* Tue Nov 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-10.sme
- fix update of host keys comment [SME: 12759]
This commit is contained in:
parent
fe19270a45
commit
7a00907a30
@ -83,6 +83,7 @@ SKIP: {
|
||||
=cut
|
||||
|
||||
my $db = esmith::ConfigDB->open_ro or die "Could not open config db";
|
||||
my $comment = "root@" . $db->get('SystemName')->value . "." . $db->get('DomainName')->value;
|
||||
|
||||
for my $typek (qw(dsa rsa ecdsa ed25519)) {
|
||||
# Recomment the key in case the SystemName or DomainName changed.
|
||||
@ -91,8 +92,8 @@ for my $typek (qw(dsa rsa ecdsa ed25519)) {
|
||||
|
||||
esmith::util::backgroundCommand (0,
|
||||
"/usr/bin/ssh-keygen", @change, "-t", "$typek",
|
||||
"-f", "/etc/ssh/ssh_host_key",
|
||||
"-C", "root@" . $db->get('SystemName')->value . "." . $db->get('DomainName')->value);
|
||||
"-f", "/etc/ssh/ssh_host_${typek}_key",
|
||||
"-C", "comment");
|
||||
}
|
||||
exit (0);
|
||||
|
||||
|
@ -4,7 +4,7 @@ Summary: smeserver module to configure and enable ssh
|
||||
%define name smeserver-openssh
|
||||
Name: %{name}
|
||||
%define version 11.0.0
|
||||
%define release 9
|
||||
%define release 10
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
License: GPL
|
||||
@ -64,6 +64,9 @@ if [ $1 -gt 1 ] ; then
|
||||
fi
|
||||
|
||||
%changelog
|
||||
* Tue Nov 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-10.sme
|
||||
- fix update of host keys comment [SME: 12759]
|
||||
|
||||
* Sun Sep 22 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-9.sme
|
||||
- remove reference to deprecated rssh [SME: 12670]
|
||||
- template /etc/pam.d/sshd to remove motd [SME: 12740]
|
||||
|
@ -1,697 +0,0 @@
|
||||
# $Id: e-smith-openssh.spec,v 1.12 2023/07/13 02:38:42 trevorb Exp $
|
||||
|
||||
Summary: smeserver module to configure and enable ssh
|
||||
%define name smeserver-openssh
|
||||
Name: %{name}
|
||||
%define version 11.0.0
|
||||
%define release 4
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
License: GPL
|
||||
Group: Networking/Daemons
|
||||
Source: %{name}-%{version}.tar.xz
|
||||
|
||||
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
|
||||
BuildRequires: smeserver-devtools
|
||||
BuildArchitectures: noarch
|
||||
Requires: smeserver, openssl,
|
||||
Requires: openssh >= 3.5
|
||||
Requires: openssh-clients
|
||||
Requires: openssh-server
|
||||
Requires: smeserver-lib >= 1.15.1-19
|
||||
Requires: runit
|
||||
Provides: e-smith-openssh
|
||||
AutoReqProv: no
|
||||
|
||||
%changelog
|
||||
* Thu Apr 04 2024 Brian Read <brianr@koozali.org> 11.0.0-4.sme
|
||||
- Set license file to GPL2.0 [SME: 12577]
|
||||
|
||||
* Tue Mar 26 2024 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-3.sme
|
||||
- remove RSA1 support which prevents service start [SME: 12553]
|
||||
|
||||
* Sat Mar 23 2024 Brian Read <brianr@koozali.org>11.0.0-2.sme
|
||||
- Change Requires: e-smith- to Requires:smeserver-
|
||||
|
||||
* Sat Mar 23 2024 Brian Read <brianr@koozali.org>11.0.0-1.sme
|
||||
- Update Release and Version to base version and 1st release for SME11 [SME: 12518]
|
||||
- Move Provides: from after Changelog
|
||||
|
||||
|
||||
* Mon Mar 11 2024 rename-e-smith-pkg.sh by Trevor Batley <trevor@batley.id.au> 2.6.0-9.sme
|
||||
- Rename to smeserver-openssh [SME: 12359]
|
||||
|
||||
* Thu Jul 13 2023 cvs2git.sh aka Brian Read <brianr@koozali.org> 2.6.0-8.sme
|
||||
- Roll up patches and move to git repo [SME: 12338]
|
||||
|
||||
* Thu Jul 13 2023 BogusDateBot
|
||||
- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
|
||||
by assuming the date is correct and changing the weekday.
