Hello community, here is the log from the commit of package fonehome for openSUSE:Factory checked in at 2013-02-14 20:36:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fonehome (Old) and /work/SRC/openSUSE:Factory/.fonehome.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fonehome", Maintainer is "" Changes: -------- New Changes file: --- /dev/null 2013-02-09 11:18:20.872010756 +0100 +++ /work/SRC/openSUSE:Factory/.fonehome.new/fonehome.changes 2013-02-14 20:36:14.000000000 +0100 @@ -0,0 +1,42 @@ +------------------------------------------------------------------- +Tue Feb 12 21:23:40 UTC 2013 - arc...@dellroad.org + +- Move home directory to /var/lib/fonehome-sever +- Tighen security with no-pty and permitopen="0.0.0.0:9" +- Remove sshd_config mods from %post script + +------------------------------------------------------------------- +Wed Feb 6 14:23:35 UTC 2013 - arc...@dellroad.org + +- Remove unnecessary %clean + +------------------------------------------------------------------- +Wed Jan 23 15:09:08 UTC 2013 - arc...@dellroad.org + +- Install README, COPYING, and CHANGES file as %doc + +------------------------------------------------------------------- +Sat Jan 12 17:00:54 UTC 2013 - arc...@dellroad.org + +- Create %ghost files during %install + +------------------------------------------------------------------- +Thu Jan 3 22:24:19 UTC 2013 - arc...@dellroad.org + +- Update to release 1.0.21 + +------------------------------------------------------------------- +Wed Jan 2 23:39:12 UTC 2013 - arc...@dellroad.org + +- Update to release 1.0.15 + +------------------------------------------------------------------- +Fri Dec 21 22:06:17 UTC 2012 - arc...@dellroad.org + +- Add copyright notice to spec file + +------------------------------------------------------------------- +Tue Dec 27 20:14:42 UTC 2011 - arc...@dellroad.org + +- Initial release + New: ---- fonehome-1.0.21.tar.gz fonehome.changes fonehome.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fonehome.spec ++++++ # # spec file for package fonehome # # Copyright (c) 2012 Archie L. Cobbs <arc...@dellroad.org> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # client side %define clientdir %{_datadir}/%{name} %define scriptfile %{_bindir}/%{name} %define initfile %{_sysconfdir}/init.d/%{name} %define confdir %{_sysconfdir}/%{name} %define conffile %{confdir}/%{name}.conf %define keyfile %{confdir}/%{name}.key %define hostsfile %{confdir}/%{name}.hosts %define retrydelay 30 # server side %define username %{name} %define usergroup %{name} %define serverdir %{_var}/lib/%{name}-server %define portsfile %{_sysconfdir}/%{name}-ports.conf %define servprikey %{serverdir}/.ssh/id_rsa %define servpubkey %{servprikey}.pub %define authkeys %{serverdir}/.ssh/authorized_keys %define authkeys_comment restrict what %{username} user can do %define authkeys_options no-X11-forwarding,no-agent-forwarding,no-pty,permitopen="0.0.0.0:9",command="sleep 99999d" Name: fonehome Version: 1.0.21 Release: 1 Summary: Remote access to machines behind firewalls Group: System/Daemons License: Apache-2.0 BuildRoot: %{_tmppath}/%{name}-root Buildarch: noarch Source: %{name}-%{version}.tar.gz URL: http://code.google.com/p/%{name}/ Requires: openssh %description fonehome allows remote access to machines behind firewalls using SSH port forwarding. The fonehome client is a daemon that runs on remote client machines that are behind some firewall that you either do not control or do not want to reconfigure, but which does allow normal outgoing TCP connections. The clients use SSH to connect to a fonehome server to which you have direct access. The SSH connections include reverse-forwarded TCP ports which in turn allow you to connect back to the remote machine. This setup is useful in situations where you have several machines deployed in the field and want to maintain access to them from a central operations server. %prep %setup %build subst() { sed -r \ -e 's|@fonehomename@|%{name}|g' \ -e 's|@fonehomeuser@|%{username}|g' \ -e 's|@fonehomeconf@|%{conffile}|g' \ -e 's|@fonehomeports@|%{portsfile}|g' \ -e 's|@fonehomekey@|%{keyfile}|g' \ -e 's|@fonehomehosts@|%{hostsfile}|g' \ -e 's|@fonehomeretry@|%{retrydelay}|g' \ -e 