diff options
author | Damien Miller <djm@mindrot.org> | 2011-08-12 11:02:35 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2011-08-12 11:02:35 +1000 |
commit | 2db9977c061ff027bafa488c8e9afad505be773e (patch) | |
tree | 4135ffe03fea325a0890036f565fa5f102349e06 | |
parent | 4d47ec9c892883b60b496335425b427a48498bbc (diff) |
- (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
[contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
init scrips from imorgan AT nas.nasa.gov
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | contrib/redhat/openssh.spec | 22 | ||||
-rwxr-xr-x | contrib/redhat/sshd.init | 71 | ||||
-rw-r--r-- | contrib/suse/openssh.spec | 16 | ||||
-rw-r--r-- | contrib/suse/rc.sshd | 16 |
5 files changed, 28 insertions, 100 deletions
@@ -2,6 +2,9 @@ - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context change error by reporting old and new context names Patch from jchadima at redhat. + - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init] + [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES + init scrips from imorgan AT nas.nasa.gov 20110807 - (dtucker) OpenBSD CVS Sync diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 23657eac..2b927f17 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -84,24 +84,24 @@ Obsoletes: ssh %if %{build6x} PreReq: initscripts >= 5.00 %else -PreReq: initscripts >= 5.20 +Requires: initscripts >= 5.20 %endif -BuildPreReq: perl, openssl-devel, tcp_wrappers -BuildPreReq: /bin/login +BuildRequires: perl, openssl-devel, tcp_wrappers +BuildRequires: /bin/login %if ! %{build6x} BuildPreReq: glibc-devel, pam %else -BuildPreReq: /usr/include/security/pam_appl.h +BuildRequires: /usr/include/security/pam_appl.h %endif %if ! %{no_x11_askpass} -BuildPreReq: /usr/include/X11/Xlib.h +BuildRequires: /usr/include/X11/Xlib.h %endif %if ! %{no_gnome_askpass} -BuildPreReq: pkgconfig +BuildRequires: pkgconfig %endif %if %{kerberos5} -BuildPreReq: krb5-devel -BuildPreReq: krb5-libs +BuildRequires: krb5-devel +BuildRequires: krb5-libs %endif %package clients @@ -114,7 +114,7 @@ Obsoletes: ssh-clients Summary: The OpenSSH server daemon. Group: System Environment/Daemons Obsoletes: ssh-server -PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 +Requires: openssh = %{version}-%{release}, chkconfig >= 0.9 %if ! %{build6x} Requires: /etc/pam.d/system-auth %endif @@ -712,7 +712,7 @@ fi it generates. * Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com> -- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always +- Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always build PAM authentication in. - Try setting SSH_ASKPASS if gnome-ssh-askpass is installed. - Clean out no-longer-used patches. @@ -721,7 +721,7 @@ fi * Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com> - Update x11-askpass to 1.0.2. (#17835) -- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will +- Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will always find them in the right place. (#17909) - Set the default path to be the same as the one supplied by /bin/login, but add /usr/X11R6/bin. (#17909) diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init index 854aff66..2334d814 100755 --- a/contrib/redhat/sshd.init +++ b/contrib/redhat/sshd.init @@ -22,70 +22,9 @@ RETVAL=0 prog="sshd" # Some functions to make the below more readable -KEYGEN=/usr/bin/ssh-keygen SSHD=/usr/sbin/sshd -RSA1_KEY=/etc/ssh/ssh_host_key -RSA_KEY=/etc/ssh/ssh_host_rsa_key -DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd.pid -do_rsa1_keygen() { - if [ ! -s $RSA1_KEY ]; then - echo -n $"Generating SSH1 RSA host key: " - if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then - chmod 600 $RSA1_KEY - chmod 644 $RSA1_KEY.pub - if [ -x /sbin/restorecon ]; then - /sbin/restorecon $RSA1_KEY.pub - fi - success $"RSA1 key generation" - echo - else - failure $"RSA1 key generation" - echo - exit 1 - fi - fi -} - -do_rsa_keygen() { - if [ ! -s $RSA_KEY ]; then - echo -n $"Generating SSH2 RSA host key: " - if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then - chmod 600 $RSA_KEY - chmod 644 $RSA_KEY.pub - if [ -x /sbin/restorecon ]; then - /sbin/restorecon $RSA_KEY.pub - fi - success $"RSA key generation" - echo - else - failure $"RSA key generation" - echo - exit 1 - fi - fi -} - -do_dsa_keygen() { - if [ ! -s $DSA_KEY ]; then - echo -n $"Generating SSH2 DSA host key: " - if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then - chmod 600 $DSA_KEY - chmod 644 $DSA_KEY.pub - if [ -x /sbin/restorecon ]; then - /sbin/restorecon $DSA_KEY.pub - fi - success $"DSA key generation" - echo - else - failure $"DSA key generation" - echo - exit 1 - fi - fi -} - do_restart_sanity_check() { $SSHD -t @@ -99,9 +38,13 @@ do_restart_sanity_check() start() { # Create keys if necessary - do_rsa1_keygen - do_rsa_keygen - do_dsa_keygen + /usr/bin/ssh-keygen -A + if [ -x /sbin/restorecon ]; then + /sbin/restorcon /etc/ssh/ssh_host_key.pub + /sbin/restorcon /etc/ssh/ssh_host_rsa_key.pub + /sbin/restorcon /etc/ssh/ssh_host_dsa_key.pub + /sbin/restorcon /etc/ssh/ssh_host_ecdsa_key.pub + fi echo -n $"Starting $prog:" $SSHD $OPTIONS && success || failure diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index db0c127b..4621f548 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -28,11 +28,12 @@ Provides: ssh # (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.) # building prerequisites -- stuff for # OpenSSL (openssl-devel), -# TCP Wrappers (nkitb), +# TCP Wrappers (tcpd-devel), # and Gnome (glibdev, gtkdev, and gnlibsd) # BuildPrereq: openssl -BuildPrereq: nkitb +BuildPrereq: tcpd-devel +BuildPrereq: zlib-devel #BuildPrereq: glibdev #BuildPrereq: gtkdev #BuildPrereq: gnlibsd @@ -177,15 +178,8 @@ rm -rf $RPM_BUILD_ROOT /usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || : %post -if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then - echo "Generating SSH RSA host key..." - /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2 -fi -if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then - echo "Generating SSH DSA host key..." - /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2 -fi -%{fillup_and_insserv -n -s -y ssh sshd START_SSHD} +/usr/bin/ssh-keygen -A +%{fillup_and_insserv -n -y ssh sshd} %run_permissions %verifyscript diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd index 4d4880d7..4a3bc41d 100644 --- a/contrib/suse/rc.sshd +++ b/contrib/suse/rc.sshd @@ -43,20 +43,8 @@ rc_reset case "$1" in start) - if ! test -f /etc/ssh/ssh_host_key ; then - echo Generating /etc/ssh/ssh_host_key. - ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' - fi - if ! test -f /etc/ssh/ssh_host_dsa_key ; then - echo Generating /etc/ssh/ssh_host_dsa_key. - - ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' - fi - if ! test -f /etc/ssh/ssh_host_rsa_key ; then - echo Generating /etc/ssh/ssh_host_rsa_key. - - ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' - fi + # Generate any missing host keys + ssh-keygen -A echo -n "Starting SSH daemon" ## Start daemon with startproc(8). If this fails ## the echo return value is set appropriate. |