UPD: checking in previous changes
This commit is contained in:
parent
a6ffa7ba09
commit
7c0e554335
|
@ -0,0 +1,53 @@
|
|||
"eipalloc-0a5057ea75a8d68df"
|
||||
"eipalloc-0b67a2e81123b0dfa"
|
||||
"eipalloc-0ffe0084439dabfa5"
|
||||
"eipalloc-05841bc3e86c0a02c"
|
||||
"eipalloc-0c8c1cd56cc6812f0"
|
||||
"eipalloc-0554a730c84838cb2"
|
||||
"eipalloc-06400a193622f18ef"
|
||||
"eipalloc-0943a26dff737c3bb"
|
||||
"eipalloc-077d3ec5fd5d5815f"
|
||||
"eipalloc-0ea7ba83567d8dc77"
|
||||
"eipalloc-00d4f1e5bfe2a29ac"
|
||||
"eipalloc-0f4ea29293daafa0c"
|
||||
"eipalloc-0f17f811a17375567"
|
||||
"eipalloc-08c66c8d4793f600f"
|
||||
"eipalloc-052aee7ebca95a297"
|
||||
"eipalloc-0290936c16a783f48"
|
||||
"eipalloc-0cce181acf4f5228b"
|
||||
"eipalloc-0b04be0d39e8b6805"
|
||||
"eipalloc-0ff81f6efa6fb6601"
|
||||
"eipalloc-0780c63f667aa53b1"
|
||||
"eipalloc-0edd524a2afdfc7c0"
|
||||
"eipalloc-0f3c83df95bd6ac76"
|
||||
"eipalloc-0dc990d8299cade51"
|
||||
"eipalloc-0a01d13764e9bb4d9"
|
||||
"eipalloc-09b9958ddb3fb2b81"
|
||||
"eipalloc-0662c94b444ee6fd7"
|
||||
"eipalloc-06aeba0dd6bd37bbb"
|
||||
"eipalloc-0064badc3c20d01cb"
|
||||
"eipalloc-062f18a351eb3c44b"
|
||||
"eipalloc-0d7fabd6b6736d8ba"
|
||||
"eipalloc-08d9a5fd5a24f6410"
|
||||
"eipalloc-0adda055467e5e5a6"
|
||||
"eipalloc-01a938dfb927c8f3f"
|
||||
"eipalloc-03cb14ef5313e4675"
|
||||
"eipalloc-046e405d363fd4c4f"
|
||||
"eipalloc-0b986e4e5ffd5b1e2"
|
||||
"eipalloc-0ec66214895ce0c7c"
|
||||
"eipalloc-01ea4b48ec61a3068"
|
||||
"eipalloc-06abef49b076dd20c"
|
||||
"eipalloc-056470c9f98dce3fc"
|
||||
"eipalloc-01e870c66848a8991"
|
||||
"eipalloc-036e72654499bb46a"
|
||||
"eipalloc-0d52b854250ed9d83"
|
||||
"eipalloc-01185fd790b008301"
|
||||
"eipalloc-015859de51da5208c"
|
||||
"eipalloc-00ee026701f21593f"
|
||||
"eipalloc-00855bb5bae5e0e8b"
|
||||
"eipalloc-06038eeb961c72d1a"
|
||||
"eipalloc-0e92317ee06b38396"
|
||||
"eipalloc-03a47ae15fccad2c5"
|
||||
"eipalloc-0d13f893a9ac741f0"
|
||||
"eipalloc-041d3f17fa7e019f5"
|
||||
"eipalloc-033c782d570cd537d"
|
|
@ -0,0 +1,16 @@
|
|||
import json
|
||||
import boto3
|
||||
|
||||
def lambda_handler(event, context):
|
||||
# TODO implement
|
||||
sts_client = boto3.client('sts')
|
||||
assumed_role_object=sts_client.assume_role(
|
||||
RoleArn="arn:aws:iam::111111111111:role/rolex",
|
||||
RoleSessionName="lambda"
|
||||
)
|
||||
print("export AWS_ACCESS_KEY_ID=" + assumed_role_object['Credentials']['AccessKeyId'])
|
||||
print("export AWS_SECRET_ACCESS_KEY=" + assumed_role_object['Credentials']['SecretAccessKey'])
|
||||
print("export AWS_SESSION_TOKEN=" + assumed_role_object['Credentials']['SessionToken'])
|
||||
print("export AWS_DEFAULT_REGION=ap-east-1")
|
||||
|
||||
|
|
@ -0,0 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
function formatprint() {
|
||||
cat - > /tmp/formatprint.tmp
|
||||
echo "# $1 ($(cat /tmp/formatprint.tmp | wc -l))"
|
||||
#cat /tmp/formatprint.tmp | sed -e 's/^/ /g'
|
||||
cat /tmp/formatprint.tmp | column -t -s, | sed -e 's/^/ /g'