|
||||
Tue Aug 30 2000 --> Tue Aug 29 2000 or Wed Aug 30 2000 or Tue Sep 05 2000 or ....
|
||||
Thu Apr 27 2001 --> Thu Apr 26 2001 or Fri Apr 27 2001 or Thu May 03 2001 or ....
|
||||
|
||||
* Tue Mar 16 2021 Jean-Philippe Pialasse <tests@pialasse.com> 2.6.0-7.sme
|
||||
- clean rsyslog syntax for sshd [SME: 11422]
|
||||
|
||||
* Thu Feb 18 2021 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-6.sme
|
||||
- increase default host key size [SME: 11359]
|
||||
- redirect logging to /var/log/sshd/sshd.log and logrotate [SME: 11256]
|
||||
|
||||
* Fri Dec 11 2020 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-4.sme
|
||||
- add support for denyhost [SME: 10939]
|
||||
- move sshd to systemd [SME: 11109]
|
||||
- create -update event [SME: 11147]
|
||||
- add ed25519 and ecdsa hostkeys [SME: 10940]
|
||||
|
||||
* Sun May 03 2020 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-3.sme
|
||||
- add Whitelist to AutoBlock using property sshd ValidFrom [SME: 9893]
|
||||
|
||||
* Sat May 02 2020 Jean-Philipe Pialasse <tests@pialasse.com> 2.6.0-2.sme
|
||||
- update client ciphers to use [SME: 10621]
|
||||
- add ciphers, macs and KexAlgorithms for server [SME: 10937]
|
||||
|
||||
* Fri Feb 05 2016 stephane de Labrusse <stephdl@de-labrusse.fr> 2.6.0-1.sme
|
||||
- Initial release to sme10
|
||||
|
||||
* Thu Jun 25 2015 stephane de Labrusse <stephdl@de-labrusse.fr> 2.4.0-6.sme
|
||||
- enabled the motd message [SME: 8939]
|
||||
- Code done by John Crisp <jcrisp@safeandsoundit.co.uk> and
|
||||
- Stefano Zamboni <zamboni@mind-at-work.it>
|
||||
|
||||
* Sun Apr 6 2014 Charlie Brady <charlie_brady@mitel.com> 2.4.0-5.sme
|
||||
- Fix use of uninitialized variables in last change. [SME: 8313]
|
||||
- Fix error with flush of xt_recent SSH connections. [SME: 8314]
|
||||
|
||||
* Sat Apr 5 2014 Chris Burnat <devlist@burnat.com> 2.4.0-4.sme
|
||||
- Add ssh-autoblock for external interface - patch by Chris Maltby [SME: 8258]
|
||||
|
||||
* Fri Nov 1 2013 Chris Burnat <devlist@burnat.com> 2.4.0-3.sme
|
||||
- Remove SSH v1 legacy support - patch by Daniel Berteaud [SME: 6381]
|
||||
|
||||
* Sat Mar 16 2013 Daniel Berteaud <daniel@firewall-services.com> 2.4.0-2.sme
|
||||
- Make rsyslog listen to our socket [SME: 7221]
|
||||
|
||||
* Wed Feb 13 2013 Shad L. Lords <slords@mail.com> 2.4.0-1.sme
|
||||
- Roll new stream for sme9
|
||||
|
||||
* Tue Mar 1 2011 Jonathan Martens <smesevrer-contribs@snetram.nl> 2.2.0-5.sme
|
||||
- Obsolete KeepAlive and replace ClientAliveInterval and ClientAliveCountMax [SME: 6380]
|
||||
|
||||
* Fri Nov 26 2010 Ian Wells <esmith@wellsi.com> 2.2.0-4.sme
|
||||
- Change permissions of ssh_config file to 644 [SME: 43]
|
||||
|
||||
* Thu Nov 25 2010 Ian Wells <esmith@wellsi.com> 2.2.0-3.sme
|
||||
- Template ssh_config with improved defaults [SME: 43]
|
||||
|
||||
* Sun Dec 28 2008 Jonathan Martens <smesevrer-contribs@snetram.nl> 2.2.0-2.sme
|
||||
- Template sshd login grace time, kept default at 600s [SME: 4903]
|
||||
|
||||
* Tue Oct 7 2008 Shad L. Lords <slords@mail.com> 2.2.0-1.sme
|
||||
- Roll new stream to separate sme7/sme8 trees [SME: 4633]
|
||||
|
||||
* Wed Jan 09 2008 Stephen Noble <support@dungog.net> 1.12.0-13
|
||||
- Remove template fragments for /root/.ssh/config [SME: 513]
|
||||
|
||||
* Tue Dec 18 2007 Shad L. Lords <slords@mail.com> 1.12.0-12
|
||||
- Actually apply previous patch [SME: 3678]
|
||||
|
||||
* Mon Dec 17 2007 Shad L. Lords <slords@mail.com> 1.12.0-11
|
||||
