[prev in list] [next in list] [prev in thread] [next in thread]
List: annvix-cvs
Subject: [cvs] CVS commit in packages/openssh on 2005/09/26 08:28:22
From: cvsrep () annvix ! org
Date: 2005-09-26 8:28:25
Message-ID: E1EJoLZ-0008F1-Oa () build ! annvix ! org
[Download RAW message or body]
Module name: packages/openssh
Changes by: vdanen
Date: 2005/09/26 08:28:22
Commit log:
- Converted run script to execlineb.
- fix requires (vdanen)
- add default env file (vdanen)
- precompile peers.cdb in %post (vdanen)
- change sshd_config/ssh_config to not permit X11 fwding by default (vdanen)
Index: openssh.spec
===================================================================
RCS file: /work/annvix/cvsroot/packages/openssh/openssh.spec,v
retrieving revision 1.3.4.9
retrieving revision 1.3.4.10
diff -u -r1.3.4.9 -r1.3.4.10
--- openssh.spec 4 Sep 2005 00:33:47 -0000 1.3.4.9
+++ openssh.spec 26 Sep 2005 08:28:22 -0000 1.3.4.10
@@ -11,7 +11,7 @@
%define name openssh
%define version 4.2p1
-%define release 3avx
+%define release 4avx
# overrides
%global build_skey 0
@@ -34,7 +34,7 @@
Source8: sshd.run
Source9: sshd-log.run
Source10: convert_known_hosts-4.0.pl
-Patch1: openssh-4.1p1-avx-annvixconf.patch.bz2
+Patch1: openssh-4.2p1-avx-annvixconf.patch.bz2
# authorized by Damien Miller <djm@openbsd.com>
Patch2: openssh-3.1p1-mdk-check-only-ssl-version.patch.bz2
@@ -48,8 +48,11 @@
Obsoletes: ssh
Provides: ssh
-PreReq: openssl >= 0.9.7, afterboot
Requires: filesystem >= 2.1.5
+Requires(pre): rpm-helper
+Requires(post): rpm-helper, afterboot, ipsvd, openssl
+Requires(preun): rpm-helper
+Requires(postun): rpm-helper, afterboot
%description
Ssh (Secure Shell) a program for logging into a remote machine and for
@@ -178,12 +181,21 @@
rm -f %{buildroot}%{_datadir}/ssh/Ssh.bin
-mkdir -p %{buildroot}%{_srvdir}/sshd/{log,peers}
+mkdir -p %{buildroot}%{_srvdir}/sshd/{log,peers,env}
install -m 0740 %{SOURCE8} %{buildroot}%{_srvdir}/sshd/run
install -m 0740 %{SOURCE9} %{buildroot}%{_srvdir}/sshd/log/run
touch %{buildroot}%{_srvdir}/sshd/peers/0
chmod 0640 %{buildroot}%{_srvdir}/sshd/peers/0
+echo "localhost" >%{buildroot}%{_srvdir}/sshd/env/HOSTNAME
+echo "0" >%{buildroot}%{_srvdir}/sshd/env/IP
+echo "22" >%{buildroot}%{_srvdir}/sshd/env/PORT
+echo "20" >%{buildroot}%{_srvdir}/sshd/env/MAX_CONN
+echo "5" >%{buildroot}%{_srvdir}/sshd/env/MAX_PER_HOST
+echo "20" >%{buildroot}%{_srvdir}/sshd/env/MAX_BACKLOG
+>%{buildroot}%{_srvdir}/sshd/env/OPTIONS
+
+
mkdir -p %{buildroot}%{_datadir}/afterboot
install -m 0644 %{SOURCE5} %{buildroot}%{_datadir}/afterboot/04_openssh
@@ -261,6 +273,10 @@
fi
%_post_srv sshd
%_mkafterboot
+pushd %{_srvdir}/sshd >/dev/null 2>&1
+ ipsvd-cdb peers.cdb peers.cdb.tmp peers/
+popd >/dev/null 2>&1
+
%preun server
%_preun_srv sshd
@@ -328,9 +344,24 @@
%config(noreplace) %attr(0740,root,admin) %{_srvdir}/sshd/log/run
%dir %attr(0750,root,admin) %{_srvdir}/sshd/peers
%config(noreplace) %attr(0640,root,admin) %{_srvdir}/sshd/peers/0
+%attr(0640,root,admin) %{_srvdir}/sshd/env/HOSTNAME
+%attr(0640,root,admin) %{_srvdir}/sshd/env/IP
+%attr(0640,root,admin) %{_srvdir}/sshd/env/PORT
+%attr(0640,root,admin) %{_srvdir}/sshd/env/MAX_CONN
+%attr(0640,root,admin) %{_srvdir}/sshd/env/MAX_PER_HOST
+%attr(0640,root,admin) %{_srvdir}/sshd/env/MAX_BACKLOG
+%attr(0640,root,admin) %{_srvdir}/sshd/env/OPTIONS
%{_datadir}/afterboot/04_openssh
+
%changelog
+* Sun Sep 25 2005 Sean P. Thomas <spt@annvix.org> 4.2p1-4avx
+- Converted run script to execlineb.
+- fix requires (vdanen)
+- add default env file (vdanen)
+- precompile peers.cdb in %%post (vdanen)
+- change sshd_config/ssh_config to not permit X11 fwding by default (vdanen)
+
* Sat Sep 03 2005 Vincent Danen <vdanen@annvix.org> 4.2p1-3avx
- s/supervise/service/ in log/run
Index: sshd.run
===================================================================
RCS file: /work/annvix/cvsroot/packages/openssh/sshd.run,v
retrieving revision 1.2.4.1
retrieving revision 1.2.4.2
diff -u -r1.2.4.1 -r1.2.4.2
--- sshd.run 3 Sep 2005 20:27:32 -0000 1.2.4.1
+++ sshd.run 26 Sep 2005 08:28:22 -0000 1.2.4.2
@@ -1,13 +1,20 @@
-#!/bin/sh
-PATH="/sbin:/usr/sbin:/bin:/usr/bin"
+#!/bin/execlineb
-# this runs sshd under supervise
+/bin/fdmove -c 2 1
-# source sysconfig settings
-[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
+/bin/export PATH "/sbin:/bin:/usr/sbin:/usr/bin"
-# this runs sshd and limits the server to a maximum of 30 simultaneous
-# connections (-c) using the ipsvd-instruct(5) directory ./peers for instructions
-# and listening to all IPs on port 22 (ssh)
+/sbin/chpst -e ./env/
-exec /sbin/tcpsvd -c30 -v -llocalhost -i./peers 0 22 /usr/sbin/sshd -i $OPTIONS 2>&1
+/bin/multisubstitute {
+ import -D "localhost" HOSTNAME
+ import -D 0 IP
+ import -D 22 PORT
+ import -D 20 MAX_CONN
+ import -D 5 MAX_PER_HOST
+ import -D 20 MAX_BACKLOG
+ import OPTIONS
+}
+
+/sbin/tcpsvd -v -l $HOSTNAME -x peers.cdb -c $MAX_CONN -C "$MAX_PER_HOST" -b $MAX_BACKLOG $IP $PORT
+ /usr/sbin/sshd -i $OPTIONS
_______________________________________________
cvs mailing list
cvs@annvix.org
http://annvix.org/mailman/listinfo/cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic