Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package fonehome for openSUSE:Factory
checked in at 2021-06-19 23:02:52
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/fonehome (Old)
and /work/SRC/openSUSE:Factory/.fonehome.new.2625 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fonehome"
Sat Jun 19 23:02:52 2021 rev:11 rq:900224 version:1.2.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/fonehome/fonehome.changes 2020-11-04
18:31:45.504232031 +0100
+++ /work/SRC/openSUSE:Factory/.fonehome.new.2625/fonehome.changes
2021-06-19 23:03:27.139709426 +0200
@@ -1,0 +2,7 @@
+Tue Jun 15 19:37:47 UTC 2021 - Archie Cobbs <archie.co...@gmail.com>
+
+- Upgrade to version 1.2.0
+ + Added bash(1) completion scripts for fhssh(1) and fhscp(1)
+ + Converted from /etc/init.d script to systemd unit file
+
+-------------------------------------------------------------------
Old:
----
fonehome-1.1.1.tar.gz
fonehome.service.in
New:
----
fonehome-1.2.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ fonehome.spec ++++++
--- /var/tmp/diff_new_pack.VNMzoN/_old 2021-06-19 23:03:27.547710055 +0200
+++ /var/tmp/diff_new_pack.VNMzoN/_new 2021-06-19 23:03:27.551710062 +0200
@@ -1,7 +1,7 @@
#
# spec file for package fonehome
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
# Copyright (c) 2012 Archie L. Cobbs <arc...@dellroad.org>
#
# All modifications and additions to the file contributed by third parties
@@ -20,8 +20,6 @@
# client side
%define clientdir %{_datadir}/%{name}
%define scriptfile %{_bindir}/%{name}
-%define systemdsvc %{_usr}/lib/systemd/system
-%define servicefile %{name}.service
%define confdir %{_sysconfdir}/%{name}
%define conffile %{confdir}/%{name}.conf
%define keyfile %{confdir}/%{name}.key
@@ -37,12 +35,14 @@
%define servprikey %{serverdir}/.ssh/id_rsa
%define servpubkey %{servprikey}.pub
%define authkeys %{serverdir}/.ssh/authorized_keys
+%define compldir %{_sysconfdir}/bash_completion.d
+%define complfile %{compldir}/fhssh.sh
%define authkeys_comment restrict what %{username} user can do
%define authkeys_options
no-X11-forwarding,no-agent-forwarding,no-pty,permitopen="0.0.0.0:9",command="sleep
99999d"
Name: fonehome
-Version: 1.1.1
+Version: 1.2.0
Release: 0
Summary: Remote access to machines behind firewalls
License: Apache-2.0
@@ -50,7 +50,6 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
Source: %{name}-%{version}.tar.gz
-Source1: %{servicefile}.in
URL: https://github.com/archiecobbs/%{name}/
Requires: bc
Requires: findutils
@@ -66,8 +65,9 @@
are behind some firewall that you either do not control or do not want
to reconfigure, but which does allow normal outgoing TCP connections. The
clients use SSH to connect to a fonehome server to which you have direct
-access. The SSH connections include reverse-forwarded TCP ports which
-in turn allow you to connect back to the remote machine.
+access. The SSH connections include reverse-forwarded TCP ports which in
+turn allow you to connect back to the remote machine using the included
+fhssh(1) and fhscp(1) utilities.