's|@fonehomeinit@|%{initfile}|g' \ -e 's|@fonehomescript@|%{scriptfile}|g' } subst < src/conf/fonehome.conf.sample > fonehome.conf.sample subst < src/conf/fonehome-ports.conf.sample > fonehome-ports.conf.sample subst < src/scripts/fonehome-init.sh > fonehome-init subst < src/scripts/fonehome.sh > fonehome subst < src/scripts/fhshow.sh > fhshow subst < src/scripts/fhssh.sh > fhssh subst < src/man/fhssh.1 > fhssh.1 subst < src/man/fhscp.1 > fhscp.1 subst < src/man/fhshow.1 > fhshow.1 subst < src/man/fonehome.1 > fonehome.1 %install # init script install -d %{buildroot}%{_sysconfdir}/init.d install fonehome-init %{buildroot}%{initfile} install -d %{buildroot}%{_sbindir} ln -s %{initfile} %{buildroot}%{_sbindir}/rcfonehome # man pages install -d %{buildroot}%{_mandir}/man1 install *.1 %{buildroot}%{_mandir}/man1/ # docs install -d %{buildroot}%{_datadir}/doc/packages/%{name} install -d %{buildroot}%{_datadir}/doc/packages/%{name}-server install CHANGES README COPYING %{buildroot}%{_datadir}/doc/packages/%{name}/ install CHANGES README COPYING %{buildroot}%{_datadir}/doc/packages/%{name}-server/ # script files install -d %{buildroot}%{_bindir} install fonehome fhs{sh,how} %{buildroot}/%{_bindir}/ ln %{buildroot}/%{_bindir}/fhs{sh,cp} # config files install -d %{buildroot}%{confdir} install -d %{buildroot}%{clientdir} install fonehome.conf.sample %{buildroot}%{clientdir}/ install fonehome.conf.sample %{buildroot}%{conffile} install fonehome-ports.conf.sample %{buildroot}%{portsfile} # fonehome user install -d %{buildroot}%{serverdir}/.ssh # Create ghost files install /dev/null %{buildroot}%{hostsfile} install /dev/null %{buildroot}%{keyfile} install /dev/null %{buildroot}%{servprikey} install /dev/null %{buildroot}%{servpubkey} install /dev/null %{buildroot}%{authkeys} %preun %{stop_on_removal %{name}} %postun # No restart_on_update - don't kill the connection we are using to update this RPM with! %{insserv_cleanup} %files %defattr(644,root,root,755) %dir %attr(700,root,root) %{confdir} %config(noreplace) %{conffile} %ghost %attr(644,root,root) %{hostsfile} %ghost %attr(600,root,root) %{keyfile} %attr(755,root,root) %{initfile} %attr(755,root,root) %{scriptfile} %attr(755,root,root) %{_sbindir}/rcfonehome %doc %{_datadir}/doc/packages/%{name} %{_mandir}/man1/fonehome.1* %{clientdir} %package server Summary: Server for %{name} SSH connections Group: System/Daemons Requires(pre): pwdutils Requires(post): openssh %description server fonehome allows remote access to machines behind firewalls using SSH port forwarding. This package is installed on the machine that you want to be the fonehome server. %pre server # Create user and group if ! getent group '%{usergroup}' >/dev/null 2>&1; then groupadd -r '%{usergroup}' fi if ! id '%{username}' >/dev/null 2>&1; then useradd -r -p '*' -d '%{serverdir}' -g '%{usergroup}' -c 'Fonehome User' -s /bin/false '%{username}' fi %post server # Generate ssh key pair for user fonehome if ! [ -e %{servprikey} ]; then # Generate key echo "creating SSH public key pair for user '%{username}'" rm -f %{servpubkey} ssh-keygen -t rsa -N '' -C '%{username}' -f %{servprikey} chmod 600 %{servprikey} chmod 644 %{servpubkey} chown root:root %{servprikey} chown %{username}:%{usergroup} %{servpubkey} # Allow incoming ssh connections using key, but with lots of restrictions sed -r 's/^((ssh|ecdsa)-[^[:space:]]+[[:space:]].*)$/# %{authkeys_comment}\n%{authkeys_options} \1/g' \ < %{servpubkey}> %{authkeys} chmod 644 %{authkeys} chown %{username}:%{usergroup} %{authkeys} fi %files server %defattr(644,root,root,755) %{_mandir}/man1/fhssh.1* %{_mandir}/man1/fhscp.1* %{_mandir}/man1/fhshow.1* %doc %{_datadir}/doc/packages/%{name}-server %attr(755,root,root) %{_bindir}/fhshow %attr(755,root,root) %{_bindir}/fhssh %attr(755,root,root) %{_bindir}/fhscp %config(noreplace missingok) %{portsfile} %dir %attr(755,%{username},%{usergroup}) %{serverdir} %dir %attr(700,%{username},%{usergroup}) %{serverdir}/.ssh %ghost %verify(not size md5 mtime) %attr(600,root,root) %{servprikey} %ghost %verify(not size md5 mtime) %attr(644,%{username},%{usergroup}) %{servpubkey} %ghost %verify(not size md5 mtime) %attr(644,%{username},%{usergroup}) %{authkeys} -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org