File openssh.spec of Package openssh
#
# spec file for package openssh (Version 5.2p1)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
# norootforbuild
Name: openssh
%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
%define _prefix %(xft-config --prefix)
%if "%{_prefix}" == "/usr/X11R6"
%define _mandir %{_prefix}/man
%define _appdefdir %{_prefix}/lib/X11/app-defaults
%else
%define _appdefdir %{_prefix}/share/X11/app-defaults
%endif
BuildRequires: audit-devel krb5-devel opensc-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel
BuildRequires: libselinux-devel
License: BSD 3-clause (or similar) ; MIT License (or similar)
Group: Productivity/Networking/SSH
Requires: /bin/netstat
PreReq: /usr/sbin/groupadd /usr/sbin/useradd %insserv_prereq %fillup_prereq /bin/mkdir /bin/cat permissions
Conflicts: nonfreessh
AutoReqProv: on
Version: 5.2p1
Release: 8
%define xversion 1.2.4.1
Summary: Secure Shell Client and Server (Remote Login Program)
Url: http://www.openssh.com/
Source: %{name}-%{version}.tar.bz2
Source1: %{name}-SuSE.tar.bz2
Source2: sshd.pamd
Source3: x11-ssh-askpass-%{xversion}.tar.bz2
Source4: README.SuSE
Source5: converter.tar.bz2
Source6: README.kerberos
Source7: ssh.reg
Source8: ssh-askpass
Source9: sshd.fw
Patch: %{name}-%{version}.dif
Patch12: %{name}-%{version}-askpass-fix.diff
Patch15: %{name}-%{version}-pam-fix2.diff
Patch18: %{name}-%{version}-saveargv-fix.diff
Patch19: %{name}-%{version}-pam-fix3.diff
Patch21: %{name}-%{version}-gssapimitm.patch
Patch26: %{name}-%{version}-eal3.diff
Patch27: %{name}-%{version}-engines.diff
Patch28: %{name}-%{version}-blocksigalrm.diff
Patch35: %{name}-%{version}-send_locale.diff
Patch36: %{name}-%{version}-xauthlocalhostname.diff
Patch37: %{name}-%{version}-tmpdir.diff
Patch40: %{name}-%{version}-xauth.diff
Patch41: %{name}-%{version}-gcc-fix.patch
Patch43: %{name}-%{version}-default-protocol.diff
Patch44: %{name}-%{version}-audit.patch
Patch45: %{name}-%{version}-pts.diff
Patch46: %{name}-%{version}-pam-fix4.diff
Patch48: %{name}-%{version}-forwards.diff
Patch49: %{name}-%{version}-homechroot.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%package askpass
License: BSD 3-clause (or similar) ; MIT License (or similar)
Summary: A passphrase dialog for OpenSSH and the X Window System
Requires: openssh = %{version}
Provides: openssh:/usr/%_lib/ssh/ssh-askpass
Group: Productivity/Networking/SSH
%description
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It is intended to replace rsh (rlogin and rsh) and
provides openssl (secure encrypted communication) between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
Authors:
--------
Aaron Campbell
Bob Beck
Markus Friedl
Niels Provos
Theo de Raadt
Dug Song
Ben Taylor <bent@clark.net>
Chip Salzenberg <chip@valinux.com>
Chris Saia <csaia@wtower.com>
Dan Brosemer <odin@linuxfreak.com>
Jim Knoble <jmknoble@pobox.com>
Marc G. Fournier <marc.fournier@acadiau.ca>
Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
Niels Kristian Bech Jensen <nkbj@image.dk>
Phil Hands <phil@hands.com>
Thomas Neumann <tom@smart.ruhr.de>
Tudor Bosman <tudorb@jm.nu>
Damien Miller <djm@ibs.com.au>
%description askpass
Ssh (Secure Shell) is a program for logging into a remote machine and
for executing commands on a remote machine. This package contains an X
Window System passphrase dialog for OpenSSH.
