From 7a00907a306e7315abc624fff5b78df6c202b02f Mon Sep 17 00:00:00 2001 From: Jean-Philippe Pialasse Date: Tue, 12 Nov 2024 12:48:20 -0500 Subject: [PATCH] * Tue Nov 12 2024 Jean-Philippe Pialasse 11.0.0-10.sme - fix update of host keys comment [SME: 12759] --- root/etc/e-smith/events/actions/sshd-conf | 5 +- smeserver-openssh.spec | 5 +- smeserver-openssh.spec.bak | 697 ---------------------- 3 files changed, 7 insertions(+), 700 deletions(-) delete mode 100644 smeserver-openssh.spec.bak diff --git a/root/etc/e-smith/events/actions/sshd-conf b/root/etc/e-smith/events/actions/sshd-conf index 3214c8d..396f9f3 100644 --- a/root/etc/e-smith/events/actions/sshd-conf +++ b/root/etc/e-smith/events/actions/sshd-conf @@ -83,6 +83,7 @@ SKIP: { =cut my $db = esmith::ConfigDB->open_ro or die "Could not open config db"; +my $comment = "root@" . $db->get('SystemName')->value . "." . $db->get('DomainName')->value; for my $typek (qw(dsa rsa ecdsa ed25519)) { # Recomment the key in case the SystemName or DomainName changed. @@ -91,8 +92,8 @@ for my $typek (qw(dsa rsa ecdsa ed25519)) { esmith::util::backgroundCommand (0, "/usr/bin/ssh-keygen", @change, "-t", "$typek", - "-f", "/etc/ssh/ssh_host_key", - "-C", "root@" . $db->get('SystemName')->value . "." . $db->get('DomainName')->value); + "-f", "/etc/ssh/ssh_host_${typek}_key", + "-C", "comment"); } exit (0); diff --git a/smeserver-openssh.spec b/smeserver-openssh.spec index c09d7dc..9d6dafc 100644 --- a/smeserver-openssh.spec +++ b/smeserver-openssh.spec @@ -4,7 +4,7 @@ Summary: smeserver module to configure and enable ssh %define name smeserver-openssh Name: %{name} %define version 11.0.0 -%define release 9 +%define release 10 Version: %{version} Release: %{release}%{?dist} License: GPL @@ -64,6 +64,9 @@ if [ $1 -gt 1 ] ; then fi %changelog +* Tue Nov 12 2024 Jean-Philippe Pialasse 11.0.0-10.sme +- fix update of host keys comment [SME: 12759] + * Sun Sep 22 2024 Jean-Philippe Pialasse 11.0.0-9.sme - remove reference to deprecated rssh [SME: 12670] - template /etc/pam.d/sshd to remove motd [SME: 12740] diff --git a/smeserver-openssh.spec.bak b/smeserver-openssh.spec.bak deleted file mode 100644 index dc7489e..0000000 --- a/smeserver-openssh.spec.bak +++ /dev/null @@ -1,697 +0,0 @@ -# $Id: e-smith-openssh.spec,v 1.12 2023/07/13 02:38:42 trevorb Exp $ - -Summary: smeserver module to configure and enable ssh -%define name smeserver-openssh -Name: %{name} -%define version 11.0.0 -%define release 4 -Version: %{version} -Release: %{release}%{?dist} -License: GPL -Group: Networking/Daemons -Source: %{name}-%{version}.tar.xz - -BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot -BuildRequires: smeserver-devtools -BuildArchitectures: noarch -Requires: smeserver, openssl, -Requires: openssh >= 3.5 -Requires: openssh-clients -Requires: openssh-server -Requires: smeserver-lib >= 1.15.1-19 -Requires: runit -Provides: e-smith-openssh -AutoReqProv: no - -%changelog -* Thu Apr 04 2024 Brian Read 11.0.0-4.sme -- Set license file to GPL2.0 [SME: 12577] - -* Tue Mar 26 2024 Jean-Philippe Pialasse 11.0.0-3.sme -- remove RSA1 support which prevents service start [SME: 12553] - -* Sat Mar 23 2024 Brian Read 11.0.0-2.sme -- Change Requires: e-smith- to Requires:smeserver- - -* Sat Mar 23 2024 Brian Read 11.0.0-1.sme -- Update Release