Lines Matching +full:- +full:- +full:build +full:- +full:root
8 # Version of ssh-askpass
11 # Do we want to disable building of x11-askpass? (1=yes 0=no)
14 # Do we want to disable building of gnome-askpass? (1=yes 0=no)
23 # Use GTK2 instead of GNOME in gnome-ssh-askpass
26 # Is this build for RHL 6.x?
33 # rpm -ba|--rebuild --define 'skip_xxx 1'
37 # Add option to build without GTK2 for older platforms with only GTK+.
39 # rpm -ba|--rebuild --define 'no_gtk2 1'
42 # Is this a build for RHL 6.x or earlier?
51 # rpm -ba|--rebuild --define "static_openssl 1"
54 # Options for Smartcard support: (needs libsectok and openssl-engine)
55 # rpm -ba|--rebuild --define "smartcard 1"
58 # Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
76 Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
78 Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
82 BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
89 BuildRequires: perl, openssl-devel
92 BuildRequires: glibc-devel, pam
103 BuildRequires: krb5-devel
104 BuildRequires: krb5-libs
109 Requires: openssh = %{version}-%{release}
111 Obsoletes: ssh-clients
116 Obsoletes: ssh-server
117 Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
119 Requires: /etc/pam.d/system-auth
125 Requires: openssh = %{version}-%{release}
126 Obsoletes: ssh-extras
128 %package askpass-gnome
131 Requires: openssh = %{version}-%{release}
132 Obsoletes: ssh-extras
147 install openssh-clients, openssh-server, or both.
167 %description askpass-gnome
176 %setup -q -a 1
178 %setup -q
181 %build
183 CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
187 K5DIR=`rpm -ql krb5-devel | grep 'include/krb5\.h' | sed 's,\/include\/krb5.h,,'`
192 --sysconfdir=%{_sysconfdir}/ssh \
193 --libexecdir=%{_libexecdir}/openssh \
194 --datadir=%{_datadir}/openssh \
195 --with-default-path=/usr/local/bin:/bin:/usr/bin \
196 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
197 --with-privsep-path=%{_var}/empty/sshd \
198 --with-md5-passwords \
200 --with-smartcard \
203 --without-pam \
205 --with-pam \
208 --with-kerberos5=$K5DIR \
213 perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
219 pushd x11-ssh-askpass-%{aversion}
220 %configure --libexecdir=%{_libexecdir}/openssh
221 xmkmf -a
237 make gnome-ssh-askpass2
238 mv gnome-ssh-askpass2 gnome-ssh-askpass
240 make gnome-ssh-askpass1
241 mv gnome-ssh-askpass1 gnome-ssh-askpass
247 rm -rf $RPM_BUILD_ROOT
248 mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
249 mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
250 mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd
254 install -d $RPM_BUILD_ROOT/etc/pam.d/
255 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
256 install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
258 install -m644 contrib/redhat/sshd.pam.old $RPM_BUILD_ROOT/etc/pam.d/sshd
260 install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
262 install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
265 install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ss…
266 ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
270 install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
274 rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin
278 install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
279 install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
280 install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
283 perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
286 rm -rf $RPM_BUILD_ROOT
288 %triggerun server -- ssh-server
289 if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
293 %triggerun server -- openssh-server < 2.5.0p1
302 if [ $? -eq 1 ] ; then
307 %triggerpostun server -- ssh-server
309 /sbin/chkconfig --add sshd
310 if test -f /var/run/sshd.restart ; then
311 rm -f /var/run/sshd.restart
317 %{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
318 %{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
319 -g sshd -M -r sshd 2>/dev/null || :
322 /sbin/chkconfig --add sshd
331 /sbin/chkconfig --del sshd
335 %defattr(-,root,root)
337 %attr(0755,root,root) %{_bindir}/scp
338 %attr(0644,root,root) %{_mandir}/man1/scp.1*
339 %attr(0755,root,root) %dir %{_sysconfdir}/ssh
340 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
342 %attr(0755,root,root) %{_bindir}/ssh-keygen
343 %attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
344 %attr(0755,root,root) %dir %{_libexecdir}/openssh
345 %attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
346 %attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
347 %attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
348 %attr(0644,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
351 %attr(0755,root,root) %dir %{_datadir}/openssh
352 %attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