Authors:
--------
Aaron Campbell
Bob Beck
Markus Friedl
Niels Provos
Theo de Raadt
Dug Song
Ben Taylor <bent@clark.net>
Chip Salzenberg <chip@valinux.com>
Chris Saia <csaia@wtower.com>
Dan Brosemer <odin@linuxfreak.com>
Jim Knoble <jmknoble@pobox.com>
Marc G. Fournier <marc.fournier@acadiau.ca>
Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
Niels Kristian Bech Jensen <nkbj@image.dk>
Phil Hands <phil@hands.com>
Thomas Neumann <tom@smart.ruhr.de>
Tudor Bosman <tudorb@jm.nu>
Damien Miller <djm@ibs.com.au>
%define prefix /usr
%prep
%setup -q -b 3 -a 1 -a 5
%patch
%patch15
%patch18
%patch19
%patch21
%patch26 -p1
%patch27 -p1
%patch28
%patch35
%patch36
%patch37
%patch40
%patch41
%patch43
%patch44 -p1
%patch45
%patch46 -p1
%patch48
%patch49
cp -v %{SOURCE4} .
cp -v %{SOURCE6} .
cd ../x11-ssh-askpass-%{xversion}
%patch12
%build
# This package failed when testing with -Wl,-as-needed being default.
# So we disable it here, if you want to retest, just delete this comment and the line below.
export SUSE_ASNEEDED=0
%if "%{_prefix}" != "/usr/X11R6"
for i in configure.ac Makefile.in pathnames.h ssh_config.0 ssh_config.5 sshd_config.0 sshd_config.5 ; do
sed -i -e 's@%{_prefix}@/usr@g' $i
done
%endif
%{?suse_update_config:%{suse_update_config}}
aclocal
autoheader
autoconf
%ifarch s390 s390x
PIEFLAGS="-fPIE"
%else
PIEFLAGS="-fpie"
%endif
#Obsoleted CFLAGS="-DUSE_POSIX_THREADS $RPM_OPT_FLAGS" CXXFLAGS="-DUSE_POSIX_THREADS $RPM_O \
#Obsoleted LDFLAGS="-lpthread" \
LDFLAGS="-pie" CFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" CXXFLAGS="$RPM_OPT_FLAGS $PIEFLAGS -fstack-protector" \
./configure \
--mandir=%{_mandir} \
--prefix=%{prefix} \
--infodir=%{_infodir} \
--sysconfdir=/etc/ssh \
--libexecdir=%{prefix}/%_lib/ssh \
--with-tcp-wrappers \
--with-selinux \
--with-pam \
--with-kerberos5=/usr \
--with-privsep-path=/var/lib/empty \
%ifnarch s390 s390x
--with-opensc \
%endif
--disable-strip \
--with-linux-audit \
--with-xauth=%{_prefix}/bin/xauth \
--target=%{_target_cpu}-suse-linux
# --with-afs=/usr \
make %{?jobs:-j%jobs}
(cd converter; make %{?jobs:-j%jobs})
cd contrib
cd ../../x11-ssh-askpass-%{xversion}
CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS"
./configure \
--mandir=%{_mandir} \
--prefix=%{_prefix} \
--libexecdir=%{prefix}/%_lib/ssh
xmkmf
make includes USRLIBDIR=%_prefix/%_lib
make %{?jobs:-j%jobs} USRLIBDIR=%_prefix/%_lib CCOPTIONS="$RPM_OPT_FLAGS"
%install
make DESTDIR=$RPM_BUILD_ROOT/ install
install -d -m 755 $RPM_BUILD_ROOT/etc/pam.d
install -d -m 755 $RPM_BUILD_ROOT/var/lib/sshd
install -m 644 %{S:2} $RPM_BUILD_ROOT/etc/pam.d/sshd
install -d -m 755 $RPM_BUILD_ROOT/etc/slp.reg.d/
install -m 644 %{S:7} $RPM_BUILD_ROOT/etc/slp.reg.d/
cp -a SuSE/* $RPM_BUILD_ROOT
# install shell script to automate the process of adding your public key to a remote machine
install -m 755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/bin
