Separate ssh-keysign to a dedicated package
Resolves: RHEL-62112
This commit is contained in:
parent
07172f36c4
commit
2a4f84e7ce
12
openssh-9.9p1-separate-keysign.patch
Normal file
12
openssh-9.9p1-separate-keysign.patch
Normal file
@ -0,0 +1,12 @@
|
||||
diff -up openssh-9.9p1/ssh_config.5.xxx openssh-9.9p1/ssh_config.5
|
||||
--- openssh-9.9p1/ssh_config.5.xxx 2024-10-11 12:01:14.260566303 +0200
|
||||
+++ openssh-9.9p1/ssh_config.5 2024-10-11 12:01:59.725654775 +0200
|
||||
@@ -759,7 +759,7 @@ or
|
||||
This option should be placed in the non-hostspecific section.
|
||||
See
|
||||
.Xr ssh-keysign 8
|
||||
-for more information.
|
||||
+for more information. ssh-keysign should be installed explicitly.
|
||||
.It Cm EscapeChar
|
||||
Sets the escape character (default:
|
||||
.Ql ~ ) .
|
19
openssh.spec
19
openssh.spec
@ -195,6 +195,7 @@ Patch1012: openssh-9.0p1-evp-fips-kex.patch
|
||||
Patch1014: openssh-8.7p1-nohostsha1proof.patch
|
||||
|
||||
Patch1015: openssh-9.6p1-pam-rhost.patch
|
||||
Patch1016: openssh-9.9p1-separate-keysign.patch
|
||||
|
||||
License: BSD-3-Clause AND BSD-2-Clause AND ISC AND SSH-OpenSSH AND ssh-keyscan AND sprintf AND LicenseRef-Fedora-Public-Domain AND X11-distribute-modifications-variant
|
||||
Requires: /sbin/nologin
|
||||
@ -247,6 +248,10 @@ Summary: An open source SSH client applications
|
||||
Requires: openssh = %{version}-%{release}
|
||||
Requires: crypto-policies >= 20220824-1
|
||||
|
||||
%package keysign
|
||||
Summary: A helper program used for host-based authentication
|
||||
Requires: openssh = %{version}-%{release}
|
||||
|
||||
%package server
|
||||
Summary: An open source SSH server daemon
|
||||
Requires: openssh = %{version}-%{release}
|
||||
@ -286,6 +291,11 @@ OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. This package includes
|
||||
the clients necessary to make encrypted connections to SSH servers.
|
||||
|
||||
%description keysign
|
||||
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. ssh-keysign is a
|
||||
helper program used for host-based authentication disabled by default.
|
||||
|
||||
%description server
|
||||
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. This package contains
|
||||
@ -367,6 +377,7 @@ gpgv2 --quiet --keyring %{SOURCE3} %{SOURCE1} %{SOURCE0}
|
||||
%patch -P 1012 -p1 -b .evp-fips-dh
|
||||
%patch -P 1014 -p1 -b .nosha1hostproof
|
||||
%patch -P 1015 -p1 -b .pam-rhost
|
||||
%patch -P 1016 -p1 -b .sep-keysign
|
||||
|
||||
%patch -P 100 -p1 -b .coverity
|
||||
|
||||
@ -573,8 +584,6 @@ test -f %{sysconfig_anaconda} && \
|
||||
%attr(0755,root,root) %{_bindir}/ssh-keygen
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
|
||||
%attr(0755,root,root) %dir %{_libexecdir}/openssh
|
||||
%attr(4555,root,root) %{_libexecdir}/openssh/ssh-keysign
|
||||
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
|
||||
|
||||
%files clients
|
||||
%attr(0755,root,root) %{_bindir}/ssh
|
||||
@ -602,6 +611,10 @@ test -f %{sysconfig_anaconda} && \
|
||||
%attr(0644,root,root) %{_userunitdir}/ssh-agent.service
|
||||
%attr(0644,root,root) %{_userunitdir}/ssh-agent.socket
|
||||
|
||||
%files keysign
|
||||
%attr(4555,root,root) %{_libexecdir}/openssh/ssh-keysign
|
||||
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
|
||||
|
||||
%files server
|
||||
%dir %attr(0711,root,root) %{_datadir}/empty.sshd
|
||||
%attr(0755,root,root) %{_sbindir}/sshd
|
||||
@ -647,6 +660,8 @@ test -f %{sysconfig_anaconda} && \
|
||||
* Thu Oct 10 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.9p1-1
|
||||
- Update to OpenSSH 9.9p1
|
||||
Resolves: RHEL-60564
|
||||
- Separate ssh-keysign to a dedicated package
|
||||
Resolves: RHEL-62112
|
||||
|
||||
* Mon Sep 16 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.8p1-6
|
||||
- rebuilt
|
||||
|
Loading…
Reference in New Issue
Block a user