File openssh.spec of Package openssh
#
# spec file for package openssh
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: openssh
%define _fwdefdir %_sysconfdir/sysconfig/SuSEfirewall2.d/services
%define _appdefdir %{_prefix}/share/X11/app-defaults
BuildRequires: audit-devel krb5-devel openssl-devel pam-devel tcpd-devel xorg-x11-devel
BuildRequires: libselinux-devel
BuildRequires: libedit-devel
License: BSD3c(or similar) ; MIT License (or similar)
Group: Productivity/Networking/SSH
Requires: /bin/netstat
PreReq: pwdutils %insserv_prereq %fillup_prereq coreutils
Conflicts: nonfreessh
Version: 5.8p2
Release: 1
%define xversion 1.2.4.1
Summary: Secure Shell Client and Server (Remote Login Program)
URL: http://www.openssh.com/
Source: %{name}-%{version}.tar.bz2
Source1: %{name}-SuSE.tar.bz2
Source2: sshd.pamd
Source3: x11-ssh-askpass-%{xversion}.tar.bz2
Source4: README.SuSE
Source5: converter.tar.bz2
Source6: README.kerberos
Source7: ssh.reg
Source8: ssh-askpass
Source9: sshd.fw
Patch: %{name}-5.8p1-sshd_config.diff
Patch1: %{name}-5.8p1-askpass-fix.diff
Patch2: %{name}-5.8p1-pam-fix2.diff
Patch3: %{name}-5.8p1-saveargv-fix.diff
Patch4: %{name}-5.8p1-pam-fix3.diff
Patch5: %{name}-5.8p1-gssapimitm.patch
Patch6: %{name}-5.8p1-eal3.diff
Patch7: %{name}-5.8p1-engines.diff
Patch8: %{name}-5.8p1-blocksigalrm.diff
Patch9: %{name}-5.8p1-send_locale.diff
Patch10: %{name}-5.8p1-xauthlocalhostname.diff
Patch12: %{name}-5.8p1-xauth.diff
Patch14: %{name}-5.8p1-default-protocol.diff
Patch15: %{name}-5.8p1-audit.patch
Patch16: %{name}-5.8p1-pts.diff
Patch17: %{name}-5.8p1-homechroot.patch
Patch18: %{name}-5.8p1-sshconfig-knownhostschanges.diff
Patch19: %{name}-5.8p1-host_ident.diff
Patch20: converter-linking.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%package askpass
License: BSD3c(or similar) ; MIT License (or similar)
Summary: A passphrase dialog for OpenSSH and the X Window System
Requires: openssh = %{version}
Provides: openssh:%_libexecdir/ssh/ssh-askpass
Group: Productivity/Networking/SSH
%description
SSH (Secure Shell) is a program for logging into and executing commands
on a remote machine. It is intended to replace rsh (rlogin and rsh) and
provides openssl (secure encrypted communication) between two untrusted
hosts over an insecure network.
xorg-x11 (X Window System) connections and arbitrary TCP/IP ports can
also be forwarded over the secure channel.
%description askpass
Ssh (Secure Shell) is a program for logging into a remote machine and
for executing commands on a remote machine. This package contains an X
Window System passphrase dialog for OpenSSH.
%prep
%setup -q -b 3 -a 1 -a 5
%patch
%patch2
%patch3
%patch4
%patch5
%patch6 -p1
%patch7 -p1
%patch8
%patch9
%patch10
%patch12
%patch14
%patch15 -p1
%patch16
%patch17
%patch18
%patch19 -p1
%patch20
cp -v %{SOURCE4} .
cp -v %{SOURCE6} .
