install systemd files in %_libdir

add privillage seperation directory files

Change-Id: Ic47dfc7d498b4f0799d1967ecb18ec407e4936a5

diff --git a/packaging/openssh.changes b/packaging/openssh.changes
index a1dbf82..88e439c 100644 (file)
--- a/packaging/openssh.changes
+++ b/packaging/openssh.changes
@@ -1,22 +1,28 @@
-* Tue Jun 26 2012 Prajwal Mohan <prajwal.karur.mohan@intel.com>
-- Removing the dependency on useradd temporarily 
+* Mon Jul 02 2012 Anas Nashif <anas.nashif@intel.com> 20120626.1@6949823
+- add privillage seperation directory files
 
-* Mon Jun 25 2012 Anas Nashif <anas.nashif@intel.com> 5ce6cbf
+* Sun Jul 01 2012 Anas Nashif <anas.nashif@intel.com> 20120626.1@896f8b7
+- install systemd files in %_libdir
+
+* Tue Jun 26 2012 Prajwal Mohan <prajwal.karur.mohan@intel.com> 20120626.1@93c05e9
+- Removing the dependency on useradd temporarily
+
+* Mon Jun 25 2012 Anas Nashif <anas.nashif@intel.com> 20120626.1@4bfbbe3
 - Update to 5.6p1
 
-* Tue Jun 12 2012 Chengwei Yang <chengwei.yang@intel.com> c930434
+* Tue Jun 12 2012 Chengwei Yang <chengwei.yang@intel.com> 20120626.1@c930434
 - fix build failure
 
-* Fri Jun 01 2012 Anas Nashif <anas.nashif@intel.com> e43f12c
+* Fri Jun 01 2012 Anas Nashif <anas.nashif@intel.com> 20120626.1@e43f12c
 - DO NOT create host keys in %post
 
-* Wed May 30 2012 Ryan Ware <ryan.r.ware@intel.com> 3a23953
+* Wed May 30 2012 Ryan Ware <ryan.r.ware@intel.com> 20120626.1@3a23953
 - Add default Smack manifest for openssh.spec
 
-* Sun Apr 29 2012 Kim Kibum <kb0929.kim@samsung.com> 9d488d7
+* Sun Apr 29 2012 Kim Kibum <kb0929.kim@samsung.com> 20120626.1@9d488d7
 - upload tizen1.0 source
 
-* Fri Jan 06 2012 Kibum Kim <kb0929.kim@samsung.com> 5c170d0
+* Fri Jan 06 2012 Kibum Kim <kb0929.kim@samsung.com> 20120626.1@5c170d0
 - Git init
 [ Eunkyoung Kim ]
 - Initial empty repository

diff --git a/packaging/openssh.spec b/packaging/openssh.spec
index 5cbd379..f079787 100644 (file)
--- a/packaging/openssh.spec
+++ b/packaging/openssh.spec
@@ -10,8 +10,8 @@ Source1:        openssh-nukeacss.sh
 Source4:        sshd.service
 Source5:        sshd@.service
 Source6:        sshd.socket
-Source7:        sshd-keys.service
-Source8:        sshd-hostkeys
+Source7:        sshd-keygen.service
+Source8:        sshd-keygen
 Source1001:     openssh.manifest
 
 Patch0:         0001-customize-configuration.patch
@@ -44,7 +44,6 @@ Requires:       openssh = %{version}
 Summary:        The OpenSSH server daemon
 Group:          System/Daemons
 Requires:       openssh = %{version}
-#Requires(pre): /usr/sbin/useradd
 
 
 %description
@@ -120,31 +119,45 @@ install -d %{buildroot}%{_libexecdir}/openssh
 install -m755 contrib/ssh-copy-id %{buildroot}%{_bindir}/
 
 # systemd integration
-install -D -m 0644 %{SOURCE4} %{buildroot}/%{_lib}/systemd/system/sshd.service
-install -D -m 0644 %{SOURCE5} %{buildroot}/%{_lib}/systemd/system/sshd@.service
-install -D -m 0644 %{SOURCE6} %{buildroot}/%{_lib}/systemd/system/sshd.socket
-install -D -m 0644 %{SOURCE7} %{buildroot}/%{_lib}/systemd/system/sshd-keys.service
-mkdir -p %{buildroot}/%{_lib}/systemd/system/multi-user.target.wants
-ln -s ../sshd.socket %{buildroot}/%{_lib}/systemd/system/multi-user.target.wants/sshd.socket
-install -D -m 0755 %{SOURCE8} %{buildroot}%{_sbindir}/sshd-hostkeys
-mkdir -p %{buildroot}/%{_lib}/systemd/system/multi-user.target.wants
-ln -s ../sshd-keys.service %{buildroot}/%{_lib}/systemd/system/multi-user.target.wants/sshd-keys.service
+install -D -m 0644 %{SOURCE4} %{buildroot}/%{_libdir}/systemd/system/sshd.service
+install -D -m 0644 %{SOURCE5} %{buildroot}/%{_libdir}/systemd/system/sshd@.service
+install -D -m 0644 %{SOURCE6} %{buildroot}/%{_libdir}/systemd/system/sshd.socket
+install -D -m 0644 %{SOURCE7} %{buildroot}/%{_libdir}/systemd/system/sshd-keygen.service
+mkdir -p %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants
+ln -s ../sshd.socket %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants/sshd.socket
+install -D -m 0755 %{SOURCE8} %{buildroot}%{_sbindir}/sshd-keygen
+mkdir -p %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants
+ln -s ../sshd-keygen.service %{buildroot}/%{_libdir}/systemd/system/multi-user.target.wants/sshd-keygen.service
 
