summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorNicolas Iooss2023-09-09 09:48:33 +0200
committerNicolas Iooss2023-09-09 09:48:33 +0200
commitf6c43edefaab4e11a8b07e038b7b85349661afa8 (patch)
tree6c6a31c33ca272c3d4eb9cebf62eb25e532cace2
parentdc0a2cb2952fa4397e132e6d3ec56484058edd09 (diff)
downloadaur-f6c43edefaab4e11a8b07e038b7b85349661afa8.tar.gz
openssh-selinux 9.4p1-3 update
Diffstat
-rw-r--r--.SRCINFO20
-rw-r--r--0001-Fix-zlib-version-check-for-1.3-and-future-version.patch23
-rw-r--r--PKGBUILD26
-rw-r--r--ssh-agent.service19
-rw-r--r--ssh-agent.socket14
5 files changed, 62 insertions, 40 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 78834acd16f0..9e2456327ab8 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,12 +1,15 @@
pkgbase = openssh-selinux
pkgdesc = SSH protocol implementation for remote login, command execution and file transfer, with SELinux support
pkgver = 9.4p1
- pkgrel = 2
+ pkgrel = 3
url = https://www.openssh.com/portable.html
arch = x86_64
arch = aarch64
groups = selinux
- license = custom:BSD
+ license = BSD-2-Clause
+ license = BSD-3-Clause
+ license = ISC
+ license = MIT
makedepends = libfido2
makedepends = linux-headers
depends = glibc
@@ -26,8 +29,8 @@ pkgbase = openssh-selinux
optdepends = sh: for ssh-copy-id and findssl.sh
optdepends = x11-ssh-askpass: input passphrase in X
optdepends = xorg-xauth: X11 forwarding
- provides = openssh=9.4p1-2
- provides = selinux-openssh=9.4p1-2
+ provides = openssh=9.4p1-3
+ provides = selinux-openssh=9.4p1-3
conflicts = openssh
conflicts = selinux-openssh
backup = etc/pam.d/sshd
@@ -35,27 +38,30 @@ pkgbase = openssh-selinux
backup = etc/ssh/sshd_config
source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.4p1.tar.gz
source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.4p1.tar.gz.asc
- source = 0001-Fix-zlib-version-check-for-1.3-and-future-version.patch
source = 00-archlinux.conf
source = sshdgenkeys.service
source = sshd.service
+ source = ssh-agent.service
+ source = ssh-agent.socket
source = sshd.conf
source = sshd.pam
validpgpkeys = 7168B983815A5EEF59A4ADFD2A3F414E736060BA
sha256sums = 3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85
sha256sums = SKIP
- sha256sums = 937d7d028574a06823e7aa92499a679a826245b3118e8f7cd4141d8d06012727
sha256sums = 78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30
sha256sums = e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611
sha256sums = e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7
+ sha256sums = 5a9594548928fce7e8fc707c3a3b45c560b7f16473bbf73a00357184fadca61b
+ sha256sums = d09197d3891555cbee379541ff8cc439a8456722f0e8cb131966d4d12b0f2c2c
sha256sums = 76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327
sha256sums = 64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846
b2sums = d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53
b2sums = SKIP
- b2sums = d41f1ecea7b4ebcfb3003826fb51c2a0c27178590c755a61752389606df35544284cb24ea8bf4fcb280eec4c6c5cb410662862b27af47f3aca63f7f638efcc9f
b2sums = 1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97
b2sums = 09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50
b2sums = 07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e
+ b2sums = 3df44cc0a7baac8ad7606dd8a35b71f4ec0135f50e6432921f95d8be7db3d664ce6b3f59bedddd4bc132f47fb8d5f20cbc616717b76cc32ab6c0df179a3c4199
+ b2sums = edf7d6eb62af51e46e2cd04c7545bf57c59629a947c434d5ad65c8f06c36562c2bb96404c615f1a8379d3ae1c4a9b7278d3c7899d2cb308d89425fe37b72db21
b2sums = a3fd8f00430168f03dcbc4a5768ed788dd43140e365a882b601510f53f69704da04f24660157bb8a43125f5389528993732d99569d77d5f3358074e7ae36d4ca
b2sums = 557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930
diff --git a/0001-Fix-zlib-version-check-for-1.3-and-future-version.patch b/0001-Fix-zlib-version-check-for-1.3-and-future-version.patch
deleted file mode 100644
index c86c68026533..000000000000
--- a/0001-Fix-zlib-version-check-for-1.3-and-future-version.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From cb4ed12ffc332d1f72d054ed92655b5f1c38f621 Mon Sep 17 00:00:00 2001
-From: Darren Tucker <dtucker@dtucker.net>
-Date: Sat, 19 Aug 2023 07:39:08 +1000
-Subject: [PATCH] Fix zlib version check for 1.3 and future version.
