We are heading into a lock here. So we need to get people to test their respective platforms if they wish them to be supported out of the tar file. So if you have any patches you need to ensure your platform works speak up. We are looking at a lock on the 17th. I believe I have an AIX/Cray patch and a Tru64 patch sitting in my mailbox that I'll be looking at soon and more than likely commiting. I have no clue what else is in my 400+ worth of email.=) I know NeXT platform is broken. Again, I make a call out to people left in the NeXT community. If you want it working before 3.6 submit your patches ASAP. If I hear no word I'll suggest it be phased out after this release. I'd like to see more tinderbox setups (Darren, I'll be talking to you in private, but I have a Sol9 box I'd like to add to the list soon). It would help to know where we stand for broken platforms. For those new to this process asking themselves, "Where do I find these test version?" http://www.openssh.com/portable.html#mirrors Pick your closest FTP site and go to 'snapshot/' Or for CVS people: export CVSROOT=openssh at anoncvs.be.openbsd.org:/cvs export CVS_RSH=/usr/bin/ssh cvs get openssh - Ben
On Thu, 6 Mar 2003, Ben Lindstrom wrote:> I'd like to see more tinderbox setups (Darren, I'll be talking to you in > private, but I have a Sol9 box I'd like to add to the list soon). It > would help to know where we stand for broken platforms.UnixWare and SCO are broken. I guess I'd better whip up a nanosleep() replacement. -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
Hi All. Ben Lindstrom wrote:> So if you have any patches you need to ensure your platform works speak > up. We are looking at a lock on the 17th.The attached patch updates the AIX package builder in contrib/aix. The patch has been on my page (minus the typo fixes) for a while and I've been using it here so it's relatively well tested. The changes relative to 3.5p1 are: * Adds optional SRC support, based on examples provided by Sandor Sklar and Maarten Kreuger. * Creates size lpp control file: installp should now expand filesystems if required. * Writes ssh entry in /etc/rc.tcpip to match system-provided services. * Ensure correct permissions on new /etc/rc.tcpip * Update readme & fix typos Please review and apply if OK. -- Darren Tucker (dtucker at zip.com.au) GPG Fingerprint D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. -------------- next part -------------- ? config.local Index: contrib/aix/README ==================================================================RCS file: /cvs/openssh/contrib/aix/README,v retrieving revision 1.2 diff -u -r1.2 README --- contrib/aix/README 25 Jun 2002 23:38:48 -0000 1.2 +++ contrib/aix/README 7 Mar 2003 06:14:00 -0000 @@ -6,9 +6,15 @@ Directions: +(optional) create config.local in your build dir ./configure [options] -cd contrib/aix; ./buildbff.sh +contrib/aix/buildbff.sh +The file config.local or the environment is read to set the following options +(default first): +PERMIT_ROOT_LOGIN=[no|yes] +X11_FORWARDING=[no|yes] +AIX_SRC=[no|yes] Acknowledgements: @@ -19,6 +25,8 @@ and for comparison with the output from this script, however no code from lppbuild is included and it is not required for operation. +SRC support based on examples provided by Sandor Sklar and Maarten Kreuger. + Other notes: @@ -26,8 +34,7 @@ appropriate). It seems to work, though...... If there are any patches to this that have not yet been integrated they -may be found at http://www.zip.com.au/~dtucker/openssh/ or -http://home.usf.advantra.com.au/~dtucker/openssh/. +may be found at http://www.zip.com.au/~dtucker/openssh/. Disclaimer: Index: contrib/aix/buildbff.sh ==================================================================RCS file: /cvs/openssh/contrib/aix/buildbff.sh,v retrieving revision 1.4 diff -u -r1.4 buildbff.sh --- contrib/aix/buildbff.sh 18 Jul 2002 01:04:51 -0000 1.4 +++ contrib/aix/buildbff.sh 7 Mar 2003 06:14:00 -0000 @@ -11,10 +11,12 @@ # # Tunable configuration settings -# create a "config.local" in your build directory to override these. +# create a "config.local" in your build directory or set +# environment variables to override these. # -PERMIT_ROOT_LOGIN=no -X11_FORWARDING=no +[ -z "$PERMIT_ROOT_LOGIN" ] || PERMIT_ROOT_LOGIN=no +[ -z "$X11_FORWARDING" ] || X11_FORWARDING=no +[ -z "$AIX_SRC" ] || AIX_SRC=no umask 022 @@ -167,6 +169,18 @@ EOD # +# openssh.size file allows filesystem expansion as required +# generate list of directories containing files +# then calculate disk usage for each directory and store in openssh.size +# +files=`find . -type f -print` +dirs=`for file in $files; do dirname $file; done | sort -u` +for dir in $dirs +do + du $dir +done > ../openssh.size + +# # Create postinstall script # cat <<EOF >>../openssh.post_i @@ -245,14 +259,42 @@ fi echo -# Add to system startup if required -if grep $sbindir/sshd /etc/rc.tcpip >/dev/null +# Set startup command depending on SRC support +if [ "$AIX_SRC" = "yes" ] then - echo "sshd found in rc.tcpip, not adding." + echo Creating SRC sshd subsystem. + rmssys -s sshd 2>&1 >/dev/null + mkssys -s sshd -p "$sbindir/sshd" -a '-D' -u 0 -S -n 15 -f 9 -R -G tcpip + startupcmd="start $sbindir/sshd \\\"\\\$src_running\\\"" + oldstartcmd="$sbindir/sshd" else - echo >>/etc/rc.tcpip - echo "echo Starting sshd" >>/etc/rc.tcpip - echo "$sbindir/sshd" >>/etc/rc.tcpip + startupcmd="$sbindir/sshd" + oldstartcmd="start $sbindir/sshd \\\"$src_running\\\"" +fi + +# If migrating to or from SRC, change previous startup command +# otherwise add to rc.tcpip +if egrep "^\$oldstartcmd" /etc/rc.tcpip >/dev/null +then + if sed "s|^\$oldstartcmd|\$startupcmd|g" /etc/rc.tcpip >/etc/rc.tcpip.new + then + chmod 0755 /etc/rc.tcpip.new + mv /etc/rc.tcpip /etc/rc.tcpip.old && \ + mv /etc/rc.tcpip.new /etc/rc.tcpip + else + echo "Updating /etc/rc.tcpip failed, please check." + fi +else + # Add to system startup if required + if grep "^\$startupcmd" /etc/rc.tcpip >/dev/null + then + echo "sshd found in rc.tcpip, not adding." + else + echo "Adding sshd to rc.tcpip" + echo >>/etc/rc.tcpip + echo "# Start sshd" >>/etc/rc.tcpip + echo "\$startupcmd" >>/etc/rc.tcpip + fi fi EOF @@ -262,7 +304,7 @@ echo Creating liblpp.a ( cd .. - for i in openssh.al openssh.copyright openssh.inventory openssh.post_i LICENCE README* + for i in openssh.al openssh.copyright openssh.inventory openssh.post_i openssh.size LICENCE README* do ar -r liblpp.a $i rm $i Index: contrib/aix/inventory.sh ==================================================================RCS file: /cvs/openssh/contrib/aix/inventory.sh,v retrieving revision 1.2 diff -u -r1.2 inventory.sh --- contrib/aix/inventory.sh 17 Mar 2002 22:05:25 -0000 1.2 +++ contrib/aix/inventory.sh 7 Mar 2003 06:14:00 -0000 @@ -2,9 +2,9 @@ # # inventory.sh # -# Originall written by Ben Lindstrom, modified by Darren Tucker to use perl +# Originally written by Ben Lindstrom, modified by Darren Tucker to use perl # -# This will produced and AIX package inventory file, which looks like: +# This will produce an AIX package inventory file, which looks like: # # /usr/local/bin: # class=apply,inventory,openssh
