ports/96625: [Update] security/openssh
Peter Thoenen
eol1 at yahoo.com
Mon May 1 20:10:07 UTC 2006
>Number: 96625
>Category: ports
>Synopsis: security/openssh
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Mon May 01 20:10:06 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Peter Thoenen <peter.thoenen at yahoo.com>
>Release: FreeBSD anglachel 6.1-RC FreeBSD 6.1-RC
>Organization:
>Environment:
>Description:
Included rc.d script never works for me. For some reason the port
installs the old style rc.local script and ignore the newer rc.subr one
(both are included though in the files subdir). Attached is a fix for this.
--0-1460702059-1146513787=:16375
Content-Type: text/plain; name="openssh.diff.txt"
Content-Description: 844809025-openssh.diff.txt
Content-Disposition: inline; filename="openssh.diff.txt"
diff -ruN openssh.orig/Makefile openssh/Makefile
--- openssh.orig/Makefile Thu Apr 27 17:14:32 2006
+++ openssh/Makefile Thu Apr 27 17:42:57 2006
@@ -7,7 +7,7 @@
PORTNAME= openssh
PORTVERSION= 3.6.1
-PORTREVISION= 5
+PORTREVISION= 6
CATEGORIES= security
MASTER_SITES= ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/ \
ftp://ftp.usa.openbsd.org/pub/OpenBSD/OpenSSH/ \
@@ -26,13 +26,19 @@
USE_OPENSSL= yes
WRKSRC= ${WRKDIR}/ssh
+USE_RC_SUBR= sshd
+
+OPTIONS= AFS "With AFC Support" off \
+ KERBEROS "With Kerberos Support" off \
+ SKEY "With SKEY Support" off
+
MAN1= scp.1 slogin.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 \
ssh-keyscan.1 sftp.1
MAN5= ssh_config.5 sshd_config.5
MAN8= sshd.8 sftp-server.8 ssh-keysign.8
MANCOMPRESSED= yes
-MODIFY= ssh.h sshd_config sshd.sh pathnames.h
+MODIFY= ssh.h sshd_config pathnames.h
FIXME= lib/Makefile scp/Makefile sftp/Makefile sftp-server/Makefile \
ssh/Makefile ssh-add/Makefile ssh-agent/Makefile \
ssh-keygen/Makefile ssh-keyscan/Makefile sshd/Makefile
@@ -63,11 +69,11 @@
MAKE_ENV+= TCP_WRAPPERS=no
.endif
-.if defined(AFS) && ${AFS} == YES
+.ifdef(WITH_AFS) && ${AFS} == YES
MAKE_ENV+= AFS=yes
.endif
-.if defined(KERBEROS) && ${KERBEROS} == YES
+.ifdef(WITH_KERBEROS) && ${KERBEROS} == YES
MAKE_ENV+= KERBEROS=yes
.endif
@@ -78,7 +84,7 @@
.endif
MAKE_ENV+= PAM=${PAM}
-.if defined(SKEY) && ${SKEY} == YES
+.ifdef(WITH_SKEY) && ${SKEY} == YES
SKEY_SUFFIX= -skey
MAKE_ENV+= SKEY=yes
.endif
@@ -89,7 +95,6 @@
PLIST_SUB+= EMPTYDIR=${EMPTYDIR}
post-extract:
- @${CP} ${FILESDIR}/sshd.sh ${WRKSRC}/
.for i in ${ADDLIB}
@${CP} ${FILESDIR}/${i} ${WRKSRC}/lib/
.endfor
@@ -157,7 +162,6 @@
@${ECHO_MSG} ">> Installing moduli."
