wok-next view openssh/receipt @ rev 20532

moc, mypaint: update bdeps
author Pascal Bellard <pascal.bellard@slitaz.org>
date Mon Mar 26 13:35:23 2018 +0200 (2018-03-26)
parents e6615350078d
children 757d032c55c7
line source
1 # SliTaz package receipt v2.
2
3 PACKAGE="openssh"
4 VERSION="7.6p1"
5 CATEGORY="security"
6 SHORT_DESC="OpenSSH clients and daemon"
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="BSD"
9 WEB_SITE="https://www.openssh.com/"
10 LFS="http://www.linuxfromscratch.org/blfs/view/stable/postlfs/openssh.html"
11
12 TARBALL="$PACKAGE-$VERSION.tar.gz"
13 WGET_URL="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
14
15 BUILD_DEPENDS="openssl-dev zlib-dev openssl-dev perl mdocml-dev pam-dev" # groff
16 SPLIT="openssh openssh-pam:pam"
17
18 compile_rules() {
19 sed -i '/sysconfdir=/ s|^|#|' /etc/slitaz/cook.site # default sysconfdir=/etc
20
21 install -m700 -d /var/lib/sshd
22 chown root:sys /var/lib/sshd
23
24 addgroup -g 50 -S sshd
25 adduser \
26 -h /var/lib/sshd \
27 -g 'sshd PrivSep' \
28 -s /bin/false \
29 -G sshd \
30 -S -D \
31 -u 50 \
32 sshd
33
34 case $SET in
35 pam) SET_ARGS='--with-pam --with-xauth=/usr/bin/xauth';;
36 *) SET_ARGS='--without-pam --with-md5-passwords';;
37 esac
38
39 ./configure \
40 --sysconfdir=/etc/ssh \
41 --with-privsep-path=/var/lib/sshd \
42 $SET_ARGS \
43 $CONFIGURE_ARGS &&
44 make && make DESTDIR=$DESTDIR install || return 1
45
46 install -vm755 contrib/ssh-copy-id $install/usr/bin/
47
48 cook_pick_manpages contrib/ssh-copy-id.1
49 cook_pick_docs INSTALL LICENCE OVERVIEW README*
50
51 # SliTaz stuff
52
53 install -Dm755 $stuff/openssh $install/etc/init.d/openssh
54
55 cat >> $install/etc/ssh/ssh_config <<EOT
56
57 # client bug CVE-2016-0777 and CVE-2016-0778
58 Host *
59 UseRoaming no
60
61 # From https://wiki.gentoo.org/wiki/SSH_jump_host
62 Host *+*
63 ProxyCommand ssh $(echo %h | sed 's/+[^+]*$//;s/\([^+%%]*\)%%\([^+]*\)$/\2 -l \1/;s/:/ -p /') exec nc -w1 $(echo %h | sed 's/^.*+//;/:/!s/$/ %p/;s/:/ /')
64
65 EOT
66
67 touch $install/etc/inetd.conf
68 }
69
70 genpkg_rules() {
71 case $PACKAGE in
72 openssh)
73 copy @std sshd/
74 DEPENDS="openssl zlib"
75 CONFIG_FILES="/etc/ssh/moduli /etc/ssh/ssh_config \
76 /etc/ssh/sshd_config /etc/inetd.conf"
77 TAGS="ssh security"
78 PROVIDE="ssh"
79 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
80 ;;
81 openssh-pam)
82 copy @std sshd/
83 sed -i 's/.*UsePAM.*/UsePAM yes/' $fs/etc/ssh/sshd_config
84 CAT="security|with PAM support"
85 DEPENDS="openssl zlib pam"
86 CONFIG_FILES="/etc/ssh/moduli /etc/ssh/ssh_config \
87 /etc/ssh/sshd_config /etc/inetd.conf"
88 TAGS="ssh security"
89 PROVIDE="openssh:pam ssh:pam"
90 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
91 ;;
92 esac
93 }
94
95 post_install_openssh() {
96 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
97 #ssh stream tcp nowait root sshd sshd -i
98 EOT
99
100 while read dropbear openssh; do
101 [ -s "$1$dropbear" ] || continue
102 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
103 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
104 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
105 done <<EOT
106 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
107 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
108 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
109 EOT
110
111 chroot "$1/" ssh-keygen -A
112 }
113
114 post_remove_openssh() {
115 grep -q sshd "$1/etc/inetd.conf" &&
116 sed -i '/sshd/d' "$1/etc/inetd.conf"
117 }
118
119 post_install_openssh_pam() {
120 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
121 #ssh stream tcp nowait root sshd sshd -i
122 EOT
123
124 while read dropbear openssh; do
125 [ -s "$1$dropbear" ] || continue
126 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
127 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
128 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
129 done <<EOT
130 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
131 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
132 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
133 EOT
134
135 chroot "$1/" ssh-keygen -A
136 }
137
138 post_remove_openssh_pam() {
139 grep -q sshd "$1/etc/inetd.conf" &&
140 sed -i '/sshd/d' "$1/etc/inetd.conf"
141 }