Bugzilla – Attachment 515 Details for
Bug 776
Add Fedora information to build RPMs
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to allow building of Fedora RPMs
fedora-rpms.patch (text/plain), 37.08 KB, created by
Jason McCormick
on 2003-12-18 14:54:28 AEDT
(
hide
)
Description:
Patch to allow building of Fedora RPMs
Filename:
MIME Type:
Creator:
Jason McCormick
Created:
2003-12-18 14:54:28 AEDT
Size:
37.08 KB
patch
obsolete
>diff -urP contrib/fedora/gnome-ssh-askpass.csh contrib/fedora/gnome-ssh-askpass.csh >--- contrib/fedora/gnome-ssh-askpass.csh 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/gnome-ssh-askpass.csh 2003-12-18 14:59:00.000000000 -0500 >@@ -0,0 +1 @@ >+setenv SSH_ASKPASS /usr/libexec/openssh/gnome-ssh-askpass >diff -urP contrib/fedora/gnome-ssh-askpass.sh contrib/fedora/gnome-ssh-askpass.sh >--- contrib/fedora/gnome-ssh-askpass.sh 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/gnome-ssh-askpass.sh 2003-12-18 14:59:00.000000000 -0500 >@@ -0,0 +1,2 @@ >+SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass >+export SSH_ASKPASS >diff -urP contrib/fedora/openssh.spec contrib/fedora/openssh.spec >--- contrib/fedora/openssh.spec 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/openssh.spec 2003-12-18 14:59:41.000000000 -0500 >@@ -0,0 +1,805 @@ >+%define ver 3.7.1p2 >+%define rel 1 >+ >+# OpenSSH privilege separation requires a user & group ID >+%define sshd_uid 74 >+%define sshd_gid 74 >+ >+# Version of ssh-askpass >+%define aversion 1.2.4.1 >+ >+# Do we want to disable building of x11-askpass? (1=yes 0=no) >+%define no_x11_askpass 0 >+ >+# Do we want to disable building of gnome-askpass? (1=yes 0=no) >+%define no_gnome_askpass 0 >+ >+# Do we want to link against a static libcrypto? (1=yes 0=no) >+%define static_libcrypto 0 >+ >+# Do we want smartcard support (1=yes 0=no) >+%define scard 0 >+ >+# Use GTK2 instead of GNOME in gnome-ssh-askpass >+%define gtk2 1 >+ >+# Is this build for RHL 6.x? >+%define build6x 0 >+ >+# Do we want kerberos5 support (1=yes 0=no) >+%define kerberos5 1 >+ >+# Reserve options to override askpass settings with: >+# rpm -ba|--rebuild --define 'skip_xxx 1' >+%{?skip_x11_askpass:%define no_x11_askpass 1} >+%{?skip_gnome_askpass:%define no_gnome_askpass 1} >+ >+# Add option to build without GTK2 for older platforms with only GTK+. >+# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples. >+# rpm -ba|--rebuild --define 'no_gtk2 1' >+%{?no_gtk2:%define gtk2 0} >+ >+# Is this a build for RHL 6.x or earlier? >+%{?build_6x:%define build6x 1} >+ >+# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc. >+%if %{build6x} >+%define _sysconfdir /etc >+%endif >+ >+# Options for static OpenSSL link: >+# rpm -ba|--rebuild --define "static_openssl 1" >+%{?static_openssl:%define static_libcrypto 1} >+ >+# Options for Smartcard support: (needs libsectok and openssl-engine) >+# rpm -ba|--rebuild --define "smartcard 1" >+%{?smartcard:%define scard 1} >+ >+# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no) >+%define rescue 0 >+%{?build_rescue:%define rescue 1} >+ >+# Turn off some stuff for resuce builds >+%if %{rescue} >+%define kerberos5 0 >+%endif >+ >+Summary: The OpenSSH implementation of SSH protocol versions 1 and 2. >+Name: openssh >+Version: %{ver} >+%if %{rescue} >+Release: %{rel}rescue >+%else >+Release: %{rel} >+%endif >+URL: http://www.openssh.com/portable.html >+Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz >+Source1: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz >+License: BSD >+Group: Applications/Internet >+BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot >+Obsoletes: ssh >+%if %{build6x} >+PreReq: initscripts >= 5.00 >+%else >+PreReq: initscripts >= 5.20 >+%endif >+BuildPreReq: perl, openssl-devel, tcp_wrappers >+BuildPreReq: /bin/login >+%if ! %{build6x} >+BuildPreReq: glibc-devel, pam >+%else >+BuildPreReq: /usr/include/security/pam_appl.h >+%endif >+%if ! %{no_x11_askpass} >+BuildPreReq: XFree86-devel >+%endif >+%if ! %{no_gnome_askpass} >+BuildPreReq: pkgconfig >+%endif >+%if %{kerberos5} >+BuildPreReq: krb5-devel >+BuildPreReq: krb5-libs >+%endif >+ >+%package clients >+Summary: OpenSSH clients. >+Requires: openssh = %{version}-%{release} >+Group: Applications/Internet >+Obsoletes: ssh-clients >+ >+%package server >+Summary: The OpenSSH server daemon. >+Group: System Environment/Daemons >+Obsoletes: ssh-server >+PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9 >+%if ! %{build6x} >+Requires: /etc/pam.d/system-auth >+%endif >+ >+%package askpass >+Summary: A passphrase dialog for OpenSSH and X. >+Group: Applications/Internet >+Requires: openssh = %{version}-%{release} >+Obsoletes: ssh-extras >+ >+%package askpass-gnome >+Summary: A passphrase dialog for OpenSSH, X, and GNOME. >+Group: Applications/Internet >+Requires: openssh = %{version}-%{release} >+Obsoletes: