On Tuesday 25 June 2002 01.02, Vincent Danen wrote:
> On Tue Jun 25, 2002 at 12:28:19AM +0200, Oden Eriksson wrote:
> > > > > * Mon Jun 24 2002 Vincent Danen
> > > > > <[EMAIL PROTECTED]> 3.3p1-3mdk
> > > > >
> > > > > - missing manpages
> > > >
> > > > what, no credit to Oden there?
> > >
> > > Yes, thanks to Oden.
> > >
> > > Sorry, I'm a little distracted and a lot busy... poor excuse (my
> > > apologies Oden), but I've been building openssh multiple times this
> > > morning and trying to do it as quickly as possible... my mind is
> > > solely focused on making openssh work properly for updates, and it
> > > slipped.
> >
> > He he, no problems. I just noticed it when trying to figure out what the
> > 1mdk error was. It's a quite interesting new feature they have put in, I
> > hope it won't suck too much resources though.
>
> I don't think it will. So far it seems to work really good except
> there is a problem with the PAM support... currently if you have an
> expired password, it will just punt you without giving you an
> opportunity to change your password. This is a known bug in 3.3, but
> no good workaround/solution exists yet.
Oh..., that doesn't sound very nice... Until it works it would be an idea
have "UsePrivilegeSeparation=no" in the sshd_config file?
> > What happened with the idea with a rpm macro update for older distros
> > instead of having to maintain backward compability in the spec files?
>
> I could probably put it out today... works really good.
Great! Is it system wide or per user (root) based?
Oh.., I found another missing file in the openssh package (+ some minor
fixes), a patch is attached.
--
Regards // Oden Eriksson
Deserve-IT Networks -> http://d-srv.com
--- openssh.spec Mon Jun 24 23:05:59 2002
+++ openssh.spec.oden Tue Jun 25 01:40:40 2002
@@ -11,7 +11,7 @@
%define name openssh
%define version 3.3p1
-%define release 3mdk
+%define release 4mdk
Summary: OpenSSH free Secure Shell (SSH) implementation
Name: %{name}
@@ -173,12 +173,20 @@
%serverbuild
-CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%{_prefix} \
- --sysconfdir=%{_sysconfdir}/ssh --mandir=%{_mandir} --libexecdir=%{_libdir}/ssh \
- --with-tcp-wrappers --with-rsh=%{_bindir}/rsh --with-pam \
- --with-default-path=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin \
- --with-xauth=/usr/X11R6/bin/xauth --with-privsep-path=/var/empty/sshd \
- --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+CFLAGS="$RPM_OPT_FLAGS" \
+ ./configure \
+ --prefix=%{_prefix} \
+ --sysconfdir=%{_sysconfdir}/ssh \
+ --mandir=%{_mandir} \
+ --libexecdir=%{_libdir}/ssh \
+ --with-tcp-wrappers \
+ --with-rsh=%{_bindir}/rsh \
+ --with-pam \
+ --with-default-path=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin \
+ --with-xauth=/usr/X11R6/bin/xauth \
+ --with-privsep-user=sshd \
+ --with-privsep-path=/var/empty/sshd
+ --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
make
cd x11-ssh-askpass-%{aversion}
@@ -244,8 +252,8 @@
rm -rf $RPM_BUILD_ROOT
%pre server
-grep "^sshd:" %{_sysconfdir}/group >/dev/null || groupadd -g 94 sshd
-grep "^sshd:" %{_sysconfdir}/passwd >/dev/null || useradd -u 94 -g 94 -s /bin/true -M -r sshd
+grep "^sshd:" %{_sysconfdir}/group >/dev/null || groupadd -g 94 -r sshd
+grep "^sshd:" %{_sysconfdir}/passwd >/dev/null || useradd -g sshd -o -c 'The privsep OpenSSH user' -u 94 -s /bin/true -r -d /var/empty/sshd sshd
%post server
%_post_service sshd
@@ -285,6 +293,7 @@
%{_mandir}/man1/ssh-keyscan.1*
%{_mandir}/man8/ssh-keysign.8*
%{_bindir}/scp
+%{_libdir}/ssh/ssh-keysign
%files clients
%defattr(-,root,root)
@@ -334,6 +343,9 @@
%attr(0755,root,root) %config(noreplace) %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
%changelog
+* Mon Jun 24 2002 Oden Eriksson <[EMAIL PROTECTED]> 3.3p1-4mdk
+- misc spec file fixes
+
* Mon Jun 24 2002 Vincent Danen <[EMAIL PROTECTED]> 3.3p1-3mdk
- missing manpages
