diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2009-05-11 09:03:29 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2009-05-11 09:03:29 +0000 |
| commit | f1c1033307798b705f69b10caaefdb2b89ffcff8 (patch) | |
| tree | 2b5aa13b42ee999ad8afc9d65b7652a3a132450b /net-misc/openssh | |
| parent | Remove elibtoolize because eautoreconf includes running it. Fix SRC_URI wrt #... (diff) | |
| download | gentoo-2-f1c1033307798b705f69b10caaefdb2b89ffcff8.tar.gz gentoo-2-f1c1033307798b705f69b10caaefdb2b89ffcff8.tar.bz2 gentoo-2-f1c1033307798b705f69b10caaefdb2b89ffcff8.zip | |
old
(Portage version: 2.2_rc33/cvs/Linux x86_64)
Diffstat (limited to 'net-misc/openssh')
16 files changed, 0 insertions, 1060 deletions
diff --git a/net-misc/openssh/files/openssh-4.3_p1-chroot.patch b/net-misc/openssh/files/openssh-4.3_p1-chroot.patch deleted file mode 100644 index e9ca7ae94ec4..000000000000 --- a/net-misc/openssh/files/openssh-4.3_p1-chroot.patch +++ /dev/null @@ -1,54 +0,0 @@ -http://chrootssh.sourceforge.net/ - ---- openssh-4.3p1/session.c -+++ openssh-4.3p1/session.c -@@ -59,6 +59,8 @@ - #include "kex.h" - #include "monitor_wrap.h" - -+#define CHROOT -+ - #if defined(KRB5) && defined(USE_AFS) - #include <kafs.h> - #endif -@@ -1251,6 +1253,11 @@ - void - do_setusercontext(struct passwd *pw) - { -+#ifdef CHROOT -+ char *user_dir; -+ char *new_root; -+#endif /* CHROOT */ -+ - #ifndef HAVE_CYGWIN - if (getuid() == 0 || geteuid() == 0) - #endif /* HAVE_CYGWIN */ -@@ -1308,6 +1315,27 @@ - restore_uid(); - } - #endif -+ -+#ifdef CHROOT -+ user_dir = xstrdup(pw->pw_dir); -+ new_root = user_dir + 1; -+ -+ while ((new_root = strchr(new_root, '.')) != NULL) { -+ new_root--; -+ if (strncmp(new_root, "/./", 3) == 0) { -+ *new_root = '\0'; -+ new_root += 2; -+ -+ if(chroot(user_dir) != 0) -+ fatal("Couldn't chroot to user's directory %s", user_dir); -+ pw->pw_dir = new_root; -+ break; -+ } -+ -+ new_root += 2; -+ } -+#endif /* CHROOT */ -+ - # ifdef USE_PAM - /* - * PAM credentials may take the form of supplementary groups. - diff --git a/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch b/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch deleted file mode 100644 index 7cfd7a64839e..000000000000 --- a/net-misc/openssh/files/openssh-4.6_p1-ChallengeResponseAuthentication.patch +++ /dev/null @@ -1,44 +0,0 @@ -Fix from upstream to fix logging in with USE=pam via passwords by default. - -http://bugs.gentoo.org/170670 - -ChangeLog: -Move C/R -> kbdint special case to after the defaults have been -loaded, which makes ChallengeResponse default to yes again. This -was broken by the Match changes and not fixed properly subsequently. -Found by okan at demirmen.com, ok djm@ "please do it" deraadt@ - -=================================================================== -RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/servconf.c,v -retrieving revision 1.170 -retrieving revision 1.171 -diff -u -r1.170 -r1.171 ---- src/usr.bin/ssh/servconf.c 2007/03/01 10:28:02 1.170 -+++ src/usr.bin/ssh/servconf.c 2007/03/09 05:20:06 1.171 -@@ -1344,8 +1344,4 @@ - if (bad_options > 0) - fatal("%s: terminating, %d bad configuration options", - filename, bad_options); -- -- /* challenge-response is implemented via keyboard interactive */ -- if (options->challenge_response_authentication == 1) -- options->kbd_interactive_authentication = 1; - } -=================================================================== -RCS file: /usr/OpenBSD/cvs/src/usr.bin/ssh/sshd.c,v -retrieving revision 1.349 -retrieving revision 1.350 -diff -u -r1.349 -r1.350 ---- src/usr.bin/ssh/sshd.c 2007/02/21 11:00:05 1.349 -+++ src/usr.bin/ssh/sshd.c 2007/03/09 05:20:06 1.350 -@@ -1359,6 +1359,10 @@ - /* Fill in default values for those options not explicitly set. */ - fill_default_server_options(&options); - -+ /* challenge-response is implemented via keyboard interactive */ -+ if (options.challenge_response_authentication) -+ options.kbd_interactive_authentication = 1; -+ - /* set default channel AF */ - channel_set_af(options.address_family); - diff --git a/net-misc/openssh/files/openssh-4.6_p1-chan-read-failed.patch b/net-misc/openssh/files/openssh-4.6_p1-chan-read-failed.patch deleted file mode 100644 index d12fa82b88a9..000000000000 --- a/net-misc/openssh/files/openssh-4.6_p1-chan-read-failed.patch +++ /dev/null @@ -1,32 +0,0 @@ -https://bugzilla.mindrot.org/show_bug.cgi?id=1306 -http://bugs.gentoo.org/181407 - -Taken