summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>1999-11-23 10:11:29 +1100
committerDamien Miller <djm@mindrot.org>1999-11-23 10:11:29 +1100
commit294df785b8f67a5890d1e49ba883d530cdfb534c (patch)
tree60e56078288ec6b1109aa9aaf0cd0d856eb460f7
parent24e83aa312616f07995241c1529291a3e01ae3bf (diff)
- Added SuSE package files from Chris Saia <csaia@wtower.com>
- Restructured package-related files under packages/ - Added generic PAM config
-rw-r--r--ChangeLog5
-rw-r--r--INSTALL7
-rw-r--r--README1
-rw-r--r--packages/redhat/openssh.spec (renamed from openssh.spec)10
-rwxr-xr-xpackages/redhat/sshd.init (renamed from sshd.init.redhat)0
-rw-r--r--packages/redhat/sshd.pam (renamed from sshd.pam)0
-rw-r--r--packages/suse/openssh.spec227
-rw-r--r--packages/suse/rc.config.sshd5
-rw-r--r--packages/suse/rc.sshd80
-rw-r--r--sshd.pam.generic7
10 files changed, 334 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index b66bb4e2..819549bc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+19991123
+ - Added SuSE package files from Chris Saia <csaia@wtower.com>
+ - Restructured package-related files under packages/
+ - Added generic PAM config
+
19991122
- Make <enter> close gnome-ssh-askpass (Debian bug #50299)
- OpenBSD CVS Changes
diff --git a/INSTALL b/INSTALL
index ae2cf693..4ff27124 100644
--- a/INSTALL
+++ b/INSTALL
@@ -57,9 +57,10 @@ make install
This will install the binaries in /opt/{bin,lib,sbin}, but will place the
configuration files in /etc/ssh.
-If you are using PAM, you will need to manually install the sshd.pam
-control file as "/etc/pam.d/sshd". This file is customised for Redhat
-Linux, you may need to edit it before using it on your system.
+If you are using PAM, you will need to manually install a PAM control
+file as "/etc/pam.d/sshd" (or wherever your system prefers to keep
+them). A generic PAM configuration is included as "sshd.pam.generic",
+you may need to edit it before using it on your system.
There are a few other options to the configure script:
diff --git a/README b/README
index f0cf0d8b..1f96da22 100644
--- a/README
+++ b/README
@@ -54,6 +54,7 @@ Theo de Raadt, and Dug Song - Creators of OpenSSH
'jonchen' - the original author of PAM support of SSH
Ben Taylor <bent@clark.net> - Solaris debugging and fixes
Chip Salzenberg <chip@valinux.com> - Assorted patches
+Chris Saia <csaia@wtower.com> - SuSE packaging
Dan Brosemer <odin@linuxfreak.com> - Autoconf and build fixes & Debian scripts
Jim Knoble <jmknoble@pobox.com> - RPM spec file fixes
Marc G. Fournier <marc.fournier@acadiau.ca> - Solaris patches
diff --git a/openssh.spec b/packages/redhat/openssh.spec
index 3c244d95..870ffd8a 100644
--- a/openssh.spec
+++ b/packages/redhat/openssh.spec
@@ -124,8 +124,8 @@ make install prefix="$RPM_BUILD_ROOT/usr"
install -d $RPM_BUILD_ROOT/etc/ssh
install -d $RPM_BUILD_ROOT/etc/pam.d/
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
-install -m644 sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
-install -m755 sshd.init.redhat $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
+install -m644 packages/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -m755 packages/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install -m600 ssh_config $RPM_BUILD_ROOT/etc/ssh/ssh_config
install -m600 sshd_config $RPM_BUILD_ROOT/etc/ssh/sshd_config
@@ -166,7 +166,7 @@ fi
%attr(0644,root,root) /usr/man/man1/ssh.1
%attr(0644,root,root) /usr/man/man1/ssh-agent.1
%attr(0644,root,root) /usr/man/man1/ssh-add.1
-%attr(0644,root,root) %config /etc/ssh/ssh_config