- Allow root to be key based login only [SME: 3678]
|
||||
|
||||
* Tue Oct 23 2007 Charlie Brady <charlie_brady@mitel.com> 1.12.0-10
|
||||
- Prevent rkhunter false positive if ssh is disabled but
|
||||
PermitRootLogin is enabled in config. [SME: 166]
|
||||
|
||||
* Sun Apr 29 2007 Shad L. Lords <slords@mail.com>
|
||||
- Clean up spec so package can be built by koji/plague
|
||||
|
||||
* Sun Apr 08 2007 Shad L. Lords <slords@mail.com> 1.12.0-9
|
||||
- Adjust permissions on empty/sshd directory again [SME: 2711]
|
||||
|
||||
* Fri Apr 06 2007 Shad L. Lords <slords@mail.com> 1.12.0-8
|
||||
- Adjust permissions on empty/sshd directory [SME: 2711]
|
||||
|
||||
* Tue Mar 06 2007 Shad L. Lords <slords@mail.com> 1.12.0-7
|
||||
- Adjust sftp-server path in sshd_config to match openssh-servers [SME: 2470]
|
||||
|
||||
* Thu Dec 07 2006 Shad L. Lords <slords@mail.com>
|
||||
- Update to new release naming. No functional changes.
|
||||
- Make Packager generic
|
||||
|
||||
* Tue Jul 25 2006 Gordon Rowell <gordonr@gormand.com.au> 1.12.0-05
|
||||
- Use sshd{TCPPort} for listen Port - thanks MasterSleepy [SME: 1774]
|
||||
|
||||
* Tue Jul 18 2006 Charlie Brady <charlie_brady@mitel.com> 1.12.0-04
|
||||
- Allow "UsePAM" setting to be controlled from db. [SME: 1744]
|
||||
|
||||
* Wed Apr 5 2006 Gordon Rowell <gordonr@gormand.com.au> 1.12.0-03
|
||||
- Add newline after user entries in rssh.conf [SME: 877]
|
||||
|
||||
* Wed Mar 29 2006 Gordon Rowell <gordonr@gormand.com.au> 1.12.0-02
|
||||
- Don't display /etc/motd contents from ssh [SME: 718]
|
||||
|
||||
* Tue Mar 14 2006 Charlie Brady <charlie_brady@mitel.com> 1.12.0-01
|
||||
- Roll stable stream version. [SME: 1016]
|
||||
|
||||
* Mon Mar 13 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-29
|
||||
- Expand /etc/rssh.conf in user-{create,delete,lock,modify} [SME: 877]
|
||||
|
||||
* Mon Mar 13 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-28
|
||||
- A user is allowed access to rssh protocols if:
|
||||
- They have PasswordSet==yes
|
||||
- They have AllowRSSH==yes or
|
||||
VPNClientAccess==yes but not AllowRSSH==no [SME: 877]
|
||||
|
||||
* Mon Mar 13 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-27
|
||||
- Remove defaults for sshd{Allow*} and the templates for rssh.conf [SME: 877]
|
||||
- Allow a user all of the rssh protocols if AllowSSH is yes [SME: 877]
|
||||
|
||||
* Thu Mar 02 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-26
|
||||
- Adjust sftp-server path in sshd_config to match rssh [SME: 924]
|
||||
|
||||
* Wed Mar 01 2006 Charlie Brady <charlie_brady@mitel.com> 1.11.0-25
|
||||
- Add syslog socket inside privsep chroot jail [SME: 916]
|
||||
|
||||
* Tue Jan 24 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-24
|
||||
- Default sshd{AllowRSYNC} == yes [SME: 42]
|
||||
|
||||
* Mon Jan 23 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-23
|
||||
- Add template for /etc/rssh.conf [SME: 42]
|
||||
- Default sshd{AllowSCP, AllowSFTP} == yes [SME: 532]
|
||||
- Default sshd{AllowRDIST,AllowRSYNC,AllowCVS} == no
|
||||
|
||||
* Fri Jan 6 2006 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-22
|
||||
- Default sshd{PasswordAuthentication} to "no" [SME: 377]
|
||||
|
||||
* Wed Nov 30 2005 Gordon Rowell <gordonr@gormand.com.au> 1.11.0-21
|
||||
- Bump release number only
|
||||
|
||||
* Wed Aug 10 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-20]
|
||||
- Delete test related requires (not really required) and add runit.
