diff options
| author | root <root@rshg054.dnsready.net> | 2012-04-24 00:01:27 +0000 |
|---|---|---|
| committer | root <root@rshg054.dnsready.net> | 2012-04-24 00:01:27 +0000 |
| commit | 264f2be5f341b9946381d84ebaffc95f9199990b (patch) | |
| tree | 21ee2b5c6a55b957afc2674f59d66a33635e5705 /testing/openssh | |
| parent | f81dfba1507be388ae1b2c2437fccad46aadc950 (diff) | |
Tue Apr 24 00:01:27 UTC 2012
Diffstat (limited to 'testing/openssh')
| -rw-r--r-- | testing/openssh/PKGBUILD | 77 | ||||
| -rwxr-xr-x | testing/openssh/sshd | 45 | ||||
| -rw-r--r-- | testing/openssh/sshd.close-sessions | 17 | ||||
| -rw-r--r-- | testing/openssh/sshd.confd | 4 | ||||
| -rw-r--r-- | testing/openssh/sshd.pam | 12 |
5 files changed, 155 insertions, 0 deletions
diff --git a/testing/openssh/PKGBUILD b/testing/openssh/PKGBUILD new file mode 100644 index 000000000..0a52bc805 --- /dev/null +++ b/testing/openssh/PKGBUILD @@ -0,0 +1,77 @@ +# $Id: PKGBUILD 156652 2012-04-22 08:07:55Z bisson $ +# Maintainer: Gaetan Bisson <bisson@archlinux.org> +# Contributor: Aaron Griffin <aaron@archlinux.org> +# Contributor: judd <jvinet@zeroflux.org> + +pkgname=openssh +pkgver=6.0p1 +pkgrel=1 +pkgdesc='Free version of the SSH connectivity tools' +url='http://www.openssh.org/portable.html' +license=('custom:BSD') +arch=('i686' 'x86_64') +depends=('krb5' 'openssl' 'libedit' 'ldns') +optdepends=('x11-ssh-askpass: input passphrase in X without a terminal') +source=("ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz" + 'sshd.close-sessions' + 'sshd.confd' + 'sshd.pam' + 'sshd') +sha1sums=('f691e53ef83417031a2854b8b1b661c9c08e4422' + '954bf1660aa32620c37034320877f4511b767ccb' + 'ec102deb69cad7d14f406289d2fc11fee6eddbdd' + '3413909fd45a28701c92e6e5b59c6b65346ddb0f' + '21fa88de6cc1c7912e71655f50896ba17991a1c2') + +backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd' 'etc/conf.d/sshd') + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + + ./configure \ + --prefix=/usr \ + --libexecdir=/usr/lib/ssh \ + --sysconfdir=/etc/ssh \ + --with-ldns \ + --with-libedit \ + --with-ssl-engine \ + --with-pam \ + --with-privsep-user=nobody \ + --with-kerberos5=/usr \ + --with-xauth=/usr/bin/xauth \ + --with-mantype=man \ + --with-md5-passwords \ + + make +} + +check() { + cd "${srcdir}/${pkgname}-${pkgver}" + + # The connect.sh test must be run by a user with a decent login shell; + # chroot builds use nobody with /bin/false. + make tests || true +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + + install -Dm755 ../sshd "${pkgdir}"/etc/rc.d/sshd + install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd + install -Dm644 ../sshd.confd "${pkgdir}"/etc/conf.d/sshd + install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE" + install -Dm755 ../sshd.close-sessions "${pkgdir}/etc/rc.d/functions.d/sshd-close-sessions" # FS#17389 + + rm "${pkgdir}"/usr/share/man/man1/slogin.1 + ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz + + install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh + install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id + install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1 + + sed \ + -e '/^#ChallengeResponseAuthentication yes$/c ChallengeResponseAuthentication no' \ + -e '/^#UsePAM no$/c UsePAM yes' \ + -i "${pkgdir}"/etc/ssh/sshd_config +} diff --git a/testing/openssh/sshd b/testing/openssh/sshd new file mode 100755 index 000000000..1d68fb877 --- /dev/null +++ b/testing/openssh/sshd @@ -0,0 +1,45 @@ +#!/bin/bash + +. /etc/rc.conf +. /etc/rc.d/functions +. /etc/conf.d/sshd + +PIDFILE=/var/run/sshd.pid +PID=$(cat $PIDFILE 2>/dev/null) +if ! readlink -q /proc/$PID/exe | grep -q '^/usr/sbin/sshd'; then + PID= + rm $PIDFILE 2>/dev/null +fi + +case "$1" in + start) + stat_busy 'Starting Secure Shell Daemon' + /usr/bin/ssh-keygen -A + [[ -d /var/empty ]] || mkdir -p /var/empty + [[ -z $PID ]] && /usr/sbin/sshd $SSHD_ARGS + if [[ $? -gt 0 ]]; then + stat_fail + else + add_daemon sshd + stat_done + fi + ;; + stop) + stat_busy 'Stopping Secure Shell Daemon' + [[ ! -z $PID ]] && kill $PID &> /dev/null + if [[ $? -gt 0 ]]; then + stat_fail + else + rm_daemon sshd + stat_done + fi + ;; + restart) + $0 stop + sleep 1 + $0 start + ;; + *) + echo "usage: $0 {start|stop|restart}" +esac +exit 0 diff --git a/testing/openssh/sshd.close-sessions b/testing/openssh/sshd.close-sessions new file mode 100644 index 000000000..be2a709fc --- /dev/null +++ b/testing/openssh/sshd.close-sessions @@ -0,0 +1,17 @@ +# Close sshd sessions before shutting down the network; see FS#17389. + +sshd_close_sessions () { + if ck_daemon sshd; then + return + fi + /etc/rc.d/sshd stop + stat_busy "Stopping Secure Shell Sessions" + for i in $(pgrep sshd); do + if readlink -q /proc/$i/exe | grep -q '^/usr/sbin/sshd'; then + kill $i + fi + done &>/dev/null + stat_done +} + +add_hook shutdown_start sshd_close_sessions diff --git a/testing/openssh/sshd.confd b/testing/openssh/sshd.confd new file mode 100644 index 000000000..5ce7c0079 --- /dev/null +++ b/testing/openssh/sshd.confd @@ -0,0 +1,4 @@ +# +# Parameters to be passed to sshd +# +SSHD_ARGS="" diff --git a/testing/openssh/sshd.pam b/testing/openssh/sshd.pam new file mode 100644 index 000000000..c7b91cdfb --- /dev/null +++ b/testing/openssh/sshd.pam @@ -0,0 +1,12 @@ +#%PAM-1.0 +#auth required pam_securetty.so #Disable remote root +auth required pam_unix.so +auth required pam_env.so +account required pam_nologin.so +account required pam_unix.so +account required pam_time.so +password required pam_unix.so +session required pam_unix_session.so +session required pam_limits.so +-session optional pam_ck_connector.so nox11 +-session optional pam_systemd.so |