%define PACKAGE_NAME ssh-rootkey-_USERNAME_ %define PACK_VERSION 1.0.0 %define PACK_RELEASE 1 ############################################## # specify ssh-rsa or ssh-dsa %define SSHKEY_TYPE ssh-rsa # Enter rsa/dsa key here %define SSHKEY_CONTENT AAAAB3NzaC1ycA.... # Enter key description here %define SSHKEY_DESCRIPTION bart simpsons key ############################################## %define LOGFILE /var/log/rpm_%PACKAGE_NAME.log %define SSHD_CONFIG /etc/ssh/sshd_config %define PACKAGE_URL http://www.linux-aha.de Summary: root access over ssh for %SSHKEY_DESCRIPTION Name: %PACKAGE_NAME Version: %PACK_VERSION Release: %PACK_RELEASE Copyright: GPL Group: Applications/System URL: %PACKAGE_URL Packager: Sascha Nowak BuildRoot: %{_builddir} Requires: coreutils gawk grep BuildArch: noarch %description This package adds access for direct root-login for: %SSHKEY_DESCRIPTION %install rm -rf $RPM_BUILD_ROOT/* %files %post HOMEDIR=/root umask 077 timestamp=`date +%Y%m%d-%H%M%''S` echo "Installation package %PACKAGE_NAME-%PACK_VERSION-%PACK_RELEASE started on $timestamp" >>%LOGFILE # finding out authkeyfile if grep -q ^AuthorizedKeysFile %SSHD_CONFIG; then AUTHFILE=$(grep ^AuthorizedKeysFile %SSHD_CONFIG | awk {'print $2'}) else AUTHFILE=".ssh/authorized_keys" fi echo "Using authorized keys file: $HOMEDIR/$AUTHFILE" >>%LOGFILE # creating dir [ -d $(dirname $HOMEDIR/$AUTHFILE) ] || mkdir -p $(dirname $HOMEDIR/$AUTHFILE) # checking key if [ -f $HOMEDIR/$AUTHFILE ] ; then echo "Removing older sshkey from %SSHKEY_DESCRIPTION" >>%LOGFILE mv -f $HOMEDIR/$AUTHFILE $HOMEDIR/$AUTHFILE.tmp_%PACKAGE_NAME grep -v " %SSHKEY_CONTENT " $HOMEDIR/$AUTHFILE.tmp_%PACKAGE_NAME >$HOMEDIR/$AUTHFILE rm -f $HOMEDIR/$AUTHFILE.tmp_%PACKAGE_NAME fi # adding key echo "Adding sshkey for %SSHKEY_DESCRIPTION" >>%LOGFILE cat >>$HOMEDIR/$AUTHFILE <>%LOGFILE echo "" >>%LOGFILE %postun HOMEDIR=/root umask 077 timestamp=`date +%Y%m%d-%H%M%''S` echo "Deinstallation of package %PACK_VERSION-%PACK_RELEASE started on $timestamp" >>%LOGFILE # finding out authkeyfile if grep -q ^AuthorizedKeysFile %SSHD_CONFIG; then AUTHFILE=$(grep ^AuthorizedKeysFile %SSHD_CONFIG | awk {'print $2'}) else AUTHFILE=".ssh/authorized_keys" fi echo "Using authorized keys file: $AUTHFILE" >>%LOGFILE # remove key from config file echo "Removing key for %SSHKEY_DESCRIPTION" >>%LOGFILE mv $HOMEDIR/$AUTHFILE $HOMEDIR/$AUTHFILE.tmp_%PACKAGE_NAME grep -v " %SSHKEY_CONTENT " $HOMEDIR/$AUTHFILE.tmp_%PACKAGE_NAME >$HOMEDIR/$AUTHFILE rm -f $HOMEDIR/$AUTHFILE.tmp_%PACKAGE_NAME echo "Deinstallation of package %PACK_VERSION-%PACK_RELEASE completed" >>%LOGFILE echo "" >>%LOGFILE %changelog *Thu May 18 2010 Sascha Nowak - Initial release