and Version to base version and 1st release for SME11 [SME: 12518] -- Move Provides: from after Changelog - - -* Mon Mar 11 2024 rename-e-smith-pkg.sh by Trevor Batley 2.6.0-9.sme -- Rename to smeserver-openssh [SME: 12359] - -* Thu Jul 13 2023 cvs2git.sh aka Brian Read 2.6.0-8.sme -- Roll up patches and move to git repo [SME: 12338] - -* Thu Jul 13 2023 BogusDateBot -- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday, - by assuming the date is correct and changing the weekday. - Tue Aug 30 2000 --> Tue Aug 29 2000 or Wed Aug 30 2000 or Tue Sep 05 2000 or .... - Thu Apr 27 2001 --> Thu Apr 26 2001 or Fri Apr 27 2001 or Thu May 03 2001 or .... - -* Tue Mar 16 2021 Jean-Philippe Pialasse 2.6.0-7.sme -- clean rsyslog syntax for sshd [SME: 11422] - -* Thu Feb 18 2021 Jean-Philipe Pialasse 2.6.0-6.sme -- increase default host key size [SME: 11359] -- redirect logging to /var/log/sshd/sshd.log and logrotate [SME: 11256] - -* Fri Dec 11 2020 Jean-Philipe Pialasse 2.6.0-4.sme -- add support for denyhost [SME: 10939] -- move sshd to systemd [SME: 11109] -- create -update event [SME: 11147] -- add ed25519 and ecdsa hostkeys [SME: 10940] - -* Sun May 03 2020 Jean-Philipe Pialasse 2.6.0-3.sme -- add Whitelist to AutoBlock using property sshd ValidFrom [SME: 9893] - -* Sat May 02 2020 Jean-Philipe Pialasse 2.6.0-2.sme -- update client ciphers to use [SME: 10621] -- add ciphers, macs and KexAlgorithms for server [SME: 10937] - -* Fri Feb 05 2016 stephane de Labrusse 2.6.0-1.sme -- Initial release to sme10 - -* Thu Jun 25 2015 stephane de Labrusse 2.4.0-6.sme -- enabled the motd message [SME: 8939] -- Code done by John Crisp and -- Stefano Zamboni - -* Sun Apr 6 2014 Charlie Brady 2.4.0-5.sme -- Fix use of uninitialized variables in last change. [SME: 8313] -- Fix error with flush of xt_recent SSH connections. [SME: 8314] - -* Sat Apr 5 2014 Chris Burnat 2.4.0-4.sme -- Add ssh-autoblock for external interface - patch by Chris Maltby [SME: 8258] - -* Fri Nov 1 2013 Chris Burnat 2.4.0-3.sme -- Remove SSH v1 legacy support - patch by Daniel Berteaud [SME: 6381] - -* Sat Mar 16 2013 Daniel Berteaud 2.4.0-2.sme -- Make rsyslog listen to our socket [SME: 7221] - -* Wed Feb 13 2013 Shad L. Lords 2.4.0-1.sme -- Roll new stream for sme9 - -* Tue Mar 1 2011 Jonathan Martens 2.2.0-5.sme -- Obsolete KeepAlive and replace ClientAliveInterval and ClientAliveCountMax [SME: 6380] - -* Fri Nov 26 2010 Ian Wells 2.2.0-4.sme -- Change permissions of ssh_config file to 644 [SME: 43] - -* Thu Nov 25 2010 Ian Wells 2.2.0-3.sme -- Template ssh_config with improved defaults [SME: 43] - -* Sun Dec 28 2008 Jonathan Martens 2.2.0-2.sme -- Template sshd login grace time, kept default at 600s [SME: 4903] - -* Tue Oct 7 2008 Shad L. Lords 2.2.0-1.sme -- Roll new stream to separate sme7/sme8 trees [SME: 4633] - -* Wed Jan 09 2008 Stephen Noble 1.12.0-13 -- Remove template fragments for /root/.ssh/config [SME: 513] - -* Tue Dec 18 2007 Shad L. Lords 1.12.0-12 -- Actually apply previous patch [SME: 3678] - -* Mon Dec 17 2007 Shad L. Lords 1.12.0-11 -- Allow root to be key based login only [SME: 3678] - -* Tue Oct 23 2007 Charlie Brady 1.12.0-10 -- Prevent rkhunter false positive if ssh is disabled but - PermitRootLogin is enabled in config. [SME: 166] - -* Sun Apr 29 2007 Shad L. Lords -- Clean