Merging upstream version 20250626.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-26 09:42:01 +02:00 · 2025-06-26 09:42:01 +02:00 · e1ee4f2143
commit e1ee4f2143
parent e69839724a
8 changed files with 84 additions and 133 deletions
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@ -1,3 +1,11 @@
+2025-06-26	Daniel Baumann <daniel.baumann@open-infrastructure.net>
+
+	* Releasing version 20250626.
+
+	[ Daniel Baumann ]
+	* Removing included generated manpage.
+	* Renaming ssh-authorizedkeys-command to ssh-pubkey.
+
 2025-06-25	Daniel Baumann <daniel.baumann@open-infrastructure.net>

 	* Releasing version 20250625.
--- a/VERSION.txt
+++ b/VERSION.txt
@ -1 +1 @@
-20250625
+20250626
--- a/linux/Makefile
+++ b/linux/Makefile
@ -101,6 +101,7 @@ uninstall:
 	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR) || true

 clean:
+	$(MAKE) -C share/man clean

 distclean:

--- a/openssh/Makefile
+++ b/openssh/Makefile
@ -19,7 +19,7 @@

 SHELL := sh -e

-SCRIPTS = bin/*
+SCRIPTS = share/bin/*

 all: build

@ -62,8 +62,8 @@ build: share/man/*.rst
 	$(MAKE) -C share/man

 install: build
-	mkdir -p $(DESTDIR)/usr/bin
-	cp -r bin/* $(DESTDIR)/usr/bin
+	mkdir -p $(DESTDIR)/usr/share/openssh-tools
+	cp -r share/bin $(DESTDIR)/usr/share/openssh-tools

 	mkdir -p $(DESTDIR)/etc/ssh/sshd_config.d
 	cp -r share/openssh-server/* $(DESTDIR)/etc/ssh/sshd_config.d
@ -93,15 +93,13 @@ uninstall:
 	done
 	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/etc/ssh/sshd_config.d || true

-	for FILE in bin/*; \
-	do \
-		rm -f $(DESTDIR)/usr/bin/$$(basename $${FILE}); \
-	done
-	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/bin || true
+	rm -f $(DESTDIR)/usr/share/openssh-tools
+	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR)/usr/share/openssh-tools || true

 	rmdir --ignore-fail-on-non-empty --parents $(DESTDIR) || true

 clean:
+	$(MAKE) -C share/man clean

 distclean:

--- a/openssh/bin/ssh-authorizedkeys-command
+++ b/openssh/bin/ssh-authorizedkeys-command
@ -19,4 +19,59 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.

