Radix cross Linux

The main Radix cross Linux repository contains the build scripts of packages, which have the most complete and common functionality for desktop machines

383 Commits   1 Branch   1 Tag
Index: Makefile
--- Makefile	(nonexistent)
+++ Makefile	(revision 5)
@@ -0,0 +1,251 @@
+NEED_ABS_PATH      = true
+COMPONENT_IS_3PP   = true
+include ../../../build-system/constants.mk
+SOURCE_REQUIRES    = sources/packages/n/openssh
+REQUIRES           = libs/libedit/20191231-3.1
+REQUIRES          += net/tcp_wrappers/7.6
+REQUIRES          += net/openssl/1.1.1r
+REQUIRES          += net/krb5/1.19.1
+# ======= __END_OF_REQUIRES__ =======
+version            = 8.5p1
+tar_gz_archive     = $(SRC_PACKAGE_PATH)/packages/n/openssh/openssh-$(version).tar.gz
+SRC_ARCHIVE        = $(tar_gz_archive)
+SRC_DIR            = $(TARGET_BUILD_DIR)/openssh-$(version)
+src_dir_name       = openssh-$(version)
+src_done           = $(TARGET_BUILD_DIR)/.source_done
+build_dir          = $(TARGET_BUILD_DIR)/build
+build_target       = $(TARGET_BUILD_DIR)/.build_done
+install_target     = $(TARGET_BUILD_DIR)/.install_done
+sshd_init_d        = $(CURDIR)/conf/rc.d/rc.sshd
+sshd_default       = $(CURDIR)/conf/default/sshd
+sshd_pam           = $(CURDIR)/conf/pam.d/sshd
+####### Targets
+PKG_GROUP = net
+# *PKG_NAME & *PKG_VERSION shouldn't be a reference to value.
+OPENSSH_PKG_NAME                = openssh
+OPENSSH_PKG_VERSION             = 8.5p1
+OPENSSH_PKG_ARCH                = $(PKGARCH)
+OPENSSH_PKG_GROUP               = $(PKG_GROUP)
+###                              |---handy-ruler-------------------------------|
+OPENSSH_PKG_SHORT_DESCRIPTION   = Secure Shell daemon and clients
+OPENSSH_PKG_URL                 = $(BUG_URL)
+OPENSSH_PKG_LICENSE             = GPLv2
+pkg_archive      = $(TARGET_BUILD_DIR)/$(PKG_GROUP)/$(pkg_basename).$(pkg_arch_suffix)
+pkg_certificate  = $(call cert-name,$(pkg_archive))
+pkg_signature    = $(call sign-name,$(pkg_archive))
+pkg_description  = $(call desc-name,$(pkg_archive))
+products         = $(call pkg-files,$(pkg_archive))
+BUILD_TARGETS    = $(build_target)
+BUILD_TARGETS   += $(install_target)
+PRODUCT_TARGETS  = $(products)
+ROOTFS_TARGETS   = $(pkg_archive)
+include ../../../build-system/core.mk
+env_sysroot  = DESTDIR=$(OPENSSH_PKG)
+# To awoid errors when GCC options such as -Wl,-z,relro passed to LD
+# we are using GCC as linker (implemented into patch):
+# LD = $(CC_LINKER)
+extra_configure_switches  = --docdir=/usr/share/doc/$(src_dir_name)
+extra_configure_switches += --mandir=/usr/share/man
+extra_configure_switches += --sysconfdir=/etc/ssh
+extra_configure_switches += --disable-strip
+extra_configure_switches += --with-pam