cd ../x11-ssh-askpass-%{xversion}
%patch1
%build
autoreconf -fiv
%ifarch s390 s390x %sparc
PIEFLAGS="-fPIE"
%else
PIEFLAGS="-fpie"
%endif
%configure --with-ssl-engine \
CFLAGS="%optflags $PIEFLAGS -fstack-protector" \
CXXFLAGS="%optflags $PIEFLAGS -fstack-protector" \
LDFLAGS="-pie" \
%if 0%{suse_version} >= 1140
--with-libedit \
%endif
--sysconfdir=%_sysconfdir/ssh \
--libexecdir=%_libexecdir/ssh \
--with-tcp-wrappers \
--with-selinux \
--with-pam \
--with-kerberos5=/usr \
--with-privsep-path=/var/lib/empty \
--disable-strip \
--with-linux-audit \
--with-xauth=%{_prefix}/bin/xauth \
--target=%{_target_cpu}-suse-linux
# --with-afs=/usr \
make %{?_smp_mflags}
(cd converter; make %{?_smp_mflags})
cd contrib
cd ../../x11-ssh-askpass-%{xversion}
%configure \
--libexecdir=%_libdir/ssh
xmkmf
make includes USRLIBDIR=%_libdir
make %{?_smp_mflags} USRLIBDIR=%_libdir CCOPTIONS="%optflags"
%install
make DESTDIR=%buildroot/ install
install -d -m 755 %buildroot%_sysconfdir/pam.d
install -d -m 755 %buildroot/var/lib/sshd
install -m 644 %{S:2} %buildroot%_sysconfdir/pam.d/sshd
install -d -m 755 %buildroot%_sysconfdir/slp.reg.d/
install -m 644 %{S:7} %buildroot%_sysconfdir/slp.reg.d/
cp -a SuSE/* %buildroot
# install shell script to automate the process of adding your public key to a remote machine
install -m 755 contrib/ssh-copy-id %buildroot%_bindir
install -m 644 contrib/ssh-copy-id.1 %buildroot/%_mandir/man1
(cd converter; make install DESTDIR=%buildroot/)
cd ../x11-ssh-askpass-%xversion
make BINDIR=%_libexecdir/ssh DESTDIR=%buildroot install install.man
rm -rf %buildroot/%_libexecdir/ssh/ssh-askpass
sed -e "s@usr/lib/ssh@usr/%_lib/ssh@" < %{S:8} > %buildroot/%_libexecdir/ssh/ssh-askpass
rm -f %buildroot%_datadir/Ssh.bin
sed -i -e s@/usr/libexec@%_libexecdir@g %buildroot%_sysconfdir/ssh/sshd_config
#install firewall definitions format is described here:
#%_datadir/SuSEfirewall2/services/TEMPLATE
mkdir -p %buildroot/%{_fwdefdir}
install -m 644 %{S:9} %buildroot/%{_fwdefdir}/sshd
%pre
getent group sshd >/dev/null || %_sbindir/groupadd -o -r sshd
getent passwd sshd >/dev/null || %_sbindir/useradd -r -g sshd -d /var/lib/sshd -s /bin/false -c "SSH daemon" sshd
%post
%{fillup_and_insserv -n ssh sshd}
%preun
%stop_on_removal sshd
%postun
%restart_on_update sshd
%{insserv_cleanup}
%files
%defattr(-,root,root)
%dir %attr(755,root,root) /var/lib/sshd
%doc README.SuSE README.kerberos ChangeLog OVERVIEW README TODO LICENCE CREDITS
%attr(0755,root,root) %dir %_sysconfdir/ssh
%attr(0600,root,root) %config(noreplace) %_sysconfdir/ssh/moduli
%attr(0644,root,root) %config(noreplace) %_sysconfdir/ssh/ssh_config
%attr(0640,root,root) %config(noreplace) %_sysconfdir/ssh/sshd_config
%attr(0644,root,root) %config %_sysconfdir/pam.d/sshd
%attr(0755,root,root) %config %_initddir/sshd
%attr(0755,root,root) %_bindir/ssh
%_bindir/scp
%_bindir/sftp
%_bindir/slogin
%_bindir/ssh-*
%_sbindir/*
%attr(444,root,root) %doc %{_mandir}/man1/scp.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keygen.1.gz
%attr(444,root,root) %doc %_mandir/man1/ssh-keyconverter.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/ssh.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/slogin.1.gz
%attr(444,root,root) %doc %{_mandir}/man1/ssh-agent.1*
%attr(444,root,root) %doc %{_mandir}/man1/ssh-add.1*
%attr(444,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
%attr(444,root,root) %doc %{_mandir}/man1/sftp.1*
%attr(444,root,root) %doc %{_mandir}/man1/ssh-copy-id.1*
%attr(444,root,root) %doc %{_mandir}/man5/*
%attr(444,root,root) %doc %{_mandir}/man8/*
%attr(0755,root,root) %dir %_libexecdir/ssh
%attr(0755,root,root) %_libexecdir/ssh/sftp-server
%attr(0755,root,root) %_libexecdir/ssh/ssh-keysign
%attr(0755,root,root) %_libexecdir/ssh/ssh-pkcs11-helper
%dir %_sysconfdir/slp.reg.d
%config %_sysconfdir/slp.reg.d/ssh.reg
/var/adm/fillup-templates/sysconfig.ssh
%config %{_fwdefdir}/sshd
%files askpass
%defattr(-,root,root)
%attr(0755,root,root) %_libexecdir/ssh/ssh-askpass
%attr(0755,root,root) %_libexecdir/ssh/x11-ssh-askpass
%doc %_mandir/man1/ssh-askpass.1x.gz
%doc %_mandir/man1/x11-ssh-askpass.1x.gz
%_appdefdir/SshAskpass
%changelog