ssh-extras >+ >+%description >+SSH (Secure SHell) is a program for logging into and executing >+commands on a remote machine. SSH is intended to replace rlogin and >+rsh, and to provide secure encrypted communications between two >+untrusted hosts over an insecure network. X11 connections and >+arbitrary TCP/IP ports can also be forwarded over the secure channel. >+ >+OpenSSH is OpenBSD's version of the last free version of SSH, bringing >+it up to date in terms of security and features, as well as removing >+all patented algorithms to separate libraries. >+ >+This package includes the core files necessary for both the OpenSSH >+client and server. To make this package useful, you should also >+install openssh-clients, openssh-server, or both. >+ >+%description clients >+OpenSSH is a free version of SSH (Secure SHell), a program for logging >+into and executing commands on a remote machine. This package includes >+the clients necessary to make encrypted connections to SSH servers. >+You'll also need to install the openssh package on OpenSSH clients. >+ >+%description server >+OpenSSH is a free version of SSH (Secure SHell), a program for logging >+into and executing commands on a remote machine. This package contains >+the secure shell daemon (sshd). The sshd daemon allows SSH clients to >+securely connect to your SSH server. You also need to have the openssh >+package installed. >+ >+%description askpass >+OpenSSH is a free version of SSH (Secure SHell), a program for logging >+into and executing commands on a remote machine. This package contains >+an X11 passphrase dialog for OpenSSH. >+ >+%description askpass-gnome >+OpenSSH is a free version of SSH (Secure SHell), a program for logging >+into and executing commands on a remote machine. This package contains >+an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop >+environment. >+ >+%prep >+ >+%if ! %{no_x11_askpass} >+%setup -q -a 1 >+%else >+%setup -q >+%endif >+ >+%build >+%if %{rescue} >+CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS >+%endif >+ >+%configure \ >+ --sysconfdir=%{_sysconfdir}/ssh \ >+ --libexecdir=%{_libexecdir}/openssh \ >+ --datadir=%{_datadir}/openssh \ >+ --with-tcp-wrappers \ >+ --with-rsh=%{_bindir}/rsh \ >+ --with-default-path=/usr/local/bin:/bin:/usr/bin \ >+ --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ >+ --with-privsep-path=%{_var}/empty/sshd \ >+ --with-md5-passwords \ >+%if %{scard} >+ --with-smartcard \ >+%endif >+%if %{rescue} >+ --without-pam \ >+%else >+ --with-pam \ >+%endif >+%if %{kerberos5} >+ --with-kerberos5=/usr \ >+%endif >+ >+ >+%if %{static_libcrypto} >+perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile >+%endif >+ >+make >+ >+%if ! %{no_x11_askpass} >+pushd x11-ssh-askpass-%{aversion} >+%configure --libexecdir=%{_libexecdir}/openssh >+xmkmf -a >+make >+popd >+%endif >+ >+# Define a variable to toggle gnome1/gtk2 building. This is necessary >+# because RPM doesn't handle nested %if statements. >+%if %{gtk2} >+ gtk2=yes >+%else >+ gtk2=no >+%endif >+ >+%if ! %{no_gnome_askpass} >+pushd contrib >+if [ $gtk2 = yes ] ; then >+ make gnome-ssh-askpass2 >+ mv gnome-ssh-askpass2 gnome-ssh-askpass >+else >+ make gnome-ssh-askpass1 >+ mv gnome-ssh-askpass1 gnome-ssh-askpass >+fi >+popd >+%endif >+ >+%install >+rm -rf $RPM_BUILD_ROOT >+mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh >+mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh >+mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd >+ >+make install DESTDIR=$RPM_BUILD_ROOT >+ >+install -d $RPM_BUILD_ROOT/etc/pam.d/ >+install -d $RPM_BUILD_ROOT/etc/rc.d/init.d >+install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh >+%if %{build6x} >+install -m644 contrib/redhat/sshd.pam.old $RPM_BUILD_ROOT/etc/pam.d/sshd >+%else >+install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd >+%endif >+install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd >+ >+%if ! %{no_x11_askpass} >+install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass >+ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass >+%endif >+ >+%if ! %{no_gnome_askpass} >+install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass >+%endif >+ >+%if ! %{scard} >+ rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin >+%endif >+ >+%if ! %{no_gnome_askpass} >+install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/ >+install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/ >+install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/ >+%endif >+ >+perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/* >+ >+%clean >+rm -rf $RPM_BUILD_ROOT >+ >+%triggerun server -- ssh-server >+if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then >+ touch /var/run/sshd.restart >+fi >+ >+%triggerun server -- openssh-server < 2.5.0p1 >+# Count the number of HostKey and HostDsaKey statements