wok-next view openssh/receipt @ rev 20227
gesftpserver, icewm-xdgmenu, man2html: update bdeps
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Sun Nov 05 23:23:24 2017 +0100 (2017-11-05) |
| parents | 2e9df1b30cc2 |
| children | 204470f08d82 |
line source
1 # SliTaz package receipt v2.
3 PACKAGE="openssh"
4 VERSION="7.5p1"
5 CATEGORY="security"
6 SHORT_DESC="OpenSSH clients and daemon"
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="BSD"
9 WEB_SITE="https://www.openssh.com/"
11 TARBALL="$PACKAGE-$VERSION.tar.gz"
12 WGET_URL="http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
14 BUILD_DEPENDS="libcrypto-dev zlib-dev openssl-dev perl mdocml-dev" # groff
15 SPLIT="sftp-server openssh"
17 # Rules to configure and make the package.
18 compile_rules()
19 {
20 # http://www.linuxfromscratch.org/blfs/view/stable/postlfs/openssh.html
21 install -v -m700 -d /var/lib/sshd &&
22 chown -v root:sys /var/lib/sshd &&
24 addgroup -g 50 -S sshd &&
25 adduser \
26 -h /var/lib/sshd \
27 -g 'sshd PrivSep' \
28 -s /bin/false \
29 -G sshd \
30 -S -D \
31 -u 50 \
32 sshd &&
34 ./configure \
35 --sysconfdir=/etc/ssh \
36 --with-md5-passwords \
37 --with-privsep-path=/var/lib/sshd \
38 $CONFIGURE_ARGS &&
39 make && make DESTDIR=$DESTDIR install || return 1
41 install -vm755 contrib/ssh-copy-id $install/usr/bin
43 cook_pick_manpages contrib/ssh-copy-id.1
44 cook_pick_docs INSTALL LICENCE OVERVIEW README*
46 # SliTaz stuff
48 mkdir -p $install/etc/init.d
49 cp $stuff/openssh $install/etc/init.d
50 cat >> $install/etc/ssh/ssh_config <<EOT
52 # client bug CVE-2016-0777 and CVE-2016-0778
53 Host *
54 UseRoaming no
56 # From https://wiki.gentoo.org/wiki/SSH_jump_host
57 Host *+*
58 ProxyCommand ssh $(echo %h | sed 's/+[^+]*$//;s/\([^+%%]*\)%%\([^+]*\)$/\2 -l \1/;s/:/ -p /') exec nc -w1 $(echo %h | sed 's/^.*+//;/:/!s/$/ %p/;s/:/ /')
60 EOT
61 }
63 # Rules to gen a SliTaz package suitable for Tazpkg.
64 genpkg_rules()
65 {
66 case $PACKAGE in
67 sftp-server)
68 copy sftp-server
69 CAT="security|secure FTP server"
70 TAGS="ssh"
71 DEPENDS="libcrypto zlib"
72 ;;
73 openssh)
74 copy @std sshd/
75 DEPENDS="sftp-server libcrypto zlib"
76 CONFIG_FILES="/etc/ssh/moduli /etc/ssh/ssh_config /etc/ssh/sshd_config \
77 /etc/inetd.conf"
78 TAGS="ssh security"
79 PROVIDE="ssh"
80 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options|web::$WEB_SITE"
81 ;;
82 esac
83 }
85 post_install_openssh() {
86 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
87 #ssh stream tcp nowait root sshd sshd -i
88 EOT
90 while read dropbear openssh; do
91 [ -s "$1$dropbear" ] || continue
92 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
93 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
94 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
95 done <<EOT
96 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
97 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
98 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
99 EOT
101 chroot "$1/" ssh-keygen -A
102 }
104 post_remove_openssh() {
105 grep -q sshd "$1/etc/inetd.conf" &&
106 sed -i '/sshd/d' "$1/etc/inetd.conf"
107 }