SRPM: http://togami.com/~warren/fedora/scponly-4.1-1.src.rpm SPEC: http://togami.com/~warren/fedora/scponly.spec Description: Replacement shell that allows you to give users file transfer access (like scp or sftp) but not the ability to run arbitrary commands.
Needs work: * BuildRoot should be %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) (wiki: PackagingGuidelines#BuildRoot) * Missing BR: openssh-clients (./configure checks for them) * Doc files are chmod +x * System Environments/Shell not a registered group, use Applications/Internet (as openssh itself)
SRPM: http://togami.com/~warren/fedora/scponly-4.1-2.src.rpm SPEC: http://togami.com/~warren/fedora/scponly.spec Thanks Aurelian.
The doc files are still executable. They already are in the tarball, and the fourth argument of %defattr is for directories. You can use %defattr(644,root,root) instead.
SRPM: http://togami.com/~warren/fedora/scponly-4.1-3.src.rpm SPEC: http://togami.com/~warren/fedora/scponly.spec Thanks!
The SRPM gives a 404
Oops, it is actually uploaded now.
Bad news : now /usr/share/doc/scponly-4.1 is 0644....
SRPM: http://togami.com/~warren/fedora/scponly-4.1-4.src.rpm SPEC: http://togami.com/~warren/fedora/scponly.spec %defattr(0644, root, root, 0755) This should do it...
If I read the instructions installs, I'm left confused. First of all, I believe the default mode for any distribution should be using --enable-chroot-binary. This *should* create an "scponlyc" binary according to the readme, but it doesn't. There is also a mention in the installation documentation about a "scponlyrc" file location, yet what options I can put in there is not mentioned anywhere. Also, I believe some contrib tools to setup a chroot jail for a user with the chroot()ed version of scponly (scponlyc) is missing.
It is not easy to create a chroot jail and (the more difficult part) to keep it updated. scponly without the chroot itself is pretty useful so I want to push this into Extras now. If you can think of a good solution to creating and updating chroots, please propose solutions on fedora-extras-list and we can fold it into a future package if accepted.
* License seems to be BSD, not GPL * The man page should be patched because it refers to /usr/local/bin/scponly (and scponlyc, but if you add that later it's ok)
SRPM: http://togami.com/~warren/fedora/scponly-4.1-5.src.rpm SPEC: http://togami.com/~warren/fedora/scponly.spec s/GPL/BSD/ Fixed path to scponly binary in both man pages and other installed docs. Will not attempt chrooted scponly yet.
Review for release 5: * RPM name is OK * Source scponly-4.1.tgz is the same as upstream * This is the latest version * Builds fine in mock * rpmlint of scponly looks OK * File list of scponly looks OK * Works fine Just replace /usr with %{_prefix} in the sed substitution in the spec file and you're approved.
*** Bug 575502 has been marked as a duplicate of this bug. ***