This setup is useful in situations where you have several machines
deployed in the field and want to maintain access to them from a central
@@ -87,27 +87,29 @@
-e 's|@fonehomekey@|%{keyfile}|g' \
-e 's|@fonehomehosts@|%{hostsfile}|g' \
-e 's|@fonehomeretry@|%{retrydelay}|g' \
- -e 's|@fonehomeinit@|%{initfile}|g' \
-e 's|@fonehomescript@|%{scriptfile}|g' \
-e 's|@fonehomelogfac@|%{syslogfac}|g'
}
-subst < %{_sourcedir}/%{servicefile}.in > %{servicefile}
subst < src/conf/fonehome.conf.sample > fonehome.conf.sample
subst < src/conf/fonehome-ports.conf.sample > fonehome-ports.conf.sample
subst < src/scripts/fonehome-init.sh > fonehome-init
subst < src/scripts/fonehome.sh > fonehome
subst < src/scripts/fhshow.sh > fhshow
subst < src/scripts/fhssh.sh > fhssh
+subst < src/scripts/bash-completion.sh > bash-completion
subst < src/man/fhssh.1 > fhssh.1
subst < src/man/fhscp.1 > fhscp.1
subst < src/man/fhshow.1 > fhshow.1
subst < src/man/fonehome.1 > fonehome.1
+subst < src/unit/fonehome.service > fonehome.service
%install
-# systemd service script
-install -d %{buildroot}%{systemdsvc}
-install %{servicefile} %{buildroot}%{systemdsvc}/
+# systemd unit
+install -d %{buildroot}%{_unitdir}
+install -D -m 0644 %{name}.service %{buildroot}%{_unitdir}/
+install -d %{buildroot}%{_sbindir}
+ln -sf service %{buildroot}%{_sbindir}/rc%{name}
# man pages
install -d %{buildroot}%{_mandir}/man1
@@ -131,6 +133,10 @@
install fonehome.conf.sample %{buildroot}%{conffile}
install fonehome-ports.conf.sample %{buildroot}%{portsfile}
+# bash completion
+install -d %{buildroot}%{compldir}
+install bash-completion %{buildroot}%{complfile}
+
# fonehome user
install -d %{buildroot}%{serverdir}/.ssh
@@ -141,29 +147,30 @@
install /dev/null %{buildroot}%{servpubkey}
install /dev/null %{buildroot}%{authkeys}
-%preun
-%service_del_preun %{name}.service
-
-%postun
-# No restart_on_update - don't kill the connection we might be using to update
this RPM with!
-%service_del_postun_without_restart %{name}.service
-
%pre
%service_add_pre %{name}.service
%post
%service_add_post %{name}.service
+%preun
+%service_del_preun %{name}.service
+
+%postun
+# Don't kill the connection we might be using to update this RPM with!
+%service_del_postun_without_restart %{name}.service
+
%files
%defattr(644,root,root,755)
%dir %attr(700,root,root) %{confdir}
%config(noreplace) %{conffile}
%ghost %attr(644,root,root) %{hostsfile}
%ghost %attr(600,root,root) %{keyfile}
-%{systemdsvc}/%{servicefile}
+%{_unitdir}/%{name}.service
%attr(755,root,root) %{scriptfile}
+%attr(755,root,root) %{_sbindir}/rc%{name}
%doc %{_datadir}/doc/packages/%{name}
-%{_mandir}/man1/fonehome.1*
+%{_mandir}/man1/%{name}.1*
%{clientdir}
%package server
@@ -171,6 +178,8 @@
Group: System/Daemons
Requires(pre): pwdutils
Requires(post): openssh
+Requires(post): sed
+Requires(post): util-linux
%description server
fonehome allows remote access to machines behind firewalls using SSH
@@ -192,20 +201,17 @@
# Generate ssh key pair for user fonehome
if ! [ -e %{servprikey} ]; then
+ # Run commands below with reduced privileges to avoid security race
conditions
+ RUN_FONEHOME='runuser -u %{username} -g %{usergroup} --'
+
# Generate key
echo "creating SSH public key pair for user '%{username}'"
- rm -f %{servpubkey}
- ssh-keygen -t rsa -N '' -C '%{username}' -f %{servprikey}
- chmod 600 %{servprikey}
- chmod 644 %{servpubkey}
- chown root:root %{servprikey}
- chown %{username}:%{usergroup} %{servpubkey}
+ ${RUN_FONEHOME} ssh-keygen -t rsa -N '' -C %{username} -f %{servprikey}
# Allow incoming ssh connections using key, but with lots of restrictions
- sed -r 's/^((ssh|ecdsa)-[^[:space:]]+[[:space:]].*)$/#
%{authkeys_comment}\n%{authkeys_options} \1/g' \
- < %{servpubkey}> %{authkeys}
- chmod 644 %{authkeys}
- chown %{username}:%{usergroup} %{authkeys}
+ ${RUN_FONEHOME} cat %{servpubkey} \
+ | ${RUN_FONEHOME} sed -r 's/^((ssh|ecdsa)-[^[:space:]]+[[:space:]].*)$/#
