rpms/openssh/devel openssh-4.3p2-initscript.patch, NONE, 1.1 openssh.spec, 1.97, 1.98 openssh-3.9p1-noinitlog.patch, 1.1, NONE openssh-3.9p1-safe-stop.patch, 1.2, NONE openssh-4.3p2-localtime.patch, 1.1, NONE

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Nov 2 13:33:40 UTC 2006 

Author: tmraz

Update of /cvs/dist/rpms/openssh/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv25719

Modified Files:
	openssh.spec 
Added Files:
	openssh-4.3p2-initscript.patch 
Removed Files:
	openssh-3.9p1-noinitlog.patch openssh-3.9p1-safe-stop.patch 
	openssh-4.3p2-localtime.patch 
Log Message:
* Thu Nov  2 2006 Tomas Mraz <tmraz at redhat.com> - 4.3p2-11
- merge sshd initscript patches
- kill all ssh sessions when stop is called in halt or reboot runlevel
- remove -TERM option from killproc so we don't race on sshd restart


openssh-4.3p2-initscript.patch:
 sshd |   29 +++++++++++++++++++++++------
 1 files changed, 23 insertions(+), 6 deletions(-)

--- NEW FILE openssh-4.3p2-initscript.patch ---
--- openssh-4.3p2/contrib/redhat/sshd.init	2002-05-10 04:19:23.000000000 +0200
+++ sshd	2006-11-02 14:23:27.000000000 +0100
@@ -29,6 +29,8 @@
 DSA_KEY=/etc/ssh/ssh_host_dsa_key
 PID_FILE=/var/run/sshd.pid
 
+runlevel=$(set -- $(runlevel); eval "echo \$$#" )
+
 do_rsa1_keygen() {
 	if [ ! -s $RSA1_KEY ]; then
 		echo -n $"Generating SSH1 RSA host key: "
@@ -93,9 +95,11 @@
 	do_rsa1_keygen
 	do_rsa_keygen
 	do_dsa_keygen
+	
+	cp -af /etc/localtime /var/empty/sshd/etc
 
-	echo -n $"Starting $prog:"
-	initlog -c "$SSHD $OPTIONS" && success || failure
+	echo -n $"Starting $prog: "
+	$SSHD $OPTIONS && success || failure
 	RETVAL=$?
 	[ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd
 	echo
@@ -103,17 +107,30 @@
 
 stop()
 {
-	echo -n $"Stopping $prog:"
-	killproc $SSHD -TERM
+	echo -n $"Stopping $prog: "
+	if [ -n "`pidfileofproc $SSHD`" ] ; then
+	    killproc $SSHD
+	else
+	    failure $"Stopping $prog"
+	fi
 	RETVAL=$?
+	# if we are in halt or reboot runlevel kill all running sessions
+	# so the TCP connections are closed cleanly
+	if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
+	    killall $prog 2>/dev/null
+	fi
 	[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd
 	echo
 }
 
 reload()
 {
-	echo -n $"Reloading $prog:"
-	killproc $SSHD -HUP
+	echo -n $"Reloading $prog: "
+	if [ -n "`pidfileofproc $SSHD`" ] ; then
+	    killproc $SSHD -HUP
+	else
+	    failure $"Reloading $prog"
+	fi
 	RETVAL=$?
 	echo
 }


Index: openssh.spec
===================================================================
RCS file: /cvs/dist/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- openssh.spec	2 Oct 2006 17:35:50 -0000	1.97
+++ openssh.spec	2 Nov 2006 13:33:37 -0000	1.98
@@ -61,7 +61,7 @@
 Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
 Name: openssh
 Version: 4.3p2
-Release: 10%{?rescue_rel}
+Release: 11%{?dist}%{?rescue_rel}
 URL: http://www.openssh.com/portable.html
 #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
 #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
@@ -73,11 +73,10 @@
 Patch2: openssh-3.8.1p1-skip-initial.patch
 Patch3: openssh-3.8.1p1-krb5-config.patch
 Patch4: openssh-4.3p1-vendor.patch
-Patch5: openssh-3.9p1-noinitlog.patch
+Patch5: openssh-4.3p2-initscript.patch
 Patch12: openssh-selinux.patch
 Patch16: openssh-4.3p1-audit.patch
 Patch20: openssh-3.9p1-gssapimitm.patch
-Patch21: openssh-3.9p1-safe-stop.patch
 Patch22: openssh-3.9p1-askpass-keep-above.patch
 Patch23: openssh-3.9p1-no-log-signal.patch
 Patch24: openssh-4.3p1-fromto-remote.patch
@@ -94,7 +93,6 @@
 Patch40: openssh-4.3p2-coverity-memleaks.patch
 Patch41: openssh-4.3p2-gssapi-no-spnego.patch
 Patch42: openssh-4.3p2-no-dup-logs.patch
-Patch43: openssh-4.3p2-localtime.patch
 Patch44: openssh-4.3p2-allow-ip-opts.patch
 Patch45: openssh-4.3p2-cve-2006-4924.patch
 Patch46: openssh-3.9p1-cve-2006-5051.patch
@@ -200,7 +198,7 @@
 %patch2 -p1 -b .skip-initial
 %patch3 -p1 -b .krb5-config
 %patch4 -p1 -b .vendor
-%patch5 -p1 -b .noinitlog
+%patch5 -p1 -b .initscript
 
 %if %{WITH_SELINUX}
 #SELinux
@@ -212,7 +210,6 @@
 %endif
 
 #%patch20 -p0 -b .gssapimitm
-%patch21 -p1 -b .safe-stop
 %patch22 -p1 -b .keep-above
 %patch23 -p1 -b .signal
 %patch24 -p1 -b .fromto-remote
@@ -229,7 +226,6 @@
 %patch40 -p1 -b .memleaks
 %patch41 -p1 -b .no-spnego
 %patch42 -p1 -b .no-dups
-%patch43 -p1 -b .localtime
 %patch44 -p1 -b .ip-opts
 %patch45 -p1 -b .deattack-dos
 %patch46 -p1 -b .sig-no-cleanup
@@ -477,6 +473,11 @@
 %endif
 
 %changelog
+* Thu Nov  2 2006 Tomas Mraz <tmraz at redhat.com> - 4.3p2-11
+- merge sshd initscript patches
+- kill all ssh sessions when stop is called in halt or reboot runlevel
+- remove -TERM option from killproc so we don't race on sshd restart
+
 * Mon Oct  2 2006 Tomas Mraz <tmraz at redhat.com> - 4.3p2-10
 - improve gssapi-no-spnego patch (#208102)
 - CVE-2006-4924 - prevent DoS on deattack detector (#207957)


--- openssh-3.9p1-noinitlog.patch DELETED ---


--- openssh-3.9p1-safe-stop.patch DELETED ---


--- openssh-4.3p2-localtime.patch DELETED ---

More information about the fedora-cvs-commits mailing list