On Tuesday 25 June 2002 01.02, Vincent Danen wrote: > On Tue Jun 25, 2002 at 12:28:19AM +0200, Oden Eriksson wrote: > > > > > * Mon Jun 24 2002 Vincent Danen > > > > > <[EMAIL PROTECTED]> 3.3p1-3mdk > > > > > > > > > > - missing manpages > > > > > > > > what, no credit to Oden there? > > > > > > Yes, thanks to Oden. > > > > > > Sorry, I'm a little distracted and a lot busy... poor excuse (my > > > apologies Oden), but I've been building openssh multiple times this > > > morning and trying to do it as quickly as possible... my mind is > > > solely focused on making openssh work properly for updates, and it > > > slipped. > > > > He he, no problems. I just noticed it when trying to figure out what the > > 1mdk error was. It's a quite interesting new feature they have put in, I > > hope it won't suck too much resources though. > > I don't think it will. So far it seems to work really good except > there is a problem with the PAM support... currently if you have an > expired password, it will just punt you without giving you an > opportunity to change your password. This is a known bug in 3.3, but > no good workaround/solution exists yet.
Oh..., that doesn't sound very nice... Until it works it would be an idea have "UsePrivilegeSeparation=no" in the sshd_config file? > > What happened with the idea with a rpm macro update for older distros > > instead of having to maintain backward compability in the spec files? > > I could probably put it out today... works really good. Great! Is it system wide or per user (root) based? Oh.., I found another missing file in the openssh package (+ some minor fixes), a patch is attached. -- Regards // Oden Eriksson Deserve-IT Networks -> http://d-srv.com
--- openssh.spec Mon Jun 24 23:05:59 2002 +++ openssh.spec.oden Tue Jun 25 01:40:40 2002 @@ -11,7 +11,7 @@ %define name openssh %define version 3.3p1 -%define release 3mdk +%define release 4mdk Summary: OpenSSH free Secure Shell (SSH) implementation Name: %{name} @@ -173,12 +173,20 @@ %serverbuild -CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%{_prefix} \ - --sysconfdir=%{_sysconfdir}/ssh --mandir=%{_mandir} --libexecdir=%{_libdir}/ssh \ - --with-tcp-wrappers --with-rsh=%{_bindir}/rsh --with-pam \ - --with-default-path=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin \ - --with-xauth=/usr/X11R6/bin/xauth --with-privsep-path=/var/empty/sshd \ - --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +CFLAGS="$RPM_OPT_FLAGS" \ + ./configure \ + --prefix=%{_prefix} \ + --sysconfdir=%{_sysconfdir}/ssh \ + --mandir=%{_mandir} \ + --libexecdir=%{_libdir}/ssh \ + --with-tcp-wrappers \ + --with-rsh=%{_bindir}/rsh \ + --with-pam \ + --with-default-path=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin \ + --with-xauth=/usr/X11R6/bin/xauth \ + --with-privsep-user=sshd \ + --with-privsep-path=/var/empty/sshd + --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin make cd x11-ssh-askpass-%{aversion} @@ -244,8 +252,8 @@ rm -rf $RPM_BUILD_ROOT %pre server -grep "^sshd:" %{_sysconfdir}/group >/dev/null || groupadd -g 94 sshd -grep "^sshd:" %{_sysconfdir}/passwd >/dev/null || useradd -u 94 -g 94 -s /bin/true -M -r sshd +grep "^sshd:" %{_sysconfdir}/group >/dev/null || groupadd -g 94 -r sshd +grep "^sshd:" %{_sysconfdir}/passwd >/dev/null || useradd -g sshd -o -c 'The privsep OpenSSH user' -u 94 -s /bin/true -r -d /var/empty/sshd sshd %post server %_post_service sshd @@ -285,6 +293,7 @@ %{_mandir}/man1/ssh-keyscan.1* %{_mandir}/man8/ssh-keysign.8* %{_bindir}/scp +%{_libdir}/ssh/ssh-keysign %files clients %defattr(-,root,root) @@ -334,6 +343,9 @@ %attr(0755,root,root) %config(noreplace) %{_sysconfdir}/profile.d/gnome-ssh-askpass.* %changelog +* Mon Jun 24 2002 Oden Eriksson <[EMAIL PROTECTED]> 3.3p1-4mdk +- misc spec file fixes + * Mon Jun 24 2002 Vincent Danen <[EMAIL PROTECTED]> 3.3p1-3mdk - missing manpages