basebuilder_pel7x64builder0
5 years ago
1 changed files with 77 additions and 0 deletions
@ -0,0 +1,77 @@ |
|||||||
|
%define dracutlibdir %{_prefix}/lib/dracut |
||||||
|
|
||||||
|
Name: dracut-crypt-ssh |
||||||
|
Version: 1.0.7 |
||||||
|
Release: 1%{?dist} |
||||||
|
Summary: A dracut module that adds ssh to the boot image (also known as earlyssh) |
||||||
|
Group: System Environment/Base |
||||||
|
License: GPLv2+ |
||||||
|
URL: https://github.com/dracut-crypt-ssh/dracut-crypt-ssh |
||||||
|
Source0: https://github.com/dracut-crypt-ssh/%{name}/archive/v%{version}.tar.gz |
||||||
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) |
||||||
|
BuildRequires: dracut |
||||||
|
BuildRequires: gcc |
||||||
|
BuildRequires: libblkid-devel |
||||||
|
Requires: dropbear |
||||||
|
Requires: dracut |
||||||
|
Requires: dracut-network |
||||||
|
Requires: openssh |
||||||
|
|
||||||
|
|
||||||
|
%description |
||||||
|
Dracut initramfs module to start dropbear sshd on early boot to enter |
||||||
|
encryption passphrase from across the internets or just connect and debug |
||||||
|
whatever stuff there. |
||||||
|
|
||||||
|
Idea is to use the thing on remote VDS servers, where full-disk encryption is |
||||||
|
still desirable (if only to avoid data leaks when disks will be decomissioned |
||||||
|
and sold by VDS vendor) but rather problematic due to lack of KVM or whatever |
||||||
|
direct console access. |
||||||
|
|
||||||
|
Authenticates users strictly by provided authorized_keys ("dropbear_acl" |
||||||
|
option) file. |
||||||
|
|
||||||
|
See dropbear(8) manpage for full list of supported restrictions there |
||||||
|
(which are fairly similar to openssh). |
||||||
|
|
||||||
|
Please read the README and configuration parameters in |
||||||
|
/etc/dracut.conf.d/crypt-ssh.conf before use. |
||||||
|
|
||||||
|
|
||||||
|
%prep |
||||||
|
%setup -q -n %{name}-%{version} |
||||||
|
|
||||||
|
|
||||||
|
%build |
||||||
|
%configure |
||||||
|
|
||||||
|
make %{?_smp_mflags} |
||||||
|
|
||||||
|
|
||||||
|
%install |
||||||
|
rm -rf -- $RPM_BUILD_ROOT |
||||||
|
make %{?_smp_mflags} install DESTDIR=$RPM_BUILD_ROOT |
||||||
|
|
||||||
|
|
||||||
|
%clean |
||||||
|
rm -rf -- $RPM_BUILD_ROOT |
||||||
|
|
||||||
|
|
||||||
|
%files |
||||||
|
%defattr(-,root,root,-) |
||||||
|
%doc README.md |
||||||
|
%license COPYING COPYRIGHT |
||||||
|
%config(noreplace) %{_sysconfdir}/dracut.conf.d/crypt-ssh.conf |
||||||
|
%dir %{dracutlibdir}/modules.d/60crypt-ssh |
||||||
|
%dir %{dracutlibdir}/modules.d/60crypt-ssh/helper |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/module-setup.sh |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-start.sh |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/dropbear-stop.sh |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/50-udev-pty.rules |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_peek.sh |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/helper/console_auth |
||||||
|
%{dracutlibdir}/modules.d/60crypt-ssh/helper/unlock-reap-success.sh |
||||||
|
|
||||||
|
|
||||||
|
%changelog |
Loading…
Reference in new issue