we have. >+gawk 'BEGIN {IGNORECASE=1} >+ /^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1} >+ END {exit sawhostkey}' /etc/ssh/sshd_config >+# And if we only found one, we know the client was relying on the old default >+# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't >+# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying >+# one nullifies the default, which would have loaded both. >+if [ $? -eq 1 ] ; then >+ echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config >+ echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config >+fi >+ >+%triggerpostun server -- ssh-server >+if [ "$1" != 0 ] ; then >+ /sbin/chkconfig --add sshd >+ if test -f /var/run/sshd.restart ; then >+ rm -f /var/run/sshd.restart >+ /sbin/service sshd start > /dev/null 2>&1 || : >+ fi >+fi >+ >+%pre server >+%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || : >+%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \ >+ -g sshd -M -r sshd 2>/dev/null || : >+ >+%post server >+/sbin/chkconfig --add sshd >+ >+%postun server >+/sbin/service sshd condrestart > /dev/null 2>&1 || : >+ >+%preun server >+if [ "$1" = 0 ] >+then >+ /sbin/service sshd stop > /dev/null 2>&1 || : >+ /sbin/chkconfig --del sshd >+fi >+ >+%files >+%defattr(-,root,root) >+%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* RFC* TODO WARNING* >+%attr(0755,root,root) %{_bindir}/scp >+%attr(0644,root,root) %{_mandir}/man1/scp.1* >+%attr(0755,root,root) %dir %{_sysconfdir}/ssh >+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli >+%if ! %{rescue} >+%attr(0755,root,root) %{_bindir}/ssh-keygen >+%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1* >+%attr(0755,root,root) %dir %{_libexecdir}/openssh >+%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign >+%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8* >+%endif >+%if %{scard} >+%attr(0755,root,root) %dir %{_datadir}/openssh >+%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin >+%endif >+ >+%files clients >+%defattr(-,root,root) >+%attr(0755,root,root) %{_bindir}/ssh >+%attr(0644,root,root) %{_mandir}/man1/ssh.1* >+%attr(0644,root,root) %{_mandir}/man5/ssh_config.5* >+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config >+%attr(-,root,root) %{_bindir}/slogin >+%attr(-,root,root) %{_mandir}/man1/slogin.1* >+%if ! %{rescue} >+%attr(2755,root,nobody) %{_bindir}/ssh-agent >+%attr(0755,root,root) %{_bindir}/ssh-add >+%attr(0755,root,root) %{_bindir}/ssh-keyscan >+%attr(0755,root,root) %{_bindir}/sftp >+%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1* >+%attr(0644,root,root) %{_mandir}/man1/ssh-add.1* >+%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1* >+%attr(0644,root,root) %{_mandir}/man1/sftp.1* >+%endif >+ >+%if ! %{rescue} >+%files server >+%defattr(-,root,root) >+%dir %attr(0111,root,root) %{_var}/empty/sshd >+%attr(0755,root,root) %{_sbindir}/sshd >+%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server >+%attr(0644,root,root) %{_mandir}/man8/sshd.8* >+%attr(0644,root,root) %{_mandir}/man5/sshd_config.5* >+%attr(0644,root,root) %{_mandir}/man8/sftp-server.8* >+%attr(0755,root,root) %dir %{_sysconfdir}/ssh >+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config >+%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd >+%attr(0755,root,root) %config /etc/rc.d/init.d/sshd >+%endif >+ >+%if ! %{no_x11_askpass} >+%files askpass >+%defattr(-,root,root) >+%doc x11-ssh-askpass-%{aversion}/README >+%doc x11-ssh-askpass-%{aversion}/ChangeLog >+%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad >+%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass >+%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass >+%endif >+ >+%if ! %{no_gnome_askpass} >+%files askpass-gnome >+%defattr(-,root,root) >+%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.* >+%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass >+%endif >+ >+%changelog >+* Thu Dec 18 2003 Jason McCormick <jason@devrandom.org> >+- Copied from contrib/redhat/openssh.spec. Changed location >+ of --with-kerberos5 to /usr since files were relocated in >+ Fedora Core 1 >+ >+* Mon Jun 2 2003 Damien Miller <djm@mindrot.org> >+- Remove noip6 option. This may be controlled at run-time in client config >+ file using new AddressFamily directive >+ >+* Mon May 12 2003 Damien Miller <djm@mindrot.org> >+- Don't install profile.d scripts when not building with GNOME/GTK askpass >+ (patch from bet@rahul.net) >+ >+* Wed Oct 01 2002 Damien Miller <djm@mindrot.org> >+- Install ssh-agent setgid nobody to prevent ptrace() key theft attacks >+ >+* Mon Sep 30 2002 Damien Miller <djm@mindrot.org> >+- Use contrib/ Makefile for building askpass programs >+ >+* Fri Jun 21 2002 Damien Miller <djm@mindrot.org> >+- Merge in spec changes from seba@iq.pl (Sebastian Pachuta) >+- Add new {ssh,sshd}_config.5 manpages >+- Add new ssh-keysign program