%{authkeys_comment}\n%{authkeys_options} \1/g' \
+ | ${RUN_FONEHOME} tee %{authkeys} >/dev/null
fi
%files server
@@ -217,10 +223,11 @@
%attr(755,root,root) %{_bindir}/fhshow
%attr(755,root,root) %{_bindir}/fhssh
%attr(755,root,root) %{_bindir}/fhscp
+%{complfile}
%config(noreplace missingok) %{portsfile}
%dir %attr(755,%{username},%{usergroup}) %{serverdir}
%dir %attr(700,%{username},%{usergroup}) %{serverdir}/.ssh
-%ghost %verify(not size md5 mtime) %attr(600,root,root) %{servprikey}
+%ghost %verify(not size md5 mtime) %attr(600,%{username},%{usergroup})
%{servprikey}
%ghost %verify(not size md5 mtime) %attr(644,%{username},%{usergroup})
%{servpubkey}
%ghost %verify(not size md5 mtime) %attr(644,%{username},%{usergroup})
%{authkeys}
++++++ fonehome-1.1.1.tar.gz -> fonehome-1.2.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/CHANGES new/fonehome-1.2.0/CHANGES
--- old/fonehome-1.1.1/CHANGES 2019-10-25 16:40:03.000000000 +0200
+++ new/fonehome-1.2.0/CHANGES 2021-06-15 21:35:24.437389705 +0200
@@ -1,3 +1,8 @@
+Version 1.2.0 Released June 15, 2021
+
+ - Added bash(1) completion scripts for fhssh(1) and fhscp(1)
+ - Converted from /etc/init.d script to systemd unit file
+
Version 1.1.1 Released October 25, 2019
- Filter zero bytes from /proc/X/cmdline to avoid bash warning
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/README new/fonehome-1.2.0/README
--- old/fonehome-1.1.1/README 2019-10-25 16:40:03.000000000 +0200
+++ new/fonehome-1.2.0/README 2021-06-15 21:35:24.437389705 +0200
@@ -8,7 +8,7 @@
normal outgoing TCP connections. It uses SSH to connect to a fonehome
server to which you have direct access. This SSH connection includes
reverse-forwarded TCP ports which in turn allow you to connect back to
-the remote machine.
+the remote machine using the included fhssh(1) and fhscp(1) utilities.
Instructions:
@@ -33,8 +33,8 @@
5. Enable and start the fonehome init service:
- $ chkconfig --add fonehome
- $ /etc/init.d/fonehome start
+ $ systemctl enable fonehome
+ $ systemctl start fonehome
If you keep /etc/fonehome-ports.conf up-to-date on the server,
then you may find the following utilities useful:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/README.md new/fonehome-1.2.0/README.md
--- old/fonehome-1.1.1/README.md 2019-10-25 16:40:03.000000000 +0200
+++ new/fonehome-1.2.0/README.md 2021-06-15 21:35:24.437389705 +0200
@@ -1,6 +1,6 @@
**fonehome** allows remote access to machines behind firewalls using SSH port
forwarding.
-The **fonehome client** is a daemon that runs on remote client machines that
are behind some firewall that you either do not control or do not want to
reconfigure, but which does allow normal outgoing TCP connections. The clients
use SSH to connect to a **fonehome server** to which you have direct access.
The SSH connections include reverse-forwarded TCP ports which in turn allow you
to connect back to the remote machine.
+The **fonehome client** is a daemon that runs on remote client machines that
are behind some firewall that you either do not control or do not want to
reconfigure, but which does allow normal outgoing TCP connections. The clients
use SSH to connect to a **fonehome server** to which you have direct access.
The SSH connections include reverse-forwarded TCP ports which in turn allow you
to connect back to the remote machine using the included `fhssh(1)` and
`fhscp(1)` utilities.
This setup is useful in situations where you have several machines deployed in
the field and want to maintain access to them from a central operations server.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/src/man/fonehome.1
new/fonehome-1.2.0/src/man/fonehome.1
--- old/fonehome-1.1.1/src/man/fonehome.1 2019-10-25 16:40:03.000000000
+0200
+++ new/fonehome-1.2.0/src/man/fonehome.1 2021-06-15 21:35:24.441389710
+0200
@@ -35,8 +35,9 @@
.Pp
Normally
.Nm
-is run as a daemon from
-.Pa @fonehomeinit@ .
+is run as a
+.Xr systemd 1
+service.