356 %defattr(-,root,root)
357 %attr(0755,root,root) %{_bindir}/ssh
358 %attr(0644,root,root) %{_mandir}/man1/ssh.1*
359 %attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
360 %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
362 %attr(2755,root,nobody) %{_bindir}/ssh-agent
363 %attr(0755,root,root) %{_bindir}/ssh-add
364 %attr(0755,root,root) %{_bindir}/ssh-keyscan
365 %attr(0755,root,root) %{_bindir}/sftp
366 %attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
367 %attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
368 %attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
369 %attr(0644,root,root) %{_mandir}/man1/sftp.1*
374 %defattr(-,root,root)
375 %dir %attr(0111,root,root) %{_var}/empty/sshd
376 %attr(0755,root,root) %{_sbindir}/sshd
377 %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
378 %attr(0644,root,root) %{_mandir}/man8/sshd.8*
379 %attr(0644,root,root) %{_mandir}/man5/moduli.5*
380 %attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
381 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
382 %attr(0755,root,root) %dir %{_sysconfdir}/ssh
383 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
384 %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
385 %attr(0755,root,root) %config /etc/rc.d/init.d/sshd
390 %defattr(-,root,root)
391 %doc x11-ssh-askpass-%{aversion}/README
392 %doc x11-ssh-askpass-%{aversion}/ChangeLog
393 %doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
394 %attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
395 %attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
399 %files askpass-gnome
400 %defattr(-,root,root)
401 %attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
402 %attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
407 - test for skip_x11_askpass (line 77) should have been for no_x11_askpass
410 - Remove noip6 option. This may be controlled at run-time in client config
414 - Don't install profile.d scripts when not building with GNOME/GTK askpass
418 - Install ssh-agent setgid nobody to prevent ptrace() key theft attacks
421 - Use contrib/ Makefile for building askpass programs
424 - Merge in spec changes from seba@iq.pl (Sebastian Pachuta)
425 - Add new {ssh,sshd}_config.5 manpages
426 - Add new ssh-keysign program and remove setuid from ssh client
429 - Merge in spec changes from RedHat, reorgansie a little
430 - Add Privsep user, group and directory
432 * Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-2
433 - bump and grind (through the build system)
435 * Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-1
436 - require sharutils for building (mindrot #137)
437 - require db1-devel only when building for 6.x (#55105), which probably won't
438 work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck
439 - require pam-devel by file (not by package name) again
440 - add Markus's patch to compile with OpenSSL 0.9.5a (from
444 * Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-0
445 - update to 3.1p1
447 * Tue Mar 5 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020305
448 - update to SNAP-20020305
449 - drop debug patch, fixed upstream
451 * Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020220
452 - update to SNAP-20020220 for testing purposes (you've been warned, if there's
455 * Wed Feb 13 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-3
456 - add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key
459 * Wed Jan 23 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-2
460 - remove dependency on db1-devel, which has just been swallowed up whole
461 by gnome-libs-devel
464 - adjust build dependencies so that build6x actually works right (fix
467 * Tue Dec 4 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-1
468 - update to 3.0.2p1
470 * Fri Nov 16 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.1p1-1
471 - update to 3.0.1p1
474 - update to current CVS (not for use in distribution)
476 * Thu Nov 8 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0p1-1
477 - merge some of Damien Miller <djm@mindrot.org> changes from the upstream
481 - update to 3.0p1
482 - update to x11-ssh-askpass 1.2.4.1
483 - change build dependency on a file from pam-devel to the pam-devel package
484 - replace primes with moduli
486 * Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-9
487 - incorporate fix from Markus Friedl's advisory for IP-based authorization bugs
489 * Thu Sep 13 2001 Bernhard Rosenkraenzer <bero@redhat.com> 2.9p2-8
490 - Merge changes to rescue build from current sysadmin survival cd
492 * Thu Sep 6 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-7
493 - fix scp's server's reporting of file sizes, and build with the proper
494 preprocessor define to get large-file capable open(), stat(), etc.
