%define cvsdate 20101119 Summary: Restricted shell for ssh based file services Name: scponly Version: 4.8 Release: 2_cvs_%{cvsdate} License: BSD Group: Applications/Internet URL: http://sublimation.org/scponly/ Source0: http://downloads.sf.net/scponly/%{name}-%{cvsdate}.tgz Patch0: %{name}-%{cvsdate}-aix.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root BuildRequires: patch, sed %description scponly is an alternative 'shell' for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution priviledges. Functionally, it is best described as a wrapper to the "tried and true" ssh suite of applications. %prep %setup -q -n %{name}-cvs-%{cvsdate} %patch0 # remove executable bit on source files chmod 0644 scponly.c scponly.h helper.c %build export CC="xlc_r" ./configure \ --prefix=%{_prefix} \ --enable-gftp-compat \ --enable-winscp-compat \ --enable-sftp-logging-compat \ --enable-scp-compat \ --enable-rsync-compat \ --enable-chrooted-binary \ --enable-svn-compat \ --enable-svnserv-compat \ --enable-passwd-compat \ --enable-quota-compat make %{?_smp_mflags} mv %{name}.8 %{name}.8.broken cp %{name}.8.alternate_manpage %{name}.8 %install [ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT} export PATH=/opt/freeware/bin:$PATH # adapt correct file paths sed -i "s|/usr/local/|%{_prefix}/|g" scponly.8* INSTALL README make install DESTDIR=${RPM_BUILD_ROOT} /usr/bin/strip ${RPM_BUILD_ROOT}%{_bindir}/* || : /usr/bin/strip ${RPM_BUILD_ROOT}%{_sbindir}/* || : ( cd ${RPM_BUILD_ROOT} for dir in bin sbin do mkdir -p usr/${dir} cd usr/${dir} ln -sf ../..%{_prefix}/${dir}/* . cd - done ) %pre # add scponly to list of login shells /usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/grep "%{_bindir}/%{name}" > /dev/null RC=$? if [ "${RC}" != "0" ]; then SHVAL=`/usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/cut -d '=' -f2` /usr/bin/chsec -f /etc/security/login.cfg -s usw -a shells="${SHVAL},%{_bindir}/%{name}" fi # add scponlyc to list of login shells /usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/grep "%{_sbindir}/%{name}c" > /dev/null RC=$? if [ "${RC}" != "0" ]; then SHVAL=`/usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/cut -d '=' -f2` /usr/bin/chsec -f /etc/security/login.cfg -s usw -a shells="${SHVAL},%{_sbindir}/%{name}c" fi %postun # remove scponly and scponlyd from list of login shells SHVAL=`/usr/bin/lssec -f /etc/security/login.cfg -s usw -a shells | /usr/bin/cut -d '=' -f2` LOGINSHELLS=`/usr/bin/echo ${SHVAL} | /usr/bin/sed 's|,| |g'` NEWSH="" for i in ${LOGINSHELLS} ; do add=`/usr/bin/echo ${i} | grep -v scponly` if [ "$?" = "0" ] ; then if [ "${NEWSH}" != "" ] ; then NEWSH=${NEWSH}"," fi NEWSH=${NEWSH}${add} fi done /usr/bin/chsec -f /etc/security/login.cfg -s usw -a shells="${NEWSH}" %clean [ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT} %files %defattr(-,root,system,-) %doc AUTHOR CHANGELOG CONTRIB COPYING INSTALL README TODO BUILDING-JAILS.TXT %doc SECURITY %dir %{_sysconfdir}/%{name} %config(noreplace) %{_sysconfdir}/%{name}/* %{_bindir}/%{name} %{_sbindir}/scponlyc %{_mandir}/man8/scponly.8 /usr/bin/%{name} /usr/sbin/scponlyc %changelog * Fri Feb 11 2011 Michael Perzl - 4.8-2_cvs_20101119 - updated to CVS version 20101119 * Fri Feb 11 2011 Michael Perzl - 4.8-1 - first version for AIX V5.1 and higher