summaryrefslogtreecommitdiff
path: root/contrib
diff options
context:
space:
mode:
authorTim Rice <tim@multitalents.net>2001-04-26 22:50:48 -0700
committerTim Rice <tim@multitalents.net>2001-04-26 22:50:48 -0700
commita8c7a62ad4a2401e1200cef2c180d34f95aaf7cc (patch)
tree2a51426e350054fb1bc66d9289312101b90e9c2c /contrib
parentbb34625b6c417d40571acc166786ba0addf728de (diff)
- (tim) update contrib/caldera files with what Caldera is using.
<sps@caldera.de>
Diffstat (limited to 'contrib')
-rw-r--r--contrib/caldera/openssh.spec593
-rwxr-xr-xcontrib/caldera/ssh-host-keygen36
-rw-r--r--contrib/caldera/sshd.daemons6
-rwxr-xr-xcontrib/caldera/sshd.init206
4 files changed, 419 insertions, 422 deletions
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index defe1c23..f40b22ed 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -1,340 +1,281 @@
-# Version of OpenSSH
-%define oversion 2.9p1
-
-# Version of ssh-askpass
-%define aversion 1.2.0
-
-# Do we want to disable building of x11-askpass? (1=yes 0=no)
-%define no_x11_askpass 0
-
-# Do we want to disable building of gnome-askpass? (1=yes 0=no)
-%define no_gnome_askpass 1
-
-# Do we want to include contributed programs? (1=yes 0=no)
-%define contrib_programs 1
-
-Summary: OpenSSH free Secure Shell (SSH) implementation
-Name: openssh
-Version: %{oversion}
-Release: 1
-Packager: Damien Miller <djm@mindrot.org>
-URL: http://www.openssh.com/
-Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{oversion}.tar.gz
-Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
-Copyright: BSD
-Group: Applications/Internet
-BuildRoot: /var/tmp/openssh-%{Version}-buildroot
-#BuildRoot: /tmp/openssh-%{Version}-buildroot
-Obsoletes: ssh
-PreReq: openssl >= 0.9.5a
-Requires: openssl >= 0.9.5a
-BuildPreReq: perl, openssl-devel, tcp_wrappers
-BuildPreReq: /bin/login, /usr/bin/rsh, /usr/include/security/pam_appl.h
-%if ! %{no_gnome_askpass}
-BuildPreReq: gnome-libs-devel
-%endif
-
-%package clients
-Summary: OpenSSH Secure Shell protocol clients
-Requires: openssh = %{Version}-%{release}
-Group: Applications/Internet
-Obsoletes: ssh-clients
-
-%package server
-Summary: OpenSSH Secure Shell protocol server (sshd)
-Group: System Environment/Daemons
-Obsoletes: ssh-server
-#PreReq: openssh chkconfig >= 0.9
-
-%package askpass
-Summary: OpenSSH X11 passphrase dialog
-Group: Applications/Internet
-Requires: openssh = %{Version}-%{release}
-Obsoletes: ssh-extras
-
-%package askpass-gnome
-Summary: OpenSSH GNOME passphrase dialog
-Group: Applications/Internet
-Requires: openssh = %{Version}-%{release}
-Obsoletes: ssh-extras
-
-%description
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to separate libraries (OpenSSL).
-
-This package includes the core files necessary for both the OpenSSH
-client and server. To make this package useful, you should also
-install openssh-clients, openssh-server, or both.
-
-%description clients
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to separate libraries (OpenSSL).
-
-This package includes the clients necessary to make encrypted connections
-to SSH servers.
-
-%description server
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to separate libraries (OpenSSL).
-
-This package contains the secure shell daemon. The sshd is the server
-part of the secure shell protocol and allows ssh clients to connect to
-your host.
-
-%description askpass
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to separate libraries (OpenSSL).
-
-This package contains Jim Knoble's <jmknoble@pobox.com> X11 passphrase
-dialog.
-
-%description askpass-gnome
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to separate libraries (OpenSSL).
-
-This package contains the GNOME passphrase dialog.
