Skip to content

SPECS: openssh: Align optional build dependencies#505

Open
Jingwiw wants to merge 4 commits into
openRuyi-Project:mainfrom
Jingwiw:cleanup-bcond/openssh-optional-build-deps
Open

SPECS: openssh: Align optional build dependencies#505
Jingwiw wants to merge 4 commits into
openRuyi-Project:mainfrom
Jingwiw:cleanup-bcond/openssh-optional-build-deps

Conversation

@Jingwiw
Copy link
Copy Markdown
Member

@Jingwiw Jingwiw commented May 23, 2026

Changes

  • Drop the unused --with-systemd configure option and the unused pkgconfig(systemd) build dependency.

    OpenSSH 10.3p1 enables systemd notification on Linux directly and implements it without linking libsystemd.

    Source: configure.ac

    AC_DEFINE([SYSTEMD_NOTIFY], [1], [Have sshd notify systemd on start/reload])

    Source: openbsd-compat/port-linux.c

    #ifdef SYSTEMD_NOTIFY

static void
ssh_systemd_notify(const char *fmt, ...)
{
    ...
    if ((path = getenv("NOTIFY_SOCKET")) == NULL || strlen(path) == 0)
        return;
    ...
    if ((fd = socket(PF_UNIX, SOCK_DGRAM, 0)) == -1) {
        ...
    }
    ...
}

    The package still keeps systemd-rpm-macros, because the spec installs systemd units and uses systemd scriptlet macros.

  • Make the FIDO2 builtin support follow the existing %bcond fido2.

    Upstream has a dedicated switch for builtin U2F/FIDO support, and the builtin path probes libfido2.

    Source: configure.ac

    AC_ARG_WITH([security-key-builtin],
    [  --with-security-key-builtin include builtin U2F/FIDO support],
    [ enable_sk_internal=$withval ]
)

    Source: configure.ac

    if test "x$enable_sk" = "xyes" -a "x$enable_sk_internal" != "xno" ; then
    ...
    if "$PKGCONFIG" libfido2; then
        ...
    fi
    ...
    AC_CHECK_HEADER([fido.h], [],
        [ fido2_error="missing fido.h from libfido2" ])

  • Fix the Kerberos BuildRequires guard to use the actual %bcond kerberos5.

  • Keep Linux audit BuildRequires scoped to the SELinux build path that enables it.

    The spec only passes --with-audit=linux inside %if %{with selinux}, so the audit build dependency belongs under the same guard.

    Source: configure.ac

    AC_ARG_WITH([audit],
    [  --with-audit=module     Enable audit support (modules=debug,bsm,linux)],
    ...
    linux)
        ...
        AC_CHECK_HEADERS([libaudit.h])
        SSHDLIBS="$SSHDLIBS -laudit"
        AC_DEFINE([USE_LINUX_AUDIT], [1], [Use Linux audit module])

  • Drop Requires: pkgconfig(audit) because pkgconfig dependencies are development interfaces, not runtime package requirements.

  • Use %autochangelog directly, matching the current spec style.

AIGC Declaration: CodeX with gpt5.5 was used as coding agent.

Signed-off-by: Jingwiw wangjingwei@iscas.ac.cn

Jingwiw added 4 commits May 22, 2026 19:48
@Jingwiw
SPECS: openssh: Use autochangelog
1b35577 
Signed-off-by: Jingwiw <wangjingwei@iscas.ac.cn>
@Jingwiw
SPECS: openssh: Align optional build dependencies
d9f63fd 
Signed-off-by: Jingwiw <wangjingwei@iscas.ac.cn>
@Jingwiw
SPECS: openssh: Drop devel audit runtime dependency
ed0a1ea 
Signed-off-by: Jingwiw <wangjingwei@iscas.ac.cn>
@Jingwiw
SPECS: openssh: Drop unused systemd configure dependency
2df689e 
Signed-off-by: Jingwiw <wangjingwei@iscas.ac.cn>
@openruyi-bot openruyi-bot Bot added BuildSystem: autotools Issue/PR related to autotools BuildSystem. Target: Rolling Targeting rolling/current branch. Workflow: Ready For Review Ready for review by anyone with domain expertise. labels May 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

BuildSystem: autotools Issue/PR related to autotools BuildSystem. Target: Rolling Targeting rolling/current branch. Workflow: Ready For Review Ready for review by anyone with domain expertise.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Jingwiw