[CVS] OpenPKG: openpkg-src/openssh openssh.spec

Sat, 06 Jul 2002 04:42:40 -0700 

  OpenPKG CVS Repository
  http://www.openpkg.org/cvsweb/cvsweb.cgi
  ____________________________________________________________________________

  Server: cvs.openpkg.org                  Name:   Ralf S. Engelschall
  Root:   /e/openpkg/cvs                   Email:  [EMAIL PROTECTED]
  Module: openpkg-src                      Date:   06-Jul-2002 14:03:10
  Branch: HEAD                             Handle: 2002070613031000

  Modified files:
    openpkg-src/openssh     openssh.spec

  Log:
    1. "ssh-keysign" has to be setuid root in order to allow "ssh" (which
       is not setuid root) to read the host keys (which are readable only
       by root) in SSH2 host based authentication.
    
    2. use an empty subdir for the priviledge separation and make only
       this one owned by root (as required by Linux)

  Summary:
    Revision    Changes     Path
    1.48        +6  -3      openpkg-src/openssh/openssh.spec
  ____________________________________________________________________________

  Index: openpkg-src/openssh/openssh.spec
  ============================================================
  $ cvs diff -u -r1.47 -r1.48 openssh.spec
  --- openpkg-src/openssh/openssh.spec  6 Jul 2002 11:51:19 -0000       1.47
  +++ openpkg-src/openssh/openssh.spec  6 Jul 2002 12:03:10 -0000       1.48
  @@ -158,7 +158,7 @@
             --with-mantype=man \
             --with-default-path=%{l_prefix}/bin:/bin:/usr/bin:/usr/local/bin \
             --with-privsep-user=%{l_nusr} \
  -          --with-privsep-path=%{l_prefix}/var/openssh
  +          --with-privsep-path=%{l_prefix}/var/openssh/empty
   
         #   build package
         %{l_make} %{l_mflags -O}
  @@ -184,7 +184,9 @@
           %{SOURCE ssh-askpass} $RPM_BUILD_ROOT%{l_prefix}/libexec/openssh/
   
       #   make sure the state directory exists
  -    %{l_shtool} mkdir -f -p -m 755 $RPM_BUILD_ROOT%{l_prefix}/var/openssh
  +    %{l_shtool} mkdir -f -p -m 755 \
  +         $RPM_BUILD_ROOT%{l_prefix}/var/openssh \
  +         $RPM_BUILD_ROOT%{l_prefix}/var/openssh/empty
   
       #   install addons
       %{l_shtool} install -c -m 755 -e 's;@l_prefix@;%{l_prefix};g' \
  @@ -210,7 +212,8 @@
       %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
           %{l_files_std} \
           '%config %{l_prefix}/etc/openssh/*' \
  -        '%dir %attr(700,root,root) %{l_prefix}/var/openssh'
  +        '%attr(4711,root,%{l_mgrp}) %{l_prefix}/libexec/openssh/ssh-keysign' \
  +        '%dir %attr(700,root,root) %{l_prefix}/var/openssh/empty'
   
   %files -f files
   
______________________________________________________________________
The OpenPKG Project                                    www.openpkg.org
CVS Repository Commit List                     [EMAIL PROTECTED]

Reply via email to