and remove setuid from ssh client >+ >+* Fri May 10 2002 Damien Miller <djm@mindrot.org> >+- Merge in spec changes from RedHat, reorgansie a little >+- Add Privsep user, group and directory >+ >+* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-2 >+- bump and grind (through the build system) >+ >+* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-1 >+- require sharutils for building (mindrot #137) >+- require db1-devel only when building for 6.x (#55105), which probably won't >+ work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck >+- require pam-devel by file (not by package name) again >+- add Markus's patch to compile with OpenSSL 0.9.5a (from >+ http://bugzilla.mindrot.org/show_bug.cgi?id=141) and apply it if we're >+ building for 6.x >+ >+* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-0 >+- update to 3.1p1 >+ >+* Tue Mar 5 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020305 >+- update to SNAP-20020305 >+- drop debug patch, fixed upstream >+ >+* Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020220 >+- update to SNAP-20020220 for testing purposes (you've been warned, if there's >+ anything to be warned about, gss patches won't apply, I don't mind) >+ >+* Wed Feb 13 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-3 >+- add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key >+ exchange, authentication, and named key support >+ >+* Wed Jan 23 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-2 >+- remove dependency on db1-devel, which has just been swallowed up whole >+ by gnome-libs-devel >+ >+* Sun Dec 29 2001 Nalin Dahyabhai <nalin@redhat.com> >+- adjust build dependencies so that build6x actually works right (fix >+ from Hugo van der Kooij) >+ >+* Tue Dec 4 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-1 >+- update to 3.0.2p1 >+ >+* Fri Nov 16 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.1p1-1 >+- update to 3.0.1p1 >+ >+* Tue Nov 13 2001 Nalin Dahyabhai <nalin@redhat.com> >+- update to current CVS (not for use in distribution) >+ >+* Thu Nov 8 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0p1-1 >+- merge some of Damien Miller <djm@mindrot.org> changes from the upstream >+ 3.0p1 spec file and init script >+ >+* Wed Nov 7 2001 Nalin Dahyabhai <nalin@redhat.com> >+- update to 3.0p1 >+- update to x11-ssh-askpass 1.2.4.1 >+- change build dependency on a file from pam-devel to the pam-devel package >+- replace primes with moduli >+ >+* Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-9 >+- incorporate fix from Markus Friedl's advisory for IP-based authorization bugs >+ >+* Thu Sep 13 2001 Bernhard Rosenkraenzer <bero@redhat.com> 2.9p2-8 >+- Merge changes to rescue build from current sysadmin survival cd >+ >+* Thu Sep 6 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-7 >+- fix scp's server's reporting of file sizes, and build with the proper >+ preprocessor define to get large-file capable open(), stat(), etc. >+ (sftp has been doing this correctly all along) (#51827) >+- configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247) >+- pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298) >+- mark profile.d scriptlets as config files (#42337) >+- refer to Jason Stone's mail for zsh workaround for exit-hanging quasi-bug >+- change a couple of log() statements to debug() statements (#50751) >+- pull cvs patch to add -t flag to sshd (#28611) >+- clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221) >+ >+* Mon Aug 20 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-6 >+- add db1-devel as a BuildPrerequisite (noted by Hans Ecke) >+ >+* Thu Aug 16 2001 Nalin Dahyabhai <nalin@redhat.com> >+- pull cvs patch to fix remote port forwarding with protocol 2 >+ >+* Thu Aug 9 2001 Nalin Dahyabhai <nalin@redhat.com> >+- pull cvs patch to add session initialization to no-pty sessions >+- pull cvs patch to not cut off challengeresponse auth needlessly >+- refuse to do X11 forwarding if xauth isn't there, handy if you enable >+ it by default on a system that doesn't have X installed (#49263) >+ >+* Wed Aug 8 2001 Nalin Dahyabhai <nalin@redhat.com> >+- don't apply patches to code we don't intend to build (spotted by Matt Galgoci) >+ >+* Mon Aug 6 2001 Nalin Dahyabhai <nalin@redhat.com> >+- pass OPTIONS correctly to initlog (#50151) >+ >+* Wed Jul 25 2001 Nalin Dahyabhai <nalin@redhat.com> >+- switch to x11-ssh-askpass 1.2.2 >+ >+* Wed Jul 11 2001 Nalin Dahyabhai <nalin@redhat.com> >+- rebuild in new environment >+ >+* Mon Jun 25 2001 Nalin Dahyabhai <nalin@redhat.com> >+- disable the gssapi patch >+ >+* Mon Jun 18 2001 Nalin Dahyabhai <nalin@redhat.com> >+- update to 2.9p2 >+- refresh to a new version of the gssapi patch >+ >+* Thu Jun 7 2001 Nalin Dahyabhai <nalin@redhat.com> >+- change Copyright: BSD to License: BSD >+- add Markus Friedl's unverified patch for the cookie file deletion