496 - configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247)
497 - pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298)
498 - mark profile.d scriptlets as config files (#42337)
499 - refer to Jason Stone's mail for zsh workaround for exit-hanging quasi-bug
500 - change a couple of log() statements to debug() statements (#50751)
501 - pull cvs patch to add -t flag to sshd (#28611)
502 - clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221)
504 * Mon Aug 20 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-6
505 - add db1-devel as a BuildPrerequisite (noted by Hans Ecke)
508 - pull cvs patch to fix remote port forwarding with protocol 2
511 - pull cvs patch to add session initialization to no-pty sessions
512 - pull cvs patch to not cut off challengeresponse auth needlessly
513 - refuse to do X11 forwarding if xauth isn't there, handy if you enable
517 - don't apply patches to code we don't intend to build (spotted by Matt Galgoci)
520 - pass OPTIONS correctly to initlog (#50151)
523 - switch to x11-ssh-askpass 1.2.2
526 - rebuild in new environment
529 - disable the gssapi patch
532 - update to 2.9p2
533 - refresh to a new version of the gssapi patch
536 - change Copyright: BSD to License: BSD
537 - add Markus Friedl's unverified patch for the cookie file deletion problem
539 - drop patch to check if xauth is present (was folded into cookie patch)
540 - don't apply gssapi patches for the errata candidate
541 - clear supplemental groups list at startup
544 - fix an error parsing the new default sshd_config
545 - add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not
549 - add in Simon Wilkinson's GSSAPI patch to give it some testing in-house,
554 - finish marking strings in the init script for translation
555 - modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd
558 - refuse to do X11 forwarding if xauth isn't there, handy if you enable
562 - update to 2.9
563 - drop various patches that came from or went upstream or to or from CVS
566 - only require initscripts 5.00 on 6.2 (reported by Peter Bieringer)
569 - remove explicit openssl requirement, fixes builddistro issue
570 - make initscript stop() function wait until sshd really dead to avoid
574 - mention that challengereponse supports PAM, so disabling password doesn't
576 - bypass the daemon() function in the init script and call initlog directly,
579 - require the version of openssl we had when we were built
582 - make do_pam_setcred() smart enough to know when to establish creds and
584 - add in a couple of other fixes from Damien for inclusion in the errata
587 - update to 2.5.2p2
588 - call setcred() again after initgroups, because the "creds" could actually
592 - update to 2.5.2p1 (includes endianness fixes in the rijndael implementation)
593 - don't enable challenge-response by default until we find a way to not
596 - remove build dependency on rsh to match openssh.com's packages more closely
599 - remove dependency on openssl -- would need to be too precise
602 - rebuild in new environment
605 - Revert the patch to move pam_open_session.
606 - Init script and spec file changes from Pekka Savola. (#28750)
607 - Patch sftp to recognize '-o protocol' arguments. (#29540)
610 - Chuck the closing patch.
611 - Add a trigger to add host keys for protocol 2 to the config file, now that
616 - Redo patch to move pam_open_session after the server setuid()s to the user.
617 - Rework the nopam patch to use be picked up by autoconf.
620 - Update for 2.5.1p1.
621 - Add init script mods from Pekka Savola.
622 - Tweak the init script to match the CVS contrib script more closely.
623 - Redo patch to ssh-add to try to adding both identity and id_dsa to also try
627 - Update for 2.5.0p1.
628 - Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass
629 - Resync with parts of Damien Miller's openssh.spec from CVS, including
631 - Only require openssl (don't prereq) because we generate keys in the init
635 - Don't open a PAM session until we've forked and become the user (#25690).
636 - Apply Andrew Bartlett's patch for letting pam_authenticate() know which
638 - Resync with parts of Damien Miller's openssh.spec from CVS.
639 - Don't expose KbdInt responses in debug messages (from CVS).