|
||||
rm -f /tmp/formatprint.tmp
|
||||
}
|
||||
|
||||
# Generate inventory of ec2, rds, lb, and s3 buckets.
|
||||
|
||||
aws ec2 describe-instances --query 'Reservations[*].Instances[*].[InstanceId, Tags[?Key==`Name`].Value[] | [0], PlatformDetails, InstanceType,PrivateIpAddress, PublicIpAddress]' --output json | jq -cr '.[][] | @csv' | tr -d '[\" ' | formatprint EC2
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
{
|
||||
"ProtectionGroupId": "Proxies",
|
||||
"Aggregation": "SUM",
|
||||
"Pattern": "ARBITRARY",
|
||||
"Members": [
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0ffe0084439dabfa5",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-05841bc3e86c0a02c",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0c8c1cd56cc6812f0",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0554a730c84838cb2",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-06400a193622f18ef",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0943a26dff737c3bb",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-077d3ec5fd5d5815f",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0ea7ba83567d8dc77",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-00d4f1e5bfe2a29ac",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0f4ea29293daafa0c",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0f17f811a17375567",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-08c66c8d4793f600f",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-052aee7ebca95a297",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0290936c16a783f48",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0cce181acf4f5228b",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0b04be0d39e8b6805",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0ff81f6efa6fb6601",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0780c63f667aa53b1",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0edd524a2afdfc7c0",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0f3c83df95bd6ac76",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0dc990d8299cade51",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0a01d13764e9bb4d9",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-09b9958ddb3fb2b81",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0662c94b444ee6fd7",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-06aeba0dd6bd37bbb",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0064badc3c20d01cb",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-062f18a351eb3c44b",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0d7fabd6b6736d8ba",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-08d9a5fd5a24f6410",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0adda055467e5e5a6",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-01a938dfb927c8f3f",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-03cb14ef5313e4675",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-046e405d363fd4c4f",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0b986e4e5ffd5b1e2",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0ec66214895ce0c7c",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-01ea4b48ec61a3068",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-06abef49b076dd20c",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-056470c9f98dce3fc",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-01e870c66848a8991",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-036e72654499bb46a",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0d52b854250ed9d83",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