-
-%prep
-
-%setup -a 1
-
-%build
-
-%define _sysconfdir /etc/ssh
-
-CFLAGS="$RPM_OPT_FLAGS" \
- ./configure \
- --prefix=/usr \
- --sysconfdir=/etc/ssh \
- --libexecdir=%{_libexecdir}/openssh \
- --with-pam \
- --with-tcp-wrappers \
- --with-ipv4-default \
- --with-rsh=/usr/bin/rsh
+%define askpass 1.2.0
+
+Name : openssh
+Version : 2.9p1
+Release : 1
+Group : System/Network
+
+Summary : OpenSSH free Secure Shell (SSH) implementation.
+Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
+Summary(es) : OpenSSH implementación libre de Secure Shell (SSH).
+Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH).
+Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
+Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH).
+
+Copyright : BSD
+Packager : Stephan Seyboth <sps@caldera.de>
+#Icon : .
+URL : http://www.openssh.com/
+
+Obsoletes : ssh, ssh-clients, openssh-clients
+
+BuildRoot : /tmp/%{Name}-%{Version}
+
+Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{Version}.tar.gz
+Source1: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{askpass}.tar.gz
+
+
+%Package server
+Group : System/Network
+Requires : openssh = %{Version}
+Obsoletes : ssh-server
+
+Summary : OpenSSH Secure Shell protocol server (sshd).
+Summary(de) : OpenSSH Secure Shell Protocol Server (sshd).
+Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
+Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd).
+Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
+Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
+
+
+%Package askpass
+Group : System/Network
+Requires : openssh = %{Version}
+Obsoletes : ssh-extras
+
+Summary : OpenSSH X11 pass-phrase dialog.
+Summary(de) : OpenSSH X11 Passwort-Dialog.
+Summary(es) : Aplicación de petición de frase clave OpenSSH X11.
+Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
+Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
+Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH.
+
+
+%Description
+OpenSSH (Secure Shell) provides access to a remote system. It replaces
+telnet, rlogin, rexec, and rsh, and provides secure encrypted
+communications between two untrusted hosts over an insecure network.
+X11 connections and arbitrary TCP/IP ports can also be forwarded over
+the secure channel.
+
+%Description -l de
+OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
+telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte
+Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres
+Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso
+über den sicheren Channel weitergeleitet werden.
+
+%Description -l es
+OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
+telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
+entre dos equipos entre los que no se ha establecido confianza a través de una
+red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden
+ser canalizadas sobre el canal seguro.
+
+%Description -l fr
+OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace
+telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées
+securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des
+connexions X11 et des ports TCP/IP arbitraires peuvent également être
+transmis sur le canal sécurisé.
+
+%Description -l it
+OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
+Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
+e crittate tra due host non fidati su una rete non sicura. Le connessioni
+X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
+un canale sicuro.
+
+%Description -l pt
+OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
+telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas
+entre duas máquinas sem confiança mútua sobre uma rede insegura.
+Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados
+pelos porto seguro.
+
+%Description server
+This package installs the sshd, the server portion of OpenSSH.
+
+%Description -l de server
+Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
+
+%Description -l es server
+Este paquete instala sshd, la parte servidor de OpenSSH.
+
+%Description -l fr server
+Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
+
+%Description -l it server
+Questo pacchetto installa sshd, il server di OpenSSH.
+
+%Description -l pt server
+Este pacote intala o sshd, o servidor do OpenSSH.
+
+%Description askpass
+This package contains an X11-based passphrase dialog.
+
+%Description -l de askpass
+Dieses Paket enthält einen X11-basierten Passwort Dialog.
+
+%Description -l es askpass
+Este paquete contiene una aplicación para petición de frases-contraseña basada
+en X11.
+
+%Description -l fr askpass
+Ce paquetage contient un dialogue de passphrase basé sur X11.
+
+%Description -l it askpass
+Questo pacchetto contiene una finestra di X11 che chiede la frase segreta.
+
+%Description -l pt askpass
+Este pacote contém um diálogo de senha para o X11.
+
+%Prep
+%setup
+%setup -D -T -a1
+
+
+%Build
+CFLAGS="$RPM_OPT_FLAGS" \
+./configure \
+ --prefix=/usr \
+ --sysconfdir=/etc/ssh \
+ --libexecdir=/usr/lib/ssh \
+ --with-pam \
+ --with-tcp-wrappers \
+ --with-ipv4-default \
make
-%if ! %{no_x11_askpass}
-cd x11-ssh-askpass-%{aversion}
+cd x11-ssh-askpass-%{askpass}
xmkmf -a
make
-cd ..
