Summary: Restricted shell for ssh based file services Name: scponly Version: 4.8 Release: 1 License: BSD Group: Applications/Internet URL: http://sublimation.org/scponly/ Source0: http://downloads.sf.net/scponly/%{name}-%{version}.tgz Patch0: %{name}-%{version}-elif-gcc44.patch Patch1: %{name}-%{version}-aix.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root BuildRequires: patch, sed %description scponly is an alternative 'shell' for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications. %prep %setup -q export PATH=/opt/freeware/bin:$PATH %patch0 -p1 %patch1 # remove executable bit on source files chmod 0644 scponly.c scponly.h helper.c %build export CC="xlc_r" ./configure \ --prefix=%{_prefix} \ --enable-gftp-compat \ --enable-winscp-compat \ --enable-sftp-logging-compat \ --enable-scp-compat \ --enable-rsync-compat \ --enable-chrooted-binary \ --enable-svn-compat \ --enable-svnserv-compat \ --enable-passwd-compat \ --enable-quota-compat make %{?_smp_mflags} mv %{name}.8 %{name}.8.broken cp %{name}.8.alternate_manpage %{name}.8 %install [ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT} export PATH=/opt/freeware/bin:$PATH # adapt correct file paths sed -i "s|/usr/local/|%{_prefix}/|g" scponly.8* INSTALL README make install DESTDIR=${RPM_BUILD_ROOT} /usr/bin/strip ${RPM_BUILD_ROOT}%{_bindir}/* || : /usr/bin/strip ${RPM_BUILD_ROOT}%{_sbindir}/* || : ( cd ${RPM_BUILD_ROOT} for dir in bin sbin do mkdir -p usr/${dir} cd usr/${dir} ln -sf ../..%{_prefix}/${dir}/* . cd - done ) %pre # add scponly to list of login shells /usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/grep "%{_bindir}/%{name}" > /dev/null RC=$? if [ "${RC}" != "0" ]; then SHVAL=`/usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/cut -d '=' -f2` /usr/bin/chsec -f /etc/security/login.cfg -s usw -a shells="${SHVAL},%{_bindir}/%{name}" fi # add scponlyc to list of login shells /usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/grep "%{_sbindir}/%{name}c" > /dev/null RC=$? if [ "${RC}" != "0" ]; then SHVAL=`/usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/cut -d '=' -f2` /usr/bin/chsec -f /etc/security/login.cfg -s usw -a shells="${SHVAL},%{_sbindir}/%{name}c" fi %postun # remove scponly and scponlyd from list of login shells SHVAL=`/usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/cut -d '=' -f2` LOGINSHELLS=`/usr/bin/echo ${SHVAL} | /usr/bin/sed 's|,| |g'` NEWSH="" for i in ${LOGINSHELLS} ; do add=`/usr/bin/echo ${i} | grep -v scponly` if [ "$?" = "0" ] ; then if [ "${NEWSH}" != "" ] ; then NEWSH=${NEWSH}"," fi NEWSH=${NEWSH}${add} fi done /usr/bin/chsec -f /etc/security/login.cfg -s usw -a shells="${NEWSH}" %clean [ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT} %files %defattr(-,root,system,-) %doc AUTHOR CHANGELOG CONTRIB COPYING INSTALL README TODO BUILDING-JAILS.TXT %doc SECURITY %dir %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/%{name}/* %{_bindir}/%{name} %{_sbindir}/scponlyc %{_mandir}/man8/scponly.8 /usr/bin/%{name} /usr/sbin/scponlyc %changelog * Mon Jan 10 2011 Michael Perzl - 4.8-1 - first version for AIX V5.1 and higher