-01185fd790b008301",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-015859de51da5208c",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-00ee026701f21593f",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-00855bb5bae5e0e8b",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-06038eeb961c72d1a",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0e92317ee06b38396",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-03a47ae15fccad2c5",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-0d13f893a9ac741f0",
|
||||
"arn:aws:ec2:ap-south-1:234605732439:eip-allocation/eipalloc-041d3f17fa7e019f5"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,53 @@
|
|||
43.204.26.15
|
||||
43.204.154.79
|
||||
15.207.215.132
|
||||
3.111.102.180
|
||||
3.111.9.137
|
||||
13.234.95.59
|
||||
3.111.208.83
|
||||
35.154.17.21
|
||||
13.232.84.95
|
||||
13.126.211.148
|
||||
3.111.115.157
|
||||
3.111.183.35
|
||||
13.235.176.20
|
||||
3.109.149.228
|
||||
3.111.124.193
|
||||
3.110.26.128
|
||||
3.111.222.108
|
||||
3.111.241.224
|
||||
43.204.205.1
|
||||
65.0.212.10
|
||||
3.6.32.23
|
||||
15.207.189.166
|
||||
3.109.130.3
|
||||
13.235.226.61
|
||||
3.111.148.80
|
||||
3.111.124.249
|
||||
3.111.212.74
|
||||
52.66.119.127
|
||||
3.111.180.154
|
||||
3.108.169.208
|
||||
3.111.209.74
|
||||
3.111.250.88
|
||||
13.234.183.132
|
||||
43.204.8.135
|
||||
3.108.214.127
|
||||
3.111.154.131
|
||||
43.204.119.5
|
||||
13.126.248.99
|
||||
3.111.140.112
|
||||
43.204.4.54
|
||||
13.127.80.244
|
||||
43.205.36.29
|
||||
43.205.13.140
|
||||
13.127.138.166
|
||||
3.109.229.90
|
||||
43.205.37.245
|
||||
65.1.5.211
|
||||
15.206.197.33
|
||||
43.204.249.129
|
||||
43.205.26.115
|
||||
65.1.233.123
|
||||
3.108.139.126
|
||||
65.0.59.28
|
|
@ -0,0 +1,9 @@
|
|||
#!/bin/bash
|
||||
# this script requires httpie and cfcli
|
||||
#
|
||||
cfcli zones -f json | jq -cr '.[] | .name,.id' | paste - - | awk '{print $1,$2}' | while read d k; do
|
||||
cfcli ls -d $d -f json | jq -cr '.[] | select(.type == "A") | .name' | while read s; do
|
||||
cat template.json | sed s/REPLACE_ME/$s/g | http https://api.cloudflare.com/client/v4/zones/$k/healthchecks \
|
||||
X-Auth-Email:ken.fong@rackspace.com \
|
||||
X-Auth-Key:xxx
|
||||
done
|
|
@ -0,0 +1,25 @@
|
|||
{
|
||||
"name": "site-monitor",
|
||||
"description": "Health check",
|
||||
"check_regions": [
|
||||
"SEAS"
|
||||
],
|
||||
"type": "HTTPS",
|
||||
"consecutive_successes": 1,
|
||||
"consecutive_fails": 2,
|
||||
"http_config": {
|
||||
"method": "GET",
|
||||
"port": 443,
|
||||
"path": "/",
|
||||
"expected_codes": [
|
||||
"200"
|
||||
],
|
||||
"follow_redirects": true,
|
||||
"allow_insecure": false
|
||||
},
|
||||
"timeout": 5,
|
||||
"retries": 2,
|
||||
"interval": 60,
|
||||
"address": "REPLACE_ME"
|
||||
}
|
||||
|
|
@ -5,24 +5,21 @@ if (empty($_POST)) {
|
|||
exit();
|
||||
} else {
|
||||
|
||||
include('Mail.php');
|
||||
|
||||
$to = $_POST['recipient'];
|
||||
$subject = $_POST['subject'];
|
||||
$message = $_POST['message'];
|
||||
$headers[] = 'MIME-Version: 1.0';
|
||||
$headers[] = 'Content-type: text/plain; charset=ISO-8859-1';
|
||||
$headers[] = 'Content-Transfer-Encoding: base64';
|
||||
$headers[] = 'X-Mailer: PHP/' . phpversion();
|
||||
//$headers[] = 'To: ' . $_POST['recipient'];
|
||||
$headers[] = 'From: ' . $_POST['sender'];
|
||||
$headers = "From: " . $_POST['sender'] . "\r\n";
|
||||
$headers .= "MIME-Version: 1.0\r\n";
|
||||
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
|
||||