-%endif
-
-%if ! %{no_gnome_askpass}
-cd contrib
-gcc -O -g `gnome-config --cflags gnome gnomeui` \
- gnome-ssh-askpass.c -o gnome-ssh-askpass \
- `gnome-config --libs gnome gnomeui`
-cd ..
-%endif
-
-%install
-rm -rf $RPM_BUILD_ROOT
-make install DESTDIR=$RPM_BUILD_ROOT/
-
-# setup the environment we want
-perl -pi -e "s,PermitRootLogin yes,PermitRootLogin no,;" \
- -e "s,X11Forwarding no,X11Forwarding yes,;" \
- -e "s,CheckMail no,CheckMail yes,;" \
- -e "s,^#Subsystem sftp,Subsystem sftp,;" \
- $RPM_BUILD_ROOT/etc/ssh/sshd_config
-
-install -d $RPM_BUILD_ROOT/etc/pam.d/
-install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
-install -d $RPM_BUILD_ROOT/etc/sysconfig/daemons
-install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
-install -d $RPM_BUILD_ROOT/usr/local/bin
-install -d $RPM_BUILD_ROOT/usr/local/man/man1
-install -m644 contrib/caldera/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
-install -m755 contrib/caldera/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-install -m755 contrib/caldera/sshd.daemons $RPM_BUILD_ROOT/etc/sysconfig/daemons/sshd
-perl -pi -e "s,\@OPENSSH_VERSION\@,%{Name}-%{Version},g" \
- $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-perl -pi -e "s,\@OPENSSH_VERSION\@,%{Name}-%{Version},g" \
- $RPM_BUILD_ROOT/etc/sysconfig/daemons/sshd
-%if %{contrib_programs}
-install -m755 contrib/make-ssh-known-hosts.pl $RPM_BUILD_ROOT/usr/local/bin
-install -m644 contrib/make-ssh-known-hosts.1 $RPM_BUILD_ROOT/usr/local/man/man1
-install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT/usr/local/bin
-install -m644 contrib/ssh-copy-id.1 $RPM_BUILD_ROOT/usr/local/man/man1
-%endif
-
-%if ! %{no_x11_askpass}
-install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/x11-ssh-askpass
-ln -s /usr/libexec/openssh/x11-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/ssh-askpass
-install -d $RPM_BUILD_ROOT/usr/X11R6/man/man1
-install -c -m 0444 x11-ssh-askpass-%{aversion}/x11-ssh-askpass.man $RPM_BUILD_ROOT/usr/X11R6/man/man1/x11-ssh-askpass.1x
-ln -s /usr/X11R6/man/man1/x11-ssh-askpass.1x $RPM_BUILD_ROOT/usr/X11R6/man/man1/ssh-askpass.1x
-%endif
-
-%if ! %{no_gnome_askpass}
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/libexec/openssh/gnome-ssh-askpass
-%endif
-
-%clean
-##rm -rf $RPM_BUILD_ROOT
-
-%post server
-if [ "$1" = 1 ]; then
- echo "Creating SSH stop/start scripts in the rc directories..."
-# /sbin/chkconfig --add sshd
- lisa --SysV-init install sshd S90 2:3:4:5 K05 0:1:6
-fi
-if test -r /var/run/sshd.pid
-then
- echo "Restarting the running SSH daemon..."
- /etc/rc.d/init.d/sshd restart >&2
+
+
+%Install
+%{mkDESTDIR}
+
+make DESTDIR="$DESTDIR" install
+
+make -C x11-ssh-askpass-%{askpass} DESTDIR="$DESTDIR" \
+ BINDIR="/usr/lib/ssh" install
+
+%{fixManPages}
+
+# install remaining docs
+NV="$DESTDIR%{_defaultdocdir}/%{Name}-%{Version}"
+mkdir -p $NV
+cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $NV
+mkdir -p $NV/x11-ssh-askpass-%{askpass}
+cp -a x11-ssh-askpass-%{askpass}/{README,ChangeLog,SshAskpass*.ad} \
+ $NV/x11-ssh-askpass-%{askpass}
+
+
+# OpenLinux specific configuration
+mkdir -p $DESTDIR/{etc/pam.d,%{SVIcdir},%{SVIdir}}
+
+# enabling X11 forwarding on the server is convenient and okay,
+# on the client side it's a potential security risk!
