rpms/openssh/devel openssh-4.3p2-initscript.patch, NONE, 1.1 openssh.spec, 1.97, 1.98 openssh-3.9p1-noinitlog.patch, 1.1, NONE openssh-3.9p1-safe-stop.patch, 1.2, NONE openssh-4.3p2-localtime.patch, 1.1, NONE
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Thu Nov 2 13:33:40 UTC 2006
Author: tmraz
Update of /cvs/dist/rpms/openssh/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv25719
Modified Files:
openssh.spec
Added Files:
openssh-4.3p2-initscript.patch
Removed Files:
openssh-3.9p1-noinitlog.patch openssh-3.9p1-safe-stop.patch
openssh-4.3p2-localtime.patch
Log Message:
* Thu Nov 2 2006 Tomas Mraz <tmraz at redhat.com> - 4.3p2-11
- merge sshd initscript patches
- kill all ssh sessions when stop is called in halt or reboot runlevel
- remove -TERM option from killproc so we don't race on sshd restart
openssh-4.3p2-initscript.patch:
sshd | 29 +++++++++++++++++++++++------
1 files changed, 23 insertions(+), 6 deletions(-)
--- NEW FILE openssh-4.3p2-initscript.patch ---
--- openssh-4.3p2/contrib/redhat/sshd.init 2002-05-10 04:19:23.000000000 +0200
+++ sshd 2006-11-02 14:23:27.000000000 +0100
@@ -29,6 +29,8 @@
DSA_KEY=/etc/ssh/ssh_host_dsa_key
PID_FILE=/var/run/sshd.pid
+runlevel=$(set -- $(runlevel); eval "echo \$$#" )
+
do_rsa1_keygen() {
if [ ! -s $RSA1_KEY ]; then
echo -n $"Generating SSH1 RSA host key: "
@@ -93,9 +95,11 @@
do_rsa1_keygen
do_rsa_keygen
do_dsa_keygen
+
+ cp -af /etc/localtime /var/empty/sshd/etc
- echo -n $"Starting $prog:"
- initlog -c "$SSHD $OPTIONS" && success || failure
+ echo -n $"Starting $prog: "
+ $SSHD $OPTIONS && success || failure
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd
echo
@@ -103,17 +107,30 @@
stop()
{
- echo -n $"Stopping $prog:"
- killproc $SSHD -TERM
+ echo -n $"Stopping $prog: "
+ if [ -n "`pidfileofproc $SSHD`" ] ; then
+ killproc $SSHD
+ else
+ failure $"Stopping $prog"
+ fi
RETVAL=$?
+ # if we are in halt or reboot runlevel kill all running sessions
+ # so the TCP connections are closed cleanly
+ if [ "x$runlevel" = x0 -o "x$runlevel" = x6 ] ; then
+ killall $prog 2>/dev/null
+ fi
[ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd
echo
}
reload()
{
- echo -n $"Reloading $prog:"
- killproc $SSHD -HUP
+ echo -n $"Reloading $prog: "
+ if [ -n "`pidfileofproc $SSHD`" ] ; then
+ killproc $SSHD -HUP
+ else
+ failure $"Reloading $prog"
+ fi
RETVAL=$?
echo
}
Index: openssh.spec
===================================================================
RCS file: /cvs/dist/rpms/openssh/devel/openssh.spec,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- openssh.spec 2 Oct 2006 17:35:50 -0000 1.97
+++ openssh.spec 2 Nov 2006 13:33:37 -0000 1.98
@@ -61,7 +61,7 @@
Summary: The OpenSSH implementation of SSH protocol versions 1 and 2
Name: openssh
Version: 4.3p2
-Release: 10%{?rescue_rel}
+Release: 11%{?dist}%{?rescue_rel}
URL: http://www.openssh.com/portable.html
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.sig
@@ -73,11 +73,10 @@
Patch2: openssh-3.8.1p1-skip-initial.patch
Patch3: openssh-3.8.1p1-krb5-config.patch
Patch4: openssh-4.3p1-vendor.patch
-Patch5: openssh-3.9p1-noinitlog.patch
+Patch5: openssh-4.3p2-initscript.patch
Patch12: openssh-selinux.patch
Patch16: openssh-4.3p1-audit.patch
Patch20: openssh-3.9p1-gssapimitm.patch
-Patch21: openssh-3.9p1-safe-stop.patch
Patch22: openssh-3.9p1-askpass-keep-above.patch
Patch23: openssh-3.9p1-no-log-signal.patch
Patch24: openssh-4.3p1-fromto-remote.patch
@@ -94,7 +93,6 @@
Patch40: openssh-4.3p2-coverity-memleaks.patch
Patch41: openssh-4.3p2-gssapi-no-spnego.patch
Patch42: openssh-4.3p2-no-dup-logs.patch
-Patch43: openssh-4.3p2-localtime.patch
Patch44: openssh-4.3p2-allow-ip-opts.patch
Patch45: openssh-4.3p2-cve-2006-4924.patch
Patch46: openssh-3.9p1-cve-2006-5051.patch
@@ -200,7 +198,7 @@
%patch2 -p1 -b .skip-initial
%patch3 -p1 -b .krb5-config
%patch4 -p1 -b .vendor
-%patch5 -p1 -b .noinitlog
+%patch5 -p1 -b .initscript
%if %{WITH_SELINUX}
#SELinux
@@ -212,7 +210,6 @@
%endif
#%patch20 -p0 -b .gssapimitm
-%patch21 -p1 -b .safe-stop
%patch22 -p1 -b .keep-above
%patch23 -p1 -b .signal
%patch24 -p1 -b .fromto-remote
@@ -229,7 +226,6 @@
%patch40 -p1 -b .memleaks
%patch41 -p1 -b .no-spnego
%patch42 -p1 -b .no-dups
-%patch43 -p1 -b .localtime
%patch44 -p1 -b .ip-opts
%patch45 -p1 -b .deattack-dos
%patch46 -p1 -b .sig-no-cleanup
@@ -477,6 +473,11 @@
%endif
%changelog
+* Thu Nov 2 2006 Tomas Mraz <tmraz at redhat.com> - 4.3p2-11
+- merge sshd initscript patches
+- kill all ssh sessions when stop is called in halt or reboot runlevel
+- remove -TERM option from killproc so we don't race on sshd restart
+
* Mon Oct 2 2006 Tomas Mraz <tmraz at redhat.com> - 4.3p2-10
- improve gssapi-no-spnego patch (#208102)
- CVE-2006-4924 - prevent DoS on deattack detector (#207957)
--- openssh-3.9p1-noinitlog.patch DELETED ---
--- openssh-3.9p1-safe-stop.patch DELETED ---
--- openssh-4.3p2-localtime.patch DELETED ---
More information about the fedora-cvs-commits
mailing list