$message = str_replace(" ", " ", base64_decode($_POST['message']));
|
||||
$message2 = "<span style=\"font-family: monospace; font-size: small;\">" . str_replace("\n", "<br />\n", $message) . "</span>";
|
||||
|
||||
if (mail($to, $subject, $message, implode("\r\n", $headers))) {
|
||||
if (mail($to, $subject, $message2, $headers)) {
|
||||
echo 'Your message has been sent.';
|
||||
} else {
|
||||
echo 'There was a problem sending the email.';
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
"Type" : "SnsMessage",
|
||||
"MessageId" : "165545c9-2a5c-472c-8df2-7ff2be2b3b1b",
|
||||
"Token" : "2336412f37f...",
|
||||
"TopicArn" : "arn:aws:sns:us-west-2:123456789012:MyTopic",
|
||||
"Message" : "Test message",
|
||||
"SubscribeURL" : "https://sns.us-west-2.amazonaws.com/?Action=ConfirmSubscription&TopicArn=arn:aws:sns:us-west-2:123456789012:MyTopic&Token=2336412f37...",
|
||||
"Timestamp" : "2012-04-26T20:45:04.751Z",
|
||||
"SignatureVersion" : "1",
|
||||
"Signature" : "EXAMPLEpH+...",
|
||||
"SigningCertURL" : "https://sns.us-west-2.amazonaws.com/SimpleNotificationService-f3ecfb7224c7233fe7bb5f59f96de52f.pem"
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
<?php
|
||||
|
||||
// Fetch the raw POST body containing the message
|
||||
$postBody = file_get_contents('php://input');
|
||||
|
||||
// JSON decode the body to an array of message data
|
||||
$message = json_decode($postBody, true);
|
||||
if ($message) {
|
||||
// Do something with the data
|
||||
// echo $message['Message'];
|
||||
if ($message['Type'] == "SubscriptionConfirmation") {
|
||||
echo "Now needs to reply to " . $message['SubscribeURL'];
|
||||
} else {
|
||||
$to = "sns@racker.pro";
|
||||
$subject = "SNS alert from AWS";
|
||||
$headers = "From: sns@racker.pro\r\n";
|
||||
$headers .= "MIME-Version: 1.0\r\n";
|
||||
$headers .= "Content-Type: text/html; charset=UTF-8\r\n";
|
||||
|
||||
if (mail($to, $subject, $message['Message'], $headers)) {
|
||||
echo 'Your message has been sent.';
|
||||
} else {
|
||||
echo 'There was a problem sending the email.';
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
"Type" : "SubscriptionConfirmation",
|
||||
"MessageId" : "165545c9-2a5c-472c-8df2-7ff2be2b3b1b",
|
||||
"Token" : "2336412f37f...",
|
||||
"TopicArn" : "arn:aws:sns:us-west-2:123456789012:MyTopic",
|
||||
"Message" : "You have chosen to subscribe to the topic arn:aws:sns:us-west-2:123456789012:MyTopic.\nTo confirm the subscription, visit the SubscribeURL included in this message.",
|
||||
"SubscribeURL" : "https://sns.us-west-2.amazonaws.com/?Action=ConfirmSubscription&TopicArn=arn:aws:sns:us-west-2:123456789012:MyTopic&Token=2336412f37...",
|
||||
"Timestamp" : "2012-04-26T20:45:04.751Z",
|
||||
"SignatureVersion" : "1",
|
||||
"Signature" : "EXAMPLEpH+...",
|
||||
"SigningCertURL" : "https://sns.us-west-2.amazonaws.com/SimpleNotificationService-f3ecfb7224c7233fe7bb5f59f96de52f.pem"
|
||||
}
|
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,13 @@
|
|||
#!/usr/bin/env python3
|
||||
# Python data types
|
||||
# list = [value1, value2, value3,...valueN]
|
||||
# set = {value1, value2, value3,...valueN}
|
||||
# dict = { key1:value1, key2:value2,...keyN:valueN }
|
||||
|
||||
# Sample use of list of dict
|
||||
|
||||
datagroup = [{'name': '203.60.15.113/32', 'data': ''}, {'name': '222.186.30.174/32', 'data': ''},{'name': '120.136.32.106/32', 'data': ''}]
|
||||
newrecord = {'name': '1.2.3.4/32', 'data': ''}
|
||||
|
||||
datagroup.append(newrecord)
|
||||
print(datagroup)
|
|
@ -0,0 +1,3 @@
