David Runge pushed to branch main at Arch Linux / Packaging / Packages / openssh
Commits: b29d3606 by David Runge at 2023-08-11T10:27:10+02:00 Remove unneeded (and variable) first line in sshd_config and ssh_config - - - - - 1d834b1f by David Runge at 2023-08-11T10:32:52+02:00 Allow inclusion of drop-ins for sshd_config from /etc/ssh/sshd_config.d Inclusion of configuration drop-ins has to happen at the beginning of /etc/ssh/sshd_config, as the parsing algorithm uses the first found value. Instead of patching /etc/ssh/sshd_config to set distribution defaults, provide the drop-in 00-archlinux.conf which sets the relevant defaults. - - - - - dd100497 by David Runge at 2023-08-11T10:34:29+02:00 Allow inclusion of drop-ins for ssh_config from /etc/ssh/ssh_config.d - - - - - 4 changed files: - + 00-archlinux.conf - PKGBUILD - − openssh-9.0p1-sshd_config.patch - sshd.conf Changes: ===================================== 00-archlinux.conf ===================================== @@ -0,0 +1,4 @@ +# sshd_config defaults on Arch Linux +KbdInteractiveAuthentication no +UsePAM yes +PrintMotd no ===================================== PKGBUILD ===================================== @@ -38,7 +38,7 @@ backup=( ) source=( https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$pkgname-$pkgver.tar.gz{,.asc} - $pkgname-9.0p1-sshd_config.patch + 00-archlinux.conf sshdgenkeys.service sshd.service sshd.conf @@ -46,22 +46,31 @@ source=( ) sha256sums=('3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85' 'SKIP' - '27e43dfd1506c8a821ec8186bae65f2dc43ca038616d6de59f322bd14aa9d07f' + '78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30' 'e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611' 'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7' - '4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6' + '76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327' '64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846') b2sums=('d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53' 'SKIP' - '29e1a1c2744e0234830c6f93a46338ea8dc943370e20a24883d207d611025e54643da678f2826050c073a36be48dfdc7329d4cfb144c2ff90607a5f10f73dc59' + '1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97' '09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50' '07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e' - '27571f728c3c10834a81652f3917188436474b588f8b047462e44b6c7a424f60d06ce8cb74839b691870177d7261592207d7f35d4ae6c79af87d6a7ea156d395' + 'a3fd8f00430168f03dcbc4a5768ed788dd43140e365a882b601510f53f69704da04f24660157bb8a43125f5389528993732d99569d77d5f3358074e7ae36d4ca' '557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930') validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA') # Damien Miller <[email protected]> prepare() { - patch -Np1 -d $pkgname-$pkgver -i ../$pkgname-9.0p1-sshd_config.patch + cd $pkgname-$pkgver + # remove variable (but useless) first line in config (related to upstream VCS) + sed '/^#.*\$.*\$$/d' -i ssh{,d}_config + + # prepend configuration option to include drop-in configuration files for sshd_config + printf "# Include drop-in configurations\nInclude /etc/ssh/sshd_config.d/*.conf\n" | cat - sshd_config > sshd_config.tmp + mv -v sshd_config.tmp sshd_config + # prepend configuration option to include drop-in configuration files for ssh_config + printf "# Include drop-in configurations\nInclude /etc/ssh/ssh_config.d/*.conf\n" | cat - ssh_config > ssh_config.tmp + mv -v ssh_config.tmp ssh_config } build() { @@ -99,6 +108,9 @@ package() { make DESTDIR="$pkgdir" install + install -vDm 644 ../00-archlinux.conf -t "$pkgdir/etc/ssh/sshd_config.d/" + install -vdm 755 "$pkgdir/etc/ssh/ssh_config.d" + ln -sf ssh.1.gz "$pkgdir"/usr/share/man/man1/slogin.1.gz install -Dm644 LICENCE -t "$pkgdir/usr/share/licenses/$pkgname/" ===================================== openssh-9.0p1-sshd_config.patch deleted ===================================== @@ -1,30 +0,0 @@ -diff -ruN a/sshd_config b/sshd_config ---- a/sshd_config 2022-04-06 02:47:48.000000000 +0200 -+++ b/sshd_config 2022-10-10 19:55:58.961117951 +0200 -@@ -58,7 +58,7 @@ - #PermitEmptyPasswords no - - # Change to no to disable s/key passwords --#KbdInteractiveAuthentication yes -+KbdInteractiveAuthentication no - - # Kerberos options - #KerberosAuthentication no -@@ -79,7 +79,7 @@ - # If you just want the PAM account and session checks to run without - # PAM authentication, then enable this but set PasswordAuthentication - # and KbdInteractiveAuthentication to 'no'. --#UsePAM no -+UsePAM yes - - #AllowAgentForwarding yes - #AllowTcpForwarding yes -@@ -88,7 +88,7 @@ - #X11DisplayOffset 10 - #X11UseLocalhost yes - #PermitTTY yes --#PrintMotd yes -+PrintMotd no - #PrintLastLog yes - #TCPKeepAlive yes - #PermitUserEnvironment no ===================================== sshd.conf ===================================== @@ -1 +1,3 @@ d /var/empty 0755 root root +d /etc/ssh/sshd_config.d 0755 root root +d /etc/ssh/ssh_config.d 0755 root root View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/openssh/-/compare/237825e6afd0e4fbd45f719df3caa1c55f88e433...dd1004979e221b1d0894ec635c9848e6d433937f -- View it on GitLab: https://gitlab.archlinux.org/archlinux/packaging/packages/openssh/-/compare/237825e6afd0e4fbd45f719df3caa1c55f88e433...dd1004979e221b1d0894ec635c9848e6d433937f You're receiving this email because of your account on gitlab.archlinux.org.
