# --with NomachineKey # Allow login with the key shipped with the NoMachine client. # This can be a security risk. So it is disabled by default # and a ssh key is generated at install %define nomachine_key 0 %{?_with_NomachineKey: %{expand: %%define nomachine_key 1}} %define name freenx %define version 0.3.1 %define release 2mdk Summary: Free NX implementation Name: %{name} Version: %{version} Release: %{release} Source0: http://debian.tu-bs.de/knoppix/nx/%{name}-%{version}.tar.bz2 Source1: logrotate-nxserver.bz2 Patch0: freenx-nxsetup-warning.diff.bz2 License: GPL Group: Networking/Remote access Url: http://debian.tu-bs.de/knoppix/nx/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot Requires: nxproxy, nxagent, openssh-server, expect, netcat Requires: X11R6-contrib BuildArch: noarch PreReq: rpm-helper %description NoMachine NX is the next-generation X compression and roundtrip suppression scheme. It can operate remote X11 sessions over 56k modem dialup links or anything better. This package contains a free (GPL) implementation of the nxserver component. %prep %setup -q %patch0 -p1 %build perl -pi -e "s|/var/lib/nxserver/home|%{_localstatedir}/nxserver/nxhome|" nxloadconfig # README.install.urpmi doesn't work yet. cat << EOF > README.urpmi After installing this package, an nx user is created ( this is a system user, do not try to log in with it ), with a home located at %{_localstatedir}/nxserver/nxhome His password is a random 32char pass. %if %nomachine_key Using Nomachine ssh key, warning, this is a potential security risk. %else Your user must install the key located at: %{_localstatedir}/nxserver/nxhome/.ssh/client.id_dsa.key to log in. For knx, put it in: /usr/share/knx/ with world-readable right. For nomachine.com Nx client for windows put it in : C:\Program Files\NX Client for Windows\share You user will now be able to log in using their username and password provided you have ssh logins enabled for them %endif EOF %install rm -rf $RPM_BUILD_ROOT install -d -m 755 $RPM_BUILD_ROOT%{_bindir} install -d -m 755 $RPM_BUILD_ROOT%{_sbindir} install -m 755 {nxclient,nxkeygen,nxloadconfig,nxnode,nxnode-login,nxserver} $RPM_BUILD_ROOT%{_bindir} install -m 755 nxsetup $RPM_BUILD_ROOT%{_sbindir} mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/nxserver/nxhome/.ssh mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/nxserver/db/{closed,failed,running} mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/nxserver mkdir -p $RPM_BUILD_ROOT%{_var}/log touch $RPM_BUILD_ROOT%{_sysconfdir}/nxserver/{passwords,passwords.orig,users.id_dsa,users.id_dsa.pub} touch $RPM_BUILD_ROOT%{_localstatedir}/nxserver/nxhome/.ssh/{server.id_dsa.pub.key,client.id_dsa.key,authorized_keys2,known_hosts} touch $RPM_BUILD_ROOT%{_var}/log/nxserver.log install node.conf.sample $RPM_BUILD_ROOT%{_sysconfdir}/nxserver/node.conf mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d bzcat %{SOURCE1} > $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/%{name} # tell spec-helper to not remove passwords.orig export DONT_CLEANUP=1 %clean rm -rf $RPM_BUILD_ROOT %pre if [ $1 = 1 ]; then %_pre_useradd nx %{_localstatedir}/nxserver/nxhome %{_bindir}/nxserver fi %postun if [ $1 = 0 ]; then %_postun_userdel nx fi %post if [ $1 = 1 ]; then ssh-keygen -f %{_sysconfdir}/nxserver/users.id_dsa -t dsa -N "" 2>&1 > /dev/null chown nx.root %{_sysconfdir}/nxserver/users.id_dsa chmod 600 %{_sysconfdir}/nxserver/users.id_dsa %if %nomachine_key cat << EOF > %{_localstatedir}/nxserver/nxhome/.ssh/authorized_keys2 ssh-dss