upg openssh

This commit is contained in:
joborun linux 2023-08-11 14:19:56 +03:00
parent bc8663110c
commit 7ae5f81d00
6 changed files with 74 additions and 15 deletions

View file

@ -0,0 +1,4 @@
# sshd_config defaults on Arch Linux
KbdInteractiveAuthentication no
UsePAM yes
PrintMotd no

View file

@ -7,7 +7,7 @@
pkgname=openssh
pkgver=9.4p1
pkgrel=01 # openssl rebuild
pkgrel=02 # openssl rebuild
pkgdesc='SSH protocol implementation for remote login, command execution and file transfer w/o systemd'
url='https://www.openssh.com/portable.html'
depends=(
@ -29,8 +29,9 @@ optdepends=('sh: for ssh-copy-id and findssl.sh'
backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd')
#options=('debug') ## uncomment this to have the debug pkg produced
source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
"$pkgname-9.0p1-sshd_config.patch"
source=(https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$pkgver.tar.gz{,.asc}
# "$pkgname-9.0p1-sshd_config.patch"
'00-archlinux.conf'
'sshd.conf'
'sshd.pam')
@ -38,7 +39,16 @@ source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgve
#install=install ### systemd autostart crap
prepare() {
patch -Np1 -d "$pkgname-$pkgver" -i ../$pkgname-9.0p1-sshd_config.patch
cd $pkgname-$pkgver
# remove variable (but useless) first line in config (related to upstream VCS)
sed '/^#.*\$.*\$$/d' -i ssh{,d}_config
# prepend configuration option to include drop-in configuration files for sshd_config
printf "# Include drop-in configurations\nInclude /etc/ssh/sshd_config.d/*.conf\n" | cat - sshd_config > sshd_config.tmp
mv -v sshd_config.tmp sshd_config
# prepend configuration option to include drop-in configuration files for ssh_config
printf "# Include drop-in configurations\nInclude /etc/ssh/ssh_config.d/*.conf\n" | cat - ssh_config > ssh_config.tmp
mv -v ssh_config.tmp ssh_config
}
#prepare() {
@ -81,10 +91,14 @@ package() {
cd "${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
install -vDm 644 ../00-archlinux.conf -t "$pkgdir/etc/ssh/sshd_config.d/"
install -vdm 755 "$pkgdir/etc/ssh/ssh_config.d"
ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
install -Dm644 LICENCE -t "${pkgdir}/usr/share/licenses/${pkgname}/LICENCE"
# We are including the service files as guid in making runit 66 services, especially the
# sshdgenkeys service
# install -Dm644 ../sshdgenkeys.service -t "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service
# install -Dm644 ../sshd.service -t "${pkgdir}"/usr/lib/systemd/system/sshd.service
install -Dm644 ../sshd.conf -t "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf
@ -93,7 +107,6 @@ package() {
install -Dm755 contrib/findssl.sh -t "${pkgdir}"/usr/bin/findssl.sh
install -Dm755 contrib/ssh-copy-id -t "${pkgdir}"/usr/bin/ssh-copy-id
install -Dm644 contrib/ssh-copy-id.1 -t "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1
}
#---- arch license gpg-key & sha256sums ----
@ -106,8 +119,9 @@ validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA') # "Damien Miller <djm@
sha256sums=(3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85 # openssh-9.4p1.tar.gz
d92592d82bee81745a71bbf249ede02afcdbf933f0de18841a7f17b15b975a03 # openssh-9.4p1.tar.gz.asc
27e43dfd1506c8a821ec8186bae65f2dc43ca038616d6de59f322bd14aa9d07f # openssh-9.0p1-sshd_config.patch
4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6 # sshd.conf
78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30 # 00-archlinux.conf
76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327 # sshd.conf
64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846) # sshd.pam
## e5d56664c00bbf6288b1b3f5df93c92e540c5b31508db4f9af99b08ffdef52b6 openssh-9.4p1-01-x86_64.pkg.tar.lz
## 52c55680fd0b9d3580f6d331856c22f41a9961eac37992eb7fb823146e74852e openssh-9.4p1-02-x86_64.pkg.tar.lz