+%attr(0644,root,root) %config(noreplace) /etc/ssh/ssh_config
%attr(-,root,root) /usr/bin/slogin
%attr(-,root,root) /usr/man/man1/slogin.1
@@ -174,8 +174,8 @@ fi
%defattr(-,root,root)
%attr(0755,root,root) /usr/sbin/sshd
%attr(0644,root,root) /usr/man/man8/sshd.8
-%attr(0600,root,root) %config /etc/ssh/sshd_config
-%attr(0600,root,root) %config /etc/pam.d/sshd
+%attr(0600,root,root) %config(noreplace) /etc/ssh/sshd_config
+%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
%files askpass
diff --git a/sshd.init.redhat b/packages/redhat/sshd.init
index 5e919489..5e919489 100755
--- a/sshd.init.redhat
+++ b/packages/redhat/sshd.init
diff --git a/sshd.pam b/packages/redhat/sshd.pam
index 2a7d1fbd..2a7d1fbd 100644
--- a/sshd.pam
+++ b/packages/redhat/sshd.pam
diff --git a/packages/suse/openssh.spec b/packages/suse/openssh.spec
new file mode 100644
index 00000000..9bdde3b2
--- /dev/null
+++ b/packages/suse/openssh.spec
@@ -0,0 +1,227 @@
+Summary: OpenSSH, a free Secure Shell (SSH) implementation
+Name: openssh
+Version: 1.2pre14
+Release: 2RSAref
+Source0: openssh-%{version}.tar.gz
+Copyright: BSD
+Group: Applications/Internet
+BuildRoot: /tmp/openssh-%{version}-buildroot
+Obsoletes: ssh
+#
+# building prerequisites -- stuff for TCP Wrappers and Gnome
+# (This only works for RPM 2.95 and newer.)
+#
+BuildPrereq: nkitb
+BuildPrereq: glibdev
+BuildPrereq: gtkdev
+BuildPrereq: gnlibsd
+
+%package clients
+Summary: OpenSSH Secure Shell protocol clients
+Requires: openssh
+Group: Applications/Internet
+Obsoletes: ssh-clients
+
+%package server
+Summary: OpenSSH Secure Shell protocol server (sshd)
+Requires: openssh
+Group: System Environment/Daemons
+Obsoletes: ssh-server
+
+%package askpass
+Summary: OpenSSH GNOME passphrase dialog
+Group: Applications/Internet
+Requires: openssh
+Obsoletes: ssh-extras
+Obsoletes: ssh-askpass
+
+%description
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine. It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network. X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the core files necessary for both the OpenSSH
+client and server. To make this package useful, you should also
+install openssh-clients, openssh-server, or both.
+
+%description clients
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine. It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network. X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the clients necessary to make encrypted connections
+to SSH servers.
+
+%description server
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine. It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network. X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to seperate libraries (OpenSSL).
+
+This package contains the secure shell daemon. The sshd is the server
+part of the secure shell protocol and allows ssh clients to connect to
+your host.
+
+%description askpass
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine. It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network. X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to seperate libraries (OpenSSL).
+
+This package contains the GNOME passphrase dialog.
+
+%changelog
+* Mon Nov 22 1999 Chris Saia <csaia@wtower.com>
+- Added flag to configure daemon with TCP Wrappers support
+- Added building prerequisites (works in RPM 3.0 and newer)
+* Thu Nov 18 1999 Chris Saia <csaia@wtower.com>
+- Made this package correct for SuSE.
+- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly
+ with SuSE, and lib_pwdb.so isn't installed by default.
+* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
+- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
+* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
+- Added 'Obsoletes' directives
+* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
+- Use make install
+- Subpackages
+* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
+- Added links for slogin
+- Fixed perms on manpages
+* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
+- Renamed init script
+* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
+- Back to old binary names
+* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
+- Use autoconf
+- New binary names
+* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
+- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
+
+%prep
+
+%setup
+
+%build
+
+CFLAGS="$RPM_OPT_FLAGS" \
+ ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-gnome-askpass --with-tcp-wrappers
+
+make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install prefix="$RPM_BUILD_ROOT/usr"
+
+install -d $RPM_BUILD_ROOT/etc/ssh/
+install -d $RPM_BUILD_ROOT/etc/pam.d/
+install -d $RPM_BUILD_ROOT/sbin/init.d/
+install -d $RPM_BUILD_ROOT/sbin/init.d/rc2.d/
+install -d $RPM_BUILD_ROOT/sbin/init.d/rc3.d/
+install -m644 sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -m744 packages/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd
+install -m600 ssh_config $RPM_BUILD_ROOT/etc/ssh/ssh_config
+install -m600 sshd_config $RPM_BUILD_ROOT/etc/ssh/sshd_config
+ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd
+install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
+cp packages/suse/rc.config.sshd $RPM_BUILD_ROOT/var/adm/fillup-templates
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post server
+if [ "$1" = 0 ]; then
+ echo "Creating SSH stop/start scripts in rc directories..."
+ ln -s ../sshd /sbin/init.d/rc2.d/K20sshd
+ ln -s ../sshd /sbin/init.d/rc2.d/S20sshd
+ ln -s ../sshd /sbin/init.d/rc3.d/K20sshd
+ ln -s ../sshd /sbin/init.d/rc3.d/S20sshd
+fi
+echo "Updating /etc/rc.config..."
+if [ -x /bin/fillup ] ; then
+ /bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.sshd
+else
+ echo "ERROR: fillup not found. This should NOT happen in SuSE Linux."
+ echo "Update /etc/rc.config by hand from the following template file:"
+ echo " /var/adm/fillup-templates/rc.config.sshd"
+fi
+echo "Generating SSH host key..."
+if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
+ /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
+fi
+if test -r /var/run/sshd.pid
+then
+ /usr/sbin/rcsshd restart >&2
+fi
+
+%preun server
+if [ "$1" = 0 ]
+then
+ echo "Stopping SSH..."
+ /usr/sbin/rcsshd stop >&2
+ echo "Removing SSH stop/start scripts from rc directories..."
+ rm /sbin/init.d/rc2.d/K20sshd
+ rm /sbin/init.d/rc2.d/S20sshd
+ rm /sbin/init.d/rc3.d/K20sshd
+ rm /sbin/init.d/rc3.d/S20sshd
+fi
+
+%files
+%defattr(-,root,root)
+%doc COPYING.Ylonen ChangeLog OVERVIEW README README.Ylonen
+%doc RFC.nroff TODO UPGRADING
+%attr(0755,root,root) /usr/bin/ssh-keygen
+%attr(0755,root,root) /usr/bin/scp
+%attr(0644,root,root) /usr/man/man1/ssh-keygen.1
+%attr(0644,root,root) /usr/man/man1/scp.1
+%attr(0755,root,root) %dir /etc/ssh
+
+%files clients
+%defattr(-,root,root)
+%attr(4755,root,root) /usr/bin/ssh
+%attr(0755,root,root) /usr/bin/ssh-agent
+%attr(0755,root,root) /usr/bin/ssh-add
+%attr(0644,root,root) /usr/man/man1/ssh.1
+%attr(0644,root,root) /usr/man/man1/ssh-agent.1
+%attr(0644,root,root) /usr/man/man1/ssh-add.1
+%attr(0644,root,root) %config(noreplace) /etc/ssh/ssh_config
+%attr(-,root,root) /usr/bin/slogin
+%attr(-,root,root) /usr/man/man1/slogin.1
+
+%files server
+%defattr(-,root,root)
+%attr(0755,root,root) /usr/sbin/sshd
+%attr(0644,root,root) /usr/man/man8/sshd.8
+%attr(0600,root,root) %config(noreplace) /etc/ssh/sshd_config
+%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
+%attr(0755,root,root) %config /sbin/init.d/sshd
+%attr(-,root,root) /usr/sbin/rcsshd
+%attr(0644,root,root) /var/adm/fillup-templates/rc.config.sshd
+
+%files askpass
+%defattr(-,root,root)
+%attr(0755,root,root) %dir /usr/libexec/ssh
+%attr(0755,root,root) /usr/libexec/ssh/ssh-askpass
+
diff --git a/packages/suse/rc.config.sshd b/packages/suse/rc.config.sshd
new file mode 100644
index 00000000..baaa7a5a
--- /dev/null
+++ b/packages/suse/rc.config.sshd
@@ -0,0 +1,5 @@
+#
+# Start the Secure Shell (SSH) Daemon?