AAAAB3NzaC1kc3MAAACBAJe/0DNBePG9dYLWq7cJ0SqyRf1iiZN/IbzrmBvgPTZnBa5FT/0Lcj39sRYt1paAlhchwUmwwIiSZaON5JnJOZ6jKkjWIuJ9MdTGfdvtY1aLwDMpxUVoGwEaKWOyin02IPWYSkDQb6cceuG9NfPulS9iuytdx0zIzqvGqfvudtufAAAAFQCwosRXR2QA8OSgFWSO6+kGrRJKiwAAAIEAjgvVNAYWSrnFD+cghyJbyx60AAjKtxZ0r/Pn9k94Qt2rvQoMnGgt/zU0v/y4hzg+g3JNEmO1PdHh/wDPVOxlZ6Hb5F4IQnENaAZ9uTZiFGqhBO1c8Wwjiq/MFZy3jZaidarLJvVs8EeT4mZcWxwm7nIVD4lRU2wQ2lj4aTPcepMAAACANlgcCuA4wrC+3Cic9CFkqiwO/Rn1vk8dvGuEQqFJ6f6LVfPfRTfaQU7TGVLk2CzY4dasrwxJ1f6FsT8DHTNGnxELPKRuLstGrFY/PR7KeafeFZDf+fJ3mbX5nxrld3wi5titTnX+8s4IKv29HJguPvOK/SI7cjzA+SqNfD7qEo8= root@nettuno EOF %else ssh-keygen -q -t dsa -N '' -f %{_localstatedir}/nxserver/nxhome/.ssh/local.id_dsa 2>&1 > /dev/null mv -f %{_localstatedir}/nxserver/nxhome/.ssh/local.id_dsa %{_localstatedir}/nxserver/nxhome/.ssh/client.id_dsa.key mv -f %{_localstatedir}/nxserver/nxhome/.ssh/local.id_dsa.pub %{_localstatedir}/nxserver/nxhome/.ssh/server.id_dsa.pub.key cat %{_localstatedir}/nxserver/nxhome/.ssh/server.id_dsa.pub.key > %{_localstatedir}/nxserver/nxhome/.ssh/authorized_keys2 %endif echo -n "127.0.0.1 " > %{_localstatedir}/nxserver/nxhome/.ssh/known_hosts cat %{_sysconfdir}/ssh/ssh_host_rsa_key.pub >> %{_localstatedir}/nxserver/nxhome/.ssh/known_hosts chmod 600 %{_localstatedir}/nxserver/nxhome/.ssh/* chown nx.root %{_localstatedir}/nxserver/nxhome/.ssh/* %create_ghostfile %{_sysconfdir}/nxserver/passwords.orig nx root 600 %create_ghostfile %{_sysconfdir}/nxserver/passwords nx root 600 %create_ghostfile %{_var}/log/nxserver.log nx root 600 mkpasswd -l 32 | passwd --stdin nx 2>&1 > /dev/null fi %files %defattr(-,root,root) %doc AUTHORS COPYING README.urpmi %{_bindir}/* %{_sbindir}/* %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %attr(755,nx,root) %dir %{_sysconfdir}/nxserver %attr(755,nx,root) %dir %{_localstatedir}/nxserver %attr(755,nx,root) %dir %{_localstatedir}/nxserver/db %attr(700,nx,root) %dir %{_localstatedir}/nxserver/db/closed %attr(700,nx,root) %dir %{_localstatedir}/nxserver/db/failed %attr(700,nx,root) %dir %{_localstatedir}/nxserver/db/running %attr(755,nx,root) %dir %{_localstatedir}/nxserver/nxhome %attr(700,nx,root) %dir %{_localstatedir}/nxserver/nxhome/.ssh %attr(644,nx,root) %config(noreplace) %{_sysconfdir}/nxserver/node.conf %attr(600,nx,root) %ghost %{_sysconfdir}/nxserver/passwords %attr(600,nx,root) %ghost %{_sysconfdir}/nxserver/users.id_dsa %attr(644,root,root) %ghost %{_sysconfdir}/nxserver/users.id_dsa.pub %attr(600,nx,root) %ghost %{_sysconfdir}/nxserver/passwords.orig %attr(600,nx,root) %ghost %{_localstatedir}/nxserver/nxhome/.ssh/known_hosts %attr(600,nx,root) %ghost %{_localstatedir}/nxserver/nxhome/.ssh/authorized_keys2 %attr(600,nx,root) %ghost %{_localstatedir}/nxserver/nxhome/.ssh/client.id_dsa.key %attr(600,nx,root) %ghost %{_localstatedir}/nxserver/nxhome/.ssh/server.id_dsa.pub.key %attr(600,nx,root) %ghost %{_var}/log/nxserver.log %changelog * Thu Mar 31 2005 Couriousous <couriousous@mandrake.org> 0.3.1-2mdk - Package nxclient binary ( fix #15140 ) * Tue Mar 22 2005 Couriousous <couriousous@mandrake.org> 0.3.1-1mdk - Final 0.3.1 * Sat Mar 12 2005 Couriousous <couriousous@mandrake.org> 0.3.1-0.pre1.1mdk - Add bugfixes from upstream ( == 0.3.1-pre1 ) * Thu Mar 10 2005 Emmanuel Blindauer <mdk@agat.net> 0.3.0-3mdk - Really fix permissions, only users in root group were able to log. * Thu Mar 10 2005 Emmanuel Blindauer <mdk@agat.net> 0.3.0-2mdk - Fix permissions on node.conf (or no-one can log in) * Sun Mar 06 2005 Couriousous <couriousous@mandrake.org> 0.3.0-1mdk - 0.3.0 - Some spec tweak * Wed Feb 23 2005 Couriousous <couriousous@mandrake.org> 0.2.8-2mdk - Try to fix bug #13670 * Fri Feb 11 2005 Couriousous <couriousous@mandrake.org> 0.2.8-1mdk - 0.2.8 * Sat Dec 25 2004 Couriousous <couriousous@mandrake.org> 0.2.7-2mdk - Better README.urpmi from Matthew Roller * Fri Dec 03 2004 couriousous <couriousous@zarb.org> 0.2.7-1mdk - First Mandrakelinux release - Automatic setup - Set nx home as %{_localstatedir}/nxserver/nxhome