However, upon first installation (or whenever a server's host key changes),
a manual initialization step must be performed by running
.Nm
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/src/rpm/fonehome.spec
new/fonehome-1.2.0/src/rpm/fonehome.spec
--- old/fonehome-1.1.1/src/rpm/fonehome.spec 2019-10-25 16:40:03.000000000
+0200
+++ new/fonehome-1.2.0/src/rpm/fonehome.spec 2021-06-15 21:35:24.441389710
+0200
@@ -20,7 +20,6 @@
# client side
%define clientdir %{_datadir}/%{name}
%define scriptfile %{_bindir}/%{name}
-%define initfile %{_sysconfdir}/init.d/%{name}
%define confdir %{_sysconfdir}/%{name}
%define conffile %{confdir}/%{name}.conf
%define keyfile %{confdir}/%{name}.key
@@ -36,6 +35,8 @@
%define servprikey %{serverdir}/.ssh/id_rsa
%define servpubkey %{servprikey}.pub
%define authkeys %{serverdir}/.ssh/authorized_keys
+%define compldir %{_sysconfdir}/bash_completion.d
+%define complfile %{compldir}/fhssh.sh
%define authkeys_comment restrict what %{username} user can do
%define authkeys_options
no-X11-forwarding,no-agent-forwarding,no-pty,permitopen="0.0.0.0:9",command="sleep
99999d"
@@ -63,8 +64,9 @@
are behind some firewall that you either do not control or do not want
to reconfigure, but which does allow normal outgoing TCP connections. The
clients use SSH to connect to a fonehome server to which you have direct
-access. The SSH connections include reverse-forwarded TCP ports which
-in turn allow you to connect back to the remote machine.
+access. The SSH connections include reverse-forwarded TCP ports which in
+turn allow you to connect back to the remote machine using the included
+fhssh(1) and fhscp(1) utilities.
This setup is useful in situations where you have several machines
deployed in the field and want to maintain access to them from a central
@@ -84,7 +86,6 @@
-e 's|@fonehomekey@|%{keyfile}|g' \
-e 's|@fonehomehosts@|%{hostsfile}|g' \
-e 's|@fonehomeretry@|%{retrydelay}|g' \
- -e 's|@fonehomeinit@|%{initfile}|g' \
-e 's|@fonehomescript@|%{scriptfile}|g' \
-e 's|@fonehomelogfac@|%{syslogfac}|g'
}
@@ -94,18 +95,20 @@
subst < src/scripts/fonehome.sh > fonehome
subst < src/scripts/fhshow.sh > fhshow
subst < src/scripts/fhssh.sh > fhssh
+subst < src/scripts/bash-completion.sh > bash-completion
subst < src/man/fhssh.1 > fhssh.1
subst < src/man/fhscp.1 > fhscp.1
subst < src/man/fhshow.1 > fhshow.1
subst < src/man/fonehome.1 > fonehome.1
+subst < src/unit/fonehome.service > fonehome.service
%install
-# init script
-install -d %{buildroot}%{_sysconfdir}/init.d
-install fonehome-init %{buildroot}%{initfile}
+# systemd unit
+install -d %{buildroot}%{_unitdir}
+install -D -m 0644 %{name}.service %{buildroot}%{_unitdir}/
install -d %{buildroot}%{_sbindir}
-ln -s %{initfile} %{buildroot}%{_sbindir}/rcfonehome
+ln -sf service %{buildroot}%{_sbindir}/rc%{name}
# man pages
install -d %{buildroot}%{_mandir}/man1
@@ -129,6 +132,10 @@
install fonehome.conf.sample %{buildroot}%{conffile}
install fonehome-ports.conf.sample %{buildroot}%{portsfile}
+# bash completion
+install -d %{buildroot}%{compldir}
+install bash-completion %{buildroot}%{complfile}
+
# fonehome user
install -d %{buildroot}%{serverdir}/.ssh
@@ -139,12 +146,18 @@
install /dev/null %{buildroot}%{servpubkey}
install /dev/null %{buildroot}%{authkeys}
+%pre
+%service_add_pre %{name}.service
+
+%post
+%service_add_post %{name}.service
+
%preun
-%{stop_on_removal %{name}}
+%service_del_preun %{name}.service
%postun
-# No restart_on_update - don't kill the connection we are using to update this
RPM with!
-%{insserv_cleanup}
+# Don't kill the connection we might be using to update this RPM with!