+extra_configure_switches += --with-kerberos5
+extra_configure_switches += --without-rpath
+extra_configure_switches += --with-md5-passwords
+extra_configure_switches += --with-libedit
+extra_configure_switches += --with-tcp-wrappers
+extra_configure_switches += --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin
+extra_configure_switches += --with-privsep-path=/var/empty
+extra_configure_switches += --with-privsep-user=sshd
+####### Dependencies
+$(src_done): $(SRC_ARCHIVE) $(PATCHES_DEP)
+	@( cd $(SRC_DIR) ; autoreconf -vif )
+	@touch $@
+$(build_target): $(src_done)
+	@mkdir -p $(build_dir)
+	@cd $(build_dir) && $(BUILD_ENVIRONMENT) ../$(src_dir_name)/configure \
+	  --prefix=/usr               \
+	  --build=$(BUILD)            \
+	  --host=$(TARGET)            \
+	  $(extra_configure_switches)
+	@cd $(build_dir) && $(BUILD_ENVIRONMENT) $(MAKE)
+	@touch $@
+$(install_target): $(build_target)
+	@mkdir -p $(OPENSSH_PKG)/etc/{default,pam.d,rc.d}
+	@cd $(build_dir) && $(BUILD_ENVIRONMENT) $(MAKE) -j1 install $(env_sysroot)
+	@mkdir -p $(OPENSSH_PKG)/var/empty
+	@chmod 755 $(OPENSSH_PKG)/var/empty
+	@( cd $(SRC_DIR)/contrib ; \
+	   cp -a ssh-copy-id $(OPENSSH_PKG)/usr/bin/ssh-copy-id ; \
+	   chmod 755 $(OPENSSH_PKG)/usr/bin/ssh-copy-id ; \
+	   cat ssh-copy-id.1 | gzip -9c > $(OPENSSH_PKG)/usr/share/man/man1/ssh-copy-id.1.gz ; \
+	 )
+	@( cd $(OPENSSH_PKG) ; \
+	   rm -f etc/ssh/ssh_host_dsa_key     ; \
+	   rm -f etc/ssh/ssh_host_dsa_key.pub ; \
+	   rm -f etc/ssh/ssh_host_rsa_key     ; \
+	   rm -f etc/ssh/ssh_host_rsa_key.pub ; \
+	   rm -f etc/ssh/ssh_host_key         ; \
+	   rm -f etc/ssh/ssh_host_key.pub     ; \
+	   mv etc/ssh/ssh_config  etc/ssh/ssh_config.new  ; \
+	   mv etc/ssh/sshd_config etc/ssh/sshd_config.new ; \
+	 )
+	@cat $(sshd_init_d) > $(OPENSSH_PKG)/etc/rc.d/rc.sshd.new
+	@chmod 755 $(OPENSSH_PKG)/etc/rc.d/rc.sshd.new
+	@cat $(sshd_default) > $(OPENSSH_PKG)/etc/default/sshd.new
+	@chmod 644 $(OPENSSH_PKG)/etc/default/sshd.new
+	@cat $(sshd_pam) > $(OPENSSH_PKG)/etc/pam.d/sshd.new
+	@chmod 644 $(OPENSSH_PKG)/etc/pam.d/sshd.new
+	# ======= Install Documentation =======
+	@if [ -d $(OPENSSH_PKG)/usr/share/man ]; then \
+	  ( cd $(OPENSSH_PKG)/usr/share/man ; \
+	    for manpagedir in `find . -type d -name "man*"` ; do \
+	      ( cd $$manpagedir ; \
+	        for eachpage in `find . -type l -maxdepth 1` ; do \
+	          ln -s `readlink $$eachpage`.gz $$eachpage.gz ; \
+	          rm $$eachpage ; \
+	        done ; \
+	        gzip -9 *.?  ; \
+	      ) \
+	    done \
+	  ) \
+	 fi
+	@mkdir -p $(OPENSSH_PKG)/usr/doc/$(src_dir_name)
+	       $(OPENSSH_PKG)/usr/doc/$(src_dir_name)