up spec so package can be built by koji/plague - -* Sun Apr 08 2007 Shad L. Lords 1.12.0-9 -- Adjust permissions on empty/sshd directory again [SME: 2711] - -* Fri Apr 06 2007 Shad L. Lords 1.12.0-8 -- Adjust permissions on empty/sshd directory [SME: 2711] - -* Tue Mar 06 2007 Shad L. Lords 1.12.0-7 -- Adjust sftp-server path in sshd_config to match openssh-servers [SME: 2470] - -* Thu Dec 07 2006 Shad L. Lords -- Update to new release naming. No functional changes. -- Make Packager generic - -* Tue Jul 25 2006 Gordon Rowell 1.12.0-05 -- Use sshd{TCPPort} for listen Port - thanks MasterSleepy [SME: 1774] - -* Tue Jul 18 2006 Charlie Brady 1.12.0-04 -- Allow "UsePAM" setting to be controlled from db. [SME: 1744] - -* Wed Apr 5 2006 Gordon Rowell 1.12.0-03 -- Add newline after user entries in rssh.conf [SME: 877] - -* Wed Mar 29 2006 Gordon Rowell 1.12.0-02 -- Don't display /etc/motd contents from ssh [SME: 718] - -* Tue Mar 14 2006 Charlie Brady 1.12.0-01 -- Roll stable stream version. [SME: 1016] - -* Mon Mar 13 2006 Gordon Rowell 1.11.0-29 -- Expand /etc/rssh.conf in user-{create,delete,lock,modify} [SME: 877] - -* Mon Mar 13 2006 Gordon Rowell 1.11.0-28 -- A user is allowed access to rssh protocols if: - - They have PasswordSet==yes - - They have AllowRSSH==yes or - VPNClientAccess==yes but not AllowRSSH==no [SME: 877] - -* Mon Mar 13 2006 Gordon Rowell 1.11.0-27 -- Remove defaults for sshd{Allow*} and the templates for rssh.conf [SME: 877] -- Allow a user all of the rssh protocols if AllowSSH is yes [SME: 877] - -* Thu Mar 02 2006 Gordon Rowell 1.11.0-26 -- Adjust sftp-server path in sshd_config to match rssh [SME: 924] - -* Wed Mar 01 2006 Charlie Brady 1.11.0-25 -- Add syslog socket inside privsep chroot jail [SME: 916] - -* Tue Jan 24 2006 Gordon Rowell 1.11.0-24 -- Default sshd{AllowRSYNC} == yes [SME: 42] - -* Mon Jan 23 2006 Gordon Rowell 1.11.0-23 -- Add template for /etc/rssh.conf [SME: 42] -- Default sshd{AllowSCP, AllowSFTP} == yes [SME: 532] -- Default sshd{AllowRDIST,AllowRSYNC,AllowCVS} == no - -* Fri Jan 6 2006 Gordon Rowell 1.11.0-22 -- Default sshd{PasswordAuthentication} to "no" [SME: 377] - -* Wed Nov 30 2005 Gordon Rowell 1.11.0-21 -- Bump release number only - -* Wed Aug 10 2005 Charlie Brady -- [1.11.0-20] -- Delete test related requires (not really required) and add runit. - -* Wed Jul 20 2005 Charlie Brady -- [1.11.0-19] -- Set $sshd{TCPPort} and remove obsolete masq template fragment. [SF: 1241409] - -* Tue Jul 19 2005 Charlie Brady -- [1.11.0-18] -- Update to current db access APIs. [SF: 1216546] - -* Tue Jul 5 2005 Charlie Brady -- [1.11.0-17] -- Configure MaxAuthTries (our default is 2). [SF: 1232544] - -* Thu Jun 16 2005 Charlie Brady -- [1.11.0-16] -- Ensure that 'status' property is recognised at startup. [MN00061795] - -* Tue May 17 2005 Charlie Brady -- [1.11.0-15] -- Default to protocol 2 only on new installs, and '2,1' for - upgrades where $sshd{Protocol} is not defined. - -* Mon Mar 14 2005 Charlie Brady -- [1.11.0-14] -- Use generic_template_expand action for all template expansions from - sshd-conf. Update e-smith-lib dependency. [MN00064130] -- Replace sshd-reload with call to 'adjust-services'. [MN00065576] - -* Tue Sep 28 2004 Michael Soulier -- [1.11.0-13] -- Updated requires with new perl dependencies. [charlieb MN00040240] -- Clean BuildRequires. [charlieb MN00043055] - -* Mon Dec 22 2003 Michael Soulier -- [1.11.0-12] -- Added host key generation code to run script. [msoulier 9549] - -* Wed Dec 10 2003 Michael Soulier -- [1.11.0-11] -- Fixed a bug in the genfilelist options. