base/SPECS/dracut-crypt-ssh.spec

%define dracutlibdir %{_prefix}/lib/dracut

Name: dracut-crypt-ssh
Version: 1.0.7
Release: 1%{?dist}
Summary: A dracut module that adds ssh to the boot image (also known as earlyssh)
Group: System Environment/Base
License: GPLv2+
URL: https://github.com/dracut-crypt-ssh/dracut-crypt-ssh
Source0: https://github.com/dracut-crypt-ssh/%{name}/archive/v%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: dracut
BuildRequires: gcc
BuildRequires: libblkid-devel
Requires: dropbear
Requires: dracut
Requires: dracut-network
Requires: openssh


%description
Dracut initramfs module to start dropbear sshd on early boot to enter
encryption passphrase from across the internets or just connect and debug
whatever stuff there.

Idea is to use the thing on remote VDS servers, where full-disk encryption is
still desirable (if only to avoid data leaks when disks will be decomissioned
and sold by VDS vendor) but rather problematic due to lack of KVM or whatever
direct console access.

Authenticates users strictly by provided authorized_keys ("dropbear_acl"
option) file.

See dropbear(8) manpage for full list of supported restrictions there
(which are fairly similar to openssh).

Please read the README and configuration parameters in 
/etc/dracut.conf.d/crypt-ssh.conf before use.


%prep
%setup -q -n %{name}-%{version}


%build
%configure

make %{?_smp_mflags}


%install
rm -rf -- $RPM_BUILD_ROOT
make %{?_smp_mflags} install DESTDIR=$RPM_BUILD_ROOT


%clean
rm -rf -- $RPM_BUILD_ROOT


%files
%defattr(-,root,root,-)
%doc README.md
%license COPYING COPYRIGHT
%config(noreplace) %{_sysconfdir}/dracut.conf.d/crypt-ssh.conf
%dir %{dracutlibdir}/modules.d/60crypt-ssh
%dir %{dracutlibdir}/modules.d/60crypt-ssh/helper
%{dracutlibdir}/modules.d/60crypt-ssh/module-setup.sh
%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-start.sh
%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-stop.sh
%{dracutlibdir}/modules.d/60crypt-ssh/50-udev-pty.rules
%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_peek.sh
%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock
%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_auth
%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock-reap-success.sh


%changelog
dracut-crypt-ssh package creation Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org> 5 years ago			`%define dracutlibdir %{_prefix}/lib/dracut`

			`Name: dracut-crypt-ssh`
			`Version: 1.0.7`
			`Release: 1%{?dist}`
			`Summary: A dracut module that adds ssh to the boot image (also known as earlyssh)`
			`Group: System Environment/Base`
			`License: GPLv2+`
			`URL: https://github.com/dracut-crypt-ssh/dracut-crypt-ssh`
			`Source0: https://github.com/dracut-crypt-ssh/%{name}/archive/v%{version}.tar.gz`
			`BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)`
			`BuildRequires: dracut`
			`BuildRequires: gcc`
			`BuildRequires: libblkid-devel`
			`Requires: dropbear`
			`Requires: dracut`
			`Requires: dracut-network`
			`Requires: openssh`


			`%description`
			`Dracut initramfs module to start dropbear sshd on early boot to enter`
			`encryption passphrase from across the internets or just connect and debug`
			`whatever stuff there.`

			`Idea is to use the thing on remote VDS servers, where full-disk encryption is`
			`still desirable (if only to avoid data leaks when disks will be decomissioned`
			`and sold by VDS vendor) but rather problematic due to lack of KVM or whatever`
			`direct console access.`

			`Authenticates users strictly by provided authorized_keys ("dropbear_acl"`
			`option) file.`

			`See dropbear(8) manpage for full list of supported restrictions there`
			`(which are fairly similar to openssh).`

			`Please read the README and configuration parameters in`
			`/etc/dracut.conf.d/crypt-ssh.conf before use.`


			`%prep`
			`%setup -q -n %{name}-%{version}`


			`%build`
			`%configure`

			`make %{?_smp_mflags}`


			`%install`
			`rm -rf -- $RPM_BUILD_ROOT`
			`make %{?_smp_mflags} install DESTDIR=$RPM_BUILD_ROOT`


			`%clean`
			`rm -rf -- $RPM_BUILD_ROOT`


			`%files`
			`%defattr(-,root,root,-)`
			`%doc README.md`
			`%license COPYING COPYRIGHT`
			`%config(noreplace) %{_sysconfdir}/dracut.conf.d/crypt-ssh.conf`
			`%dir %{dracutlibdir}/modules.d/60crypt-ssh`
			`%dir %{dracutlibdir}/modules.d/60crypt-ssh/helper`
			`%{dracutlibdir}/modules.d/60crypt-ssh/module-setup.sh`
			`%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-start.sh`
			`%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-stop.sh`
			`%{dracutlibdir}/modules.d/60crypt-ssh/50-udev-pty.rules`
			`%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_peek.sh`
			`%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock`
			`%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_auth`
			`%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock-reap-success.sh`


			`%changelog`