|
||||
|
||||
* Wed Jul 20 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-19]
|
||||
- Set $sshd{TCPPort} and remove obsolete masq template fragment. [SF: 1241409]
|
||||
|
||||
* Tue Jul 19 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-18]
|
||||
- Update to current db access APIs. [SF: 1216546]
|
||||
|
||||
* Tue Jul 5 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-17]
|
||||
- Configure MaxAuthTries (our default is 2). [SF: 1232544]
|
||||
|
||||
* Thu Jun 16 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-16]
|
||||
- Ensure that 'status' property is recognised at startup. [MN00061795]
|
||||
|
||||
* Tue May 17 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-15]
|
||||
- Default to protocol 2 only on new installs, and '2,1' for
|
||||
upgrades where $sshd{Protocol} is not defined.
|
||||
|
||||
* Mon Mar 14 2005 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-14]
|
||||
- Use generic_template_expand action for all template expansions from
|
||||
sshd-conf. Update e-smith-lib dependency. [MN00064130]
|
||||
- Replace sshd-reload with call to 'adjust-services'. [MN00065576]
|
||||
|
||||
* Tue Sep 28 2004 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-13]
|
||||
- Updated requires with new perl dependencies. [charlieb MN00040240]
|
||||
- Clean BuildRequires. [charlieb MN00043055]
|
||||
|
||||
* Mon Dec 22 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-12]
|
||||
- Added host key generation code to run script. [msoulier 9549]
|
||||
|
||||
* Wed Dec 10 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-11]
|
||||
- Fixed a bug in the genfilelist options. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-10]
|
||||
- Put full path to sshd in run script to work around assumption of full path
|
||||
in sshd sighup handler. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-09]
|
||||
- Updated sshd-reload to use daemontools wrapper. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-08]
|
||||
- Moved the shebang line to a place where it actually matters. Tell me it's
|
||||
friday. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-07]
|
||||
- Fixed a couple of typos preventing multilog from starting. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-06]
|
||||
- Moved initscript to /etc/init.d/supervise/sshd. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-05]
|
||||
- Fixed a couple of specfile typos. [msoulier 9549]
|
||||
|
||||
* Fri Dec 5 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.11.0-04]
|
||||
- Adding supervision of sshd. [msoulier 9549]
|
||||
- Updated createlinks to latest api.
|
||||
|
||||
* Tue Sep 16 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-03]
|
||||
- Remove deprecated RhostsAuthentication from sshd_config. [charlieb 10014]
|
||||
|
||||
* Thu Aug 21 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-02]
|
||||
- Replace sshd-conf-startup action with default db fragments.