640 - Detect and handle errors in rsa_{public,private}_decrypt (from CVS).
643 - i18n-tweak to initscript.
646 - More gettextizing.
647 - Close all files after going into daemon mode (needs more testing).
648 - Extract patch from CVS to handle auth banners (in the client).
649 - Extract patch from CVS to handle compat weirdness.
652 - Finish with the gettextizing.
655 - Fix a bug in auth2-pam.c (#23877)
656 - Gettextize the init script.
659 - Incorporate a switch for using PAM configs for 6.x, just in case.
662 - Incorporate Bero's changes for a build specifically for rescue CDs.
665 - Don't treat pam_setcred() failure as fatal unless pam_authenticate() has
666 succeeded, to allow public-key authentication after a failure with "none"
670 - Update to x11-askpass 1.1.1. (#21301)
671 - Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290)
674 - Merge multiple PAM text messages into subsequent prompts when possible when
675 doing keyboard-interactive authentication.
678 - Disable the built-in MD5 password support. We're using PAM.
679 - Take a crack at doing keyboard-interactive authentication with PAM, and
682 - Build with debugging flags. Build root policies strip all binaries anyway.
685 - Use DESTDIR instead of %%makeinstall.
686 - Remove /usr/X11R6/bin from the path-fixing patch.
689 - Add the primes file from the latest snapshot to the main package (#20884).
690 - Add the dev package to the prereq list (#19984).
691 - Remove the default path and mimic login's behavior in the server itself.
694 - Resync with conditional options in Damien Miller's .spec file for an errata.
695 - Change libexecdir from %%{_libexecdir}/ssh to %%{_libexecdir}/openssh.
698 - Update to OpenSSH 2.3.0p1.
699 - Update to x11-askpass 1.1.0.
700 - Enable keyboard-interactive authentication.
703 - Update to ssh-askpass-x11 1.0.3.
704 - Change authentication related messages to be private (#19966).
707 - Patch ssh-keygen to be able to list signatures for DSA public key files
711 - Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always
712 build PAM authentication in.
713 - Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
714 - Clean out no-longer-used patches.
715 - Patch ssh-add to try to add both identity and id_dsa, and to error only
719 - Update x11-askpass to 1.0.2. (#17835)
720 - Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will
722 - Set the default path to be the same as the one supplied by /bin/login, but
724 - Try to handle obsoletion of ssh-server more cleanly. Package names
728 - Update to 2.2.0p1. (#17835)
729 - Tweak the init script to allow proper restarting. (#18023)
732 - Update to 20000823 snapshot.
733 - Change subpackage requirements from %%{version} to %%{version}-%%{release}
734 - Back out the pipe patch.
737 - Update to 2.1.1p4, which includes fixes for config file parsing problems.
738 - Move the init script back.
739 - Add Damien's quick fix for wackiness.
742 - Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok().
745 - Move condrestart to server postun.
746 - Move key generation to init script.
747 - Actually use the right patch for moving the key generation to the init script.
748 - Clean up the init script a bit.
751 - Fix X11 forwarding, from mail post by Chan Shih-Ping Richard.
754 - Update to 2.1.1p2.
755 - Use of strtok() considered harmful.
758 - Get the build root out of the man pages.
761 - Add and use condrestart support in the init script.
762 - Add newer initscripts as a prereq.
765 - Build in new environment (release 2)
766 - Move -clients subpackage to Applications/Internet group
769 - Update to 2.2.1p1
772 - Patch to build with neither RSA nor RSAref.
773 - Miscellaneous FHS-compliance tweaks.
774 - Fix for possibly-compressed man pages.
777 - Updated for new location
778 - Updated for new gnome-ssh-askpass build
781 - Added Jim Knoble's <jmknoble@pobox.com> askpass
784 - Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
787 - Added 'Obsoletes' directives
790 - Use make install
791 - Subpackages
794 - Added links for slogin
795 - Fixed perms on manpages
798 - Renamed init script
801 - Back to old binary names
804 - Use autoconf
805 - New binary names
808 - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.