-
-bz#3604.
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index 07893e87065..e3128dfcbb4 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1464,7 +1464,7 @@ else
- [[
- int a=0, b=0, c=0, d=0, n, v;
- n = sscanf(ZLIB_VERSION, "%d.%d.%d.%d", &a, &b, &c, &d);
-- if (n != 3 && n != 4)
-+ if (n < 1)
- exit(1);
- v = a*1000000 + b*10000 + c*100 + d;
- fprintf(stderr, "found zlib version %s (%d)\n", ZLIB_VERSION, v);
diff --git a/PKGBUILD b/PKGBUILD
index 6a8664c35b91..d0dd25e3f6c1 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -12,11 +12,16 @@
pkgname=openssh-selinux
pkgver=9.4p1
-pkgrel=2
+pkgrel=3
pkgdesc="SSH protocol implementation for remote login, command execution and file transfer, with SELinux support"
arch=(x86_64 aarch64)
url='https://www.openssh.com/portable.html'
-license=(custom:BSD)
+license=(
+ BSD-2-Clause
+ BSD-3-Clause
+ ISC
+ MIT
+)
depends=(
glibc
krb5 libkrb5.so libgssapi_krb5.so
@@ -49,27 +54,30 @@ provides=("${pkgname/-selinux}=${pkgver}-${pkgrel}"
groups=('selinux')
source=(
https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname/-selinux}-${pkgver}.tar.gz{,.asc}
- 0001-Fix-zlib-version-check-for-1.3-and-future-version.patch
00-archlinux.conf
sshdgenkeys.service
sshd.service
+ ssh-agent.service
+ ssh-agent.socket
sshd.conf
sshd.pam
)
sha256sums=('3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85'
'SKIP'
- '937d7d028574a06823e7aa92499a679a826245b3118e8f7cd4141d8d06012727'
'78b806c38bc1e246daaa941bfe7880e6eb6f53f093bea5d5868525ae6d223d30'
'e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611'
'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7'
+ '5a9594548928fce7e8fc707c3a3b45c560b7f16473bbf73a00357184fadca61b'
+ 'd09197d3891555cbee379541ff8cc439a8456722f0e8cb131966d4d12b0f2c2c'
'76635a91526ce44571485e292e3a777ded6a439af78cb93514b999f91fb9b327'
'64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846')
b2sums=('d13d758129cce947d3f12edb6e88406aad10de6887b19ffa3ebd8e382b742a05f2a692a8824aec99939f6c7e13fbccc3bb14e5ee112f9a9255d4882eb87dcf53'
'SKIP'
- 'd41f1ecea7b4ebcfb3003826fb51c2a0c27178590c755a61752389606df35544284cb24ea8bf4fcb280eec4c6c5cb410662862b27af47f3aca63f7f638efcc9f'
'1ff8cd4ae22efed2b4260f1e518de919c4b290be4e0b5edbc8e2225ffe63788678d1961e6f863b85974c4697428ee827bcbabad371cfc91cc8b36eae9402eb97'
'09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50'
'07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e'
+ '3df44cc0a7baac8ad7606dd8a35b71f4ec0135f50e6432921f95d8be7db3d664ce6b3f59bedddd4bc132f47fb8d5f20cbc616717b76cc32ab6c0df179a3c4199'
+ 'edf7d6eb62af51e46e2cd04c7545bf57c59629a947c434d5ad65c8f06c36562c2bb96404c615f1a8379d3ae1c4a9b7278d3c7899d2cb308d89425fe37b72db21'
