xref: /freebsd/crypto/openssh/contrib/suse/openssh.spec (revision 43a5ec4eb41567cc92586503212743d89686d78f)
1# Default values for additional components
2%define build_x11_askpass	1
3
4# Define the UID/GID to use for privilege separation
5%define sshd_gid	65
6%define sshd_uid	71
7
8# The version of x11-ssh-askpass to use
9%define xversion	1.2.4.1
10
11# Allow the ability to override defaults with -D skip_xxx=1
12%{?skip_x11_askpass:%define build_x11_askpass 0}
13
14Summary:	OpenSSH, a free Secure Shell (SSH) protocol implementation
15Name:		openssh
16Version:	8.8p1
17URL:		https://www.openssh.com/
18Release:	1
19Source0:	openssh-%{version}.tar.gz
20Source1:	x11-ssh-askpass-%{xversion}.tar.gz
21License:	BSD
22Group:		Productivity/Networking/SSH
23BuildRoot:	%{_tmppath}/openssh-%{version}-buildroot
24PreReq:		openssl
25Obsoletes:	ssh
26Provides:	ssh
27#
28# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
29# building prerequisites -- stuff for
30#   OpenSSL (openssl-devel),
31#   and Gnome (glibdev, gtkdev, and gnlibsd)
32#
33BuildPrereq:	openssl
34BuildPrereq:	zlib-devel
35#BuildPrereq:	glibdev
36#BuildPrereq:	gtkdev
37#BuildPrereq:	gnlibsd
38
39%package	askpass
40Summary:	A passphrase dialog for OpenSSH and the X window System.
41Group:		Productivity/Networking/SSH
42Requires:	openssh = %{version}
43Obsoletes:	ssh-extras
44Provides:	openssh:${_libdir}/ssh/ssh-askpass
45
46%if %{build_x11_askpass}
47BuildPrereq:	XFree86-devel
48%endif
49
50%description
51Ssh (Secure Shell) is a program for logging into a remote machine and for
52executing commands in a remote machine.  It is intended to replace
53rlogin and rsh, and provide secure encrypted communications between
54two untrusted hosts over an insecure network.  X11 connections and
55arbitrary TCP/IP ports can also be forwarded over the secure channel.
56
57OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
58up to date in terms of security and features, as well as removing all
59patented algorithms to separate libraries (OpenSSL).
60
61This package includes all files necessary for both the OpenSSH
62client and server.
63
64%description askpass
65Ssh (Secure Shell) is a program for logging into a remote machine and for
66executing commands in a remote machine.  It is intended to replace
67rlogin and rsh, and provide secure encrypted communications between
68two untrusted hosts over an insecure network.  X11 connections and
69arbitrary TCP/IP ports can also be forwarded over the secure channel.
70
71OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
72up to date in terms of security and features, as well as removing all
73patented algorithms to separate libraries (OpenSSL).
74
75This package contains an X Window System passphrase dialog for OpenSSH.
76
77%changelog
78* Mon Jul 20 2020 Damien Miller <djm@mindrto.org>
79- Add ssh-sk-helper and corresponding manual page.
80* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov>
81- Removed accidental inclusion of --without-zlib-version-check
82* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov>
83- Overhaul to deal with newer versions of SuSE and OpenSSH
84* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
85- Glob manpages to catch compressed files
86* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
87- Updated for new location
88- Updated for new gnome-ssh-askpass build
89* Sun Dec 26 1999 Chris Saia <csaia@wtower.com>
90- Made symlink to gnome-ssh-askpass called ssh-askpass
91* Wed Nov 24 1999 Chris Saia <csaia@wtower.com>
92- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and
93  /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into
94  his released tarfile
95- Changed permissions on ssh_config in the install procedure to 644 from 600
96  even though it was correct in the %files section and thus right in the RPMs
97- Postinstall script for the server now only prints "Generating SSH host
98  key..." if we need to actually do this, in order to eliminate a confusing
99  message if an SSH host key is already in place
100- Marked all manual pages as %doc(umentation)
101* Mon Nov 22 1999 Chris Saia <csaia@wtower.com>
102- Added flag to configure daemon with TCP Wrappers support
103- Added building prerequisites (works in RPM 3.0 and newer)
104* Thu Nov 18 1999 Chris Saia <csaia@wtower.com>
105- Made this package correct for SuSE.
106- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly
107  with SuSE, and lib_pwdb.so isn't installed by default.
108* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
109- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
110* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
111- Added 'Obsoletes' directives
112* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
113- Use make install
114- Subpackages
115* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
116- Added links for slogin
117- Fixed perms on manpages
118* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
119- Renamed init script
120* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
121- Back to old binary names
122* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
123- Use autoconf
124- New binary names
125* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
126- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
127
128%prep
129
130%if %{build_x11_askpass}
131%setup -q -a 1
132%else
133%setup -q
134%endif
135
136%build
137CFLAGS="$RPM_OPT_FLAGS" \
138%configure	--prefix=/usr \
139		--sysconfdir=%{_sysconfdir}/ssh \
140		--mandir=%{_mandir} \
141		--with-privsep-path=/var/lib/empty \
142		--with-pam \
143		--libexecdir=%{_libdir}/ssh
144make
145
146%if %{build_x11_askpass}
147cd x11-ssh-askpass-%{xversion}
148%configure	--mandir=/usr/X11R6/man \
149		--libexecdir=%{_libdir}/ssh
150xmkmf -a
151make
152cd ..
153%endif
154
155%install
156rm -rf $RPM_BUILD_ROOT
157make install DESTDIR=$RPM_BUILD_ROOT/
158install -d $RPM_BUILD_ROOT/etc/pam.d/
159install -d $RPM_BUILD_ROOT/etc/init.d/
160install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
161install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
162install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd
163install -m744 contrib/suse/sysconfig.ssh \
164   $RPM_BUILD_ROOT/var/adm/fillup-templates
165
166%if %{build_x11_askpass}
167cd x11-ssh-askpass-%{xversion}
168make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/
169rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
170%endif
171
172%clean
173rm -rf $RPM_BUILD_ROOT
174
175%pre
176/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || :
177/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
178
179%post
180/usr/bin/ssh-keygen -A
181%{fillup_and_insserv -n -y ssh sshd}
182%run_permissions
183
184%verifyscript
185%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
186
187%preun
188%stop_on_removal sshd
189
190%postun
191%restart_on_update sshd
192%{insserv_cleanup}
193
194%files
195%defattr(-,root,root)
196%doc ChangeLog OVERVIEW README* PROTOCOL*
197%doc TODO CREDITS LICENCE
198%attr(0755,root,root) %dir %{_sysconfdir}/ssh
199%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
200%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
201%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
202%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
203%attr(0755,root,root) %config /etc/init.d/sshd
204%attr(0755,root,root) %{_bindir}/ssh-keygen
205%attr(0755,root,root) %{_bindir}/scp
206%attr(0755,root,root) %{_bindir}/ssh
207%attr(0755,root,root) %{_bindir}/ssh-agent
208%attr(0755,root,root) %{_bindir}/ssh-add
209%attr(0755,root,root) %{_bindir}/ssh-keyscan
210%attr(0755,root,root) %{_bindir}/sftp
211%attr(0755,root,root) %{_sbindir}/sshd
212%attr(0755,root,root) %dir %{_libdir}/ssh
213%attr(0755,root,root) %{_libdir}/ssh/sftp-server
214%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
215%attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper
216%attr(0755,root,root) %{_libdir}/ssh/ssh-sk-helper
217%attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
218%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
219%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1*
220%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1*
221%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1*
222%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1*
223%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
224%attr(0644,root,root) %doc %{_mandir}/man5/moduli.5*
225%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5*
226%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
227%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
228%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
229%attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8*
230%attr(0644,root,root) %doc %{_mandir}/man8/ssh-sk-helper.8*
231%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
232%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh
233
234%if %{build_x11_askpass}
235%files askpass
236%defattr(-,root,root)
237%doc x11-ssh-askpass-%{xversion}/README
238%doc x11-ssh-askpass-%{xversion}/ChangeLog
239%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad
240%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass
241%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass
242%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x*
243%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x*
244%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass
245%endif
246