wok view openssh-pam/receipt @ rev 20190
linux: enable serial console
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Fri Feb 02 17:18:55 2018 +0100 (2018-02-02) |
parents | 181b1bc0998b |
children | fa77ea692592 |
line source
1 # SliTaz package receipt.
3 PACKAGE="openssh-pam"
4 VERSION="7.6p1"
5 CATEGORY="security"
6 SHORT_DESC="Openbsd Secure Shell using PAM."
7 MAINTAINER="pascal.bellard@slitaz.org"
8 LICENSE="BSD"
9 SOURCE="openssh"
10 TARBALL="$SOURCE-$VERSION.tar.gz"
11 WEB_SITE="http://www.openssh.org/"
12 WGET_URL="http://ftp.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/$TARBALL"
13 CONFIG_FILES="/etc/ssh /etc/inetd.conf"
14 TAGS="ssh security"
16 PROVIDE="openssh:pam ssh:pam"
17 DEPENDS="sftp-server libcrypto zlib pam"
18 BUILD_DEPENDS="libcrypto-dev zlib-dev openssl-dev pam pam-dev"
19 TAZPANEL_DAEMON="man::sshd|edit::/etc/ssh/sshd_config|options::OPENSSH_OPTIONS|web::$WEB_SITE"
21 # Rules to configure and make the package.
22 compile_rules()
23 {
24 unset LD # for cross compiling with --disable-strip
25 ./configure \
26 --prefix=/usr \
27 --sysconfdir=/etc/ssh \
28 --libexecdir=/usr/sbin \
29 --with-privsep-user=nobody \
30 --with-xauth=/usr/bin/xauth \
31 --with-privsep-path=/var/run/sshd \
32 --with-pam \
33 --disable-strip \
34 $CONFIGURE_ARGS &&
35 make STRIP_OPT="" &&
36 make DESTDIR=$DESTDIR install
37 install -d -m 755 $DESTDIR/usr/share/doc &&
38 install -m 644 $src/[A-Z][A-Z]* $DESTDIR/usr/share/doc
39 }
41 # Rules to gen a SliTaz package suitable for Tazpkg.
42 genpkg_rules()
43 {
44 mkdir -p $fs/usr $fs/etc/init.d $fs/etc/ssh
45 cp -a $install/usr/sbin $install/usr/bin $fs/usr
46 rm -f $fs/usr/sbin/sftp-server
47 cp -a $install/etc $fs
48 cp ../$SOURCE/stuff/openssh $fs/etc/init.d
49 sed -i 's/.*UsePAM.*/UsePAM yes/' $fs/etc/ssh/sshd_config
50 sed -i 's|/usr/libexec/sftp-server|/usr/sbin/sftp-server|' \
51 $fs/etc/ssh/sshd_config
53 cat >> $fs/etc/ssh/ssh_config <<EOT
55 # client bug CVE-2016-0777 and CVE-2016-0778
56 Host *
57 UseRoaming no
59 # From https://wiki.gentoo.org/wiki/SSH_jump_host
60 Host *+*
61 ProxyCommand ssh $(echo %h | sed 's/+[^+]*$//;s/\([^+%%]*\)%%\([^+]*\)$/\2 -l \1/;s/:/ -p /') exec nc -w1 $(echo %h | sed 's/^.*+//;/:/!s/$/ %p/;s/:/ /')
63 EOT
64 }
66 post_install()
67 {
68 grep -q ssh "$1/etc/inetd.conf" || cat >> "$1/etc/inetd.conf" <<EOT
69 #ssh stream tcp nowait root sshd sshd -i
70 EOT
71 while read dropbear openssh ; do
72 [ -s "$1$dropbear" ] || continue
73 chroot "$1/" dropbearconvert dropbear openssh $dropbear $openssh
74 chroot "$1/" dropbearkey -y -f $dropbear | grep ssh > "$1$openssh.pub"
75 chroot "$1/" dropbearkey -y -f $dropbear | grep Fingerprint
76 done <<EOT
77 /etc/dropbear/dropbear_rsa_host_key /etc/ssh/ssh_host_rsa_key
78 /etc/dropbear/dropbear_dss_host_key /etc/ssh/ssh_host_dsa_key
79 /etc/dropbear/dropbear_ecdsa_host_key /etc/ssh/ssh_host_ecdsa_key
80 EOT
82 chroot "$1/" ssh-keygen -A
83 }
85 post_remove()
86 {
87 grep -q sshd "$1/etc/inetd.conf" && sed -i '/sshd/d' "$1/etc/inetd.conf"
88 }