diff options
Diffstat (limited to 'source/n/openssh')
-rw-r--r-- | source/n/openssh/doinst.sh | 35 | ||||
-rwxr-xr-x | source/n/openssh/openssh.SlackBuild | 145 | ||||
-rw-r--r-- | source/n/openssh/rc.sshd | 53 | ||||
-rw-r--r-- | source/n/openssh/slack-desc | 19 |
4 files changed, 252 insertions, 0 deletions
diff --git a/source/n/openssh/doinst.sh b/source/n/openssh/doinst.sh new file mode 100644 index 00000000..d696245d --- /dev/null +++ b/source/n/openssh/doinst.sh @@ -0,0 +1,35 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/ssh/ssh_config.new +config etc/ssh/sshd_config.new +config etc/rc.d/rc.sshd.new + +# If the sshd user/group/shadow don't exist, add them: + +if ! grep -q "^sshd:" etc/passwd ; then + echo "sshd:x:33:33:sshd:/:" >> etc/passwd +fi + +if ! grep -q "^sshd:" etc/group ; then + echo "sshd::33:sshd" >> etc/group +fi + +if ! grep -q "^sshd:" etc/shadow ; then + echo "sshd:*:9797:0:::::" >> etc/shadow +fi + +# Add a btmp file to store login failure if one doesn't exist: +if [ ! -r var/log/btmp ]; then + ( cd var/log ; umask 077 ; touch btmp ) +fi + diff --git a/source/n/openssh/openssh.SlackBuild b/source/n/openssh/openssh.SlackBuild new file mode 100755 index 00000000..4a661132 --- /dev/null +++ b/source/n/openssh/openssh.SlackBuild @@ -0,0 +1,145 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002, 2003, 2004 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2006, 2007, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-openssh + +VERSION=${VERSION:-5.2p1} +ARCH=${ARCH:-x86_64} +BUILD=${BUILD:-2} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" +fi + +# Clean target location: +rm -rf $PKG +mkdir -p $PKG + +# Prepare the framework and extract the package: +cd $TMP +rm -rf $PKG openssh-$VERSION +tar xjvf $CWD/openssh-$VERSION.tar.bz2 || exit 1 +cd openssh-$VERSION +chown -R root:root . + +# Compile package: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --sysconfdir=/etc/ssh \ + --without-pam \ + --with-md5-passwords \ + --with-tcp-wrappers \ + --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \ + --with-ipv4-default \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --build=$ARCH-slackware-linux + +make -j4 || exit 1 + +# Install the package: +make install DESTDIR=$PKG + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Install directory used with PrivilegeSeparation option: +mkdir -p $PKG/var/empty +chmod 755 $PKG/var/empty + +# Install docs: +mkdir -p $PKG/usr/doc/openssh-$VERSION +cp -a \ + CREDITS ChangeLog INSTALL LICENCE OVERVIEW \ + README README.privsep README.smartcard RFC.nroff TODO WARNING.RNG \ + $PKG/usr/doc/openssh-$VERSION +chmod 644 $PKG/usr/doc/openssh-$VERSION/* + +# Install also 'ssh-copy-id' and its manpage from contrib: +( cd contrib + cp -a ssh-copy-id $PKG/usr/bin/ssh-copy-id + chmod 755 $PKG/usr/bin/ssh-copy-id + cat ssh-copy-id.1 | gzip -9c > $PKG/usr/man/man1/ssh-copy-id.1.gz +) + +( cd $PKG + + # Ditch the new host keys, since these have to be uniquely prepared on each machine: + rm -f etc/ssh/ssh_host_dsa_key + rm -f etc/ssh/ssh_host_dsa_key.pub + rm -f etc/ssh/ssh_host_rsa_key + rm -f etc/ssh/ssh_host_rsa_key.pub + rm -f etc/ssh/ssh_host_key + rm -f etc/ssh/ssh_host_key.pub + + # Set up the config script installation: + mv etc/ssh/ssh_config etc/ssh/ssh_config.new + mv etc/ssh/sshd_config etc/ssh/sshd_config.new + + # Add the init script: + mkdir -p etc/rc.d + cat $CWD/rc.sshd > etc/rc.d/rc.sshd.new + chmod 755 etc/rc.d/rc.sshd.new + + # Copy runtime installation files: + mkdir -p install + zcat $CWD/doinst.sh.gz > install/doinst.sh + cat $CWD/slack-desc > install/slack-desc +) + +# Create the package itself: +cd $PKG +/sbin/makepkg -l y -c n $TMP/openssh-$VERSION-$ARCH-$BUILD.txz + diff --git a/source/n/openssh/rc.sshd b/source/n/openssh/rc.sshd new file mode 100644 index 00000000..8b496568 --- /dev/null +++ b/source/n/openssh/rc.sshd @@ -0,0 +1,53 @@ +#!/bin/sh +# Start/stop/restart the secure shell server: + +sshd_start() { + # Create host keys if needed. + if [ ! -r /etc/ssh/ssh_host_key ]; then + /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then + /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' + fi + /usr/sbin/sshd +} + +sshd_stop() { + killall sshd +} + +sshd_restart() { + if [ -r /var/run/sshd.pid ]; then + echo "WARNING: killing listener process only. To kill every sshd process, you must" + echo " use 'rc.sshd stop'. 'rc.sshd restart' kills only the parent sshd to" + echo " allow an admin logged in through sshd to use 'rc.sshd restart' without" + echo " being cut off. If sshd has been upgraded, new connections will now" + echo " use the new version, which should be a safe enough approach." + kill `cat /var/run/sshd.pid` + else + echo "WARNING: There does not appear to be a parent instance of sshd running." + echo " If you really want to kill all running instances of sshd (including" + echo " any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead." + exit 1 + fi + sleep 1 + sshd_start +} + +case "$1" in +'start') + sshd_start + ;; +'stop') + sshd_stop + ;; +'restart') + sshd_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac + diff --git a/source/n/openssh/slack-desc b/source/n/openssh/slack-desc new file mode 100644 index 00000000..04277a72 --- /dev/null +++ b/source/n/openssh/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssh: openssh (Secure Shell daemon and clients) +openssh: +openssh: ssh (Secure Shell) is a program for logging into a remote machine and +openssh: for executing commands on a remote machine. It is intended to replace +openssh: rlogin and rsh, and provide secure encrypted communications between +openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is +openssh: the daemon program for ssh. OpenSSH is based on the last free version +openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron +openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and +openssh: Dug Song. It has a homepage at http://www.openssh.com/ +openssh: |