from upstream cvs. - -Index: channels.c -=================================================================== -RCS file: /cvs/openssh/channels.c,v -retrieving revision 1.251 -retrieving revision 1.252 -diff -u -p -r1.251 -r1.252 ---- channels.c 28 Jan 2007 23:16:28 -0000 1.251 -+++ channels.c 11 Jun 2007 03:03:17 -0000 1.252 -@@ -1446,14 +1446,13 @@ static int - channel_handle_rfd(Channel *c, fd_set *readset, fd_set *writeset) - { - char buf[CHAN_RBUF]; -- int len; -+ int len, force; - -- if (c->rfd != -1 && -- (c->detach_close || FD_ISSET(c->rfd, readset))) { -+ force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED; -+ if (c->rfd != -1 && (force || FD_ISSET(c->rfd, readset))) { - errno = 0; - len = read(c->rfd, buf, sizeof(buf)); -- if (len < 0 && (errno == EINTR || -- (errno == EAGAIN && !(c->isatty && c->detach_close)))) -+ if (len < 0 && (errno == EINTR || (errno == EAGAIN && !force))) - return 1; - #ifndef PTY_ZEROREAD - if (len <= 0) { diff --git a/net-misc/openssh/files/openssh-4.6_p1-include-string-header.patch b/net-misc/openssh/files/openssh-4.6_p1-include-string-header.patch deleted file mode 100644 index 209a6d7cac99..000000000000 --- a/net-misc/openssh/files/openssh-4.6_p1-include-string-header.patch +++ /dev/null @@ -1,14 +0,0 @@ -http://bugzilla.mindrot.org/show_bug.cgi?id=1294 - ---- includes.h -+++ includes.h -@@ -52,6 +52,9 @@ - #ifdef HAVE_PATHS - # include <paths.h> - #endif -+#ifdef HAVE_STRING_H -+# include <string.h> -+#endif - - /* - *-*-nto-qnx needs these headers for strcasecmp and LASTLOG_FILE respectively diff --git a/net-misc/openssh/files/openssh-4.7_p1-CVE-2008-1483.patch b/net-misc/openssh/files/openssh-4.7_p1-CVE-2008-1483.patch deleted file mode 100644 index 8282bf1d2107..000000000000 --- a/net-misc/openssh/files/openssh-4.7_p1-CVE-2008-1483.patch +++ /dev/null @@ -1,16 +0,0 @@ -Ripped from Fedora for CVE-2008-1483 - -http://bugs.gentoo.org/214985 - ---- openssh-3.9p1/channels.c -+++ openssh-3.9p1/channels.c -@@ -2653,9 +2653,6 @@ - debug2("bind port %d: %.100s", port, strerror(errno)); - close(sock); - -- if (ai->ai_next) -- continue; -- - for (n = 0; n < num_socks; n++) { - close(socks[n]); - } diff --git a/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch b/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch deleted file mode 100644 index 93072236d128..000000000000 --- a/net-misc/openssh/files/openssh-4.7_p1-ForceCommand.patch +++ /dev/null @@ -1,24 +0,0 @@ -security fix - -http://bugs.gentoo.org/215702 -ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.3/common/001_openssh.patch - -Index: usr.bin/ssh/session.c -=================================================================== -RCS file: /cvs/src/usr.bin/ssh/session.c,v -retrieving revision 1.230 -diff -u -r1.230 session.c ---- usr.bin/ssh/session.c 22 Feb 2008 05:58:56 -0000 1.230 -+++ usr.bin/ssh/session.c 27 Mar 2008 10:54:55 -0000 -@@ -878,8 +878,9 @@ - do_xauth = - s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; - -- /* ignore _PATH_SSH_USER_RC for subsystems */ -- if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { -+ /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */ -+ if (!s->is_subsystem && options.adm_forced_command == NULL && -+ (stat(_PATH_SSH_USER_RC, &st) >= 0)) { - snprintf(cmd, sizeof cmd, "%s -c '%s %s'", - shell, _PATH_BSHELL, _PATH_SSH_USER_RC); - if (debug_flag) diff --git a/net-misc/openssh/files/openssh-4.7_p1-lpk-64bit.patch b/net-misc/openssh/files/openssh-4.7_p1-lpk-64bit.patch deleted file mode 100644 index 836073f40088..000000000000 --- a/net-misc/openssh/files/openssh-4.7_p1-lpk-64bit.patch +++ /dev/null @@ -1,45 +0,0 @@ -http://bugs.gentoo.org/210110 - ---- servconf.c -+++ servconf.c -@@ -690,6 +690,7 @@ - { - char *cp, **charptr, *arg, *p; - int cmdline = 0, *intptr, value, n; -+ unsigned long lvalue, *longptr; - ServerOpCodes opcode; - u_short port; - u_int i, flags = 0; -@@ -704,6 +705,7 @@ - if (!arg || !