problem >+ so that we can verify it >+- drop patch to check if xauth is present (was folded into cookie patch) >+- don't apply gssapi patches for the errata candidate >+- clear supplemental groups list at startup >+ >+* Fri May 25 2001 Nalin Dahyabhai <nalin@redhat.com> >+- fix an error parsing the new default sshd_config >+- add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not >+ dealing with comments right >+ >+* Thu May 24 2001 Nalin Dahyabhai <nalin@redhat.com> >+- add in Simon Wilkinson's GSSAPI patch to give it some testing in-house, >+ to be removed before the next beta cycle because it's a big departure >+ from the upstream version >+ >+* Thu May 3 2001 Nalin Dahyabhai <nalin@redhat.com> >+- finish marking strings in the init script for translation >+- modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd >+ at startup (change merged from openssh.com init script, originally by >+ Pekka Savola) >+- refuse to do X11 forwarding if xauth isn't there, handy if you enable >+ it by default on a system that doesn't have X installed >+ >+* Wed May 2 2001 Nalin Dahyabhai <nalin@redhat.com> >+- update to 2.9 >+- drop various patches that came from or went upstream or to or from CVS >+ >+* Wed Apr 18 2001 Nalin Dahyabhai <nalin@redhat.com> >+- only require initscripts 5.00 on 6.2 (reported by Peter Bieringer) >+ >+* Sun Apr 8 2001 Preston Brown <pbrown@redhat.com> >+- remove explicit openssl requirement, fixes builddistro issue >+- make initscript stop() function wait until sshd really dead to avoid >+ races in condrestart >+ >+* Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com> >+- mention that challengereponse supports PAM, so disabling password doesn't >+ limit users to pubkey and rsa auth (#34378) >+- bypass the daemon() function in the init script and call initlog directly, >+ because daemon() won't start a daemon it detects is already running (like >+ open connections) >+- require the version of openssl we had when we were built >+ >+* Fri Mar 23 2001 Nalin Dahyabhai <nalin@redhat.com> >+- make do_pam_setcred() smart enough to know when to establish creds and >+ when to reinitialize them >+- add in a couple of other fixes from Damien for inclusion in the errata >+ >+* Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com> >+- update to 2.5.2p2 >+- call setcred() again after initgroups, because the "creds" could actually >+ be group memberships >+ >+* Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com> >+- update to 2.5.2p1 (includes endianness fixes in the rijndael implementation) >+- don't enable challenge-response by default until we find a way to not >+ have too many userauth requests (we may make up to six pubkey and up to >+ three password attempts as it is) >+- remove build dependency on rsh to match openssh.com's packages more closely >+ >+* Sat Mar 3 2001 Nalin Dahyabhai <nalin@redhat.com> >+- remove dependency on openssl -- would need to be too precise >+ >+* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com> >+- rebuild in new environment >+ >+* Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Revert the patch to move pam_open_session. >+- Init script and spec file changes from Pekka Savola. (#28750) >+- Patch sftp to recognize '-o protocol' arguments. (#29540) >+ >+* Thu Feb 22 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Chuck the closing patch. >+- Add a trigger to add host keys for protocol 2 to the config file, now that >+ configuration file syntax requires us to specify it with HostKey if we >+ specify any other HostKey values, which we do. >+ >+* Tue Feb 20 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Redo patch to move pam_open_session after the server setuid()s to the user. >+- Rework the nopam patch to use be picked up by autoconf. >+ >+* Mon Feb 19 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Update for 2.5.1p1. >+- Add init script mods from Pekka Savola. >+- Tweak the init script to match the CVS contrib script more closely. >+- Redo patch to ssh-add to try to adding both identity and id_dsa to also try >+ adding id_rsa. >+ >+* Fri Feb 16 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Update for 2.5.0p1. >+- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass >+- Resync with parts of Damien Miller's openssh.spec from CVS, including >+ update of x11 askpass to 1.2.0. >+- Only require openssl (don't prereq) because we generate keys in the init >+ script now. >+ >+* Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Don't open a PAM session until we've forked and become the user (#25690). >+- Apply Andrew Bartlett's patch for letting pam_authenticate() know which >+ host the user is attempting a login from. >+- Resync with parts of Damien Miller's openssh.spec from CVS. >+- Don't expose KbdInt responses in debug messages (from CVS). >+- Detect and handle errors in