openssh-server 6.0p1-2 support PAM

6 files changed, 29 insertions, 4 deletions

diff --git a/openssh-server/.footprint.i686 b/openssh-server/.footprint.i686
index 1d385f15e..089007027 100644
--- a/openssh-server/.footprint.i686
+++ b/openssh-server/.footprint.i686
@@ -1,4 +1,6 @@
 drwxr-xr-x	root/root	etc/
+drwxr-xr-x	root/root	etc/pam.d/
+-rw-r--r--	root/root	etc/pam.d/sshd
 drwxr-xr-x	root/root	etc/rc.d/
 drwxr-xr-x	root/root	etc/rc.d/init.d/
 -rwxr-xr--	root/root	etc/rc.d/init.d/sshd
diff --git a/openssh-server/.footprint.x86_64 b/openssh-server/.footprint.x86_64
index 1d385f15e..089007027 100644
--- a/openssh-server/.footprint.x86_64
+++ b/openssh-server/.footprint.x86_64
@@ -1,4 +1,6 @@
 drwxr-xr-x	root/root	etc/
+drwxr-xr-x	root/root	etc/pam.d/
+-rw-r--r--	root/root	etc/pam.d/sshd
 drwxr-xr-x	root/root	etc/rc.d/
 drwxr-xr-x	root/root	etc/rc.d/init.d/
 -rwxr-xr--	root/root	etc/rc.d/init.d/sshd
diff --git a/openssh-server/.md5sum.i686 b/openssh-server/.md5sum.i686
index cb160acf8..72ebd72e7 100644
--- a/openssh-server/.md5sum.i686
+++ b/openssh-server/.md5sum.i686
@@ -1,2 +1,3 @@
 3c9347aa67862881c5da3f3b1c08da7b  openssh-6.0p1.tar.gz
 dbda0db2a43bce33d6921aa2801609ee  service-sekong-01.patch
+2fd20d311d2afbfc6e576883224d8c97  sshd.pam
diff --git a/openssh-server/.md5sum.x86_64 b/openssh-server/.md5sum.x86_64
index cb160acf8..72ebd72e7 100644
--- a/openssh-server/.md5sum.x86_64
+++ b/openssh-server/.md5sum.x86_64
@@ -1,2 +1,3 @@
 3c9347aa67862881c5da3f3b1c08da7b  openssh-6.0p1.tar.gz
 dbda0db2a43bce33d6921aa2801609ee  service-sekong-01.patch
+2fd20d311d2afbfc6e576883224d8c97  sshd.pam
diff --git a/openssh-server/Pkgfile b/openssh-server/Pkgfile
index 5b1f0fc9a..9010b4559 100755
--- a/openssh-server/Pkgfile
+++ b/openssh-server/Pkgfile
@@ -2,14 +2,15 @@
 # URL: http://www.openssh.org/
 # Maintainer: NuTyX coreteam
 # Packager: thierryn1 at hispeed dot ch
-# Depends on: openssh
-# Run on: openssh
+# Depends on: openssh, linux-pam, pambase
+# Run on: openssh,linux-pam,pambase
 
 name=openssh-server
 version=6.0p1
-release=1
+release=2
 source=(http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-$version.tar.gz
-	http://nutyx.meticul.eu/files/patchs/$name/service-sekong-01.patch)
+	http://nutyx.meticul.eu/files/patchs/$name/service-sekong-01.patch
+	sshd.pam)
 
 build() {
 	unset MAKEFLAGS
@@ -28,16 +29,21 @@ build() {
 		--libexecdir=/usr/lib/openssh \
 		--with-tcp-wrappers \
 		--with-md5-passwords \
+		--with-pam \
 		--with-privsep-path=/var/lib/sshd \
 		--mandir=/usr/share/man \
 		--infodir=/usr/share/info
 
 	make DESTDIR=$PKG install
 
+	install -Dm644 ../sshd.pam $PKG/etc/pam.d/sshd
+
 	cd ../$scripts-$scriptsversion
 	patch -Np1 -i ../service-sekong-01.patch
 	make DESTDIR=$PKG install-sshd
 	echo "PermitRootLogin no" >> $PKG/etc/ssh/sshd_config
+	echo "ChallengeResponseAuthentication no" >> $PKG/etc/ssh/sshd_config
+	echo "UsePAM yes" >> $PKG/etc/ssh/sshd_config
 
 	# Suppression du client et ses man
 	rm $PKG/etc/ssh/{ssh_config,moduli}
diff --git a/openssh-server/sshd.pam b/openssh-server/sshd.pam
new file mode 100644
index 000000000..aeef8be27
--- /dev/null
+++ b/openssh-server/sshd.pam
@@ -0,0 +1,13 @@
+#%PAM-1.0
+#auth		required	pam_securetty.so	#Disable remote root
+auth		required	pam_unix.so
+auth		required	pam_env.so
+account		required	pam_nologin.so
+account		required	pam_unix.so
+account		required	pam_time.so
+password	required	pam_unix.so
+session		required	pam_unix_session.so
+session		required	pam_limits.so
+session         optional        pam_loginuid.so
+-session	optional	pam_ck_connector.so nox11
+-session	optional	pam_systemd.so