[freenx-server] Use authorized_keys instead of *_keys2 for OpenSSH 5.9p1 compat (#830838).
Ville Skyttä
scop at fedoraproject.org
Sun Jun 17 10:46:34 UTC 2012
commit c74548c8f566c503726e5544c94f2c481e643195
Author: Ville Skyttä <ville.skytta at iki.fi>
Date: Sun Jun 17 13:46:24 2012 +0300
Use authorized_keys instead of *_keys2 for OpenSSH 5.9p1 compat (#830838).
- Drop EL < 5 build support.
freenx-server-0.7.3-authkeys2-830838.patch | 24 +++++++++++++++
freenx-server.spec | 43 ++++++++++++++-------------
2 files changed, 46 insertions(+), 21 deletions(-)
---
diff --git a/freenx-server-0.7.3-authkeys2-830838.patch b/freenx-server-0.7.3-authkeys2-830838.patch
new file mode 100644
index 0000000..0bfe25f
--- /dev/null
+++ b/freenx-server-0.7.3-authkeys2-830838.patch
@@ -0,0 +1,24 @@
+diff -up freenx-server-0.7.3/nxkeygen~ freenx-server-0.7.3/nxkeygen
+--- freenx-server-0.7.3/nxkeygen~ 2012-06-14 21:36:03.271909685 +0300
++++ freenx-server-0.7.3/nxkeygen 2012-06-14 21:37:46.177685991 +0300
+@@ -51,7 +51,7 @@ main ()
+ chown nx:root $x
+ done
+
+- # copy the key to the authorized_keys2 file
++ # copy the key to the authorized_keys file
+ rm -f $NX_KEY_DIR/$SSH_AUTHORIZED_KEYS
+ echo -n "no-port-forwarding,no-agent-forwarding,command=\"$PATH_BIN/nxserver\" " >$NX_KEY_DIR/$SSH_AUTHORIZED_KEYS
+ cat ${NX_SERVER_KEY} >> $NX_KEY_DIR/$SSH_AUTHORIZED_KEYS
+diff -up freenx-server-0.7.3/nxloadconfig~ freenx-server-0.7.3/nxloadconfig
+--- freenx-server-0.7.3/nxloadconfig~ 2012-06-14 21:36:03.307909232 +0300
++++ freenx-server-0.7.3/nxloadconfig 2012-06-14 21:37:50.437634443 +0300
+@@ -70,7 +70,7 @@ APPLICATION_LIBRARY_PATH="" #Calculated
+ APPLICATION_LIBRARY_PRELOAD="" #Calculated
+
+ # the name of the authorized keys file for ssh
+-SSH_AUTHORIZED_KEYS="authorized_keys2"
++SSH_AUTHORIZED_KEYS="authorized_keys"
+
+ # retest values like xauth, netcat and checks for nxdesktop/nxviewer availability
+ # set to 0 if you are sure, you set the right values
diff --git a/freenx-server.spec b/freenx-server.spec
index 5c8ae28..a0191c9 100644
--- a/freenx-server.spec
+++ b/freenx-server.spec
@@ -1,5 +1,3 @@
-%bcond_with oldx11
-
%if 0%{?fedora} > 15
%bcond_without systemd
%else
@@ -19,7 +17,7 @@
Summary: Free Software (GPL) Implementation of the NX Server
Name: freenx-server
Version: 0.7.3
-Release: 26%{?dist}
+Release: 27%{?dist}
License: GPLv2
Group: Applications/Internet
URL: http://freenx.berlios.de/
@@ -36,6 +34,7 @@ Patch5: freenx-server-0.7.3-optflags.patch
Patch6: freenx-server-0.7.3-init.patch
Patch7: freenx-server-0.7.3-nxipp.patch
Patch8: freenx-server-0.7.3-nxagent-version-827176.patch
+Patch9: freenx-server-0.7.3-authkeys2-830838.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: imake, redhat-release
%if %{with systemd}
@@ -47,12 +46,7 @@ Requires(postun): systemd-units
%endif
Requires: nx%{?_isa} cups
Requires: openssh-server nc expect which perl
-Requires: xorg-x11-server-Xorg xorg-x11-apps
-%if %{with oldx11}
-Requires: fonts-xorg-base
-%else
-Requires: xorg-x11-fonts-misc
-%endif
+Requires: xorg-x11-server-Xorg xorg-x11-apps xorg-x11-fonts-misc
Obsoletes: freenx < %{version}-%{release}
Provides: freenx = %{version}-%{release}
@@ -74,6 +68,7 @@ under the GPL. FreeNX-server is a GPL implementation of the NX Server.