|
||||
[charlieb 9553]
|
||||
|
||||
* Thu Aug 21 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.11.0-01]
|
||||
- Changing version to development stream number - 1.11.0
|
||||
|
||||
* Thu Jun 26 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.10.0-01]
|
||||
- Changing version to stable stream number - 1.10.0
|
||||
|
||||
* Mon Apr 21 2003 Mark Knox <markk@e-smith.com>
|
||||
- [1.9.0-10]
|
||||
- Enforce 0600 on sshd_config [markk 8407]
|
||||
|
||||
* Tue Apr 15 2003 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.9.0-09]
|
||||
- Add Compression and UsePrivilegeSeparation options [gordonr 8173]
|
||||
|
||||
* Tue Apr 8 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.9.0-08]
|
||||
- Backed-out 1.9.0-07. [msoulier 5782]
|
||||
|
||||
* Tue Apr 8 2003 Michael Soulier <msoulier@e-smith.com>
|
||||
- [1.9.0-07]
|
||||
- Shut off tcp forwarding in the daemon. [msoulier 5782]
|
||||
|
||||
* Tue Apr 1 2003 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.9.0-06]
|
||||
- Actually reload ssh rather than restarting in sshd-reload [gordonr 7785]
|
||||
|
||||
* Tue Mar 18 2003 Lijie Deng <lijied@e-smith.com>
|
||||
- [1.9.0-05]
|
||||
- Deleted ./root/.ssh/config/template-begin [lijied 3295]
|
||||
|
||||
* Mon Mar 17 2003 Lijie Deng <lijied@e-smith.com>
|
||||
- [1.9.0-04]
|
||||
- Deleted template-begin/end file [lijied 3295]
|
||||
|
||||
* Tue Mar 4 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-03]
|
||||
- s/HostsAllowSpec/hosts_allow_spec/ [charlieb 5650]
|
||||
|
||||
* Fri Feb 28 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-02]
|
||||
- Re-do hosts.allow template to use esmith::ConfigDB::HostsAllowSpec.
|
||||
Add dependency on up-to-date e-smith-lib. [charlieb 5650]
|
||||
|
||||
* Fri Feb 28 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.9.0-01]
|
||||
- Roll development stream to 1.9.0
|
||||
|
||||
* Mon Feb 24 2003 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.8.0-02]
|
||||
- Allow MaxStartups to be tunable from the config DB [charlieb 7362]
|
||||
|
||||
* Fri Oct 11 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.8.0-01]
|
||||
- Rolling stable version number to 1.8.0
|
||||
|
||||
* Wed Oct 2 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.3-04]
|
||||
- Remove stray braces in hosts.allow template [markk 3786]
|
||||
|
||||
* Mon Sep 23 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-03]
|
||||
- Fix hosts.allow template problem introduced by last change [charlieb 3786]
|
||||
|
||||
* Tue Sep 10 2002 Mark Knox <markk@e-smith.com>
|
||||
- [1.7.3-02]
|
||||
- Remove deprecated split on pipe [markk 3786]
|
||||
|
||||
* Tue Aug 20 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.3-01]
|
||||
- Add rc7.d symlink and don't set deprecated InitscriptsOrder property
|
||||
[charlieb 4458]
|
||||
- Change use of allow_tcp_in() function to allow dynamic reconfig.
|
||||
[charlieb 4501]
|
||||
|
||||
* Thu Aug 8 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.2-01]
|
||||
- Change masq script fragment to use allow_tcp_in() function. [charlieb 4499]
|
||||
|
||||
* Wed Jul 17 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.1-01]
|
||||
- Change masq script fragment to use iptables. [charlieb 1268]
|
||||
|
||||
* Wed Jun 5 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.7.0-01]
|
||||
- Changing version to maintained stream number to 1.7.0
|
||||
|
||||
* Fri May 31 2002 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.6.0-01]
|
||||
- Changing version to maintained stream number to 1.6.0
|
||||
|
||||
* Thu May 23 2002 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.5.6-01]
|
||||
- RPM rebuild forced by cvsroot2rpm
|
||||
|
||||
* Mon May 13 2002 Kirrily Robert <skud@e-smith.com>
|
||||
- [1.5.5-01]
|
||||
- Added buildtests [skud 2932]
|
||||
|
||||
* Fri Apr 26 2002 Tony Clayton <apc@e-smith.com>
|
||||
- [1.5.4-01]
|
||||
- add -t option to ssh-keygen call in sshd-conf [tonyc]
|
||||
|
||||
* Fri Mar 6 2002 Michael G Schwern <schwern@e-smith.com>
|
||||
- [1.5.3-01]
|
||||
- Tested & documented sshd-reload action [schwern 2932]
|
||||
- Tested & documented sshd-conf and sshd-conf-startup actions [schwern 2932]
|
||||
- Changed all actions to use esmith::ConfigDB [schwern 2932]
|
||||
- Fixed dependencies. [schwern]
|
||||
|
||||
* Thu Feb 14 2002 Kirrily Robert <skud@e-smith.com>
|
||||
- [1.5.2-01]
|
||||
- CVS testing
|
||||
|
||||
* Thu Feb 14 2002 Kirrily Robert <skud@e-smith.com>
|
||||
- [1.5.0-01]
|
||||
- rollRPM: Rolled version number to 1.5.0-01. Includes patches up to 1.4.0-06.