*arg || *arg == '#') - return 0; - intptr = NULL; -+ longptr = NULL; - charptr = NULL; - opcode = parse_token(arg, filename, linenum, &flags); - -@@ -1421,11 +1423,20 @@ - *intptr = value; - break; - case sBindTimeout: -- intptr = (int *) &options->lpk.b_timeout.tv_sec; -- goto parse_int; -+ longptr = (unsigned long *) &options->lpk.b_timeout.tv_sec; -+parse_ulong: -+ arg = strdelim(&cp); -+ if (!arg || *arg == '\0') -+ fatal("%s line %d: missing integer value.", -+ filename, linenum); -+ lvalue = atol(arg); -+ if (*activep && *longptr == -1) -+ *longptr = lvalue; -+ break; -+ - case sSearchTimeout: -- intptr = (int *) &options->lpk.s_timeout.tv_sec; -- goto parse_int; -+ longptr = (unsigned long *) &options->lpk.s_timeout.tv_sec; -+ goto parse_ulong; - break; - case sLdapConf: - arg = cp; diff --git a/net-misc/openssh/files/openssh-4.7_p1-packet-size.patch b/net-misc/openssh/files/openssh-4.7_p1-packet-size.patch deleted file mode 100644 index 85023b4a7208..000000000000 --- a/net-misc/openssh/files/openssh-4.7_p1-packet-size.patch +++ /dev/null @@ -1,30 +0,0 @@ -Fix from upstream - -http://bugs.gentoo.org/212433 -https://bugzilla.mindrot.org/show_bug.cgi?id=1360 - -Index: clientloop.c -=================================================================== -RCS file: /usr/local/src/security/openssh/cvs/openssh/clientloop.c,v -retrieving revision 1.170 -diff -u -p -r1.170 clientloop.c ---- clientloop.c 28 Dec 2007 15:45:07 -0000 1.170 -+++ clientloop.c 28 Dec 2007 18:14:10 -0000 -@@ -1745,7 +1745,7 @@ client_request_forwarded_tcpip(const cha - } - c = channel_new("forwarded-tcpip", - SSH_CHANNEL_CONNECTING, sock, sock, -1, -- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, -+ CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, - originator_address, 1); - xfree(originator_address); - xfree(listen_address); -@@ -1803,7 +1803,7 @@ client_request_agent(const char *request - return NULL; - c = channel_new("authentication agent connection", - SSH_CHANNEL_OPEN, sock, sock, -1, -- CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, -+ CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, - "authentication agent connection", 1); - c->force_drain = 1; - return c; diff --git a/net-misc/openssh/files/openssh-4.7_p1-x509-hpn-glue.patch b/net-misc/openssh/files/openssh-4.7_p1-x509-hpn-glue.patch deleted file mode 100644 index 974d6e1bd1f9..000000000000 --- a/net-misc/openssh/files/openssh-4.7_p1-x509-hpn-glue.patch +++ /dev/null @@ -1,92 +0,0 @@ -move things around so hpn applies cleanly when using X509 - ---- servconf.c -+++ servconf.c -@@ -106,6 +106,18 @@ - options->log_level = SYSLOG_LEVEL_NOT_SET; - options->rhosts_rsa_authentication = -1; - options->hostbased_authentication = -1; -+ -+ options->hostbased_algorithms = NULL; -+ options->pubkey_algorithms = NULL; -+ ssh_x509flags_initialize(&options->x509flags, 1); -+#ifndef SSH_X509STORE_DISABLED -+ ssh_x509store_initialize(&options->ca); -+#endif /*ndef SSH_X509STORE_DISABLED*/ -+#ifdef SSH_OCSP_ENABLED -+ options->va.type = -1; -+ options->va.certificate_file = NULL; -+ options->va.responder_url = NULL; -+#endif /*def SSH_OCSP_ENABLED*/ - options->hostbased_uses_name_from_packet_only = -1; - options->rsa_authentication = -1; - options->pubkey_authentication = -1; -@@ -146,18 +158,6 @@ - options->permit_tun = -1; - options->num_permitted_opens = -1; - options->adm_forced_command = NULL; -- -- options->hostbased_algorithms = NULL; -- options->pubkey_algorithms = NULL; -- ssh_x509flags_initialize(&options->x509flags, 1); --#ifndef SSH_X509STORE_DISABLED -- ssh_x509store_initialize(&options->ca); --#endif /*ndef SSH_X509STORE_DISABLED*/ --#ifdef SSH_OCSP_ENABLED -- options->va.type = -1; -- options->va.certificate_file = NULL; -- options->va.responder_url = NULL; --#endif /*def SSH_OCSP_ENABLED*/ - } - - void -@@ -329,6 +329,16 @@ - /* Portable-specific options */ - sUsePAM, - /* Standard Options */ -+ sHostbasedAlgorithms, -+ sPubkeyAlgorithms, -+ sX509KeyAlgorithm, -+ sAllowedClientCertPurpose, -+ sKeyAllowSelfIssued, sMandatoryCRL, -+ sCACertificateFile, sCACertificatePath, -+ sCARevocationFile, sCARevocationPath, -+ sCAldapVersion, sCAldapURL, -+ sVAType, sVACertificateFile, -+ sVAOCSPResponderURL, - sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, - sPermitRootLogin, sLogFacility, sLogLevel, - sRhostsRSAAuthentication, sRSAAuthentication, -@@ -351,16 +361,6 @@ - sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, - sMatch, sPermitOpen, sForceCommand, - sUsePrivilegeSeparation, -- sHostbasedAlgorithms, -- sPubkeyAlgorithms, -- sX509KeyAlgorithm, -- sAllowedClientCertPurpose, -- sKeyAllowSelfIssued, sMandatoryCRL, -- sCACertificateFile, sCACertificatePath, -- sCARevocationFile, sCARevocationPath, -- sCAldapVersion, sCAldapURL, -- sVAType, sVACertificateFile, -- sVAOCSPResponderURL, - sDeprecated, sUnsupported - } ServerOpCodes; - ---- Makefile.in -++ Makefile.in -@@ -44,11 +44,12 @@ - CC=@CC@ - LD=@LD@ - CFLAGS=@CFLAGS@ --CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ @LDAP_CPPFLAGS@ $(PATHS) @DEFS@ -+CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ - LIBS=@LIBS@ - SSHDLIBS=@SSHDLIBS@ - LIBEDIT=@LIBEDIT@ - LIBLDAP=@LDAP_LDFLAGS@ @LDAP_LIBS@ -+CPPFLAGS += @LDAP_CPPFLAGS@ - AR=@AR@ - AWK=@AWK@ - RANLIB=@RANLIB@ diff --git a/net-misc/openssh/files/openssh-securid-1.3.1-updates.patch b/net-misc/openssh/files/openssh-securid-1.3.1-updates.patch deleted file mode 100644 index 1a0017b1d9f8..000000000000 --- a/net-misc/openssh/files/openssh-securid-1.3.1-updates.patch +++ /dev/null @@ -1,21 +0,0 @@ -Running configure with --without-securid causes failure because the -securid_usersfile_find func isnt properly protected. Fix sent upstream. - ---- auth-securid.c -+++ auth-securid.c -@@ -65,6 +65,7 @@ - */ - #define INBUFFLEN 256 - -+#ifdef SECURID - int - securid_usersfile_find(const char *pw_name) - { -@@ -104,6 +105,7 @@ - pw_name, options.securid_usersfile); - return 0; - } -+#endif - int - auth_securid(Authctxt *authctxt, const char *password) - { diff --git a/net-misc/openssh/files/sshd.pam_include b/net-misc/openssh/files/sshd.pam_include deleted file mode 100644 index 14d9016a69e0..000000000000 --- a/net-misc/openssh/files/sshd.pam_include +++ /dev/null @@ -1,8 +0,0 @@ -#%PAM-1.0 - -auth include system-auth -auth required pam_shells.so -auth required pam_nologin.so -account include system-auth -password include system-auth -session include system-auth diff --git a/net-misc/openssh/files/sshd.pam_include.1 b/net-misc/openssh/files/sshd.pam_include.1 deleted file mode 100644 index 567ba4ac4d2e..000000000000 --- a/net-misc/openssh/files/sshd.pam_include.1 +++ /dev/null @@ -1,8 +0,0 @@ -#%PAM-1.0 - -auth required pam_shells.so -auth required pam_nologin.so -auth include system-auth -account include system-auth -password include system-auth -session include system-auth diff --git a/net-misc/openssh/openssh-4.6_p1-r4.ebuild b/net-misc/openssh/openssh-4.6_p1-r4.ebuild deleted file mode 100644 index aabc2320b6f3..000000000000 --- a/net-misc/openssh/openssh-4.6_p1-r4.ebuild +++ /dev/null @@ -1,160 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.6_p1-r4.ebuild,v 1.4 2009/02/08 17:14:24 vapier Exp $ - -inherit eutils flag-o-matic multilib autotools pam - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} - -X509_PATCH="${PARCH}+x509-5.5.2.diff.gz" -LDAP_PATCH="${PARCH/openssh-/openssh-lpk-}-0.3.9.patch" -HPN_PATCH="${PARCH}-hpn12v17.diff.gz" - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.com/" -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - X509? ( http://roumenpetrov.info/openssh/x509-5.5.2/${X509_PATCH} ) - hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} ) - ldap? ( http://dev.inversepath.com/openssh-lpk/${LDAP_PATCH} )" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" -IUSE="static pam tcpd kerberos skey selinux chroot X509 ldap smartcard hpn libedit X" - -RDEPEND="pam? ( virtual/pam ) - kerberos? ( virtual/krb5 ) - selinux? ( >=sys-libs/libselinux-1.28 ) - skey? ( >=sys-auth/skey-1.1.5-r1 ) - ldap? ( net-nds/openldap ) - libedit? ( dev-libs/libedit ) - >=dev-libs/openssl-0.9.6d - >=sys-libs/zlib-1.2.3 - smartcard? ( dev-libs/opensc ) - tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) - X? ( x11-apps/xauth ) - userland_GNU? ( sys-apps/shadow )" -DEPEND="${RDEPEND} - dev-util/pkgconfig - virtual/os-headers - sys-devel/autoconf" -PROVIDE="virtual/ssh" - -S=${WORKDIR}/${PARCH} - -pkg_setup() { - # this sucks, but i'd rather have people unable to `emerge -u openssh` - # than not be able to log in to their server any more - maybe_fail() { [[ -z ${!2} ]] && use ${1} && echo ${1} ; } - local fail=" - $(maybe_fail X509 X509_PATCH) - $(maybe_fail ldap LDAP_PATCH) - " - fail=$(echo ${fail}) - if [[ -n ${fail} ]] ; then - eerror "Sorry, but this version does not yet support features" - eerror "that you requested: ${fail}" - eerror "Please mask ${PF} for now and check back later:" - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" - die "booooo" - fi -} - -src_unpack() { - unpack ${PARCH}.tar.gz - cd "${S}" - - sed -i \ - -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ - pathnames.h || die - - epatch "${FILESDIR}"/${P}-include-string-header.patch - epatch "${FILESDIR}"/${P}-ChallengeResponseAuthentication.patch #170670 - epatch "${FILESDIR}"/${P}-chan-read-failed.patch #181407 - use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${PN}-4.4_p1-x509-hpn-glue.patch - use chroot && epatch "${FILESDIR}"/openssh-4.3_p1-chroot.patch - use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch - if ! use X509 ; then - if [[ -n ${LDAP_PATCH} ]] && use ldap ; then - epatch "${DISTDIR}"/${LDAP_PATCH} "${FILESDIR}"/${PN}-4.4_p1-ldap-hpn-glue.patch - fi - elif use ldap ; then - ewarn "Sorry, X509 and ldap don't get along, disabling ldap" - fi - [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH} - - sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die - - eautoreconf -} - -src_compile() { - addwrite /dev/ptmx - addpredict /etc/skey/skeykeys #skey configure code triggers this - - local myconf="" - if use static ; then - append-ldflags -static - use pam && ewarn "Disabling pam support becuse of static flag" - myconf="${myconf} --without-pam" - else - myconf="${myconf} $(use_with pam)" - fi - - econf \ - --with-ldflags="${LDFLAGS}" \ - --disable-strip \ - --sysconfdir=/etc/ssh \ - --libexecdir=/usr/$(get_libdir)/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - $(use_with ldap) \ - $(use_with libedit) \ - $(use_with kerberos kerberos5 /usr) \ - $(use_with tcpd tcp-wrappers) \ - $(use_with selinux) \ - $(use_with skey) \ - $(use_with smartcard opensc) \ - ${myconf} \ - || die "bad configure" - emake || die "compile problem" -} - -src_install() { - emake install-nokeys DESTDIR="${D}" || die - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd.rc6 sshd - newconfd "${FILESDIR}"/sshd.confd sshd - keepdir /var/empty - - newpamd "${FILESDIR}"/sshd.pam_include.1 sshd - dosed "/^#Protocol /s:.*:Protocol 2:" /etc/ssh/sshd_config - use pam \ - && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ - && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh -} - -pkg_postinst() { - enewgroup sshd 22 - enewuser sshd 22 -1 /var/empty sshd - - ewarn "Remember to merge your config files in /etc/ssh/ and then" - ewarn "restart sshd: '/etc/init.d/sshd restart'." - if use pam ; then - echo - ewarn "Please be aware users need a valid shell in /etc/passwd" - ewarn "in order to be allowed to login." - fi -} diff --git a/net-misc/openssh/openssh-4.7_p1-r20.ebuild b/net-misc/openssh/openssh-4.7_p1-r20.ebuild deleted file mode 100644 index 27198def3175..000000000000 --- a/net-misc/openssh/openssh-4.7_p1-r20.ebuild +++ /dev/null @@ -1,176 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.7_p1-r20.ebuild,v 1.14 2009/02/08 17:14:24 vapier Exp $ - -inherit eutils flag-o-matic multilib autotools pam - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} - -X509_PATCH="${PARCH}+x509-6.1.diff.gz" -LDAP_PATCH="${PARCH/openssh-4.7/openssh-lpk-4.6}-0.3.9.patch" -HPN_PATCH="${PARCH}-hpn13v1.diff.gz" - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.org/" -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - ldap? ( http://dev.inversepath.com/openssh-lpk/${LDAP_PATCH} ) - X509? ( http://roumenpetrov.info/openssh/x509-6.1/${X509_PATCH} ) - hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="static pam tcpd kerberos skey selinux chroot X509 ldap smartcard hpn libedit X" - -RDEPEND="pam? ( virtual/pam ) - kerberos? ( virtual/krb5 ) - selinux? ( >=sys-libs/libselinux-1.28 ) - skey? ( >=sys-auth/skey-1.1.5-r1 ) - ldap? ( net-nds/openldap ) - libedit? ( dev-libs/libedit ) - >=dev-libs/openssl-0.9.6d - >=sys-libs/zlib-1.2.3 - smartcard? ( dev-libs/opensc ) - tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) - X? ( x11-apps/xauth ) - userland_GNU? ( sys-apps/shadow )" -DEPEND="${RDEPEND} - dev-util/pkgconfig - virtual/os-headers - sys-devel/autoconf" -RDEPEND="${RDEPEND} - pam? ( >=sys-auth/pambase-20080219.1 )" -PROVIDE="virtual/ssh" - -S=${WORKDIR}/${PARCH} - -pkg_setup() { - # this sucks, but i'd rather have people unable to `emerge -u openssh` - # than not be able to log in to their server any more - maybe_fail() { [[ -z ${!2} ]] && use ${1} && echo ${1} ; } - local fail=" - $(maybe_fail X509 X509_PATCH) - $(maybe_fail ldap LDAP_PATCH) - " - fail=$(echo ${fail}) - if [[ -n ${fail} ]] ; then - eerror "Sorry, but this version does not yet support features" - eerror "that you requested: ${fail}" - eerror "Please mask ${PF} for now and check back later:" - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" - die "booooo" - fi -} - -src_unpack() { - unpack ${PARCH}.tar.gz - cd "${S}" - - sed -i \ - -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ - pathnames.h || die - - use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${PN}-4.7_p1-x509-hpn-glue.patch - use chroot && epatch "${FILESDIR}"/openssh-4.3_p1-chroot.patch - use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch - if ! use X509 ; then - if [[ -n ${LDAP_PATCH} ]] && use ldap ; then - epatch "${DISTDIR}"/${LDAP_PATCH} "${FILESDIR}"/${PN}-4.4_p1-ldap-hpn-glue.patch - fi - elif use ldap ; then - ewarn "Sorry, X509 and ldap don't get along, disabling ldap" - fi - [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH} - epatch "${FILESDIR}"/${P}-GSSAPI-dns.patch #165444 - - sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die - - # fix #191665 - epatch "${FILESDIR}"/openssh-4.7p1-selinux.diff - - eautoreconf -} - -src_compile() { - addwrite /dev/ptmx - addpredict /etc/skey/skeykeys #skey configure code triggers this - - local myconf="" - if use static ; then - append-ldflags -static - use pam && ewarn "Disabling pam support becuse of static flag" - myconf="${myconf} --without-pam" - else - myconf="${myconf} $(use_with pam)" - fi - - econf \ - --with-ldflags="${LDFLAGS}" \ - --disable-strip \ - --sysconfdir=/etc/ssh \ - --libexecdir=/usr/$(get_libdir)/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --with-ssl-engine \ - $(use_with ldap) \ - $(use_with libedit) \ - $(use_with kerberos kerberos5 /usr) \ - $(use_with tcpd tcp-wrappers) \ - $(use_with selinux) \ - $(use_with skey) \ - $(use_with smartcard opensc) \ - ${myconf} \ - || die "bad configure" - emake || die "compile problem" -} - -src_install() { - emake install-nokeys DESTDIR="${D}" || die - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd.rc6 sshd - newconfd "${FILESDIR}"/sshd.confd sshd - keepdir /var/empty - - newpamd "${FILESDIR}"/sshd.pam_include.2 sshd - if use pam; then - # Whenever enabling the pam USE flag, enable PAM support on - # the configuration file. Also disable password authentication - # and printing of motd and last login. The latter is done to - # leave those tasks up to PAM itself, through pambase. - sed -i \ - -e "/^#UsePAM /s:.*:UsePAM yes:" \ - -e "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" \ - -e "/^#PrintLastLog /s:.*:PrintLastLog no:" \ - -e "/^#PrintMotd /s:.*:PrintMotd no:" \ - "${D}"/etc/ssh/sshd_config - fi - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh -} - -pkg_postinst() { - enewgroup sshd 22 - enewuser sshd 22 -1 /var/empty sshd - - # help fix broken perms caused by older ebuilds. - # can probably cut this after the next stage release. - chmod u+x "${ROOT}"/etc/skel/.ssh >& /dev/null - - ewarn "Remember to merge your config files in /etc/ssh/ and then" - ewarn "restart sshd: '/etc/init.d/sshd restart'." - if use pam ; then - echo - ewarn "Please be aware users need a valid shell in /etc/passwd" - ewarn "in order to be allowed to login." - fi -} diff --git a/net-misc/openssh/openssh-4.7_p1-r6.ebuild b/net-misc/openssh/openssh-4.7_p1-r6.ebuild deleted file mode 100644 index e7ce13857c63..000000000000 --- a/net-misc/openssh/openssh-4.7_p1-r6.ebuild +++ /dev/null @@ -1,171 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-4.7_p1-r6.ebuild,v 1.10 2009/02/08 17:14:24 vapier Exp $ - -inherit eutils flag-o-matic multilib autotools pam - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} - -X509_PATCH="${PARCH}+x509-6.1.diff.gz" -LDAP_PATCH="${PARCH/openssh-4.7/openssh-lpk-4.6}-0.3.9.patch" -HPN_PATCH="${PARCH}-hpn13v1.diff.gz" - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.org/" -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - http://www.sxw.org.uk/computing/patches/openssh-4.7p1-gsskex-20070927.patch - ldap? ( http://dev.inversepath.com/openssh-lpk/${LDAP_PATCH} ) - X509? ( http://roumenpetrov.info/openssh/x509-6.1/${X509_PATCH} ) - hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc ~sparc-fbsd x86 ~x86-fbsd" -IUSE="static pam tcpd kerberos skey selinux chroot X509 ldap smartcard hpn libedit X" - -RDEPEND="pam? ( virtual/pam ) - kerberos? ( virtual/krb5 ) - selinux? ( >=sys-libs/libselinux-1.28 ) - skey? ( >=sys-auth/skey-1.1.5-r1 ) - ldap? ( net-nds/openldap ) - libedit? ( dev-libs/libedit ) - >=dev-libs/openssl-0.9.6d - >=sys-libs/zlib-1.2.3 - smartcard? ( dev-libs/opensc ) - tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) - X? ( x11-apps/xauth ) - userland_GNU? ( sys-apps/shadow )" -DEPEND="${RDEPEND} - dev-util/pkgconfig - virtual/os-headers - sys-devel/autoconf" -PROVIDE="virtual/ssh" - -S=${WORKDIR}/${PARCH} - -pkg_setup() { - # this