diff options
author | Nicolas Iooss | 2023-09-09 09:48:33 +0200 |
---|---|---|
committer | Nicolas Iooss | 2023-09-09 09:48:33 +0200 |
commit | f6c43edefaab4e11a8b07e038b7b85349661afa8 (patch) | |
tree | 6c6a31c33ca272c3d4eb9cebf62eb25e532cace2 | |
parent | dc0a2cb2952fa4397e132e6d3ec56484058edd09 (diff) | |
download | aur-f6c43edefaab4e11a8b07e038b7b85349661afa8.tar.gz |
openssh-selinux 9.4p1-3 update
-rw-r--r-- | .SRCINFO | 20 | ||||
-rw-r--r-- | 0001-Fix-zlib-version-check-for-1.3-and-future-version.patch | 23 | ||||
-rw-r--r-- | PKGBUILD | 26 | ||||
-rw-r--r-- | ssh-agent.service | 19 | ||||
-rw-r--r-- | ssh-agent.socket | 14 |
5 files changed, 62 insertions, 40 deletions
@@ -1,12 +1,15 @@ pkgbase = openssh-selinux pkgdesc = SSH protocol implementation for remote login, command execution and file transfer, with SELinux support pkgver = 9.4p1 - pkgrel = 2 + pkgrel = 3 url = https://www.openssh.com/portable.html arch = x86_64 arch = aarch64 groups = selinux - license = custom:BSD + license = BSD-2-Clause + license = BSD-3-Clause + license = ISC + license = MIT makedepends = libfido2 makedepends = linux-headers depends = glibc @@ -26,8 +29,8 @@ pkgbase = openssh-selinux optdepends = sh: for ssh-copy-id and findssl.sh optdepends = x11-ssh-askpass: input passphrase in X optdepends = xorg-xauth: X11 forwarding - provides = openssh=9.4p1-2 - provides = selinux-openssh=9.4p1-2 + provides = openssh=9.4p1-3 + provides = selinux-openssh=9.4p1-3 conflicts = openssh conflicts = selinux-openssh backup = etc/pam.d/sshd @@ -35,27 +38,30 @@ pkgbase = openssh-selinux backup = etc/ssh/sshd_config source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.4p1.tar.gz source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.4p1.tar.gz.asc - source = 0001-Fix-zlib-version-check-for-1.3-and-future-version.patch source = 00-archlinux.conf source = sshdgenkeys.service source = sshd.service + source = ssh-agent.service + source = ssh-agent.socket source = sshd.conf source = sshd.pam validpgpkeys = 7168B983815A5EEF59A4ADFD2A3F414E736060BA sha256sums = 3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85 sha256sums = SKIP - sha256sums = 937d7d028574a06823e7aa92499a679a826245b3118e8f7cd4141d8d06012727 sha256sums = 78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30 sha256sums = e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611 sha256sums = e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7 + sha256sums = 5a9594548928fce7e8fc707c3a3b45c560b7f16473bbf73a00357184fadca61b + sha256sums = d09197d3891555cbee379541ff8cc439a8456722f0e8cb131966d4d12b0f2c2c sha256sums = 76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327 sha256sums = 64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846 b2sums = d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53 b2sums = SKIP - b2sums = d41f1ecea7b4ebcfb3003826fb51c2a0c27178590c755a61752389606df35544284cb24ea8bf4fcb280eec4c6c5cb410662862b27af47f3aca63f7f638efcc9f b2sums = 1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97 b2sums = 09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50 b2sums = 07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e + b2sums = 3df44cc0a7baac8ad7606dd8a35b71f4ec0135f50e6432921f95d8be7db3d664ce6b3f59bedddd4bc132f47fb8d5f20cbc616717b76cc32ab6c0df179a3c4199 + b2sums = edf7d6eb62af51e46e2cd04c7545bf57c59629a947c434d5ad65c8f06c36562c2bb96404c615f1a8379d3ae1c4a9b7278d3c7899d2cb308d89425fe37b72db21 b2sums = a3fd8f00430168f03dcbc4a5768ed788dd43140e365a882b601510f53f69704da04f24660157bb8a43125f5389528993732d99569d77d5f3358074e7ae36d4ca b2sums = 557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930 diff --git a/0001-Fix-zlib-version-check-for-1.3-and-future-version.patch b/0001-Fix-zlib-version-check-for-1.3-and-future-version.patch deleted file mode 100644 index c86c68026533..000000000000 --- a/0001-Fix-zlib-version-check-for-1.3-and-future-version.patch +++ /dev/null @@ -1,23 +0,0 @@ -From cb4ed12ffc332d1f72d054ed92655b5f1c38f621 Mon Sep 17 00:00:00 2001 -From: Darren Tucker <dtucker@dtucker.net> -Date: Sat, 19 Aug 2023 07:39:08 +1000 -Subject: [PATCH] Fix zlib version check for 1.3 and future version. - -bz#3604. ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 07893e87065..e3128dfcbb4 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1464,7 +1464,7 @@ else - [[ - int a=0, b=0, c=0, d=0, n, v; - n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d); -- if (n != 3 && n != 4) -+ if (n < 1) - exit(1); - v = a*1000000 + b*10000 + c*100 + d; - fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v); @@ -12,11 +12,16 @@ pkgname=openssh-selinux pkgver=9.4p1 -pkgrel=2 +pkgrel=3 pkgdesc="SSH protocol implementation for remote login, command execution and file transfer, with SELinux support" arch=(x86_64 aarch64) url='https://www.openssh.com/portable.html' -license=(custom:BSD) +license=( + BSD-2-Clause + BSD-3-Clause + ISC + MIT +) depends=( glibc krb5 libkrb5.so libgssapi_krb5.so @@ -49,27 +54,30 @@ provides=("${pkgname/-selinux}=${pkgver}-${pkgrel}" groups=('selinux') source=( https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux}-${pkgver}.tar.gz{,.asc} - 0001-Fix-zlib-version-check-for-1.3-and-future-version.patch 00-archlinux.conf sshdgenkeys.service sshd.service + ssh-agent.service + ssh-agent.socket sshd.conf sshd.pam ) sha256sums=('3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85' 'SKIP' - '937d7d028574a06823e7aa92499a679a826245b3118e8f7cd4141d8d06012727' '78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30' 'e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611' 'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7' + '5a9594548928fce7e8fc707c3a3b45c560b7f16473bbf73a00357184fadca61b' + 'd09197d3891555cbee379541ff8cc439a8456722f0e8cb131966d4d12b0f2c2c' '76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327' '64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846') b2sums=('d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53' 'SKIP' - 'd41f1ecea7b4ebcfb3003826fb51c2a0c27178590c755a61752389606df35544284cb24ea8bf4fcb280eec4c6c5cb410662862b27af47f3aca63f7f638efcc9f' '1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97' '09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50' '07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e' + '3df44cc0a7baac8ad7606dd8a35b71f4ec0135f50e6432921f95d8be7db3d664ce6b3f59bedddd4bc132f47fb8d5f20cbc616717b76cc32ab6c0df179a3c4199' + 'edf7d6eb62af51e46e2cd04c7545bf57c59629a947c434d5ad65c8f06c36562c2bb96404c615f1a8379d3ae1c4a9b7278d3c7899d2cb308d89425fe37b72db21' 'a3fd8f00430168f03dcbc4a5768ed788dd43140e365a882b601510f53f69704da04f24660157bb8a43125f5389528993732d99569d77d5f3358074e7ae36d4ca' '557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930') validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA') # Damien Miller <djm@mindrot.org> @@ -85,11 +93,6 @@ prepare() { # prepend configuration option to include drop-in configuration files for ssh_config printf "# Include drop-in configurations\nInclude /etc/ssh/ssh_config.d/*.conf\n" | cat - ssh_config > ssh_config.tmp mv -v ssh_config.tmp ssh_config - - # Fix https://bugzilla.mindrot.org/show_bug.cgi?id=3604 - # by backporting https://github.com/openssh/openssh-portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621 - patch -Np1 < ../0001-Fix-zlib-version-check-for-1.3-and-future-version.patch - autoreconf -fiv } build() { @@ -109,6 +112,7 @@ build() { --with-xauth=/usr/bin/xauth --with-pid-dir=/run --with-default-path='/usr/local/sbin:/usr/local/bin:/usr/bin' + --without-zlib-version-check --with-selinux ) @@ -136,6 +140,8 @@ package() { install -Dm644 ../sshdgenkeys.service -t "$pkgdir"/usr/lib/systemd/system/ install -Dm644 ../sshd.service -t "$pkgdir"/usr/lib/systemd/system/ + install -Dm644 ../ssh-agent.service -t "$pkgdir"/usr/lib/systemd/user/ + install -Dm644 ../ssh-agent.socket -t "$pkgdir"/usr/lib/systemd/user/ install -Dm644 ../sshd.conf -t "$pkgdir"/usr/lib/tmpfiles.d/ install -Dm644 ../sshd.pam "$pkgdir"/etc/pam.d/sshd diff --git a/ssh-agent.service b/ssh-agent.service new file mode 100644 index 000000000000..812303cb4769 --- /dev/null +++ b/ssh-agent.service @@ -0,0 +1,19 @@ +# Requires SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/ssh-agent.socket" +# set in environment, handled for example in plasma via +# /etc/xdg/plasma-workspace/env/ssh-agent.sh +[Unit] +ConditionEnvironment=!SSH_AGENT_PID +Description=OpenSSH key agent +Documentation=man:ssh-agent(1) man:ssh-add(1) man:ssh(1) +Requires=ssh-agent.socket + +[Service] +Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket +ExecStartPre=/usr/bin/rm -f $SSH_AUTH_SOCK +ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK +PassEnvironment=SSH_AGENT_PID +SuccessExitStatus=2 +Type=simple + +[Install] +Also=ssh-agent.socket diff --git a/ssh-agent.socket b/ssh-agent.socket new file mode 100644 index 000000000000..d589cbc8ebb8 --- /dev/null +++ b/ssh-agent.socket @@ -0,0 +1,14 @@ +[Unit] +Description=OpenSSH key agent +Documentation=man:ssh-agent(1) man:ssh-add(1) man:ssh(1) + +[Socket] +ListenStream=%t/ssh-agent.socket +Service=ssh-agent.service +Priority=6 +Backlog=5 +SocketMode=0600 +DirectoryMode=0700 + +[Install] +WantedBy=sockets.target |