rsa_{public,private}_decrypt (from CVS). >+ >+* Wed Feb 7 2001 Trond Eivind Glomsrxd <teg@redhat.com> >+- i18n-tweak to initscript. >+ >+* Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com> >+- More gettextizing. >+- Close all files after going into daemon mode (needs more testing). >+- Extract patch from CVS to handle auth banners (in the client). >+- Extract patch from CVS to handle compat weirdness. >+ >+* Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Finish with the gettextizing. >+ >+* Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com> >+- Fix a bug in auth2-pam.c (#23877) >+- Gettextize the init script. >+ >+* Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Incorporate a switch for using PAM configs for 6.x, just in case. >+ >+* Tue Dec 5 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Incorporate Bero's changes for a build specifically for rescue CDs. >+ >+* Wed Nov 29 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Don't treat pam_setcred() failure as fatal unless pam_authenticate() has >+ succeeded, to allow public-key authentication after a failure with "none" >+ authentication. (#21268) >+ >+* Tue Nov 28 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to x11-askpass 1.1.1. (#21301) >+- Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290) >+ >+* Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Merge multiple PAM text messages into subsequent prompts when possible when >+ doing keyboard-interactive authentication. >+ >+* Sun Nov 26 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Disable the built-in MD5 password support. We're using PAM. >+- Take a crack at doing keyboard-interactive authentication with PAM, and >+ enable use of it in the default client configuration so that the client >+ will try it when the server disallows password authentication. >+- Build with debugging flags. Build root policies strip all binaries anyway. >+ >+* Tue Nov 21 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Use DESTDIR instead of %%makeinstall. >+- Remove /usr/X11R6/bin from the path-fixing patch. >+ >+* Mon Nov 20 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Add the primes file from the latest snapshot to the main package (#20884). >+- Add the dev package to the prereq list (#19984). >+- Remove the default path and mimic login's behavior in the server itself. >+ >+* Fri Nov 17 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Resync with conditional options in Damien Miller's .spec file for an errata. >+- Change libexecdir from %%{_libexecdir}/ssh to %%{_libexecdir}/openssh. >+ >+* Tue Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to OpenSSH 2.3.0p1. >+- Update to x11-askpass 1.1.0. >+- Enable keyboard-interactive authentication. >+ >+* Mon Oct 30 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to ssh-askpass-x11 1.0.3. >+- Change authentication related messages to be private (#19966). >+ >+* Tue Oct 10 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Patch ssh-keygen to be able to list signatures for DSA public key files >+ it generates. >+ >+* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always >+ build PAM authentication in. >+- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed. >+- Clean out no-longer-used patches. >+- Patch ssh-add to try to add both identity and id_dsa, and to error only >+ when neither exists. >+ >+* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update x11-askpass to 1.0.2. (#17835) >+- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will >+ always find them in the right place. (#17909) >+- Set the default path to be the same as the one supplied by /bin/login, but >+ add /usr/X11R6/bin. (#17909) >+- Try to handle obsoletion of ssh-server more cleanly. Package names >+ are different, but init script name isn't. (#17865) >+ >+* Wed Sep 6 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to 2.2.0p1. (#17835) >+- Tweak the init script to allow proper restarting. (#18023) >+ >+* Wed Aug 23 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to 20000823 snapshot. >+- Change subpackage requirements from %%{version} to %%{version}-%%{release} >+- Back out the pipe patch. >+ >+* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to 2.1.1p4, which includes fixes for config file parsing problems. >+- Move the init script back. >+- Add Damien's quick fix for wackiness. >+ >+* Wed Jul 12 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok(). >+ >+* Thu Jul 6 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Move condrestart to server postun. >+- Move key generation to init script. >+- Actually use the right patch for moving the key generation to the init script. >+- Clean up the init script a bit. >+ >+* Wed Jul 5 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Fix X11 forwarding, from mail post by Chan Shih-Ping Richard. >+ >+* Sun Jul 2 