${INSTALL_DATA} -c ${FILESDIR}/moduli ${ETCSSH}/moduli
.endif
- ${INSTALL_SCRIPT} ${WRKSRC}/sshd.sh ${PREFIX}/etc/rc.d/sshd.sh.sample
${INSTALL_DATA} -c ${WRKSRC}/ssh_config ${ETCSSH}/ssh_config-dist
${INSTALL_DATA} -c ${WRKSRC}/sshd_config ${ETCSSH}/sshd_config-dist
.if !exists(${ETCSSH}/ssh_config) && !exists(${ETCSSH}/sshd_config) \
diff -ruN openssh.orig/files/sshd.in openssh/files/sshd.in
--- openssh.orig/files/sshd.in Thu Jan 1 01:00:00 1970
+++ openssh/files/sshd.in Thu Apr 27 17:14:59 2006
@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# $FreeBSD:$
+#
+# PROVIDE: sshd
+# REQUIRE: NETWORKING SERVERS USR
+# BEFORE: LOGIN
+#
+# Add the following lines to /etc/rc.conf to enable sshd
+#
+# sshd_enable (bool): Set to "NO" by default
+# Set it to "YES" to enable sshd
+
+. /etc/rc.subr
+
+name="sshd"
+rcvar=${name}_enable
+
+load_rc_config ${name}
+
+: ${sshd_enable="NO"}
+: ${sshd_pidfile="/var/run/sshd.pid"}
+
+command="/usr/local/sbin/${name}"
+
+run_rc_command "$1"
+
diff -ruN openssh.orig/files/sshd.sh openssh/files/sshd.sh
--- openssh.orig/files/sshd.sh Thu Apr 27 17:14:32 2006
+++ openssh/files/sshd.sh Thu Jan 1 01:00:00 1970
@@ -1,24 +0,0 @@
-#!/bin/sh
-case "$1" in
-start)
- __PREFIX__/sbin/sshd
- echo -n ' sshd'
- ;;
-stop)
- if [ -f /var/run/sshd.pid ]; then
- kill -TERM `cat /var/run/sshd.pid`
- rm -f /var/run/sshd.pid
- echo -n ' sshd'
- fi
- ;;
-restart)
- if [ -f /var/run/sshd.pid ]; then
- kill -HUP `cat /var/run/sshd.pid`
- echo 'sshd restarted'
- fi
- ;;
-*)
- echo "Usage: ${0##*/}: { start | stop | restart }" >&2
- exit 64
- ;;
-esac
diff -ruN openssh.orig/files/sshd.sh.in openssh/files/sshd.sh.in
--- openssh.orig/files/sshd.sh.in Thu Apr 27 17:14:31 2006
+++ openssh/files/sshd.sh.in Thu Jan 1 01:00:00 1970
@@ -1,61 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD: ports/security/openssh/files/nagios.sh.in,v 1.2 2006/01/17 10:39:58 tdb Exp $
-#
-
-#
-# Add the following lines to /etc/rc.conf to enable openssh:
-# sshd_enable (bool): Set to "NO" by default.
-# Set it to "YES" to enable openssh.
-# sshd_flags (str): Set to "" by default.
-# sshd_configfile (str): Set to "%%PREFIX%%/etc/ssh/sshd_config" by default.
-#
-
-. %%RC_SUBR%%
-
-name="sshd"
-rcvar=`set_rcvar`
-
-if [ -z "${sshd_program}" ]; then
- command=${sshd_program}
-elif [ -x %%PREFIX%%/bin/sshd ]; then
- command="%%PREFIX%%/bin/sshd"
-else
- command="/usr/sbin/sshd"
-fi
-
-pidfile="/var/run/sshd.pid"
-
-start_precmd="start_precmd"
-stop_postcmd="stop_postcmd"
-restart_precmd="nagios_checkconfig"
-sig_reload=HUP
-
-[ -z "${sshd_enable}" ] && sshd_enable="NO"
-[ -z "${sshd_flags}" ] && sshd_flags=""
-[ -z "${sshd_configfile}" ] && sshd_configfile="%%PREFIX%%/etc/ssh/sshd_config"
-
-load_rc_config "${name}"
-
-required_files="${sshd_configfile}"
-command_args="${command_args} -f ${sshd_configfile}"
-
-sshd_checkconfig() {
- echo -n "Performing sanity check of sshd configuration: "
- ${command} -t -f ${sshd_configfile} 2>&1 >/dev/null
- if [ $? != 0 ]; then
- echo "FAILED"
- ${command} -t -f ${sshd_configfile}
- return 1
- else
- echo "OK"
- fi
-}
-
-start_precmd() {
- if ! sshd_checkconfig; then
- return 1
- fi
-}
-
-run_rc_command "$1"
diff -ruN openssh.orig/pkg-plist openssh/pkg-plist
--- openssh.orig/pkg-plist Thu Apr 27 17:14:32 2006
+++ openssh/pkg-plist Thu Apr 27 17:27:22 2006
@@ -6,7 +6,7 @@
bin/ssh-agent
bin/ssh-keygen
bin/ssh-keyscan
-etc/rc.d/sshd.sh.sample
+etc/rc.d/sshd
etc/ssh/moduli
@exec [ -f %D/etc/ssh_config ] && [ ! -f %D/etc/ssh/ssh_config ] && ln %D/etc/ssh_config %D/etc/ssh/ssh_config
@exec [ -f %D/etc/sshd_config ] && [ ! -f %D/etc/ssh/sshd_config ] && ln %D/etc/sshd_config %D/etc/ssh/sshd_config
--0-1460702059-1146513787=:16375--
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
--0-1460702059-1146513787=:16375
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Content-Id:
Content-Disposition: inline
More information about the freebsd-ports-bugs
mailing list