wok-current view openssh/receipt @ rev 22680

rsync, openssh: update $CONFIG_FILES
author Pascal Bellard <pascal.bellard@slitaz.org>
date Sat Jan 18 18:26:14 2020 +0100 (2020-01-18)
parents 809015307697
children 25f8eb393142
line source
1 # SliTaz package receipt.
3 PACKAGE="openssh"
4 VERSION="7.9p1"
5 CATEGORY="security"
6 SHORT_DESC="Openbsd Secure Shell."
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="BSD"
9 TARBALL="$PACKAGE-$VERSION.tar.gz"
10 WEB_SITE="http://www.openssh.org/"
11 WGET_URL="http://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
12 CONFIG_FILES="/etc/ssh"
13 TAGS="ssh security"
14 HOST_ARCH="i486 arm"
16 PROVIDE="ssh"
17 DEPENDS="sftp-server libcrypto zlib"
18 BUILD_DEPENDS="libcrypto-dev zlib-dev openssl-dev gtk+-dev"
19 SUGGESTED="gtk+"
20 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
22 # Rules to configure and make the package.
23 compile_rules()
24 {
25 patch -p1 < $stuff/knock.u
26 unset LD # for cross compiling with --disable-strip
27 ./configure \
28 --prefix=/usr \
29 --sysconfdir=/etc/ssh \
30 --libexecdir=/usr/sbin \
31 --with-privsep-user=nobody \
32 --with-xauth=/usr/bin/xauth \
33 --with-privsep-path=/var/run/sshd \
34 --without-pam \
35 --disable-strip \
36 $CONFIGURE_ARGS &&
37 make STRIP_OPT="" &&
38 make DESTDIR=$DESTDIR install
39 install -d -m 755 $DESTDIR/usr/share/doc &&
40 install -m 644 $src/[A-Z][A-Z]* $DESTDIR/usr/share/doc
41 cd contrib &&
42 cc -Wall $(pkg-config --cflags gtk+-2.0) gnome-ssh-askpass2.c \
43 -o gnome-ssh-askpass $(pkg-config --libs gtk+-2.0) -lX11 &&
44 cp gnome-ssh-askpass $DESTDIR/usr/bin/ssh-askpass
45 }
47 # Rules to gen a SliTaz package suitable for Tazpkg.
48 genpkg_rules()
49 {
50 mkdir -p $fs/usr $fs/etc/init.d $fs/etc/ssh
51 cp -a $install/usr/sbin $install/usr/bin $fs/usr
52 rm -f $fs/usr/sbin/sftp-server
53 install -m 755 -oroot -groot $src/contrib/ssh-copy-id $fs/usr/bin
54 cp $src/contrib/ssh-copy-id.1 $install/usr/share/man/cat1
55 cp -a $install/etc $fs
56 cp $stuff/openssh $fs/etc/init.d
57 sed -i 's|/usr/libexec/sftp-server|/usr/sbin/sftp-server|' \
58 $fs/etc/ssh/sshd_config
60 cat >> $fs/etc/ssh/ssh_config <<EOT
62 # client bug CVE-2016-0777 and CVE-2016-0778
63 Host *
64 UseRoaming no
66 # From https://wiki.gentoo.org/wiki/SSH_jump_host
67 Host *+*
68 ProxyCommand ssh $(echo %h | sed 's/+[^+]*$//;s/\([^+%%]*\)%%\([^+]*\)$/\2 -l \1/;s/:/ -p /') exec nc -w1 $(echo %h | sed 's/^.*+//;/:/!s/$/ %p/;s/:/ /')
70 EOT
71 }
73 post_install()
74 {
75 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
76 #ssh stream tcp nowait root sshd sshd -i
77 EOT
78 while read dropbear openssh ; do
79 [ -s "$1$dropbear" ] || continue
80 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
81 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
82 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
83 done <<EOT
84 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
85 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
86 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
87 EOT
89 chroot "$1/" ssh-keygen -A
90 }
92 post_remove()
93 {
94 grep -q sshd "$1/etc/inetd.conf" && sed -i '/sshd/d' "$1/etc/inetd.conf"
95 }