+	@mkdir -p $(OPENSSH_PKG)/usr/share/doc/$(src_dir_name)
+	@( cd $(SRC_DIR) ; \
+	         $(OPENSSH_PKG)/usr/share/doc/$(src_dir_name) ; \
+	 )
+	@( cd $(SRC_DIR) ; \
+	   if [ -r ChangeLog ]; then \
+	     DOCSDIR=`echo $(OPENSSH_PKG)/usr/share/doc/$(src_dir_name)` ; \
+	     cat ChangeLog | head -n 1000 > $$DOCSDIR/ChangeLog ; \
+	     touch -r ChangeLog $$DOCSDIR/ChangeLog ; \
+	   fi \
+	 )
+	# ======= Install the same to $(TARGET_DEST_DIR) =======
+	$(call install-into-devenv, $(OPENSSH_PKG))
+	# ======= Strip binaries =======
+	@( cd $(OPENSSH_PKG) ; \
+	   find . | xargs file | grep -e "executable" -e "shared object" | grep ELF | cut -f 1 -d : | xargs $(STRIP) --strip-unneeded 2> /dev/null ; \
+	 )
+	@touch $@
+	@cat $< | $(SED) -e "s/@VERSION@/$(version)/g" > $@
+$(pkg_certificate) : $(pkg_archive) ;
+$(pkg_signature)   : $(pkg_archive) ;
+$(pkg_description) : $(pkg_archive) ;
+$(pkg_archive): $(install_target) $(OPENSSH_PKG_DESCRIPTION_FILE) $(OPENSSH_PKG_INSTALL_SCRIPT)
+	@echo "pkgname=$(OPENSSH_PKG_NAME)"                            >  $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "pkgver=$(OPENSSH_PKG_VERSION)"                          >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "arch=$(OPENSSH_PKG_ARCH)"                               >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "distroname=$(OPENSSH_PKG_DISTRO_NAME)"                  >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "distrover=$(OPENSSH_PKG_DISTRO_VERSION)"                >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "group=$(OPENSSH_PKG_GROUP)"                             >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "short_description=\"$(OPENSSH_PKG_SHORT_DESCRIPTION)\"" >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "url=$(OPENSSH_PKG_URL)"                                 >> $(OPENSSH_PKG)/.PKGINFO ; \
+	 echo "license=$(OPENSSH_PKG_LICENSE)"                         >> $(OPENSSH_PKG)/.PKGINFO
+	@$(PSEUDO) sh -c "cd $(OPENSSH_PKG) && \
+	                  chown -R root:root . && \
+	                  $(MAKE_PACKAGE) -J --linkadd=yes $(GNUPG_OPTIONS) -m -d .. ."
--- PATCHES	(nonexistent)
+++ PATCHES	(revision 5)
@@ -0,0 +1,4 @@
+../../../sources/packages/n/openssh/patches/openssh-8.5p1-cross.patch        -p0
+../../../sources/packages/n/openssh/patches/openssh-8.5p1-tcp_wrappers.patch -p0
+../../../sources/packages/n/openssh/patches/openssh-8.5p1-config-pam.patch   -p0
Index: conf/default/sshd
--- conf/default/sshd	(nonexistent)
+++ conf/default/sshd	(revision 5)
@@ -0,0 +1,10 @@
+# Optional arguments to start sshd with.
+# Note that using the -p flag causes any Port directives 
+# in sshd_config(5) to be ignored.