Hi again. Ben Lindstrom wrote:> So if you have any patches you need to ensure your platform works speak > up. We are looking at a lock on the 17th.There's a couple of patches in Bugzilla that relate to my pet project: Bugzilla Bug 14: Can't change expired /etc/shadow password without PAM http://bugzilla.mindrot.org/attachment.cgi?id=240&action=view Bugzilla Bug 463: PrintLastLog doesn't work in privsep mode http://bugzilla.mindrot.org/attachment.cgi?id=235&action=view There is some overlap between the two patches and they're out of sync with each other. Can I please get someone to review these and let me know if they're suitable for inclusion in 3.6p1? The expiry patches have been pretty heavily tested (nearly 800 downloads of the patch). I've had about a dozen reports of problems, all of which have been resolved (mostly configuring with pam when it wasn't supported, a couple of genuine problems and a couple of cases of pilot error). If they are likely to go in, please let me know what you'd like done with them (eg, merge them into a single patch or make 2 "stacked" patches to be applied sequentially, and particularly what if anything should be done with the interaction with do_pam_chauthtok). -- Darren Tucker (dtucker at zip.com.au) GPG Fingerprint D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
sorry to take so long with the testing. 3.6 version works great on crays using the 0315 snapshot, with tim's nanosleep replacement patch and the 3 cray patches i sent in yesterday. thanks, wendy Ben Lindstrom wrote:> We are heading into a lock here. So we need to get people to test their > respective platforms if they wish them to be supported out of the tar file. > > So if you have any patches you need to ensure your platform works speak > up. We are looking at a lock on the 17th. > > I believe I have an AIX/Cray patch and a Tru64 patch sitting in my mailbox > that I'll be looking at soon and more than likely commiting. I have no > clue what else is in my 400+ worth of email.=) > > I know NeXT platform is broken. Again, I make a call out to people left > in the NeXT community. If you want it working before 3.6 submit your > patches ASAP. If I hear no word I'll suggest it be phased out after this > release. > > I'd like to see more tinderbox setups (Darren, I'll be talking to you in > private, but I have a Sol9 box I'd like to add to the list soon). It > would help to know where we stand for broken platforms. > > For those new to this process asking themselves, "Where do I find these > test version?" > > http://www.openssh.com/portable.html#mirrors > > Pick your closest FTP site and go to 'snapshot/' > > Or for CVS people: > > export CVSROOT=openssh at anoncvs.be.openbsd.org:/cvs > export CVS_RSH=/usr/bin/ssh > cvs get openssh > > - Ben > > > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev >-- wendy palm Cray OS Sustaining Engineering, Cray Inc. wendyp at cray.com, 651-605-9154
Tested Platform: Apple OS 10.2.x configure: passed make: passed regress: passed configure options: --with-pam working on getting patches together for --with-kerberos5 Dave -- David M. Williams, CISSP Phone: 505-665-8062 Systems Engineer, CCN-2 Fax: 505-667-7428 Los Alamos National Laboratory Email: d_wllms at lanl.gov
I forgot to add a few caveats for OS X: 1. See Bug #504 for OpenSSL header problem 2. 10.2.[1.2.3] require edits to /usr/include/zconf.h. remove reference to TARGET_OS_MAC. BTW: Library/header version mismatches will continue to be a problem with OSX as the stated policy from Apple is, and I quote: Thank you for bringing this problem to our attention. We have received feedback from engineering on your reported issue. Please know that we do not ship headers with Mac OS X Updates. To quote Markus, "Thank you Steven Jobs, thank you" Dave David M. Williams wrote:> Tested Platform: Apple OS 10.2.x > > configure: passed > make: passed > regress: passed > > configure options: --with-pam > > working on getting patches together for --with-kerberos5 > > Dave >-- David M. Williams, CISSP Phone: 505-665-8062 Systems Engineer, CCN-2 Fax: 505-667-7428 Los Alamos National Laboratory Email: d_wllms at lanl.gov