|
||||
|
||||
* Mon Nov 05 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-06]
|
||||
- Remove obsoleted "CheckMail no" fragment from sshd_config template.
|
||||
|
||||
* Tue Aug 28 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.4.0-05]
|
||||
- Removed links from deprecated post-restore event
|
||||
|
||||
* Fri Aug 17 2001 gordonr
|
||||
- [1.4.0-04]
|
||||
- Autorebuild by rebuildRPM
|
||||
|
||||
* Tue Aug 14 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-03]
|
||||
- Change back to Protocol 1 until known_hosts2 and authorized_keys2 files are
|
||||
implemented on both sides.
|
||||
|
||||
* Tue Aug 14 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-02]
|
||||
- Add template fragements to generate /root/.ssh/config host
|
||||
config sections for any hostnames added to %e_smith_hosts by
|
||||
other fragements numbered between 00 and 19.
|
||||
- Delete useless template-end for /root/.ssh/config.
|
||||
|
||||
* Wed Aug 8 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.4.0-01]
|
||||
- Rolled version number to 1.4.0-01. Includes patches upto 1.3.0-10.
|
||||
|
||||
* Wed Aug 8 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-10]
|
||||
- Use restart instead of reload as some initscripts don't have the latter
|
||||
|
||||
* Sun Jul 8 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-09]
|
||||
- Check "access" property of sshd service
|
||||
|
||||
* Fri Jul 6 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.3.0-08]
|
||||
- Changed license to GPL
|
||||
|
||||
* Thu Jul 05 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-07]
|
||||
- Explicitly disable ChallengeResponseAuthentication and
|
||||
KbdInteractiveAuthentication
|
||||
|
||||
* Wed May 30 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-06]
|
||||
- Added HostKey line for /etc/ssh/ssh_host_rsa_key for SSH version 2
|
||||
|
||||
* Tue May 29 2001 Tony Clayton <tonyc@e-smith.com>
|
||||
- [1.3.0-05]
|
||||
- fixed actions that had tied %conf when calling serviceControl (2 actions)
|
||||
|
||||
* Mon May 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-04]
|
||||
- Added links to /usr/libexec and /usr/local/libexec to enable
|
||||
sftp for more client systems under protocol V1
|
||||
|
||||
* Mon May 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-03]
|
||||
- Revised after comments from Charlie
|
||||
- Added documentation for MaxStartups and cleaner perl idiom for
|
||||
SubsystemSftp test
|
||||
|
||||
* Mon May 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-02]
|
||||
- Enabled sftp subsystem by default with correct path to sftp-server
|
||||
- Added MaxStartups configuration
|
||||
|
||||
* Mon May 21 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.3.0-01]
|
||||
- Rolled version number to 1.3.0-01. Includes patches upto 1.2.0-06.
|
||||
|
||||
* Wed May 09 2001 Tony Clayton <tonyc@e-smith.com>
|
||||
- [1.2.0-06]
|
||||
- Forgot to add last patch to %setup. Adding it now.
|
||||
|
||||
* Wed May 09 2001 Tony Clayton <tonyc@e-smith.com>
|
||||
- [1.2.0-05]
|
||||
- Add /root/.ssh/config template-{begin,end} fragments
|
||||
- Expand config template from sshd-conf
|
||||
|
||||
* Fri Apr 27 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
Thu Apr 27 2001 --> Thu Apr 26 2001 or Fri Apr 27 2001 or Thu May 03 2001 or ....
|
||||
- [1.2.0-04]
|
||||
- Rolled version for GPG signing - no change
|
||||
|
||||
* Mon Apr 9 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.2.0-03]
|
||||
- Extra HostKey line for openssh-2.5
|
||||
|
||||
* Thu Feb 8 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.2.0-02]
|
||||
- Rolling release number for GPG signing.
|
||||
|
||||
* Thu Jan 25 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.2.0-01]
|
||||
- Rolled version number to 1.2.0-01. Includes patches upto 1.1.0-23.
