diff options
| author | Nicolas Iooss | 2020-02-22 08:12:03 +0100 |
|---|---|---|
| committer | Nicolas Iooss | 2020-02-22 08:12:03 +0100 |
| commit | 3f14ccf71cf388f2518b9838623a791eb218b438 (patch) | |
| tree | dd0631c55a4b1d2a2b10397f012bf79031f9a51a | |
| parent | 5ebc0d15ee794876902d4589511ef846827cc6ec (diff) | |
| download | aur-3f14ccf71cf388f2518b9838623a791eb218b438.tar.gz | |
openssh-selinux 8.2p1-3 update
| -rw-r--r-- | .SRCINFO | 12 | ||||
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | PKGBUILD | 29 | ||||
| -rw-r--r-- | install | 12 |
4 files changed, 34 insertions, 20 deletions
@@ -1,7 +1,7 @@ pkgbase = openssh-selinux pkgdesc = Premier connectivity tool for remote login with the SSH protocol, with SELinux support pkgver = 8.2p1 - pkgrel = 1 + pkgrel = 3 url = https://www.openssh.com/portable.html install = install arch = x86_64 @@ -9,6 +9,7 @@ pkgbase = openssh-selinux license = custom:BSD makedepends = linux-headers makedepends = git + makedepends = libfido2 depends = krb5 depends = openssl depends = libedit @@ -16,20 +17,23 @@ pkgbase = openssh-selinux depends = libselinux optdepends = xorg-xauth: X11 forwarding optdepends = x11-ssh-askpass: input passphrase in X - provides = openssh=8.2p1-1 - provides = selinux-openssh=8.2p1-1 + optdepends = libfido2: FIDO/U2F support + provides = openssh=8.2p1-3 + provides = selinux-openssh=8.2p1-3 conflicts = openssh conflicts = selinux-openssh backup = etc/ssh/ssh_config backup = etc/ssh/sshd_config backup = etc/pam.d/sshd - source = git://anongit.mindrot.org/openssh.git?signed#tag=V_8_2_P1 + source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.2p1.tar.gz + source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.2p1.tar.gz.asc source = sshdgenkeys.service source = sshd.service source = sshd.conf source = sshd.pam source = glibc-2.31.patch validpgpkeys = 59C2118ED206D927E667EBE3D3E5F56B6D920D30 + sha256sums = 43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671 sha256sums = SKIP sha256sums = 4031577db6416fcbaacf8a26a024ecd3939e5c10fe6a86ee3f0eea5093d533b7 sha256sums = e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7 diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 5372489a586f..000000000000 --- a/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/openssh/ @@ -10,28 +10,30 @@ pkgname=openssh-selinux pkgver=8.2p1 -pkgrel=1 +pkgrel=3 pkgdesc='Premier connectivity tool for remote login with the SSH protocol, with SELinux support' url='https://www.openssh.com/portable.html' license=('custom:BSD') arch=('x86_64') -makedepends=('linux-headers' 'git') +makedepends=('linux-headers' 'git' 'libfido2') depends=('krb5' 'openssl' 'libedit' 'ldns' 'libselinux') optdepends=('xorg-xauth: X11 forwarding' - 'x11-ssh-askpass: input passphrase in X') + 'x11-ssh-askpass: input passphrase in X' + 'libfido2: FIDO/U2F support') conflicts=("${pkgname/-selinux}" "selinux-${pkgname/-selinux}") provides=("${pkgname/-selinux}=${pkgver}-${pkgrel}" "selinux-${pkgname/-selinux}=${pkgver}-${pkgrel}") groups=('selinux') validpgpkeys=('59C2118ED206D927E667EBE3D3E5F56B6D920D30') -#source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux}-${pkgver}.tar.gz"{,.asc} -source=("git://anongit.mindrot.org/openssh.git?signed#tag=V_8_2_P1" +#source=("git://anongit.mindrot.org/openssh.git?signed#tag=V_8_2_P1" +source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux}-${pkgver}.tar.gz"{,.asc} 'sshdgenkeys.service' 'sshd.service' 'sshd.conf' 'sshd.pam' 'glibc-2.31.patch') -sha256sums=('SKIP' +sha256sums=('43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671' + 'SKIP' '4031577db6416fcbaacf8a26a024ecd3939e5c10fe6a86ee3f0eea5093d533b7' 'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7' '4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6' @@ -43,15 +45,13 @@ backup=('etc/ssh/ssh_config' 'etc/ssh/sshd_config' 'etc/pam.d/sshd') install=install prepare() { -# cd "${srcdir}/${pkgname/-selinux}-${pkgver}" - cd "${srcdir}/${pkgname/-selinux}" - patch -p1 -i "${srcdir}/glibc-2.31.patch" + cd "${srcdir}/${pkgname/-selinux}-${pkgver}" + patch -p1 -i ../glibc-2.31.patch autoreconf } build() { -# cd "${srcdir}/${pkgname/-selinux}-${pkgver}" - cd "${srcdir}/${pkgname/-selinux}" + cd "${srcdir}/${pkgname/-selinux}-${pkgver}" ./configure \ --prefix=/usr \ @@ -61,6 +61,7 @@ build() { --disable-strip \ --with-ldns \ --with-libedit \ + --with-security-key-builtin \ --with-ssl-engine \ --with-pam \ --with-privsep-user=nobody \ @@ -75,8 +76,7 @@ build() { } check() { -# cd "${srcdir}/${pkgname/-selinux}-${pkgver}" - cd "${srcdir}/${pkgname/-selinux}" + cd "${srcdir}/${pkgname/-selinux}-${pkgver}" # Tests require openssh to be already installed system-wide, # also connectivity tests will fail under makechrootpkg since @@ -99,8 +99,7 @@ check() { } package() { -# cd "${srcdir}/${pkgname/-selinux}-${pkgver}" - cd "${srcdir}/${pkgname/-selinux}" + cd "${srcdir}/${pkgname/-selinux}-${pkgver}" make DESTDIR="${pkgdir}" install @@ -18,3 +18,15 @@ EOF fi fi } + +post_upgrade() { + if (( $(vercmp $2 8.2p1-3) < 0 )); then + if systemctl is-active sshd.service >/dev/null; then + cat <<EOF +==> After this upgrade, your existing SSH daemon may be unable to accept +==> new connections. To fix this, your SSH daemon will now be restarted. +EOF + systemctl restart sshd.service + fi + fi +} |