sucks, but i'd rather have people unable to `emerge -u openssh` - # than not be able to log in to their server any more - maybe_fail() { [[ -z ${!2} ]] && use ${1} && echo ${1} ; } - local fail=" - $(maybe_fail X509 X509_PATCH) - $(maybe_fail ldap LDAP_PATCH) - " - fail=$(echo ${fail}) - if [[ -n ${fail} ]] ; then - eerror "Sorry, but this version does not yet support features" - eerror "that you requested: ${fail}" - eerror "Please mask ${PF} for now and check back later:" - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" - die "booooo" - fi -} - -src_unpack() { - unpack ${PARCH}.tar.gz - cd "${S}" - - sed -i \ - -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ - pathnames.h || die - - use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${PN}-4.7_p1-x509-hpn-glue.patch - use chroot && epatch "${FILESDIR}"/openssh-4.3_p1-chroot.patch - use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch - if ! use X509 ; then - if [[ -n ${LDAP_PATCH} ]] && use ldap ; then - epatch "${DISTDIR}"/${LDAP_PATCH} "${FILESDIR}"/${PN}-4.4_p1-ldap-hpn-glue.patch - epatch "${FILESDIR}"/${P}-lpk-64bit.patch #210110 - fi - epatch "${DISTDIR}"/openssh-4.7p1-gsskex-20070927.patch #115553 - else - use ldap && ewarn "Sorry, X509 and ldap don't get along, disabling ldap" - epatch "${FILESDIR}"/${P}-GSSAPI-dns.patch #165444 integrated into gsskex - fi - [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH} - epatch "${FILESDIR}"/${P}-CVE-2008-1483.patch #214985 - epatch "${FILESDIR}"/${P}-packet-size.patch #212433 - epatch "${FILESDIR}"/${P}-ForceCommand.patch #215702 - - sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die - - # fix #191665 - epatch "${FILESDIR}"/openssh-4.7p1-selinux.diff - - eautoreconf -} - -src_compile() { - addwrite /dev/ptmx - addpredict /etc/skey/skeykeys #skey configure code triggers this - - local myconf="" - if use static ; then - append-ldflags -static - use pam && ewarn "Disabling pam support becuse of static flag" - myconf="${myconf} --without-pam" - else - myconf="${myconf} $(use_with pam)" - fi - - econf \ - --with-ldflags="${LDFLAGS}" \ - --disable-strip \ - --sysconfdir=/etc/ssh \ - --libexecdir=/usr/$(get_libdir)/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --with-ssl-engine \ - $(use_with ldap) \ - $(use_with libedit) \ - $(use_with kerberos kerberos5 /usr) \ - $(use_with tcpd tcp-wrappers) \ - $(use_with selinux) \ - $(use_with skey) \ - $(use_with smartcard opensc) \ - ${myconf} \ - || die "bad configure" - emake || die "compile problem" -} - -src_install() { - emake install-nokeys DESTDIR="${D}" || die - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd.rc6 sshd - newconfd "${FILESDIR}"/sshd.confd sshd - keepdir /var/empty - - newpamd "${FILESDIR}"/sshd.pam_include.1 sshd - use pam \ - && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ - && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh -} - -pkg_postinst() { - enewgroup sshd 22 - enewuser sshd 22 -1 /var/empty sshd - - # help fix broken perms caused by older ebuilds. - # can probably cut this after the next stage release. - chmod u+x "${ROOT}"/etc/skel/.ssh >& /dev/null - - ewarn "Remember to merge your config files in /etc/ssh/ and then" - ewarn "restart sshd: '/etc/init.d/sshd restart'." - if use pam ; then - echo - ewarn "Please be aware users need a valid shell in /etc/passwd" - ewarn "in order to be allowed to login." - fi -} diff --git a/net-misc/openssh/openssh-5.0_p1-r1.ebuild b/net-misc/openssh/openssh-5.0_p1-r1.ebuild deleted file mode 100644 index a16cc7c1d8c3..000000000000 --- a/net-misc/openssh/openssh-5.0_p1-r1.ebuild +++ /dev/null @@ -1,165 +0,0 @@ -# Copyright 1999-2009 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/openssh-5.0_p1-r1.ebuild,v 1.3 2009/02/08 17:14:24 vapier Exp $ - -inherit eutils flag-o-matic multilib autotools pam - -# Make it more portable between straight releases -# and _p? releases. -PARCH=${P/_/} - -X509_PATCH="${PARCH}+x509-6.1.1.diff.gz" -#LDAP_PATCH="${PARCH/openssh-4.9/openssh-lpk-4.6}-0.3.9.patch" -HPN_PATCH="${PARCH}-hpn13v3.diff.gz" - -DESCRIPTION="Port of OpenBSD's free SSH release" -HOMEPAGE="http://www.openssh.org/" -SRC_URI="mirror://openbsd/OpenSSH/portable/${PARCH}.tar.gz - http://www.sxw.org.uk/computing/patches/openssh-5.0p1-gsskex-20080404.patch - ${LDAP_PATCH:+ldap? ( http://dev.inversepath.com/openssh-lpk/${LDAP_PATCH} )} - ${X509_PATCH:+X509? ( http://roumenpetrov.info/openssh/x509-6.1.1/${X509_PATCH} )} - ${HPN_PATCH:+hpn? ( http://www.psc.edu/networking/projects/hpn-ssh/${HPN_PATCH} )}" - -LICENSE="as-is" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~sparc-fbsd ~x86 ~x86-fbsd" -IUSE="static pam tcpd kerberos skey selinux X509 ldap smartcard hpn libedit X" - -RDEPEND="pam? ( virtual/pam ) - kerberos? ( virtual/krb5 ) - selinux? ( >=sys-libs/libselinux-1.28 ) - skey? ( >=sys-auth/skey-1.1.5-r1 ) - ldap? ( net-nds/openldap ) - libedit? ( dev-libs/libedit ) - >=dev-libs/openssl-0.9.6d - >=sys-libs/zlib-1.2.3 - smartcard? ( dev-libs/opensc ) - tcpd? ( >=sys-apps/tcp-wrappers-7.6 ) - X? ( x11-apps/xauth ) - userland_GNU? ( sys-apps/shadow )" -DEPEND="${RDEPEND} - dev-util/pkgconfig - virtual/os-headers - sys-devel/autoconf" -PROVIDE="virtual/ssh" - -S=${WORKDIR}/${PARCH} - -pkg_setup() { - # this sucks, but i'd rather have people unable to `emerge -u openssh` - # than not be able to log in to their server any more - maybe_fail() { [[ -z ${!2} ]] && use ${1} && echo ${1} ; } - local fail=" - $(maybe_fail X509 X509_PATCH) - $(maybe_fail ldap LDAP_PATCH) - " - fail=$(echo ${fail}) - if [[ -n ${fail} ]] ; then - eerror "Sorry, but this version does not yet support features" - eerror "that you requested: ${fail}" - eerror "Please mask ${PF} for now and check back later:" - eerror " # echo '=${CATEGORY}/${PF}' >> /etc/portage/package.mask" - die "booooo" - fi -} - -src_unpack() { - unpack ${PARCH}.tar.gz - cd "${S}" - - sed -i \ - -e '/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:/usr/bin/xauth:' \ - pathnames.h || die - - use X509 && epatch "${DISTDIR}"/${X509_PATCH} "${FILESDIR}"/${PN}-4.9_p1-x509-hpn-glue.patch - use smartcard && epatch "${FILESDIR}"/openssh-3.9_p1-opensc.patch - if ! use X509 ; then - if [[ -n ${LDAP_PATCH} ]] && use ldap ; then - epatch "${DISTDIR}"/${LDAP_PATCH} "${FILESDIR}"/${PN}-4.4_p1-ldap-hpn-glue.patch - epatch "${FILESDIR}"/${P}-lpk-64bit.patch #210110 - fi - epatch "${DISTDIR}"/openssh-5.0p1-gsskex-20080404.patch #115553 #216932 - else - use ldap && ewarn "Sorry, X509 and ldap don't get along, disabling ldap" - epatch "${FILESDIR}"/${PN}-4.7_p1-GSSAPI-dns.patch #165444 integrated into gsskex - fi - [[ -n ${HPN_PATCH} ]] && use hpn && epatch "${DISTDIR}"/${HPN_PATCH} - epatch "${FILESDIR}"/${PN}-4.7p1-selinux.diff #191665 - - sed -i "s:-lcrypto:$(pkg-config --libs openssl):" configure{,.ac} || die - - eautoreconf -} - -src_compile() { - addwrite /dev/ptmx - addpredict /etc/skey/skeykeys #skey configure code triggers this - - local myconf="" - if use static ; then - append-ldflags -static - use pam && ewarn "Disabling pam support becuse of static flag" - myconf="${myconf} --without-pam" - else - myconf="${myconf} $(use_with pam)" - fi - - econf \ - --with-ldflags="${LDFLAGS}" \ - --disable-strip \ - --sysconfdir=/etc/ssh \ - --libexecdir=/usr/$(get_libdir)/misc \ - --datadir=/usr/share/openssh \ - --disable-suid-ssh \ - --with-privsep-path=/var/empty \ - --with-privsep-user=sshd \ - --with-md5-passwords \ - --with-ssl-engine \ - $(use_with ldap) \ - $(use_with libedit) \ - $(use_with kerberos kerberos5 /usr) \ - $(use_with tcpd tcp-wrappers) \ - $(use_with selinux) \ - $(use_with skey) \ - $(use_with smartcard opensc) \ - ${myconf} \ - || die "bad configure" - emake || die "compile problem" -} - -src_install() { - emake install-nokeys DESTDIR="${D}" || die - fperms 600 /etc/ssh/sshd_config - dobin contrib/ssh-copy-id - newinitd "${FILESDIR}"/sshd.rc6 sshd - newconfd "${FILESDIR}"/sshd.confd sshd - keepdir /var/empty - - newpamd "${FILESDIR}"/sshd.pam_include.1 sshd - use pam \ - && dosed "/^#UsePAM /s:.*:UsePAM yes:" /etc/ssh/sshd_config \ - && dosed "/^#PasswordAuthentication /s:.*:PasswordAuthentication no:" /etc/ssh/sshd_config - - doman contrib/ssh-copy-id.1 - dodoc ChangeLog CREDITS OVERVIEW README* TODO sshd_config - - diropts -m 0700 - dodir /etc/skel/.ssh -} - -pkg_postinst() { - enewgroup sshd 22 - enewuser sshd 22 -1 /var/empty sshd - - # help fix broken perms caused by older ebuilds. - # can probably cut this after the next stage release. - chmod u+x "${ROOT}"/etc/skel/.ssh >& /dev/null - - ewarn "Remember to merge your config files in /etc/ssh/ and then" - ewarn "restart sshd: '/etc/init.d/sshd restart'." - if use pam ; then - echo - ewarn "Please be aware users need a valid shell in /etc/passwd" - ewarn "in order to be allowed to login." - fi -} |