'a3fd8f00430168f03dcbc4a5768ed788dd43140e365a882b601510f53f69704da04f24660157bb8a43125f5389528993732d99569d77d5f3358074e7ae36d4ca'
'557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930')
validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA') # Damien Miller <djm@mindrot.org>
@@ -85,11 +93,6 @@ prepare() {
# prepend configuration option to include drop-in configuration files for ssh_config
printf "# Include drop-in configurations\nInclude /etc/ssh/ssh_config.d/*.conf\n" | cat - ssh_config > ssh_config.tmp
mv -v ssh_config.tmp ssh_config
-
- # Fix https://bugzilla.mindrot.org/show_bug.cgi?id=3604
- # by backporting https://github.com/openssh/openssh-portable/commit/cb4ed12ffc332d1f72d054ed92655b5f1c38f621
- patch -Np1 < ../0001-Fix-zlib-version-check-for-1.3-and-future-version.patch
- autoreconf -fiv
}
build() {
@@ -109,6 +112,7 @@ build() {
--with-xauth=/usr/bin/xauth
--with-pid-dir=/run
--with-default-path='/usr/local/sbin:/usr/local/bin:/usr/bin'
+ --without-zlib-version-check
--with-selinux
)
@@ -136,6 +140,8 @@ package() {
install -Dm644 ../sshdgenkeys.service -t "$pkgdir"/usr/lib/systemd/system/
install -Dm644 ../sshd.service -t "$pkgdir"/usr/lib/systemd/system/
+ install -Dm644 ../ssh-agent.service -t "$pkgdir"/usr/lib/systemd/user/
+ install -Dm644 ../ssh-agent.socket -t "$pkgdir"/usr/lib/systemd/user/
install -Dm644 ../sshd.conf -t "$pkgdir"/usr/lib/tmpfiles.d/
install -Dm644 ../sshd.pam "$pkgdir"/etc/pam.d/sshd
diff --git a/ssh-agent.service b/ssh-agent.service
new file mode 100644
index 000000000000..812303cb4769
--- /dev/null
+++ b/ssh-agent.service
@@ -0,0 +1,19 @@
+# Requires SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/ssh-agent.socket"
+# set in environment, handled for example in plasma via
+# /etc/xdg/plasma-workspace/env/ssh-agent.sh
+[Unit]
+ConditionEnvironment=!SSH_AGENT_PID
+Description=OpenSSH key agent
+Documentation=man:ssh-agent(1) man:ssh-add(1) man:ssh(1)
+Requires=ssh-agent.socket
+
+[Service]
+Environment=SSH_AUTH_SOCK=%t/ssh-agent.socket
+ExecStartPre=/usr/bin/rm -f $SSH_AUTH_SOCK
+ExecStart=/usr/bin/ssh-agent -D -a $SSH_AUTH_SOCK
+PassEnvironment=SSH_AGENT_PID
+SuccessExitStatus=2
+Type=simple
+
+[Install]
+Also=ssh-agent.socket
diff --git a/ssh-agent.socket b/ssh-agent.socket
new file mode 100644
index 000000000000..d589cbc8ebb8
--- /dev/null
+++ b/ssh-agent.socket
@@ -0,0 +1,14 @@
+[Unit]
+Description=OpenSSH key agent
+Documentation=man:ssh-agent(1) man:ssh-add(1) man:ssh(1)
+
+[Socket]
+ListenStream=%t/ssh-agent.socket
+Service=ssh-agent.service
+Priority=6
+Backlog=5
+SocketMode=0600
+DirectoryMode=0700
+
+[Install]
+WantedBy=sockets.target