+%service_del_postun_without_restart %{name}.service
%files
%defattr(644,root,root,755)
@@ -152,11 +165,11 @@
%config(noreplace) %{conffile}
%ghost %attr(644,root,root) %{hostsfile}
%ghost %attr(600,root,root) %{keyfile}
-%attr(755,root,root) %{initfile}
+%{_unitdir}/%{name}.service
%attr(755,root,root) %{scriptfile}
-%attr(755,root,root) %{_sbindir}/rcfonehome
+%attr(755,root,root) %{_sbindir}/rc%{name}
%doc %{_datadir}/doc/packages/%{name}
-%{_mandir}/man1/fonehome.1*
+%{_mandir}/man1/%{name}.1*
%{clientdir}
%package server
@@ -209,6 +222,7 @@
%attr(755,root,root) %{_bindir}/fhshow
%attr(755,root,root) %{_bindir}/fhssh
%attr(755,root,root) %{_bindir}/fhscp
+%{complfile}
%config(noreplace missingok) %{portsfile}
%dir %attr(755,%{username},%{usergroup}) %{serverdir}
%dir %attr(700,%{username},%{usergroup}) %{serverdir}/.ssh
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/src/scripts/bash-completion.sh
new/fonehome-1.2.0/src/scripts/bash-completion.sh
--- old/fonehome-1.1.1/src/scripts/bash-completion.sh 1970-01-01
01:00:00.000000000 +0100
+++ new/fonehome-1.2.0/src/scripts/bash-completion.sh 2021-06-15
21:35:24.441389710 +0200
@@ -0,0 +1,59 @@
+# fhssh(1)/fhscp(1) bash completion script
+
+_read_fonehome_hosts()
+{
+ if [ -r @fonehomeports@ ]; then
+ cat @fonehomeports@ \
+ | sed -rn 's/^[0-9]+[[:space:]]+([^[:space:]]+).*$/\1'"${1}"'/gp' \
+ | sort -u
+ fi
+}
+
+_fhssh()
+{
+ local cur="${COMP_WORDS[COMP_CWORD]}"
+ case "${COMP_CWORD}" in
+ 2)
+ COMPREPLY=( $( compgen -o default -c -- "${cur}" ) )
+ ;;
+ 1)
+ COMPREPLY=( $( compgen -o default -W "`_read_fonehome_hosts`" --
"${cur}" ) )
+ ;;
+ *)
+ COMPREPLY=()
+ ;;
+ esac
+}
+
+_fhscp()
+{
+ local cur="${COMP_WORDS[COMP_CWORD]}"
+ local hostpat='^('"`_read_fonehome_hosts | tr \\n \|`"'):'
+ case "${COMP_CWORD}" in
+ 2)
+ local prev="${COMP_WORDS[${COMP_CWORD} - 1]}"
+ if [[ "${prev}" =~ ${hostpat} ]]; then
+ COMPREPLY=()
+ else
+ compopt -o nospace
+ COMPREPLY=( $( compgen -W "`_read_fonehome_hosts :`" -- "${cur}" )
)
+ fi
+ ;;
+ 1)
+ if [[ "${cur}" =~ ${hostpat} ]]; then
+ COMPREPLY=()
+ elif ! [[ "${cur}" =~ / ]]; then
+ compopt -o nospace
+ COMPREPLY=( $( compgen -W "`_read_fonehome_hosts :`" -- "${cur}" )
)
+ else
+ COMPREPLY=()
+ fi
+ ;;
+ *)
+ COMPREPLY=()
+ ;;
+ esac
+}
+
+complete -F _fhssh -o default fhssh
+complete -F _fhscp -o default fhscp
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/src/unit/fonehome.service
new/fonehome-1.2.0/src/unit/fonehome.service
--- old/fonehome-1.1.1/src/unit/fonehome.service 1970-01-01
01:00:00.000000000 +0100
+++ new/fonehome-1.2.0/src/unit/fonehome.service 2021-06-15
21:35:24.441389710 +0200
@@ -0,0 +1,12 @@
+[Unit]
+Description=fonehome daemon
+Documentation=https://github.com/archiecobbs/fonehome
+After=network.target syslog.socket
+
+[Service]
+ExecStart=@fonehomescript@
+Restart=always
+RestartSec=30s
+
+[Install]
+WantedBy=multi-user.target
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/fonehome-1.1.1/version.properties
new/fonehome-1.2.0/version.properties
--- old/fonehome-1.1.1/version.properties 2019-10-25 16:40:03.000000000
+0200
+++ new/fonehome-1.2.0/version.properties 1970-01-01 01:00:00.000000000
+0100
@@ -1 +0,0 @@
-fonehome.version=1.1.1
\ No newline at end of file