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-10] -- Put full path to sshd in run script to work around assumption of full path - in sshd sighup handler. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-09] -- Updated sshd-reload to use daemontools wrapper. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-08] -- Moved the shebang line to a place where it actually matters. Tell me it's - friday. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-07] -- Fixed a couple of typos preventing multilog from starting. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-06] -- Moved initscript to /etc/init.d/supervise/sshd. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-05] -- Fixed a couple of specfile typos. [msoulier 9549] - -* Fri Dec 5 2003 Michael Soulier -- [1.11.0-04] -- Adding supervision of sshd. [msoulier 9549] -- Updated createlinks to latest api. - -* Tue Sep 16 2003 Charlie Brady -- [1.11.0-03] -- Remove deprecated RhostsAuthentication from sshd_config. [charlieb 10014] - -* Thu Aug 21 2003 Charlie Brady -- [1.11.0-02] -- Replace sshd-conf-startup action with default db fragments. - [charlieb 9553] - -* Thu Aug 21 2003 Charlie Brady -- [1.11.0-01] -- Changing version to development stream number - 1.11.0 - -* Thu Jun 26 2003 Charlie Brady -- [1.10.0-01] -- Changing version to stable stream number - 1.10.0 - -* Mon Apr 21 2003 Mark Knox -- [1.9.0-10] -- Enforce 0600 on sshd_config [markk 8407] - -* Tue Apr 15 2003 Gordon Rowell -- [1.9.0-09] -- Add Compression and UsePrivilegeSeparation options [gordonr 8173] - -* Tue Apr 8 2003 Michael Soulier -- [1.9.0-08] -- Backed-out 1.9.0-07. [msoulier 5782] - -* Tue Apr 8 2003 Michael Soulier -- [1.9.0-07] -- Shut off tcp forwarding in the daemon. [msoulier 5782] - -* Tue Apr 1 2003 Gordon Rowell -- [1.9.0-06] -- Actually reload ssh rather than restarting in sshd-reload [gordonr 7785] - -* Tue Mar 18 2003 Lijie Deng -- [1.9.0-05] -- Deleted ./root/.ssh/config/template-begin [lijied 3295] - -* Mon Mar 17 2003 Lijie Deng -- [1.9.0-04] -- Deleted template-begin/end file [lijied 3295] - -* Tue Mar 4 2003 Charlie Brady -- [1.9.0-03] -- s/HostsAllowSpec/hosts_allow_spec/ [charlieb 5650] - -* Fri Feb 28 2003 Charlie Brady -- [1.9.0-02] -- Re-do hosts.allow template to use esmith::ConfigDB::HostsAllowSpec. - Add dependency on up-to-date e-smith-lib. [charlieb 5650] - -* Fri Feb 28 2003 Charlie Brady -- [1.9.0-01] -- Roll development stream to 1.9.0 - -* Mon Feb 24 2003 Charlie Brady -- [1.8.0-02] -- Allow MaxStartups to be tunable from the config DB [charlieb 7362] - -* Fri Oct 11 2002 Charlie Brady -- [1.8.0-01] -- Rolling stable version number to 1.8.0 - -* Wed Oct 2 2002 Mark Knox -- [1.7.3-04] -- Remove stray braces in hosts.allow template [markk 3786] - -* Mon Sep 23 2002 Charlie Brady -- [1.7.3-03] -- Fix hosts.allow template problem introduced by last change [charlieb 3786] - -* Tue Sep 10 2002 Mark Knox -- [1.7.3-02] -- Remove deprecated split on pipe [markk 3786] - -* Tue Aug 20 2002 Charlie Brady -- [1.7.3-01] -- Add