%patch6 -p1 -b .init
%patch7 -p1 -b .nxipp
%patch8 -p1 -b .nxagent-version
+%patch9 -p1 -b .authkeys2
sed -i -e's,\$NX_DIR/bin,%{_pkglibexecdir},g'\
-e's,\$NX_DIR/lib,%{_pkglibdir},g'\
@@ -106,14 +101,12 @@ touch %{buildroot}/etc/nxserver/users.id_dsa.pub
# Create the nx user home
mkdir -p %{buildroot}/var/lib/nxserver/home/.ssh
chmod -R 0700 %{buildroot}/var/lib/nxserver
-ln -s /etc/nxserver/server.id_dsa.pub.key \
- %{buildroot}/var/lib/nxserver/home/.ssh/authorized_keys2
-ln -s /etc/nxserver/server.id_dsa.pub.key \
- %{buildroot}/var/lib/nxserver/home/.ssh/authorized_keys2.disabled
-for f in client.id_dsa.key known_hosts ; do
- touch %{buildroot}/var/lib/nxserver/home/.ssh/$f
- chmod 0600 %{buildroot}/var/lib/nxserver/home/.ssh/$f
-done
+touch %{buildroot}/var/lib/nxserver/home/.ssh/authorized_keys
+touch %{buildroot}/var/lib/nxserver/home/.ssh/authorized_keys.disabled
+touch %{buildroot}/var/lib/nxserver/home/.ssh/client.id_dsa.key
+touch %{buildroot}/var/lib/nxserver/home/.ssh/known_hosts
+touch %{buildroot}/var/lib/nxserver/home/.ssh/server.id_dsa.pub.key
+chmod 0600 %{buildroot}/var/lib/nxserver/home/.ssh/*
mkdir -p %{buildroot}/var/lib/nxserver/db/closed
mkdir -p %{buildroot}/var/lib/nxserver/db/running
mkdir -p %{buildroot}/var/lib/nxserver/db/failed
@@ -154,6 +147,13 @@ systemctl daemon-reload &>/dev/null
%else
/sbin/chkconfig --add freenx-server
%endif
+if [ $1 -gt 1 ]; then # for migrating to >= 0.7.3-27
+ cd /var/lib/nxserver/home/.ssh
+ [ -e authorized_keys2 ] && [ ! -e authorized_keys ] && \
+ mv authorized_keys2 authorized_keys
+ [ -e authorized_keys2.disabled ] && [ ! -e authorized_keys.disabled ] && \
+ mv authorized_keys2.disabled authorized_keys.disabled
+fi
exit 0
%preun
@@ -201,13 +201,14 @@ systemctl daemon-reload &>/dev/null || :
/var/lib/nxserver/db
%dir /var/lib/nxserver/home
%dir /var/lib/nxserver/home/.ssh
-%ghost /var/lib/nxserver/home/.ssh/authorized_keys2
-/var/lib/nxserver/home/.ssh/authorized_keys2.disabled
-%ghost /var/lib/nxserver/home/.ssh/client.id_dsa.key
-%ghost /var/lib/nxserver/home/.ssh/known_hosts
+%ghost /var/lib/nxserver/home/.ssh/*
/var/log/nx
%changelog
+* Thu Jun 14 2012 Ville Skyttä <ville.skytta at iki.fi> - 0.7.3-27
+- Use authorized_keys instead of *_keys2 for OpenSSH 5.9p1 compat (#830838).
+- Drop EL < 5 build support.
+
* Mon Jun 4 2012 Ville Skyttä <ville.skytta at iki.fi> - 0.7.3-26
- Hush bogus NX 3.[45] incompatibility warning (Christian Ziemski, #827176).
More information about the scm-commits
mailing list