|
||||
|
||||
* Thu Jan 11 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-23]
|
||||
- use serviceControl()
|
||||
|
||||
* Thu Jan 11 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-22]
|
||||
- reload sshd (and possibly kill it off) in post-restore
|
||||
|
||||
* Thu Jan 11 2001 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-21]
|
||||
- fully qualify path to killall in sshd-reload
|
||||
|
||||
* Wed Jan 10 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-20]
|
||||
- Kill existing ssh sessions if we have just stopped the service
|
||||
|
||||
* Wed Jan 10 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-19]
|
||||
- Use sshd reload instead of killall -HUP - that closes current connections
|
||||
|
||||
* Tue Jan 9 2001 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-18]
|
||||
- Make new bootstrap-console-save event - the Lite version
|
||||
- Make sshd-reload shut down sshd if it has been disabled
|
||||
- Don't redo conf-sshd-startup with every console-save
|
||||
|
||||
* Fri Jan 5 2001 Peter Samuel <peters@e-smith.com>
|
||||
- [1.1.0-17]
|
||||
- Added missing use esmith::util to sshd-reload
|
||||
|
||||
* Thu Jan 04 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-16]
|
||||
- Added missing use esmith::db
|
||||
|
||||
* Wed Jan 03 2001 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-15]
|
||||
- sshd-reload now starts sshd if not running and service enabled
|
||||
|
||||
* Thu Dec 28 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-14]
|
||||
- Process sshd_config template in remoteaccess-update
|
||||
|
||||
* Thu Dec 28 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-13]
|
||||
- Provide defaults for PermitRootLogin and PasswordAuthentication properties
|
||||
|
||||
* Thu Dec 21 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-12]
|
||||
- Don't restart sshd after config change, just reload config.
|
||||
|
||||
* Sat Dec 16 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-11]
|
||||
- Fix typo
|
||||
|
||||
* Fri Dec 15 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- [1.1.0-10]
|
||||
- Move AllowSSH packet filter template fragment here.
|
||||
|
||||
* Wed Dec 13 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-9]
|
||||
- Disable ssh by default
|
||||
|
||||
* Wed Dec 13 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-8]
|
||||
- Fixed typo in hosts.allow fragment for private access
|
||||
|
||||
* Wed Dec 13 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-7]
|
||||
- Added sshd-restart to remoteaccess-update event (and others)
|
||||
- Renamed scripts to sshd-{conf,conf-startup,restart}
|
||||
- Enable private ssh access by default
|
||||
|
||||
* Tue Dec 12 2000 Adrian Chung <adrianc@e-smith.com>
|
||||
- [1.1.0-6]
|
||||
- fixed location of ssh_host_key in 20HostKey fragment
|
||||
|
||||
* Wed Dec 06 2000 Peter Samuel <peters@e-smith.com
|
||||
- [1.1.0-5]
|
||||
- Fixed sshd_config templates for PermitRootLogin and
|
||||
PasswordAuthentication
|
||||
|
||||
* Wed Dec 06 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-4]
|
||||
- conf-ssh-startup: PasswordAuthentication=yes and RootLogin=no
|
||||
- Fixed ordering of Port/Listen fragments
|
||||
|
||||
* Tue Dec 05 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-3]
|
||||
- Changed sshd_config into a directory template
|
||||
- Used services notation to enable/disable
|
||||
- sshd_config: PasswordAuthentication and RootLogin - both disabled by default
|
||||
|
||||
* Tue Dec 05 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- [1.1.0-1]
|
||||
- Rolled version to 1.1.0. Includes patches up to 0.6-3
|
||||
|
||||
* Tue Oct 31 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- Ensure that conf-ssh-startup is run during post-upgrade event.
|
||||
- Fix missing " in hosts.allow template.
|
||||
|
||||
* Tue Oct 31 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- Merge services database back into configuration database.
|
||||
|
||||
* Thu Oct 26 2000 Peter Samuel <peters@e-smith.com>
|
||||
- Rolled version to 0.6. Includes patches up to 0.5-17
|
||||
|
||||
* Fri Oct 06 2000 Adrian Chung <adrian.chung@e-smith.com>
|
||||
- Fixed a typo in conf-ssh-startup.