rc7.d symlink and don't set deprecated InitscriptsOrder property - [charlieb 4458] -- Change use of allow_tcp_in() function to allow dynamic reconfig. - [charlieb 4501] - -* Thu Aug 8 2002 Charlie Brady -- [1.7.2-01] -- Change masq script fragment to use allow_tcp_in() function. [charlieb 4499] - -* Wed Jul 17 2002 Charlie Brady -- [1.7.1-01] -- Change masq script fragment to use iptables. [charlieb 1268] - -* Wed Jun 5 2002 Charlie Brady -- [1.7.0-01] -- Changing version to maintained stream number to 1.7.0 - -* Fri May 31 2002 Charlie Brady -- [1.6.0-01] -- Changing version to maintained stream number to 1.6.0 - -* Thu May 23 2002 Gordon Rowell -- [1.5.6-01] -- RPM rebuild forced by cvsroot2rpm - -* Mon May 13 2002 Kirrily Robert -- [1.5.5-01] -- Added buildtests [skud 2932] - -* Fri Apr 26 2002 Tony Clayton -- [1.5.4-01] -- add -t option to ssh-keygen call in sshd-conf [tonyc] - -* Fri Mar 6 2002 Michael G Schwern -- [1.5.3-01] -- Tested & documented sshd-reload action [schwern 2932] -- Tested & documented sshd-conf and sshd-conf-startup actions [schwern 2932] -- Changed all actions to use esmith::ConfigDB [schwern 2932] -- Fixed dependencies. [schwern] - -* Thu Feb 14 2002 Kirrily Robert -- [1.5.2-01] -- CVS testing - -* Thu Feb 14 2002 Kirrily Robert -- [1.5.0-01] -- rollRPM: Rolled version number to 1.5.0-01. Includes patches up to 1.4.0-06. - -* Mon Nov 05 2001 Charlie Brady -- [1.4.0-06] -- Remove obsoleted "CheckMail no" fragment from sshd_config template. - -* Tue Aug 28 2001 Gordon Rowell -- [1.4.0-05] -- Removed links from deprecated post-restore event - -* Fri Aug 17 2001 gordonr -- [1.4.0-04] -- Autorebuild by rebuildRPM - -* Tue Aug 14 2001 Charlie Brady -- [1.4.0-03] -- Change back to Protocol 1 until known_hosts2 and authorized_keys2 files are - implemented on both sides. - -* Tue Aug 14 2001 Charlie Brady -- [1.4.0-02] -- Add template fragements to generate /root/.ssh/config host - config sections for any hostnames added to %e_smith_hosts by - other fragements numbered between 00 and 19. -- Delete useless template-end for /root/.ssh/config. - -* Wed Aug 8 2001 Charlie Brady -- [1.4.0-01] -- Rolled version number to 1.4.0-01. Includes patches upto 1.3.0-10. - -* Wed Aug 8 2001 Gordon Rowell -- [1.3.0-10] -- Use restart instead of reload as some initscripts don't have the latter - -* Sun Jul 8 2001 Gordon Rowell -- [1.3.0-09] -- Check "access" property of sshd service - -* Fri Jul 6 2001 Peter Samuel -- [1.3.0-08] -- Changed license to GPL - -* Thu Jul 05 2001 Gordon Rowell -- [1.3.0-07] -- Explicitly disable ChallengeResponseAuthentication and - KbdInteractiveAuthentication - -* Wed May 30 2001 Gordon Rowell -- [1.3.0-06] -- Added HostKey line for /etc/ssh/ssh_host_rsa_key for SSH version 2 - -* Tue May 29 2001 Tony Clayton -- [1.3.0-05] -- fixed actions that had tied %conf when calling serviceControl (2 actions) - -* Mon May 21 2001 Gordon Rowell -- [1.3.0-04] -- Added links to /usr/libexec and /usr/local/libexec to enable - sftp for more client systems under protocol V1 - -* Mon May 21 2001 Gordon Rowell -- [1.3.0-03] -- Revised after comments from Charlie -- Added documentation for MaxStartups and cleaner perl idiom for - SubsystemSftp test - -* Mon May 21 2001 Gordon Rowell -- [1.3.0-02] -- Enabled sftp subsystem by default