Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openssh for openSUSE:Factory checked in at 2022-05-01 18:53:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssh (Old) and /work/SRC/openSUSE:Factory/.openssh.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssh" Sun May 1 18:53:26 2022 rev:156 rq:973782 version:8.9p1 Changes: -------- --- /work/SRC/openSUSE:Factory/openssh/openssh.changes 2022-03-11 11:48:33.326793554 +0100 +++ /work/SRC/openSUSE:Factory/.openssh.new.1538/openssh.changes 2022-05-01 18:53:31.935159823 +0200 @@ -1,0 +2,6 @@ +Mon Mar 28 15:00:52 UTC 2022 - Ludwig Nussel <[email protected]> + +- read ssh and sshd config file also from /usr/etc +- add openssh-server-config-rootlogin subpackage that enabled PermitRootLogin + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssh.spec ++++++ --- /var/tmp/diff_new_pack.0tYjjW/_old 2022-05-01 18:53:32.855160677 +0200 +++ /var/tmp/diff_new_pack.0tYjjW/_new 2022-05-01 18:53:32.859160680 +0200 @@ -191,6 +191,17 @@ This package contains the Secure Shell daemon, which allows clients to securely connect to your server. +%package server-config-rootlogin +Summary: Config to permit root logins to sshd +Group: Productivity/Networking/SSH +Requires: %{name}-server = %{version}-%{release} + +%description server-config-rootlogin +The openssh-server package by default disallows password based +root logins. This package provides a config that does. It's useful +to temporarily have a password based login to be able to use +ssh-copy-id(1). + %package clients Summary: SSH (Secure Shell) client applications Group: Productivity/Networking/SSH @@ -321,10 +332,11 @@ sed -i -e s@%{_prefix}/libexec@%{_libexecdir}@g %{buildroot}%{_sysconfdir}/ssh/sshd_config # Move /etc to /usr/etc/ssh -mkdir -p %{buildroot}%{_distconfdir}/ssh +mkdir -p %{buildroot}%{_distconfdir}/ssh/ssh{,d}_config.d mv %{buildroot}%{_sysconfdir}/ssh/moduli %{buildroot}%{_distconfdir}/ssh/ mv %{buildroot}%{_sysconfdir}/ssh/ssh_config %{buildroot}%{_distconfdir}/ssh/ mv %{buildroot}%{_sysconfdir}/ssh/sshd_config %{buildroot}%{_distconfdir}/ssh/ +echo "PermitRootLogin yes" > %{buildroot}%{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf %if 0%{?suse_version} < 1550 # install firewall definitions @@ -419,6 +431,7 @@ %doc README.SUSE README.kerberos README.FIPS ChangeLog OVERVIEW README TODO CREDITS %attr(0755,root,root) %dir %{_sysconfdir}/ssh %attr(0755,root,root) %dir %{_distconfdir}/ssh +%attr(0755,root,root) %dir /usr/etc/ssh/ssh_config.d %attr(0600,root,root) %{_distconfdir}/ssh/moduli %attr(0444,root,root) %{_mandir}/man1/ssh-keygen.1* %attr(0444,root,root) %{_mandir}/man5/moduli.5* @@ -431,6 +444,7 @@ %dir %attr(0755,root,root) %{_localstatedir}/lib/sshd %dir %attr(0755,root,root) %{_sysconfdir}/ssh/sshd_config.d %attr(0755,root,root) %dir %{_distconfdir}/ssh +%attr(0755,root,root) %dir /usr/etc/ssh/sshd_config.d %attr(0640,root,root) %{_distconfdir}/ssh/sshd_config %if %{defined _distconfdir} %attr(0644,root,root) %{_distconfdir}/pam.d/sshd @@ -452,6 +466,9 @@ %config %{_fwdefdir}/sshd %endif +%files server-config-rootlogin +%{_distconfdir}/ssh/sshd_config.d/50-permit-root-login.conf + %files clients %dir %attr(0755,root,root) %{_sysconfdir}/ssh/ssh_config.d %attr(0644,root,root) %{_distconfdir}/ssh/ssh_config ++++++ openssh-8.4p1-ssh_config_d.patch ++++++ --- /var/tmp/diff_new_pack.0tYjjW/_old 2022-05-01 18:53:33.007160817 +0200 +++ /var/tmp/diff_new_pack.0tYjjW/_new 2022-05-01 18:53:33.011160821 +0200 @@ -1,33 +1,37 @@ -diff -ur openssh-8.4p1.orig/ssh_config openssh-8.4p1/ssh_config ---- openssh-8.4p1.orig/ssh_config 2021-01-27 14:43:22.698144889 +0100 -+++ openssh-8.4p1/ssh_config 2021-01-27 14:40:46.170143382 +0100 -@@ -17,6 +17,12 @@ +Index: openssh-8.9p1/ssh_config +=================================================================== +--- openssh-8.9p1.orig/ssh_config ++++ openssh-8.9p1/ssh_config +@@ -16,6 +16,13 @@ + # Site-wide defaults for some commonly used options. For a comprehensive # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. - ++Include /usr/etc/ssh/ssh_config.d/*.conf ++ +# To modify the system-wide ssh configuration, create a "*.conf" file under +# "/etc/ssh/ssh_config.d/" which will be automatically included below. +# Don't edit this configuration file itself if possible to avoid update +# problems. +Include /etc/ssh/ssh_config.d/*.conf -+ + Host * # ForwardAgent no - # ForwardX11 no -diff -ur openssh-8.4p1.orig/sshd_config openssh-8.4p1/sshd_config ---- openssh-8.4p1.orig/sshd_config 2020-09-27 09:25:01.000000000 +0200 -+++ openssh-8.4p1/sshd_config 2021-01-27 14:21:23.070132184 +0100 -@@ -10,6 +10,12 @@ +Index: openssh-8.9p1/sshd_config +=================================================================== +--- openssh-8.9p1.orig/sshd_config ++++ openssh-8.9p1/sshd_config +@@ -9,6 +9,13 @@ + # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. - ++Include /usr/etc/ssh/sshd_config.d/*.conf ++ +# To modify the system-wide sshd configuration, create a "*.conf" file under +# "/etc/ssh/sshd_config.d/" which will be automatically included below. +# Don't edit this configuration file itself if possible to avoid update +# problems. +Include /etc/ssh/sshd_config.d/*.conf -+ + #Port 22 #AddressFamily any - #ListenAddress 0.0.0.0