+# If you want to run sshd on non-standard port(s), use:
+#SSHD_OPTS="-p 12345 -p 6789"
+# If you want to use non-standard sshd_config, use:
+#SSHD_OPTS="-f /some/other/sshd_config"
Index: conf/default
--- conf/default	(nonexistent)
+++ conf/default	(revision 5)

Property changes on: conf/default
Added: svn:ignore
## -0,0 +1,73 ##
+# install dir
+# Target build dirs
+# Hidden files (each file)
+# src & hw requires
+# Tarballs
+# Signatures
+# Patches
+# Descriptions
+# Default linux config files
+# backup copies
Index: conf/pam.d/sshd
--- conf/pam.d/sshd	(nonexistent)
+++ conf/pam.d/sshd	(revision 5)
@@ -0,0 +1,22 @@
+# pam_securetty.so is commented out since sshd already does a good job of
+# protecting itself. You may uncomment it if you like, but then you may
+# need to add additional consoles to /etc/securetty if you want to allow
+# root logins on them, such as: ssh, pts/0, :0, etc
+#auth            required        pam_securetty.so
+# When using pam_faillock, print a message to the user if the account is
+# locked. This lets the user know what is going on, but it also potentially
+# gives additional information to attackers:
+#auth            requisite       pam_faillock.so preauth
+auth            include         system-auth
+# To set a limit on failed authentications, the pam_faillock module
+# can be enabled. See pam_faillock(8) for more information.
+#auth            [default=die]   pam_faillock.so authfail
+#auth            sufficient      pam_faillock.so authsucc
+auth            include         postlogin
+account         required        pam_nologin.so
+account         include         system-auth
+password        include         system-auth
+session         include         system-auth
+session         include         postlogin
+session         required        pam_loginuid.so
Index: conf/pam.d
--- conf/pam.d	(nonexistent)
+++ conf/pam.d	(revision 5)

Property changes on: conf/pam.d
Added: svn:ignore
## -0,0 +1,73 ##
+# install dir
+# Target build dirs
+# Hidden files (each file)
+# src & hw requires
+# Tarballs
+# Signatures
+# Patches
+# Descriptions
+# Default linux config files
+# backup copies
Index: conf/rc.d/rc.sshd
--- conf/rc.d/rc.sshd	(nonexistent)
+++ conf/rc.d/rc.sshd	(revision 5)
@@ -0,0 +1,63 @@
+# Start/stop/restart the secure shell server:
+# Source options
+if [ -r /etc/default/sshd ]; then
+  . /etc/default/sshd
+sshd_start() {
+  # Create host keys if needed.
+  if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
+    /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
+  fi
+  if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
+    /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
+  fi
+  if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then
+    /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N ''
+  fi
+  if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then
+    /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ''
+  fi
+  # Catch any new host key types not yet created above:
+  /usr/bin/ssh-keygen -A
+  # Start the sshd daemon:
+  /usr/sbin/sshd $SSHD_OPTS
+sshd_stop() {
+  killall sshd
+sshd_restart() {
+  if [ -r /var/run/sshd.pid ]; then
+    echo "WARNING: killing listener process only.  To kill every sshd process, you must"
+    echo "         use 'rc.sshd stop'.  'rc.sshd restart' kills only the parent sshd to"
+    echo "         allow an admin logged in through sshd to use 'rc.sshd restart' without"
+    echo "         being cut off.  If sshd has been upgraded, new connections will now"
+    echo "         use the new version, which should be a safe enough approach."
+    kill `cat /var/run/sshd.pid`
+  else
+    echo "WARNING: There does not appear to be a parent instance of sshd running."
+    echo "         If you really want to kill all running instances of sshd (including"
+    echo "         any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead."
+    exit 1
+  fi
+  sleep 1
+  sshd_start
+case "$1" in
+  sshd_start
+  ;;
+  sshd_stop
+  ;;
+  sshd_restart
+  ;;
+  echo "usage $0 start|stop|restart"
Index: conf/rc.d
--- conf/rc.d	(nonexistent)
+++ conf/rc.d	(revision 5)

Property changes on: conf/rc.d
Added: svn:ignore
## -0,0 +1,73 ##
+# install dir
+# Target build dirs
+# Hidden files (each file)
+# src & hw requires
+# Tarballs
+# Signatures
+# Patches
+# Descriptions
+# Default linux config files
+# backup copies
Index: conf
--- conf	(nonexistent)
+++ conf	(revision 5)

Property changes on: conf
Added: svn:ignore
## -0,0 +1,73 ##
+# install dir
+# Target build dirs
+# Hidden files (each file)
+# src & hw requires
+# Tarballs
+# Signatures
+# Patches
+# Descriptions
+# Default linux config files
+# backup copies
Index: openssh-pkg-description.in
--- openssh-pkg-description.in	(nonexistent)
+++ openssh-pkg-description.in	(revision 5)
@@ -0,0 +1,19 @@
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in.  You must
+# make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':'.