+#
+START_SSHD="yes"
+
diff --git a/packages/suse/rc.sshd b/packages/suse/rc.sshd
new file mode 100644
index 00000000..f7d431eb
--- /dev/null
+++ b/packages/suse/rc.sshd
@@ -0,0 +1,80 @@
+#! /bin/sh
+# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany.
+#
+# Author: Chris Saia <csaia@wtower.com>
+#
+# /sbin/init.d/sshd
+#
+# and symbolic its link
+#
+# /sbin/rcsshd
+#
+
+. /etc/rc.config
+
+# Determine the base and follow a runlevel link name.
+base=${0##*/}
+link=${base#*[SK][0-9][0-9]}
+
+# Force execution if not called by a runlevel directory.
+test $link = $base && START_SSHD=yes
+test "$START_SSHD" = yes || exit 0
+
+# The echo return value for success (defined in /etc/rc.config).
+return=$rc_done
+case "$1" in
+ start)
+ echo -n "Starting service sshd"
+ ## Start daemon with startproc(8). If this fails
+ ## the echo return value is set appropriate.
+
+ startproc /usr/sbin/sshd || return=$rc_failed
+
+ echo -e "$return"
+ ;;
+ stop)
+ echo -n "Stopping service sshd"
+ ## Stop daemon with killproc(8) and if this fails
+ ## set echo the echo return value.
+
+ killproc -TERM /usr/sbin/sshd || return=$rc_failed
+
+ echo -e "$return"
+ ;;
+ restart)
+ ## If first returns OK call the second, if first or
+ ## second command fails, set echo return value.
+ $0 stop && $0 start || return=$rc_failed
+ ;;
+ reload)
+ ## Choose ONE of the following two cases:
+
+ ## First possibility: A few services accepts a signal
+ ## to reread the (changed) configuration.
+
+ echo -n "Reload service sshd"
+ killproc -HUP /usr/sbin/sshd || return=$rc_failed
+ echo -e "$return"
+ ;;
+ status)
+ echo -n "Checking for service sshd"
+ ## Check status with checkproc(8), if process is running
+ ## checkproc will return with exit status 0.
+
+ checkproc /usr/sbin/sshd && echo OK || echo No process
+ ;;
+ probe)
+ ## Optional: Probe for the necessity of a reload,
+ ## give out the argument which is required for a reload.
+
+ test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|status|restart|reload[|probe]}"
+ exit 1
+ ;;
+esac
+
+# Inform the caller not only verbosely and set an exit status.
+test "$return" = "$rc_done" || exit 1
+exit 0
diff --git a/sshd.pam.generic b/sshd.pam.generic
new file mode 100644
index 00000000..c67e7b63
--- /dev/null
+++ b/sshd.pam.generic
@@ -0,0 +1,7 @@
+#%PAM-1.0
+auth required /lib/security/pam_unix.so shadow
+auth required /lib/security/pam_nologin.so
+account required /lib/security/pam_unix.so
+password required /lib/security/pam_cracklib.so
+password required /lib/security/pam_unix.so shadow nullok use_authtok
+session required /lib/security/pam_unix.so