install -m 644 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/%{_mandir}/man1
(cd converter; make install DESTDIR=$RPM_BUILD_ROOT/)
cd ../x11-ssh-askpass-%{xversion}
make BINDIR=/usr/%_lib/ssh DESTDIR=$RPM_BUILD_ROOT install install.man
rm -rf $RPM_BUILD_ROOT/usr/%_lib/ssh/ssh-askpass
sed -e "s@usr/lib/ssh@usr/%_lib/ssh@" < %{S:8} > $RPM_BUILD_ROOT/usr/%_lib/ssh/ssh-askpass
rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
sed -i -e s@/usr/libexec@/usr/%{_lib}@g $RPM_BUILD_ROOT/etc/ssh/sshd_config
#install firewall definitions format is described here:
#/usr/share/SuSEfirewall2/services/TEMPLATE
mkdir -p $RPM_BUILD_ROOT/%{_fwdefdir}
install -m 644 %{S:9} $RPM_BUILD_ROOT/%{_fwdefdir}/sshd
%pre
/usr/sbin/groupadd -g 65 -o -r sshd 2> /dev/null || :
/usr/sbin/useradd -r -o -g sshd -u 71 -s /bin/false -c "SSH daemon" -d /var/lib/sshd sshd 2> /dev/null || :
%post
%{fillup_and_insserv -n ssh sshd}
%run_permissions
%verifyscript
%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
%preun
%stop_on_removal sshd
%postun
%restart_on_update sshd
%{insserv_cleanup}
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%dir %attr(755,root,root) /var/lib/sshd
%doc README.SuSE README.kerberos ChangeLog OVERVIEW README TODO LICENCE CREDITS
%attr(0755,root,root) %dir /etc/ssh
%attr(0600,root,root) %config(noreplace) /etc/ssh/moduli
%verify(not mode) %attr(0644,root,root) %config(noreplace) /etc/ssh/ssh_config
%verify(not mode) %attr(0640,root,root) %config(noreplace) /etc/ssh/sshd_config
%attr(0644,root,root) %config /etc/pam.d/sshd
%attr(0755,root,root) %config /etc/init.d/sshd
%attr(0755,root,root) /usr/bin/ssh
/usr/bin/scp
/usr/bin/sftp
/usr/bin/slogin
/usr/bin/ssh-*
/usr/sbin/*
%attr(444,root,root) %doc %{_mandir}/man1/scp.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keygen.1.gz
%attr(444,root,root) %doc /usr/share/man/man1/ssh-keyconverter.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/ssh.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/slogin.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/ssh-agent.1*
%attr(444,root,root) %doc %{_mandir}/man1/ssh-add.1*
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
%attr(444,root,root) %doc %{_mandir}/man1/sftp.1*
%attr(444,root,root) %doc %{_mandir}/man1/ssh-copy-id.1*
%attr(444,root,root) %doc %{_mandir}/man5/*
%attr(444,root,root) %doc %{_mandir}/man8/*
%attr(0755,root,root) %dir /usr/%_lib/ssh
%attr(0755,root,root) /usr/%_lib/ssh/sftp-server
%attr(0755,root,root) /usr/%_lib/ssh/ssh-keysign
%dir /etc/slp.reg.d
%config /etc/slp.reg.d/ssh.reg
/var/adm/fillup-templates/sysconfig.ssh
%config %{_fwdefdir}/sshd
%files askpass
%defattr(-,root,root)
%attr(0755,root,root) /usr/%_lib/ssh/ssh-askpass
%attr(0755,root,root) /usr/%_lib/ssh/x11-ssh-askpass
%doc %_mandir/man1/ssh-askpass.1x.gz
%doc %_mandir/man1/x11-ssh-askpass.1x.gz
%_appdefdir/SshAskpass
%changelog