+       |-----handy-ruler------------------------------------------------------|
+openssh: openssh @VERSION@ (Secure Shell daemon and clients)
+openssh: ssh (Secure Shell) is a program for logging into a remote machine
+openssh: and for executing commands on a remote machine. It is intended to
+openssh: replace rlogin and rsh, and provide secure encrypted communications
+openssh: between two untrusted hosts over an insecure network.
+openssh: sshd (SSH Daemon) is the daemon program for ssh. OpenSSH is based
+openssh: on the last free version of Tatu Ylonen's SSH, further enhanced and
+openssh: cleaned up by Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
+openssh: Theo de Raadt, and Dug Song. Homepage: http://www.openssh.com/
Index: openssh-pkg-install.sh
--- openssh-pkg-install.sh	(nonexistent)
+++ openssh-pkg-install.sh	(revision 5)
@@ -0,0 +1,92 @@
+# Preserve new files
+install_file() {
+  NEW="$1"
+  OLD="`dirname $NEW`/`basename $NEW .new`"
+  # If there's no file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+preserve_perms() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  if [ -e $OLD ]; then
+    cp -a $OLD ${NEW}.incoming
+    cat $NEW > ${NEW}.incoming
+    touch -r $NEW ${NEW}.incoming
+    mv ${NEW}.incoming $NEW
+  fi
+  install_file $NEW
+# arg 1:  the new package version
+pre_install() {
+  /bin/true
+# arg 1:  the new package version
+post_install() {
+  if [ -r etc/pam.d/sshd.new ]; then
+    install_file etc/pam.d/sshd.new
+  fi
+  install_file etc/default/sshd.new
+  install_file etc/ssh/ssh_config.new
+  install_file etc/ssh/sshd_config.new
+  preserve_perms etc/rc.d/rc.sshd.new
+  if [ -e etc/rc.d/rc.sshd.new ]; then
+    mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd
+  fi
+  # If the sshd user/group/shadow don't exist, add them:
+  if ! grep -q "^sshd:" etc/passwd -o ! -r etc/passwd ; then
+    echo "sshd:x:33:33:sshd:/:" >> etc/passwd
+  fi
+  if ! grep -q "^sshd:" etc/group -o ! -r etc/group ; then
+    echo "sshd::33:sshd" >> etc/group
+  fi
+  if ! grep -q "^sshd:" etc/shadow -o ! -r etc/shadow ; then
+    echo "sshd:*:9797:0:::::" >> etc/shadow
+  fi
+  # Add a btmp file to store login failure if one doesn't exist:
+  if [ ! -r var/log/btmp ]; then
+    ( cd var/log ; umask 077 ; touch btmp )
+  fi
+# arg 1:  the new package version
+# arg 2:  the old package version
+pre_update() {
+  /bin/true
+# arg 1:  the new package version
+# arg 2:  the old package version
+post_update() {
+  post_install
+# arg 1:  the old package version
+pre_remove() {
+  /bin/true
+# arg 1:  the old package version
+post_remove() {
+  /bin/true
+$operation $*

Property changes on: openssh-pkg-install.sh
Added: svn:executable
## -0,0 +1 ##
\ No newline at end of property
Index: .
--- .	(nonexistent)
+++ .	(revision 5)

Property changes on: .
Added: svn:ignore
## -0,0 +1,73 ##
+# install dir
+# Target build dirs
+# Hidden files (each file)
+# src & hw requires
+# Tarballs
+# Signatures
+# Patches
+# Descriptions
+# Default linux config files
+# backup copies