+%{fixUP} -vg $DESTDIR/etc/ssh/sshd_config 'X11Forwarding no' \
+ 'X11Forwarding yes'
+
+install -m644 contrib/caldera/sshd.pam $DESTDIR/etc/pam.d/sshd
+# FIXME: disabled, find out why this doesn't work with nis
+%{fixUP} -vg $DESTDIR/etc/pam.d/sshd '(.*pam_limits.*)' '#$1'
+
+install -m 0755 contrib/caldera/sshd.init $DESTDIR%{SVIdir}/sshd
+%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@SVIdir\@:%{SVIdir}:'
+%{fixUP} -T $DESTDIR/%{SVIdir} -e 's:\@sysconfdir\@:/etc/ssh:'
+
+cat <<-EoD > $DESTDIR%{SVIcdir}/sshd
+ IDENT=sshd
+ DESCRIPTIVE="OpenSSH secure shell daemon"
+ # This service will be marked as 'skipped' on boot if there
+ # is no host key. Use ssh-host-keygen to generate one
+ ONBOOT="yes"
+ OPTIONS=""
+EoD
+
+SKG=$DESTDIR/usr/sbin/ssh-host-keygen
+install -m 0755 contrib/caldera/ssh-host-keygen $SKG
+%{fixUP} -T $SKG -e 's:\@sysconfdir\@:/etc/ssh:'
+%{fixUP} -T $SKG -e 's:\@sshkeygen\@:/usr/bin/ssh-keygen:'
+
+
+# generate file lists
+%{mkLists} -c %{Name}
+%{mkLists} -d %{Name} << 'EOF'
+/etc/ssh base
+^/etc/ IGNORED
+%{_defaultdocdir}/$ IGNORED
+askpass askpass
+* default
+EOF
+%{mkLists} -a -f %{Name} << 'EOF'
+^/etc * prefix(%%config)
+/usr/X11R6/lib/X11/app-defaults IGNORED
+[Aa]skpass askpass
+%{_defaultdocdir}/%{Name}-%{Version}/ base
+ssh-keygen base
+sshd server
+sftp-server server
+.* base
+EOF
+
+
+%Clean
+%{rmDESTDIR}
+
+
+%Post
+# Generate host key when none is present to get up and running,
+# both client and server require this for host-based auth!
+# ssh-host-keygen checks for existing keys.
+/usr/sbin/ssh-host-keygen
+: # to protect the rpm database
+
+
+%Post server
+if [ -x %{LSBinit}-install ]; then
+ %{LSBinit}-install sshd
else
- echo "Starting the SSH daemon..."
- /etc/rc.d/init.d/sshd start >&2
+ lisa --SysV-init install sshd S55 3:4:5 K45 0:1:2:6
fi
-%preun server
-if [ "$1" = 0 ] ; then
- echo "Stopping the SSH daemon..."
- /etc/rc.d/init.d/sshd stop >&2
- echo "Removing SSH stop/start scripts from the rc directories..."