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to 2.1.1p2. >+- Use of strtok() considered harmful. >+ >+* Sat Jul 1 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Get the build root out of the man pages. >+ >+* Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Add and use condrestart support in the init script. >+- Add newer initscripts as a prereq. >+ >+* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Build in new environment (release 2) >+- Move -clients subpackage to Applications/Internet group >+ >+* Fri Jun 9 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Update to 2.2.1p1 >+ >+* Sat Jun 3 2000 Nalin Dahyabhai <nalin@redhat.com> >+- Patch to build with neither RSA nor RSAref. >+- Miscellaneous FHS-compliance tweaks. >+- Fix for possibly-compressed man pages. >+ >+* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au> >+- Updated for new location >+- Updated for new gnome-ssh-askpass build >+ >+* Sun Dec 26 1999 Damien Miller <djm@mindrot.org> >+- Added Jim Knoble's <jmknoble@pobox.com> askpass >+ >+* Mon Nov 15 1999 Damien Miller <djm@mindrot.org> >+- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com> >+ >+* Sat Nov 13 1999 Damien Miller <djm@mindrot.org> >+- Added 'Obsoletes' directives >+ >+* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au> >+- Use make install >+- Subpackages >+ >+* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au> >+- Added links for slogin >+- Fixed perms on manpages >+ >+* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au> >+- Renamed init script >+ >+* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au> >+- Back to old binary names >+ >+* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> >+- Use autoconf >+- New binary names >+ >+* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> >+- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. >+ >diff -urP contrib/fedora/sshd.init contrib/fedora/sshd.init >--- contrib/fedora/sshd.init 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/sshd.init 2003-12-18 14:59:00.000000000 -0500 >@@ -0,0 +1,154 @@ >+#!/bin/bash >+# >+# Init file for OpenSSH server daemon >+# >+# chkconfig: 2345 55 25 >+# description: OpenSSH server daemon >+# >+# processname: sshd >+# config: /etc/ssh/ssh_host_key >+# config: /etc/ssh/ssh_host_key.pub >+# config: /etc/ssh/ssh_random_seed >+# config: /etc/ssh/sshd_config >+# pidfile: /var/run/sshd.pid >+ >+# source function library >+. /etc/rc.d/init.d/functions >+ >+# pull in sysconfig settings >+[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd >+ >+RETVAL=0 >+prog="sshd" >+ >+# Some functions to make the below more readable >+KEYGEN=/usr/bin/ssh-keygen >+SSHD=/usr/sbin/sshd >+RSA1_KEY=/etc/ssh/ssh_host_key >+RSA_KEY=/etc/ssh/ssh_host_rsa_key >+DSA_KEY=/etc/ssh/ssh_host_dsa_key >+PID_FILE=/var/run/sshd.pid >+ >+do_rsa1_keygen() { >+ if [ ! -s $RSA1_KEY ]; then >+ echo -n $"Generating SSH1 RSA host key: " >+ if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then >+ chmod 600 $RSA1_KEY >+ chmod 644 $RSA1_KEY.pub >+ success $"RSA1 key generation" >+ echo >+ else >+ failure $"RSA1 key generation" >+ echo >+ exit 1 >+ fi >+ fi >+} >+ >+do_rsa_keygen() { >+ if [ ! -s $RSA_KEY ]; then >+ echo -n $"Generating SSH2 RSA host key: " >+ if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then >+ chmod 600 $RSA_KEY >+ chmod 644 $RSA_KEY.pub >+ success $"RSA key generation" >+ echo >+ else >+ failure $"RSA key generation" >+ echo >+ exit 1 >+ fi >+ fi >+} >+ >+do_dsa_keygen() { >+ if [ ! -s $DSA_KEY ]; then >+ echo -n $"Generating SSH2 DSA host key: " >+ if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then >+ chmod 600 $DSA_KEY >+ chmod 644 $DSA_KEY.pub >+ success $"DSA key generation" >+ echo >+ else >+ failure $"DSA key generation" >+ echo >+ exit 1 >+ fi >+ fi >+} >+ >+do_restart_sanity_check() >+{ >+ $SSHD -t >+ RETVAL=$? >+ if [ ! "$RETVAL" = 0 ]; then >+ failure $"Configuration file or keys are invalid" >+ echo >+ fi >+} >+ >+start() >+{ >+ # Create keys if necessary >+ do_rsa1_keygen >+ do_rsa_keygen >+ do_dsa_keygen >+ >+ echo -n $"Starting $prog:" >+ initlog -c "$SSHD $OPTIONS" && success || failure >+ RETVAL=$? >+ [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd >+ echo >+} >+ >+stop() >+{ >+ echo -n $"Stopping $prog:" >+ killproc $SSHD -TERM >+ RETVAL=$? >+ [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd >+ echo >+} >+ >+reload() >+{ >+ echo -n $"Reloading $prog:" >+ killproc $SSHD -HUP >+ RETVAL=$? >+ echo >+} >+ >+case "$1" in >+ start) >+ start >+ ;; >+ stop) >+ stop >+ ;; >+ restart) >+ stop >+ start >+ ;; >+ reload) >+ reload >+ ;; >+ condrestart) >+ if [ -f /var/lock/subsys/sshd ] ; then >+ do_restart_sanity_check >+ if [ "$RETVAL" = 0 ] ; then >+ stop >+ # avoid race >+ sleep 3 >+ start >+ fi >+ fi >+ ;; >+ status) >+ status $SSHD >+ RETVAL=$? >+ ;; >+ *) >+ echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" >+ RETVAL=1 >+esac >+exit $RETVAL >diff -urP contrib/fedora/sshd.init.old contrib/fedora/sshd.init.old >--- contrib/fedora/sshd.init.old 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/sshd.init.old 2003-12-18 14:59:00.000000000 -0500 >@@ -0,0 +1,172 @@ >+#!