wok-next view openssh/receipt @ rev 21020

Cleaning is almost finished... I should proceed to upgrades.
author Aleksej Bobylev <al.bobylev@gmail.com>
date Fri Nov 02 14:15:08 2018 +0200 (2018-11-02)
parents f48456621a9d
children
line source
1 # SliTaz package receipt v2.
2
3 PACKAGE="openssh"
4 VERSION="7.6p1"
5 CATEGORY="security"
6 SHORT_DESC="OpenSSH clients and daemon"
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="BSD"
9 WEB_SITE="https://www.openssh.com/"
10 LFS="http://www.linuxfromscratch.org/blfs/view/svn/postlfs/openssh.html"
11
12 TARBALL="$PACKAGE-$VERSION.tar.gz"
13 WGET_URL="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
14
15 BUILD_DEPENDS="openssl-dev zlib-dev openssl-dev perl mandoc-dev pam-dev" # groff
16 SPLIT="$PACKAGE-pam:pam"
17
18 compile_rules() {
19 install -m700 -d /var/lib/sshd
20 chown root:sys /var/lib/sshd
21
22 addgroup -g 50 -S sshd
23 adduser \
24 -h /var/lib/sshd \
25 -g 'sshd PrivSep' \
26 -s /bin/false \
27 -G sshd \
28 -S -D \
29 -u 50 \
30 sshd
31
32 case $SET in
33 pam) SET_ARGS='--with-pam --with-xauth=/usr/bin/xauth';;
34 *) SET_ARGS='--without-pam --with-md5-passwords';;
35 esac
36
37 ./configure \
38 --sysconfdir=/etc/ssh \
39 --with-privsep-path=/var/lib/sshd \
40 $SET_ARGS \
41 $CONFIGURE_ARGS &&
42 make &&
43 make DESTDIR=$install install || return 1
44
45 install -vm755 contrib/ssh-copy-id $install/usr/bin/
46
47 cook_pick_manpages contrib/ssh-copy-id.1
48 cook_pick_docs INSTALL LICENCE OVERVIEW README*
49
50 # SliTaz stuff
51
52 install -Dm755 $stuff/openssh $install/etc/init.d/openssh
53
54 cat >> $install/etc/ssh/ssh_config <<EOT
55
56 # client bug CVE-2016-0777 and CVE-2016-0778
57 Host *
58 UseRoaming no
59
60 # From https://wiki.gentoo.org/wiki/SSH_jump_host
61 Host *+*
62 ProxyCommand ssh $(echo %h | sed 's/+[^+]*$//;s/\([^+%%]*\)%%\([^+]*\)$/\2 -l \1/;s/:/ -p /') exec nc -w1 $(echo %h | sed 's/^.*+//;/:/!s/$/ %p/;s/:/ /')
63
64 EOT
65
66 touch $install/etc/inetd.conf
67 }
68
69 genpkg_rules() {
70 case $PACKAGE in
71 openssh)
72 copy @std sshd/
73 DEPENDS="openssl zlib"
74 CONFIG_FILES="/etc/ssh/moduli /etc/ssh/ssh_config \
75 /etc/ssh/sshd_config /etc/inetd.conf"
76 TAGS="ssh security"
77 PROVIDE="ssh"
78 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
79 ;;
80 openssh-pam)
81 copy @std sshd/
82 sed -i 's/.*UsePAM.*/UsePAM yes/' $fs/etc/ssh/sshd_config
83 CAT="security|with PAM support"
84 DEPENDS="openssl zlib pam"
85 CONFIG_FILES="/etc/ssh/moduli /etc/ssh/ssh_config \
86 /etc/ssh/sshd_config /etc/inetd.conf"
87 TAGS="ssh security"
88 PROVIDE="openssh:pam ssh:pam"
89 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
90 ;;
91 esac
92 }
93
94 post_install_openssh() {
95 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
96 #ssh stream tcp nowait root sshd sshd -i
97 EOT
98
99 while read dropbear openssh; do
100 [ -s "$1$dropbear" ] || continue
101 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
102 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
103 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
104 done <<EOT
105 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
106 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
107 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
108 EOT
109
110 chroot "$1/" ssh-keygen -A
111 }
112
113 post_remove_openssh() {
114 grep -q sshd "$1/etc/inetd.conf" &&
115 sed -i '/sshd/d' "$1/etc/inetd.conf"
116 }
117
118 post_install_openssh_pam() {
119 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
120 #ssh stream tcp nowait root sshd sshd -i
121 EOT
122
123 while read dropbear openssh; do
124 [ -s "$1$dropbear" ] || continue
125 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
126 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
127 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
128 done <<EOT
129 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
130 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
131 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
132 EOT
133
134 chroot "$1/" ssh-keygen -A
135 }
136
137 post_remove_openssh_pam() {
138 grep -q sshd "$1/etc/inetd.conf" &&
139 sed -i '/sshd/d' "$1/etc/inetd.conf"
140 }