-# /sbin/chkconfig --del sshd
- lisa --SysV-init remove sshd $1
+! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
+: # to protect the rpm database
+
+
+%PreUn server
+[ "$1" = 0 ] || exit 0
+
+! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
+: # to protect the rpm database
+
+
+%PostUn server
+if [ -x %{LSBinit}-remove ]; then
+ %{LSBinit}-remove sshd
+else
+ lisa --SysV-init remove sshd $1
fi
+: # to protect the rpm database
-%files
-%defattr(-,root,root)
-%doc ChangeLog OVERVIEW README* INSTALL
-%doc CREDITS LICENCE
-%attr(0755,root,root) %{_bindir}/ssh-keygen
-%attr(0755,root,root) %{_bindir}/scp
-%attr(0755,root,root) %{_bindir}/ssh-keyscan
-%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
-%attr(0644,root,root) %{_mandir}/man1/scp.1*
-%attr(0755,root,root) %dir %{_sysconfdir}
-%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/primes
-%attr(0755,root,root) %dir %{_libexecdir}/openssh
-
-%files clients
-%defattr(-,root,root)
-%attr(4755,root,root) %{_bindir}/ssh
-%attr(0755,root,root) %{_bindir}/ssh-agent
-%attr(0755,root,root) %{_bindir}/ssh-add
-%attr(0755,root,root) %{_bindir}/ssh-keyscan
-%attr(0755,root,root) %{_bindir}/sftp
-%attr(0644,root,root) %{_mandir}/man1/ssh.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
-%attr(0644,root,root) %{_mandir}/man1/sftp.1*
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh_config
-%attr(-,root,root) %{_bindir}/slogin
-%attr(-,root,root) %{_mandir}/man1/slogin.1*
-%if %{contrib_programs}
-%attr(0755,root,root) /usr/local/bin/make-ssh-known-hosts.pl
-%attr(0644,root,root) /usr/local/man/man1/make-ssh-known-hosts.1
-%attr(0755,root,root) /usr/local/bin/ssh-copy-id
-%attr(0644,root,root) /usr/local/man/man1/ssh-copy-id.1
-%endif
-
-%files server
+
+%Files -f files-%{Name}-base
%defattr(-,root,root)
-%attr(0751,root,root) %{_sbindir}/sshd
-%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
-%attr(0644,root,root) %{_mandir}/man8/sshd.8*
-%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
-#%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/sshd_config
-%attr(0600,root,root) %config %{_sysconfdir}/sshd_config
-%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
-%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
-%attr(0755,root,root) %config /etc/sysconfig/daemons/sshd
-
-%if ! %{no_x11_askpass}
-%files askpass
+
+
+%Files server -f files-%{Name}-server
%defattr(-,root,root)
-%doc x11-ssh-askpass-%{aversion}/README
-%doc x11-ssh-askpass-%{aversion}/ChangeLog
-%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
-%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
-%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
-%attr(0644,root,root) /usr/X11R6/man/man1/x11-ssh-askpass.1x
-%attr(-,root,root) /usr/X11R6/man/man1/ssh-askpass.1x
-%endif
-
-%if ! %{no_gnome_askpass}
-%files askpass-gnome
+
+
+%Files askpass -f files-%{Name}-askpass
%defattr(-,root,root)
-%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
-%endif
-
-%changelog
-* Mon Oct 18 2000 Damien Miller <djm@mindrot.org>
-- Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
- Redhat 7.0 spec file
-* Tue Sep 05 2000 Damien Miller <djm@mindrot.org>
-- Use RPM configure macro
-* Tue Aug 08 2000 Damien Miller <djm@mindrot.org>
-- Some surgery to sshd.init (generate keys at runtime)
-- Cleanup of groups and removal of keygen calls
-* Wed Jul 12 2000 Damien Miller <djm@mindrot.org>
-- Make building of X11-askpass and gnome-askpass optional
-* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
-- Glob manpages to catch compressed files
-* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
-- Updated for new location
-- Updated for new gnome-ssh-askpass build
-* Sun Dec 26 1999 Damien Miller <djm@mindrot.org>
-- Added Jim Knoble's <jmknoble@pobox.com> askpass
-* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
-- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
-* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
-- Added 'Obsoletes' directives
-* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
-- Use make install
-- Subpackages
-* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
-- Added links for slogin
-- Fixed perms on manpages
-* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
-- Renamed init script
-* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
-- Back to old binary names
-* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
-- Use autoconf
-- New binary names
-* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
-- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
+
+%ChangeLog
+* Mon Jan 01 1998 ...
+Template Version: 1.31
+
+$Id: openssh.spec,v 1.15 2001/04/27 05:50:49 tim Exp $
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen
new file mode 100755
index 00000000..28a97b9b
--- /dev/null
+++ b/contrib/caldera/ssh-host-keygen
@@ -0,0 +1,36 @@
+#! /bin/sh
+#
+# $Id: ssh-host-keygen,v 1.1 2001/04/27 05:50:50 tim Exp $
+#
+# This script is normally run only *once* for a given host
+# (in a given period of time) -- on updates/upgrades/recovery
+# the ssh_host_key* files _should_ be retained! Otherwise false
+# "man-in-the-middle-attack" alerts will frighten unsuspecting
+# clients...
