Compare commits
6 Commits
Author | SHA1 | Date |
---|---|---|
|
1d259445b1 | |
|
8d4e35d201 | |
|
dfe8fee054 | |
|
a14d263c00 | |
|
5503a047df | |
|
145212be4d |
21
Makefile
21
Makefile
|
@ -1,21 +0,0 @@
|
||||||
# Makefile for source rpm: openssh
|
|
||||||
# $Id: Makefile,v 1.1 2004/09/09 09:34:58 cvsdist Exp $
|
|
||||||
NAME := openssh
|
|
||||||
SPECFILE = $(firstword $(wildcard *.spec))
|
|
||||||
|
|
||||||
define find-makefile-common
|
|
||||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
|
||||||
endef
|
|
||||||
|
|
||||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
|
||||||
|
|
||||||
ifeq ($(MAKEFILE_COMMON),)
|
|
||||||
# attempt a checkout
|
|
||||||
define checkout-makefile-common
|
|
||||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
|
||||||
endef
|
|
||||||
|
|
||||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
|
||||||
endif
|
|
||||||
|
|
||||||
include $(MAKEFILE_COMMON)
|
|
|
@ -1,28 +0,0 @@
|
||||||
--- openssh-5.2p1/session.c 2009-03-20 18:08:11.263662384 +0100
|
|
||||||
+++ openssh-5.2p1/session.c 2009-03-20 18:26:29.925498409 +0100
|
|
||||||
@@ -1408,6 +1408,7 @@
|
|
||||||
const char *cp;
|
|
||||||
char component[MAXPATHLEN];
|
|
||||||
struct stat st;
|
|
||||||
+ int last;
|
|
||||||
|
|
||||||
if (*path != '/')
|
|
||||||
fatal("chroot path does not begin at root");
|
|
||||||
@@ -1419,7 +1420,7 @@
|
|
||||||
* root-owned directory with strict permissions.
|
|
||||||
*/
|
|
||||||
for (cp = path; cp != NULL;) {
|
|
||||||
- if ((cp = strchr(cp, '/')) == NULL)
|
|
||||||
+ if (((last = ((cp = strchr(cp, '/')) == NULL))))
|
|
||||||
strlcpy(component, path, sizeof(component));
|
|
||||||
else {
|
|
||||||
cp++;
|
|
||||||
@@ -1432,7 +1433,7 @@
|
|
||||||
if (stat(component, &st) != 0)
|
|
||||||
fatal("%s: stat(\"%s\"): %s", __func__,
|
|
||||||
component, strerror(errno));
|
|
||||||
- if (st.st_uid != 0 || (st.st_mode & 022) != 0)
|
|
||||||
+ if ((st.st_uid != 0 || (st.st_mode & 022) != 0) && !(last && st.st_uid == uid))
|
|
||||||
fatal("bad ownership or modes for chroot "
|
|
||||||
"directory %s\"%s\"",
|
|
||||||
cp == NULL ? "" : "component ", component);
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
diff -up openssh-5.2p1/contrib/ssh-copy-id.selabel openssh-5.2p1/contrib/ssh-copy-id
|
||||||
|
--- openssh-5.2p1/contrib/ssh-copy-id.selabel 2009-06-29 23:43:03.514390092 +0200
|
||||||
|
+++ openssh-5.2p1/contrib/ssh-copy-id 2009-06-29 23:44:11.188382120 +0200
|
||||||
|
@@ -38,7 +38,7 @@ if [ "$#" -lt 1 ] || [ "$1" = "-h" ] ||
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
-{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1
|
||||||
|
+{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys; test -x /sbin/restorecon && /sbin/restorecon .ssh .ssh/authorized_keys" || exit 1
|
||||||
|
|
||||||
|
cat <<EOF
|
||||||
|
Now try logging into the machine, with "ssh '$1'", and check in:
|
15
openssh.spec
15
openssh.spec
|
@ -63,7 +63,7 @@
|
||||||
Summary: An open source implementation of SSH protocol versions 1 and 2
|
Summary: An open source implementation of SSH protocol versions 1 and 2
|
||||||
Name: openssh
|
Name: openssh
|
||||||
Version: 5.2p1
|
Version: 5.2p1
|
||||||
Release: 3%{?dist}%{?rescue_rel}
|
Release: 6%{?dist}%{?rescue_rel}
|
||||||
URL: http://www.openssh.com/portable.html
|
URL: http://www.openssh.com/portable.html
|
||||||
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||||
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
|
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
|
||||||
|
@ -97,7 +97,7 @@ Patch54: openssh-5.1p1-gssapi-role.patch
|
||||||
Patch55: openssh-5.1p1-cloexec.patch
|
Patch55: openssh-5.1p1-cloexec.patch
|
||||||
Patch62: openssh-5.1p1-scp-manpage.patch
|
Patch62: openssh-5.1p1-scp-manpage.patch
|
||||||
Patch65: openssh-5.2p1-fips.patch
|
Patch65: openssh-5.2p1-fips.patch
|
||||||
Patch66: openssh-5.2p1-homechroot.patch
|
Patch67: openssh-5.2p1-selabel.patch
|
||||||
|
|
||||||
License: BSD
|
License: BSD
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
|
@ -229,7 +229,7 @@ an X11 passphrase dialog for OpenSSH.
|
||||||
%patch55 -p1 -b .cloexec
|
%patch55 -p1 -b .cloexec
|
||||||
%patch62 -p1 -b .manpage
|
%patch62 -p1 -b .manpage
|
||||||
%patch65 -p1 -b .fips
|
%patch65 -p1 -b .fips
|
||||||
%patch66 -p1 -b .homechroot
|
%patch67 -p1 -b .selabel
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
|
|
||||||
|
@ -474,6 +474,15 @@ fi
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Sep 21 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-6
|
||||||
|
- remove homechroot patch
|
||||||
|
|
||||||
|
* Tue Jun 30 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-5
|
||||||
|
- create '~/.ssh/known_hosts' within proper context
|
||||||
|
|
||||||
|
* Tue Jun 23 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-4
|
||||||
|
- repair broken ls in chroot %%h
|
||||||
|
|
||||||
* Fri Apr 3 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-3
|
* Fri Apr 3 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-3
|
||||||
- fix logging after chroot
|
- fix logging after chroot
|
||||||
- enable non root users to use chroot %%h in internal-sftp
|
- enable non root users to use chroot %%h in internal-sftp
|
||||||
|
|
Loading…
Reference in New Issue