"
- BuildPreReq: pcre
- %endif
- %if "%{with_skey}" == "yes"
- BuildPreReq: skey
- %endif
- PreReq: OpenPKG, openpkg >= 0.9-20011107.0
- AutoReq: no
- AutoReqProv: no
- %description
- Secure Shell (SSH) is a facility for logging into a remote machine
- and for remotely executing commands on a remote machine. It is
- intended to replace rlogin(1) and rsh(1), and provide secure
- encrypted communications between two untrusted hosts over an
- insecure network. X11 connections and arbitrary TCP/IP ports can
- also be forwarded over the secure channel. OpenSSH is OpenBSD's
- rework of the last free version of SSH, bringing it up to date in
- terms of security and features, as well as removing all patented
- algorithms to separate libraries (OpenSSL).
- %prep
- %setup0 -q -c -a 0
- %setup1 -q -T -D -a 1
- %build
- # build faked syslog(3) library
- fakesyslogdir="`pwd`/fakesyslog"
- ( cd fakesyslog
- CC="%{l_cc}" \
- CFLAGS="%{l_cflags -O}" \
- ./configure \
- --with-logfile=%{l_prefix}/var/openssh/sshd.log
- %{l_make} %{l_mflags}
- )
- # build OpenSSH
- ( cd openssh-%{version}
- CC="%{l_cc}" \
- CFLAGS="%{l_cflags -O} -I%{l_prefix}/include" \
- LDFLAGS="-L%{l_prefix}/lib -L$fakesyslogdir" \
- LIBS="-lcrypt -lfakesyslog" \
- ./configure \
- --prefix=%{l_prefix} \
- --sbindir=%{l_prefix}/bin \
- --mandir=%{l_prefix}/man \
- --infodir=%{l_prefix}/info \
- --sysconfdir=%{l_prefix}/etc/openssh \
- --libexecdir=%{l_prefix}/libexec/openssh \
- --localstatedir=%{l_prefix}/var/openssh \
- --with-pid-dir=%{l_prefix}/var/openssh \
- --with-ssl-dir=%{l_prefix} \
- %if "%{with_pcre}" == "yes"
- --with-pcre=%{l_prefix} \
- %endif
- %if "%{with_skey}" == "yes"
- --with-skey=%{l_prefix} \
- %endif
- --with-zlib=%{l_prefix} \
- --with-ipv4-default \
- --with-md5-passwords \
- --with-pam \
- --without-smartcard \
- --without-kerberos4 \
- --disable-suid-ssh \
- --without-rsh \
- --with-mantype=man \
- --with-default-path=%{l_prefix}/bin:/bin:/usr/bin:/usr/local/bin
-
- # build package
- %{l_make} %{l_mflags -O}
- )
- %install
- rm -rf $RPM_BUILD_ROOT
- # perform standard installation procedure of OpenSSH
- ( cd openssh-%{version}
- %{l_make} %{l_mflags} install DESTDIR=$RPM_BUILD_ROOT
- )
- # strip down installation tree
- rm -rf $RPM_BUILD_ROOT%{l_prefix}/share
- rm -f $RPM_BUILD_ROOT%{l_prefix}/bin/slogin
- rm -f $RPM_BUILD_ROOT%{l_prefix}/man/man1/slogin.1
- strip $RPM_BUILD_ROOT%{l_prefix}/bin/* 2> /dev/null || true
- strip $RPM_BUILD_ROOT%{l_prefix}/libexec/openssh/* 2> /dev/null || true
- # make sure the state directory exists
- %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/var/openssh
- # install run-command script
- %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d
- %{l_shtool} install -c -m 755 -e "s;@l_prefix@;%{l_prefix};g" \
- %{SOURCE rc.openssh} $RPM_BUILD_ROOT%{l_prefix}/etc/rc.d/
- # install reasonable ssh server and client configuration files
- case "%{l_target}" in
- *-freebsd* ) uselogin=yes; printmotd=no ;;
- *-linux* ) uselogin=yes; printmotd=no ;;
- *-solaris* ) uselogin=no; printmotd=yes ;; # "uselogin" does not work on Solaris!
- esac
- %{l_shtool} install -c -m 644 \
- -e "s;@l_prefix@;%{l_prefix};g" \
- -e "s;@uselogin@;$uselogin;" \
- -e "s;@printmotd@;$printmotd;" \
- %{SOURCE sshd_config} $RPM_BUILD_ROOT%{l_prefix}/etc/openssh/
- %{l_shtool} install -c -m 644 -e "s;@l_prefix@;%{l_prefix};g" \
- %{SOURCE ssh_config} $RPM_BUILD_ROOT%{l_prefix}/etc/openssh/
- # determine installation files
- %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
- %{l_files_std} \
- '%config %{l_prefix}/etc/openssh/*'
- %files -f files
- %clean
- rm -rf $RPM_BUILD_ROOT
- %post
- # generate server RSA key
- if [ ! -f "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_key" -o \
- ! -s "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_key" ] ; then
- $RPM_INSTALL_PREFIX/bin/ssh-keygen -b 1024 \
- -f $RPM_INSTALL_PREFIX/etc/openssh/ssh_host_key \
- -N '' -C `hostname` 1>&2
- fi
- # generate server DSA key
- if [ ! -f "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_dsa_key" -o \
- ! -s "$RPM_INSTALL_PREFIX/etc/openssh/ssh_host_dsa_key" ] ; then
- $RPM_INSTALL_PREFIX/bin/ssh-keygen -d \
- -f $RPM_INSTALL_PREFIX/etc/openssh/ssh_host_dsa_key \
- -N '' -C `hostname` 1>&2
- fi
- # add PAM configuration entry
- if [ -f /etc/pam.conf ]; then
- ( case "%{l_target}" in
- *-freebsd* )
- echo "sshd auth sufficient pam_skey.so"
- echo "sshd auth required pam_unix.so try_first_pass"
- echo "sshd account required pam_unix.so"
- echo "sshd password required pam_permit.so"
- echo "sshd session required pam_permit.so"
- ;;
- *-linux* )
- echo "sshd auth required /lib/security/pam_unix_auth.so shadow nodelay"
- echo "sshd auth required /lib/security/pam_nologin.so"
- echo "sshd account required /lib/security/pam_unix_acct.so"
- echo "sshd password required /lib/security/pam_unix_passwd.so shadow nullok use_authtok"
- echo "sshd session required /lib/security/pam_unix_session.so"
- echo "sshd session required /lib/security/pam_limits.so"
- ;;
- *-solaris* )
- echo "sshd auth required /usr/lib/security/pam_unix.so try_first_pass"
- echo "sshd account required /usr/lib/security/pam_unix.so"
- echo "sshd password required /usr/lib/security/pam_unix.so"
- echo "sshd session required /usr/lib/security/pam_unix.so"
- ;;
- esac
- ) |\
- $RPM_INSTALL_PREFIX/sbin/rpmtool config \
- -a -s -i "$RPM_INSTALL_PREFIX:openssh" /etc/pam.conf
- fi
- %preun
- # remove PAM configuration entry
- if [ -f /etc/pam.conf ]; then
- $RPM_INSTALL_PREFIX/sbin/rpmtool config \
- -r -s -i "$RPM_INSTALL_PREFIX:openssh" /etc/pam.conf
- fi
|