+
+keydir=@sysconfdir@
+keygen=@sshkeygen@
+
+if [ -f $keydir/ssh_host_key -o \
+ -f $keydir/ssh_host_key.pub ]; then
+ echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key."
+else
+ echo "Generating 1024 bit SSH1 RSA host key."
+ $keygen -b 1024 -t rsa1 -f $keydir/ssh_host_key -C '' -N ''
+fi
+
+if [ -f $keydir/ssh_host_rsa_key -o \
+ -f $keydir/ssh_host_rsa_key.pub ]; then
+ echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key."
+else
+ echo "Generating 1024 bit SSH2 RSA host key."
+ $keygen -b 1024 -t rsa -f $keydir/ssh_host_rsa_key -C '' -N ''
+fi
+
+if [ -f $keydir/ssh_host_dsa_key -o \
+ -f $keydir/ssh_host_dsa_key.pub ]; then
+ echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key."
+else
+ echo "Generating SSH2 DSA host key."
+ $keygen -t dsa -f $keydir/ssh_host_dsa_key -C '' -N ''
+fi
diff --git a/contrib/caldera/sshd.daemons b/contrib/caldera/sshd.daemons
deleted file mode 100644
index b7515040..00000000
--- a/contrib/caldera/sshd.daemons
+++ /dev/null
@@ -1,6 +0,0 @@
-IDENT=sshd
-SHORT="sshd"
-DESCRIPTIVE="@OPENSSH_VERSION@"
-DAEMON=/usr/sbin/sshd
-# DAEMON_ARGS="-p some_other_port"
-ONBOOT=yes
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init
index 17643391..e60f8afe 100755
--- a/contrib/caldera/sshd.init
+++ b/contrib/caldera/sshd.init
@@ -1,99 +1,125 @@
-#! /bin/sh
+#! /bin/bash
#
-# Generic network daemon RC script. If installed as /etc/rc.d/init.d/foobar,
-# it source /etc/sysconfig/daemons/foobar and looks at the
-# variable definitions (Bourne shell syntax). Variables marked with an
-# asterisk are required.
+# $Id: sshd.init,v 1.2 2001/04/27 05:50:50 tim Exp $
#
-# * IDENT=sshd
-# DESCRIPTIVE="@OPENSSH_VERSION@"
-# * DAEMON=/usr/sbin/sshd
-# DAEMON_ARGS="-p some_other_port"
-# ONBOOT=yes
+### BEGIN INIT INFO
+# Provides:
+# Required-Start: $network
+# Required-Stop:
+# Default-Start: 3 4 5
+# Default-Stop: 0 1 2 6
+# Description: sshd
+# Bring up/down the OpenSSH secure shell daemon.
+### END INIT INFO
#
+# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
+# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
+# Modified for OpenLinux by Raymund Will <ray@caldera.de>
-# Source networking configuration.
-. /etc/sysconfig/network
-
-# Check that networking is up.
-[ ${NETWORKING} = "no" ] && exit 0
-
-# Source function library, check sysconfig/daemon file and source it.
-. /etc/rc.d/init.d/functions
-
-[ -x $DAEMON ] || exit 0
-
-# Some functions to make the below more readable
-KEYGEN=/usr/bin/ssh-keygen
-RSA1_KEY=/etc/ssh/ssh_host_key
-RSA_KEY=/etc/ssh/ssh_host_rsa_key
-DSA_KEY=/etc/ssh/ssh_host_dsa_key
-PID_FILE=/var/run/sshd.pid
-do_rsa1_keygen() {
- if ! test -f $RSA1_KEY ; then
- echo -n "Generating SSH1 RSA host key: "
- if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
- echo "RSA1 key generation success"
- else
- echo "RSA1 key generation failure"
- exit 1
- fi
- fi
-}
-do_rsa_keygen() {
- if ! test -f $RSA_KEY ; then
- echo -n "Generating SSH2 RSA host key: "
- if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
- echo "RSA key generation success"
- else
- echo "RSA key generation failure"
- exit 1
- fi
- fi
-}
-do_dsa_keygen() {
- if ! test -f $DSA_KEY ; then
- echo -n "Generating SSH2 DSA host key: "
- if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
- echo "DSA key generation success"
- else
- echo "DSA key generation failure"
- exit 1
- fi
- fi
+NAME=sshd
+DAEMON=/usr/sbin/$NAME
+# Hack-Alert(TM)! This is necessary to get around the 'reload'-problem
+# created by recent OpenSSH daemon/ssd combinations. See Caldera internal
+# PR [linux/8278] for details...