View file

@ -6,7 +6,7 @@
pkgname=openssh
pkgver=9.4p1
pkgrel=1
pkgrel=2
pkgdesc="SSH protocol implementation for remote login, command execution and file transfer"
arch=(x86_64)
url='https://www.openssh.com/portable.html'
@ -38,7 +38,7 @@ backup=(
)
source=(
https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$pkgver.tar.gz{,.asc}
$pkgname-9.0p1-sshd_config.patch
00-archlinux.conf
sshdgenkeys.service
sshd.service
sshd.conf
@ -46,22 +46,31 @@ source=(
)
sha256sums=('3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85'
'SKIP'
'27e43dfd1506c8a821ec8186bae65f2dc43ca038616d6de59f322bd14aa9d07f'
'78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30'
'e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611'
'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7'
'4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6'
'76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327'
'64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846')
b2sums=('d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53'
'SKIP'
'29e1a1c2744e0234830c6f93a46338ea8dc943370e20a24883d207d611025e54643da678f2826050c073a36be48dfdc7329d4cfb144c2ff90607a5f10f73dc59'
'1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97'
'09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50'
'07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e'
'27571f728c3c10834a81652f3917188436474b588f8b047462e44b6c7a424f60d06ce8cb74839b691870177d7261592207d7f35d4ae6c79af87d6a7ea156d395'
'a3fd8f00430168f03dcbc4a5768ed788dd43140e365a882b601510f53f69704da04f24660157bb8a43125f5389528993732d99569d77d5f3358074e7ae36d4ca'
'557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930')
validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA') # Damien Miller <djm@mindrot.org>
prepare() {
patch -Np1 -d $pkgname-$pkgver -i ../$pkgname-9.0p1-sshd_config.patch
cd $pkgname-$pkgver
# remove variable (but useless) first line in config (related to upstream VCS)
sed '/^#.*\$.*\$$/d' -i ssh{,d}_config
# prepend configuration option to include drop-in configuration files for sshd_config
printf "# Include drop-in configurations\nInclude /etc/ssh/sshd_config.d/*.conf\n" | cat - sshd_config > sshd_config.tmp
mv -v sshd_config.tmp sshd_config
# prepend configuration option to include drop-in configuration files for ssh_config
printf "# Include drop-in configurations\nInclude /etc/ssh/ssh_config.d/*.conf\n" | cat - ssh_config > ssh_config.tmp
mv -v ssh_config.tmp ssh_config
}
build() {
@ -99,6 +108,9 @@ package() {
make DESTDIR="$pkgdir" install
install -vDm 644 ../00-archlinux.conf -t "$pkgdir/etc/ssh/sshd_config.d/"
install -vdm 755 "$pkgdir/etc/ssh/ssh_config.d"
ln -sf ssh.1.gz "$pkgdir"/usr/share/man/man1/slogin.1.gz
install -Dm644 LICENCE -t "$pkgdir/usr/share/licenses/$pkgname/"

View file

@ -1 +1,3 @@
d /var/empty 0755 root root
d /etc/ssh/sshd_config.d 0755 root root
d /etc/ssh/ssh_config.d 0755 root root

14
openssh/sshd.service Normal file
View file

@ -0,0 +1,14 @@
[Unit]
Description=OpenSSH Daemon
Wants=sshdgenkeys.service
After=sshdgenkeys.service
After=network.target
[Service]
ExecStart=/usr/bin/sshd -D
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=always
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,13 @@
[Unit]
Description=SSH Key Generation
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
[Service]
ExecStart=/usr/bin/ssh-keygen -A
Type=oneshot
RemainAfterExit=yes