with correct path to sftp-server -- Added MaxStartups configuration - -* Mon May 21 2001 Gordon Rowell -- [1.3.0-01] -- Rolled version number to 1.3.0-01. Includes patches upto 1.2.0-06. - -* Wed May 09 2001 Tony Clayton -- [1.2.0-06] -- Forgot to add last patch to %setup. Adding it now. - -* Wed May 09 2001 Tony Clayton -- [1.2.0-05] -- Add /root/.ssh/config template-{begin,end} fragments -- Expand config template from sshd-conf - -* Fri Apr 27 2001 Gordon Rowell - Thu Apr 27 2001 --> Thu Apr 26 2001 or Fri Apr 27 2001 or Thu May 03 2001 or .... -- [1.2.0-04] -- Rolled version for GPG signing - no change - -* Mon Apr 9 2001 Gordon Rowell -- [1.2.0-03] -- Extra HostKey line for openssh-2.5 - -* Thu Feb 8 2001 Adrian Chung -- [1.2.0-02] -- Rolling release number for GPG signing. - -* Thu Jan 25 2001 Peter Samuel -- [1.2.0-01] -- Rolled version number to 1.2.0-01. Includes patches upto 1.1.0-23. - -* Thu Jan 11 2001 Gordon Rowell -- [1.1.0-23] -- use serviceControl() - -* Thu Jan 11 2001 Gordon Rowell -- [1.1.0-22] -- reload sshd (and possibly kill it off) in post-restore - -* Thu Jan 11 2001 Adrian Chung -- [1.1.0-21] -- fully qualify path to killall in sshd-reload - -* Wed Jan 10 2001 Gordon Rowell -- [1.1.0-20] -- Kill existing ssh sessions if we have just stopped the service - -* Wed Jan 10 2001 Gordon Rowell -- [1.1.0-19] -- Use sshd reload instead of killall -HUP - that closes current connections - -* Tue Jan 9 2001 Charlie Brady -- [1.1.0-18] -- Make new bootstrap-console-save event - the Lite version -- Make sshd-reload shut down sshd if it has been disabled -- Don't redo conf-sshd-startup with every console-save - -* Fri Jan 5 2001 Peter Samuel -- [1.1.0-17] -- Added missing use esmith::util to sshd-reload - -* Thu Jan 04 2001 Gordon Rowell -- [1.1.0-16] -- Added missing use esmith::db - -* Wed Jan 03 2001 Gordon Rowell -- [1.1.0-15] -- sshd-reload now starts sshd if not running and service enabled - -* Thu Dec 28 2000 Gordon Rowell -- [1.1.0-14] -- Process sshd_config template in remoteaccess-update - -* Thu Dec 28 2000 Gordon Rowell -- [1.1.0-13] -- Provide defaults for PermitRootLogin and PasswordAuthentication properties - -* Thu Dec 21 2000 Charlie Brady -- [1.1.0-12] -- Don't restart sshd after config change, just reload config. - -* Sat Dec 16 2000 Charlie Brady -- [1.1.0-11] -- Fix typo - -* Fri Dec 15 2000 Charlie Brady -- [1.1.0-10] -- Move AllowSSH packet filter template fragment here. - -* Wed Dec 13 2000 Gordon Rowell -- [1.1.0-9] -- Disable ssh by default - -* Wed Dec 13 2000 Gordon Rowell -- [1.1.0-8] -- Fixed typo in hosts.allow fragment for private access - -* Wed Dec 13 2000 Gordon Rowell -- [1.1.0-7] -- Added sshd-restart to remoteaccess-update event (and others) -- Renamed scripts to sshd-{conf,conf-startup,restart} -- Enable private ssh access by default - -* Tue Dec 12 2000 Adrian Chung -- [1.1.0-6] -- fixed location of ssh_host_key in 20HostKey fragment - -* Wed Dec 06 2000 Peter Samuel -- [1.1.0-4] -- conf-ssh-startup: PasswordAuthentication=yes and RootLogin=no -- Fixed ordering of Port/Listen fragments - -* Tue Dec 05 2000 Gordon Rowell -- [1.1.0-3] -- Changed sshd_config into a directory template -- Used services notation to enable/disable -- sshd_config: PasswordAuthentication and RootLogin - both disabled by default - -* Tue Dec 05 2000 Gordon Rowell -- [1.1.0-1] -- Rolled version to 1.1.0. Includes patches up to 0.6-3 - -* Tue Oct 31 2000 Charlie Brady -- Ensure that conf-ssh-startup is run during post-upgrade event. -- Fix missing " in hosts.allow template. - -* Tue Oct 31 2000 Charlie Brady -- Merge services database back into configuration database. - -* Thu Oct 26 2000 Peter Samuel -- Rolled version to 0.6. Includes patches up to 0.5-17 - -* Fri Oct 06 2000 Adrian Chung -- Fixed a typo in conf-ssh-startup. - -* Fri Oct 06 2000 Adrian Chung -- Move %post code to conf-ssh-startup instead -- Default to enabled for sshd in services database if not - already set. - -* Thu Oct 05 2000 Adrian Chung -- Change %post to setdefault ... enabled. - -* Wed Oct 4 2000 Charlie Brady -- Use db_get_type to get service status - to be safe against - defined service properties -- Do not init services database during post-install event - - it is done during %post action. - -* Wed Oct 4 2000 Charlie Brady -- Only initialise services database during post-install action. -- Only expand hosts.allow/sshd if sshd service is enabled. - -* Wed Oct 4 2000 Charlie Brady -- Fix typo - -* Tue Oct 3 2000 Charlie Brady -- Update services database when enabling startup - -* Mon Oct 2 2000 Gordon Rowell -- rewrote spec file to use e-smith-devtools - -* Mon Sep 25 2000 Paul Nebsit -- updated contact and URL info - -* Thu Sep 14 2000 Gordon Rowell -- Removed obsolete rc7.d symlink from createlinks - -* Thu Sep 14 2000 Gordon Rowell -- Rebuilt using latest e-smith-devtools - hosts.allow template fragment missing - -* Wed Aug 30 2000 Paul Nesbit - Tue Aug 30 2000 --> Tue Aug 29 2000 or Wed Aug 30 2000 or Tue Sep 05 2000 or .... -- added 'use e-smith::util' line to conf-ssh-startup - -* Thu Aug 24 2000 Gordon Rowell -- Rewrote conf-ssh-startup to use serviceControl() - -* Sun Jul 2 2000 Charlie Brady -- Make S85sshd symlink absolute so that RPM verifies - -* Sat Jun 17 2000 Charlie Brady -- Rewrite createlinks in perl -- Add sshd template for /etc/hosts.allow -- Fix ssh-keygen options code - -* Mon Jun 12 2000 Charlie Brady -- Remove /etc/rc.d/rc7.d symlink before (re-)creating it. Avoids logfile mess. -- Change backgroundCommand call to use array instead of string - avoid shell - parsing. - -* Thu May 11 2000 Charlie Brady -- Change rc?.d directory from 3 to 7. - -%description -smeserver server enhancement to configure and enable openssh - -%prep -%setup -rm -rf root/var/service root/service - -%build -perl createlinks -# build the test suite from embedded tests -/sbin/e-smith/buildtests e-smith-openssh - -%install -rm -rf $RPM_BUILD_ROOT -( cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT ) -rm -f %{name}-%{version}-%{release}-filelist - -/sbin/e-smith/genfilelist \ - --file '/sbin/e-smith/systemd/sshd-prepare' 'attr(0554,root,root)' \ - --dir '/var/log/sshd' 'attr(2750,root,root)' \ - --dir '/var/empty/sshd' 'attr(0711,root,root)' \ - $RPM_BUILD_ROOT \ - > %{name}-%{version}-%{release}-filelist - -echo "%doc COPYING" >> %{name}-%{version}-%{release}-filelist - -%clean -rm -rf $RPM_BUILD_ROOT - -%files -f %{name}-%{version}-%{release}-filelist -%defattr(-,root,root) - -%pre -if [ $1 -gt 1 ] ; then - if [ -e /var/service/sshd/run ] ; then - /usr/bin/sv d sshd - /usr/bin/sv d sshd/log - fi -fi