+PIDF=/var/run/$NAME.pid
+NAME=$DAEMON
+
+_status() {
+ [ -z "$1" ] || local pidf="$1"
+ local ret=-1
+ local pid
+ if [ -n "$pidf" ] && [ -r "$pidf" ]; then
+ pid=$(head -1 $pidf)
+ else
+ pid=$(pidof $NAME)
+ fi
+
+ if [ ! -e $SVIlock ]; then
+ # no lock-file => not started == stopped?
+ ret=3
+ elif { [ -n "$pidf" ] && [ ! -f "$pidf" ] } || [ -z "$pid" ]; then
+ # pid-file given but not present or no pid => died, but was not stopped
+ ret=2
+ elif [ -r /proc/$pid/cmdline ] &&
+ echo -ne $NAME'\000' | cmp -s - /proc/$pid/cmdline; then
+ # pid-file given and present or pid found => check process...
+ # but don't compare exe, as this will fail after an update!
+ # compares OK => all's well, that ends well...
+ ret=0
+ else
+ # no such process or exe does not match => stale pid-file or process died
+ # just recently...
+ ret=1
+ fi
+ return $ret
}
-# See how we were called.
+# Source function library (and set vital variables).
+. @SVIdir@/functions
+
case "$1" in
- start)
- # Create keys if necessary
- do_rsa1_keygen
- do_rsa_keygen
- do_dsa_keygen
-
- # Start daemons.
- [ ! -e $LOCK ] || exit 1
- echo -n "Starting $SUBSYS services: "
- start-stop-daemon -S -n $IDENT -x $DAEMON -- $DAEMON_ARGS
- sleep 1
- echo .
- touch $LOCK
- ;;
- stop)
- # Stop daemons.
- [ -e $LOCK ] || exit 0
- echo -n "Stopping $SUBSYS services: "
- start-stop-daemon -K -n $IDENT -x $DAEMON
- echo
- rm -f $LOCK
- ;;
- restart)
- $0 stop
- $0 start
- ;;
- *)
- echo "Usage: $SUBSYS {start|stop|restart}"
- exit 1
+ start)
+ [ ! -e $SVIlock ] || exit 0
+ [ -x $DAEMON ] || exit 5
+ SVIemptyConfig @sysconfdir@/sshd_config && exit 6
+
+ if [ ! \( -f @sysconfdir@/ssh_host_key -a \
+ -f @sysconfdir@/ssh_host_key.pub \) -a \
+ ! \( -f @sysconfdir@/ssh_host_rsa_key -a \
+ -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \
+ ! \( -f @sysconfdir@/ssh_host_dsa_key -a \
+ -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then
+
+ echo "$SVIsubsys: host key not initialized: skipped!"
+ echo "$SVIsubsys: use ssh-host-keygen to generate one!"
+ exit 6
+ fi
+
+ echo -n "Starting $SVIsubsys services: "
+ ssd -S -x $DAEMON -n $NAME -- $OPTIONS
+ ret=$?
+
+ echo "."
+ touch $SVIlock
+ ;;
+
+ stop)
+ [ -e $SVIlock ] || exit 0
+
+ echo -n "Stopping $SVIsubsys services: "
+ ssd -K -p $PIDF -n $NAME
+ ret=$?
+
+ echo "."
+ rm -f $SVIlock
+ ;;
+
+ force-reload|reload)
+ [ -e $SVIlock ] || exit 0
+
+ echo "Reloading $SVIsubsys configuration files: "
+ ssd -K --signal 1 -q -p $PIDF -n $NAME
+ ret=$?
+ echo "done."
+ ;;
+
+ restart)
+ $0 stop
+ $0 start
+ ret=$?
+ ;;
+
+ status)
+ _status $PIDF
+ ret=$?
+ ;;
+
+ *)
+ echo "Usage: $SVIscript {[re]start|stop|[force-]reload|status}"
+ ret=2
+ ;;
+
esac
-exit 0
+exit $ret
+