-exit 0
+PROGRAM="$(basename ${0})"
+
+Parameters ()
+{
+	GETOPT_LONGOPTIONS="name:,"
+	GETOPT_OPTIONS="n:,"
+
+	PARAMETERS="$(getopt --longoptions ${GETOPT_LONGOPTIONS} --name=${PROGRAM} --options ${GETOPT_OPTIONS} --shell sh -- ${@})"
+
+	if [ "${?}" != "0" ]
+	then
+		echo "'${PROGRAM}': getopt exit" >&2
+		exit 1
+	fi
+
+	eval set -- "${PARAMETERS}"
+
+	while true
+	do
+		case "${1}" in
+			-h|--help)
+				Usage
+				exit 0
+				;;
+
+			--)
+				shift 1
+				break
+				;;
+
+			*)
+				echo "'${PROGRAM}': getopt error" >&2
+				exit 1
+				;;
+		esac
+	done
+}
+
+Usage ()
+{
+	echo "Usage: ${PROGRAM} USER" >&2
+	echo "Usage: ${PROGRAM} -h|--help" >&2
+	echo
+	echo "See ${PROGRAM}(1) for more information."
+
+	exit 1
+}
+
+Parameters "${@}"
+
+if [ -z "${1}" ]
+then
+	Usage
+fi
+
+# Run
--- a/openssh/share/man/ssh-authorizedkeys-command.1
+++ b/openssh/share/man/ssh-authorizedkeys-command.1
@ -1,114 +0,0 @@
-.\" Open Infrastructure: service-tools
-.\"
-.\" Copyright (C) 2014-2025 Daniel Baumann <daniel.baumann@open-infrastructure.net>
-.\"
-.\" SPDX-License-Identifier: GPL-3.0+
-.\"
-.\" This program is free software: you can redistribute it and/or modify
-.\" it under the terms of the GNU General Public License as published by
-.\" the Free Software Foundation, either version 3 of the License, or
-.\" (at your option) any later version.
-.\"
-.\" This program is distributed in the hope that it will be useful,
-.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
-.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-.\" GNU General Public License for more details.
-.\"
-.\" You should have received a copy of the GNU General Public License
-.\" along with this program.  If not, see <https://www.gnu.org/licenses/>.
-.\"
-.
-.
-.nr rst2man-indent-level 0
-.
-.de1 rstReportMargin
-\\$1 \\n[an-margin]
-level \\n[rst2man-indent-level]
-level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
-\\n[rst2man-indent0]
-\\n[rst2man-indent1]
-\\n[rst2man-indent2]
-..
-.de1 INDENT
-.\" .rstReportMargin pre:
-. RS \\$1
-. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
-. nr rst2man-indent-level +1
-.\" .rstReportMargin post:
-..
-.de UNINDENT
-. RE
-.\" indent \\n[an-margin]
-.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
-.nr rst2man-indent-level -1
-.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
-.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
-..
-.TH "SSH-AUTHORIZEDKEYS-COMMAND" "1"  service-tools "Open Infrastructure"
-.SH NAME
-ssh-authorizedkeys-command \- meta-command to get a users public key for authentication with openssh-server
-.SH SYNOPSIS
-.nf
-\fBssh\-authorizedkeys\-command\fP USER
-.fi
-.sp
-.SH DESCRIPTION
-.sp
-\fBssh\-authorizedkeys\-command\fP executes the user configured command in /etc/default/ssh\-authorizedkeys\-command.
-.sp
-The configured command in /etc/default/ssh\-authorizedkeys\-command can be manually edited, by calling \fBdpkg\-reconfigure open\-infrastructure\-openssh\-tools\fP (if available), or by editing /etc/default/ssh\-authorizedkeys\-command directly.
-.sp
-The configured command can use first argument given to ssh\-authorizedkeys\-command which is the user that the login is performed for by openssh. The command needs to return a valid public key (e.g. \(aqssh\-ed22519 [...]\(aq) which then gets used by openssh.
-.SH EXAMPLE
-.sp
-When using LDAP with the \fBsshPublicKey\fP attribute, a valid command could look like this:
-.INDENT 0.0
-.INDENT 3.5
-.nf
-
-$(ldapsearch \-LLL \-x \-o ldif\-wrap=no \-H ldaps://ldap.example.org:636 \-b dc=example uid=\(dq${1}\(dq \(aqsshPublicKey\(aq | 
-.in +2
-awk \(aq/^sshPublicKey: / { print $2, $3 }\(aq)
-
-.in -2
-.fi
-.sp
-.UNINDENT
-.UNINDENT
-.SH FILES
-.sp
-The following files are used:
-.INDENT 0.0
-.TP
-.B /etc/ssh/sshd_config.d/ssh\-authorizedkeys\-command:
-openssh\-server configuration to enable ssh\-authorizedkeys\-command.
-.TP
-.B /etc/default/ssh\-authorizedkeys\-command
-configuration file that contains the user configured command to be executed.
-.TP
-.B /usr/bin/ssh\-authorizedkeys\-command:
-script that executes the user configured command to return the users public keys.
-.UNINDENT
-.SH SEE ALSO
-.nf
-sshd_config(5)
-.fi
-.sp
-.SH HOMEPAGE
-.sp
-More information about service\-tools and the Open Infrastructure project can be
-found on the homepage ( <https://open\-infrastructure.net> ).
-.SH CONTACT
-.sp
-Bug reports, feature requests, help, patches, support and everything else are
-welcome on the Open Infrastructure Software Mailing List
-< <software@lists.open\-infrastructure.net> >.
-.sp
-Debian specific bugs can also be reported in the Debian Bug Tracking System
-( <https://bugs.debian.org> ).
-.SH AUTHORS
-.sp
-service\-tools were written by Daniel Baumann
-< <daniel.baumann@open\-infrastructure.net> > and others.
-.
--- a/openssh/share/man/ssh-authorizedkeys-command.1.rst
+++ b/openssh/share/man/ssh-authorizedkeys-command.1.rst
@ -17,9 +17,9 @@
 .. You should have received a copy of the GNU General Public License
 .. along with this program.  If not, see <https://www.gnu.org/licenses/>.

-==========================
-ssh-authorizedkeys-command
-==========================
+==========
+ssh-pubkey
+==========

 -----------------------------------------------------------------------------
 meta-command to get a users public key for authentication with openssh-server
@ -31,16 +31,16 @@ meta-command to get a users public key for authentication with openssh-server
 Synopsis
 ========

-| **ssh-authorizedkeys-command** USER
+| **ssh-pubkey** USER

 Description
 ===========

-**ssh-authorizedkeys-command** executes the user configured command in /etc/default/ssh-authorizedkeys-command.
+**ssh-pubkey** executes a command to show the public key of a user.

-The configured command in set by calling ``dpkg-reconfigure open-infrastructure-openssh-tools`` (if available), or by editing /etc/default/ssh-authorizedkeys-command directly.
+The configured command in set by calling ``dpkg-reconfigure open-infrastructure-openssh-tools`` (if available), or by editing /usr/bin/ssh-pubkey directly.

-The configured command can use first argument given to ssh-authorizedkeys-command which is the user that the login is performed for by openssh. The command needs to return a valid public key (e.g. 'ssh-ed22519 [...]') which then gets used by openssh.
+The configured command can use first argument given to ssh-pubkey which is the user that the login is performed for by openssh. The command needs to return a valid public key (e.g. 'ssh-ed22519 [...]') which then gets used by openssh.

 Example
 =======
@ -60,9 +60,12 @@ The following files are used:
 /etc/ssh/sshd_config.d/ssh-authorizedkeys-command:
  openssh-server configuration to enable ssh-authorizedkeys-command.

-/usr/bin/ssh-authorizedkeys-command:
+/usr/bin/ssh-pubkey:
  script that executes the user configured command to return the users public keys.

+/usr/share/openssh-tools/bin/ssh-pubkey.in:
+  stup of the script that is combined with the user supplied command to /usr/bin/ssh-pubkey.
+
 See also
 ========

--- a/openssh/share/openssh-server/authorizedkeys-command.conf
+++ b/openssh/share/openssh-server/authorizedkeys-command.conf
@ -1,4 +1,4 @@
 # /etc/ssh/sshd_config.d/authorizedkeys-command.conf

-AuthorizedKeysCommand /usr/bin/ssh-authorizedkeys-command
+AuthorizedKeysCommand /usr/bin/ssh-pubkey
 AuthorizedKeysCommandUser nobody