|
||||
|
||||
* Fri Oct 06 2000 Adrian Chung <adrian.chung@e-smith.com>
|
||||
- Move %post code to conf-ssh-startup instead
|
||||
- Default to enabled for sshd in services database if not
|
||||
already set.
|
||||
|
||||
* Thu Oct 05 2000 Adrian Chung <adrian.chung@e-smith.com>
|
||||
- Change %post to setdefault ... enabled.
|
||||
|
||||
* Wed Oct 4 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- Use db_get_type to get service status - to be safe against
|
||||
defined service properties
|
||||
- Do not init services database during post-install event -
|
||||
it is done during %post action.
|
||||
|
||||
* Wed Oct 4 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- Only initialise services database during post-install action.
|
||||
- Only expand hosts.allow/sshd if sshd service is enabled.
|
||||
|
||||
* Wed Oct 4 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- Fix typo
|
||||
|
||||
* Tue Oct 3 2000 Charlie Brady <charlieb@e-smith.com>
|
||||
- Update services database when enabling startup
|
||||
|
||||
* Mon Oct 2 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- rewrote spec file to use e-smith-devtools
|
||||
|
||||
* Mon Sep 25 2000 Paul Nebsit <pkn@e-smith.com>
|
||||
- updated contact and URL info
|
||||
|
||||
* Thu Sep 14 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- Removed obsolete rc7.d symlink from createlinks
|
||||
|
||||
* Thu Sep 14 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- Rebuilt using latest e-smith-devtools - hosts.allow template fragment missing
|
||||
|
||||
* Wed Aug 30 2000 Paul Nesbit <pkn@e-smith.com>
|
||||
Tue Aug 30 2000 --> Tue Aug 29 2000 or Wed Aug 30 2000 or Tue Sep 05 2000 or ....
|
||||
- added 'use e-smith::util' line to conf-ssh-startup
|
||||
|
||||
* Thu Aug 24 2000 Gordon Rowell <gordonr@e-smith.com>
|
||||
- Rewrote conf-ssh-startup to use serviceControl()
|
||||
|
||||
* Sun Jul 2 2000 Charlie Brady <charlieb@e-smith.net>
|
||||
- Make S85sshd symlink absolute so that RPM verifies
|
||||
|
||||
* Sat Jun 17 2000 Charlie Brady <charlieb@e-smith.net>
|
||||
- Rewrite createlinks in perl
|
||||
- Add sshd template for /etc/hosts.allow
|
||||
- Fix ssh-keygen options code
|
||||
|
||||
* Mon Jun 12 2000 Charlie Brady <charlieb@e-smith.net>
|
||||
- Remove /etc/rc.d/rc7.d symlink before (re-)creating it. Avoids logfile mess.
|
||||
- Change backgroundCommand call to use array instead of string - avoid shell
|
||||
parsing.
|
||||
|
||||
* Thu May 11 2000 Charlie Brady <charlieb@e-smith.net>
|
||||
- Change rc?.d directory from 3 to 7.
|
||||
|
||||
%description
|
||||
smeserver server enhancement to configure and enable openssh
|
||||
|
||||
%prep
|
||||
%setup
|
||||
rm -rf root/var/service root/service
|
||||
|
||||
%build
|
||||
perl createlinks
|
||||
# build the test suite from embedded tests
|
||||
/sbin/e-smith/buildtests e-smith-openssh
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
( cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT )
|
||||
rm -f %{name}-%{version}-%{release}-filelist
|
||||
|
||||
/sbin/e-smith/genfilelist \
|
||||
--file '/sbin/e-smith/systemd/sshd-prepare' 'attr(0554,root,root)' \
|
||||
--dir '/var/log/sshd' 'attr(2750,root,root)' \
|
||||
--dir '/var/empty/sshd' 'attr(0711,root,root)' \
|
||||
$RPM_BUILD_ROOT \
|
||||
> %{name}-%{version}-%{release}-filelist
|
||||
|
||||
echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files -f %{name}-%{version}-%{release}-filelist
|
||||
%defattr(-,root,root)
|
||||
|
||||
%pre
|
||||
if [ $1 -gt 1 ] ; then
|
||||
if [ -e /var/service/sshd/run ] ; then
|
||||
/usr/bin/sv d sshd
|
||||
/usr/bin/sv d sshd/log
|
||||
fi
|
||||
fi
|
Loading…
Reference in New Issue
Block a user