 rm -f %{buildroot}%{_sysconfdir}/profile.d/gnome-ssh-askpass.*
 
+mkdir -p %{buildroot}/var/empty/sshd
+
 %remove_docs
 
 rm -rf %{buildroot}%{_datadir}/man
 
-%triggerun server -- ssh-server
-if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
-       touch /var/run/sshd.restart
+
+%post server
+if [ $1 -eq 1 ] ; then
+    /usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+    /usr//bin/systemctl enable sshd.service >/dev/null 2>&1 || :
+    /usr//bin/systemctl enable sshd-keygen.service >/dev/null 2>&1 || :
 fi
 
-#%pre server
-#/usr/sbin/useradd -c "Privilege-separated SSH" -u %{sshd_uid} \
-#      -s /bin/false -r -d /var/empty/sshd sshd 2> /dev/null || :
+%postun server
+/usr/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+    # Package upgrade, not uninstall
+    /usr//bin/systemctl try-restart sshd.service >/dev/null 2>&1 || :
+fi
 
+%preun server
+if [ $1 -eq 0 ] ; then
+    # Package removal, not upgrade
+    /usr/bin/systemctl --no-reload disable sshd.service > /dev/null 2>&1 || :
+    /usr//bin/systemctl stop sshd.service > /dev/null 2>&1 || :
+fi
 
 
 %files
@@ -172,14 +185,15 @@ fi
 %files server
 %manifest openssh.manifest
 %dir %attr(0711,root,root)
+%attr(0750,root,root) /var/empty/sshd
 %attr(0755,root,root) %{_sbindir}/sshd
 %attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
-/%{_lib}/systemd/system/sshd.service
-/%{_lib}/systemd/system/sshd.socket
-/%{_lib}/systemd/system/sshd@.service
-/%{_lib}/systemd/system/sshd-keys.service
-/%{_lib}/systemd/system/multi-user.target.wants/sshd.socket
-/%{_lib}/systemd/system/multi-user.target.wants/sshd-keys.service
-%{_sbindir}/sshd-hostkeys
+%{_libdir}/systemd/system/sshd.service
+%{_libdir}/systemd/system/sshd.socket
+%{_libdir}/systemd/system/sshd@.service
+%{_libdir}/systemd/system/sshd-keygen.service
+%{_libdir}/systemd/system/multi-user.target.wants/sshd.socket
+%{_libdir}/systemd/system/multi-user.target.wants/sshd-keygen.service
+%{_sbindir}/sshd-keygen
 

diff --git a/packaging/sshd-hostkeys b/packaging/sshd-keygen
similarity index 79%
rename from packaging/sshd-hostkeys
rename to packaging/sshd-keygen
index 697c2be..6d9c8f2 100644 (file)
--- a/packaging/sshd-hostkeys
+++ b/packaging/sshd-keygen
@@ -5,8 +5,8 @@ make_key()
        if [ ! -f /etc/ssh/$1 ]; then
                echo "Generating $2 key: /etc/ssh/$1"
                ssh-keygen -q -t $2 -N '' -f /etc/ssh/$1
-               chmod 600 /etc/ssh/$1
-               chmod 644 /etc/ssh/$1.pub
+               /bin/chmod 600 /etc/ssh/$1
+               /bin/chmod 644 /etc/ssh/$1.pub
        fi
 }
 

diff --git a/packaging/sshd-keygen.service b/packaging/sshd-keygen.service
new file mode 100644 (file)
index 0000000..aa334a7
--- /dev/null
+++ b/packaging/sshd-keygen.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=SSH server keys generation.
+
+[Service]
+Type=oneshot
+ExecStart=/usr/sbin/sshd-keygen
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

diff --git a/packaging/sshd-keys.service b/packaging/sshd-keys.service
deleted file mode 100644 (file)
index a1a7e05..0000000
--- a/packaging/sshd-keys.service
+++ /dev/null
@@ -1,11 +0,0 @@
-[Unit]
-Description=Create sshd host keys
-
-[Service]
-Type=oneshot
-ExecStart=/usr/sbin/sshd-hostkeys
-ExecStartPost=/bin/ln -s /dev/null /etc/systemd/system/sshd-keys.service
-
-[Install]
-WantedBy=multi-user.target
-