/bin/bash >+# >+# Init file for OpenSSH server daemon >+# >+# chkconfig: 2345 55 25 >+# description: OpenSSH server daemon >+# >+# processname: sshd >+# config: /etc/ssh/ssh_host_key >+# config: /etc/ssh/ssh_host_key.pub >+# config: /etc/ssh/ssh_random_seed >+# config: /etc/ssh/sshd_config >+# pidfile: /var/run/sshd.pid >+ >+# source function library >+. /etc/rc.d/init.d/functions >+ >+# pull in sysconfig settings >+[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd >+ >+RETVAL=0 >+prog="sshd" >+ >+# Some functions to make the below more readable >+KEYGEN=/usr/bin/ssh-keygen >+SSHD=/usr/sbin/sshd >+RSA1_KEY=/etc/ssh/ssh_host_key >+RSA_KEY=/etc/ssh/ssh_host_rsa_key >+DSA_KEY=/etc/ssh/ssh_host_dsa_key >+PID_FILE=/var/run/sshd.pid >+ >+my_success() { >+ local msg >+ if [ $# -gt 1 ]; then >+ msg="$2" >+ else >+ msg="done" >+ fi >+ case "`type -type success`" in >+ function) >+ success "$1" >+ ;; >+ *) >+ echo -n "${msg}" >+ ;; >+ esac >+} >+my_failure() { >+ local msg >+ if [ $# -gt 1 ]; then >+ msg="$2" >+ else >+ msg="FAILED" >+ fi >+ case "`type -type failure`" in >+ function) >+ failure "$1" >+ ;; >+ *) >+ echo -n "${msg}" >+ ;; >+ esac >+} >+do_rsa1_keygen() { >+ if [ ! -s $RSA1_KEY ]; then >+ echo -n "Generating SSH1 RSA host key: " >+ if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then >+ chmod 600 $RSA1_KEY >+ chmod 644 $RSA1_KEY.pub >+ my_success "RSA1 key generation" >+ echo >+ else >+ my_failure "RSA1 key generation" >+ echo >+ exit 1 >+ fi >+ fi >+} >+do_rsa_keygen() { >+ if [ ! -s $RSA_KEY ]; then >+ echo -n "Generating SSH2 RSA host key: " >+ if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then >+ chmod 600 $RSA_KEY >+ chmod 644 $RSA_KEY.pub >+ my_success "RSA key generation" >+ echo >+ else >+ my_failure "RSA key generation" >+ echo >+ exit 1 >+ fi >+ fi >+} >+do_dsa_keygen() { >+ if [ ! -s $DSA_KEY ]; then >+ echo -n "Generating SSH2 DSA host key: " >+ if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then >+ chmod 600 $DSA_KEY >+ chmod 644 $DSA_KEY.pub >+ my_success "DSA key generation" >+ echo >+ else >+ my_failure "DSA key generation" >+ echo >+ exit 1 >+ fi >+ fi >+} >+do_restart_sanity_check() { >+ $SSHD -t >+ RETVAL=$? >+ if [ ! "$RETVAL" = 0 ]; then >+ my_failure "Configuration file or keys" >+ echo >+ fi >+} >+ >+ >+case "$1" in >+ start) >+ # Create keys if necessary >+ do_rsa1_keygen; >+ do_rsa_keygen; >+ do_dsa_keygen; >+ >+ echo -n "Starting sshd: " >+ if [ ! -f $PID_FILE ] ; then >+ sshd $OPTIONS >+ RETVAL=$? >+ if [ "$RETVAL" = "0" ] ; then >+ my_success "sshd startup" "sshd" >+ touch /var/lock/subsys/sshd >+ else >+ my_failure "sshd startup" "" >+ fi >+ fi >+ echo >+ ;; >+ stop) >+ echo -n "Shutting down sshd: " >+ if [ -f $PID_FILE ] ; then >+ killproc sshd >+ RETVAL=$? >+ [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd >+ fi >+ echo >+ ;; >+ restart) >+ do_restart_sanity_check >+ $0 stop >+ $0 start >+ RETVAL=$? >+ ;; >+ condrestart) >+ if [ -f /var/lock/subsys/sshd ] ; then >+ do_restart_sanity_check >+ $0 stop >+ $0 start >+ RETVAL=$? >+ fi >+ ;; >+ status) >+ status sshd >+ RETVAL=$? >+ ;; >+ *) >+ echo "Usage: sshd {start|stop|restart|status|condrestart}" >+ exit 1 >+ ;; >+esac >+ >+exit $RETVAL >diff -urP contrib/fedora/sshd.pam contrib/fedora/sshd.pam >--- contrib/fedora/sshd.pam 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/sshd.pam 2003-12-18 14:59:00.000000000 -0500 >@@ -0,0 +1,8 @@ >+#%PAM-1.0 >+auth required /lib/security/pam_stack.so service=system-auth >+auth required /lib/security/pam_nologin.so >+account required /lib/security/pam_stack.so service=system-auth >+password required /lib/security/pam_stack.so service=system-auth >+session required /lib/security/pam_stack.so service=system-auth >+session required /lib/security/pam_limits.so >+session optional /lib/security/pam_console.so >diff -urP contrib/fedora/sshd.pam.old contrib/fedora/sshd.pam.old >--- contrib/fedora/sshd.pam.old 1969-12-31 19:00:00.000000000 -0500 >+++ contrib/fedora/sshd.pam.old 2003-12-18 14:59:00.000000000 -0500 >@@ -0,0 +1,8 @@ >+#%PAM-1.0 >+auth required /lib/security/pam_pwdb.so shadow nodelay >+auth required /lib/security/pam_nologin.so >+account required /lib/security/pam_pwdb.so >+password required /lib/security/pam_cracklib.so >+password required /lib/security/pam_pwdb.so shadow nullok use_authtok >+session required /lib/security/pam_pwdb.so >+session required /lib/security/pam_limits.so
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=515">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 776
:
515
|
533