|
|||
import socket
|
||||
|
||||
print(socket.gethostbyname('headdesk.me'))
|
|
@ -0,0 +1,13 @@
|
|||
import dns.resolver
|
||||
|
||||
results = dns.resolver.query('wordpress.com', 'A')
|
||||
stringResults = []
|
||||
for ip in results:
|
||||
print(ip.to_text())
|
||||
stringResults.append(ip.to_text())
|
||||
|
||||
dummyList = ['192.0.78.9', '192.0.78.17', '2.3.4.5']
|
||||
def diff(li1, li2):
|
||||
return (list(list(set(li1)-set(li2)) + list(set(li2)-set(li1))))
|
||||
|
||||
print('Diff results: ', diff(stringResults,dummyList))
|
|
@ -0,0 +1,26 @@
|
|||
import boto3
|
||||
import os
|
||||
import json
|
||||
|
||||
client = boto3.client('sts')
|
||||
response = client.assume_role(
|
||||
DurationSeconds=900,
|
||||
RoleArn='arn:aws:iam::794747783570:role/HKEX_INFRA_ROLE',
|
||||
RoleSessionName='python',
|
||||
)
|
||||
|
||||
os.environ['AWS_ACCESS_KEY_ID'] = response['Credentials']['AccessKeyId']
|
||||
os.environ['AWS_SECRET_ACCESS_KEY'] = response['Credentials']['SecretAccessKey']
|
||||
os.environ['AWS_SESSION_TOKEN'] = response['Credentials']['SessionToken']
|
||||
|
||||
session = boto3.Session(aws_access_key_id=response['Credentials']['AccessKeyId'],
|
||||
aws_secret_access_key=response['Credentials']['SecretAccessKey'], aws_session_token=response['Credentials']['SessionToken'])
|
||||
newclient = session.client(service_name="backup")
|
||||
jobs = newclient.list_backup_jobs()['BackupJobs']
|
||||
|
||||
print(jobs)
|
||||
# print(json.dumps(jobs))
|
||||
|
||||
# for key in jobs:
|
||||
# print(key, ' : ', jobs[key])
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
from prettytable import PrettyTable
|
||||
x = PrettyTable()
|
||||
x.field_names = ["City name", "Area", "Population", "Annual Rainfall"]
|
||||
x.add_row(["Adelaide", 1295, 1158259, 600.5])
|
||||
x.add_row(["Brisbane", 5905, 1857594, 1146.4])
|
||||
x.add_row(["Darwin", 112, 120900, 1714.7])
|
||||
x.add_row(["Hobart", 1357, 205556, 619.5])
|
||||
x.add_row(["Sydney", 2058, 4336374, 1214.8])
|
||||
x.add_row(["Melbourne", 1566, 3806092, 646.9])
|
||||
x.add_row(["Perth", 5386, 1554769, 869.4])
|
||||
print(x);
|
|
@ -0,0 +1,8 @@
|
|||
#!/usr/bin/env python
|
||||
import os, time
|
||||
|
||||
fileage = os.path.getmtime('/var/log/ufw.log');
|
||||
|
||||
if time.time() - fileage > 7200:
|
||||
print ('File is > 2 hours old')
|
||||
|
|
@ -0,0 +1,847 @@
|
|||
%define ver 8.2p1
|
||||
%define rel fong%{?dist}
|
||||
|
||||
# OpenSSH privilege separation requires a user & group ID
|
||||
%define sshd_uid 74
|
||||
%define sshd_gid 74
|
||||
|
||||
# Version of ssh-askpass
|
||||
%define aversion 1.2.4.1
|
||||
|
||||
# Do we want to disable building of x11-askpass? (1=yes 0=no)
|
||||
%define no_x11_askpass 1
|
||||
|
||||
# Do we want to disable building of gnome-askpass? (1=yes 0=no)
|
||||
%define no_gnome_askpass 1
|
||||
|
||||
# Do we want to link against a static libcrypto? (1=yes 0=no)
|
||||
%define static_libcrypto 0
|
||||
|
||||
# Do we want smartcard support (1=yes 0=no)
|
||||
%define scard 0
|
||||
|
||||
# Use GTK2 instead of GNOME in gnome-ssh-askpass
|
||||
%define gtk2 1
|
||||
|
||||
# Use build6x options for older RHEL builds
|
||||
# RHEL 7 not yet supported
|
||||
%if 0%{?rhel} > 6
|
||||
%define build6x 0
|
||||
%else
|
||||
%define build6x 1
|
||||
%endif
|
||||
|
||||
%if 0%{?fedora} >= 26
|
||||
%define compat_openssl 1
|
||||
%else
|
||||
%define compat_openssl 0
|
||||
%endif
|
||||
|
||||
# Do we want kerberos5 support (1=yes 0=no)
|
||||
%define kerberos5 1
|
||||
|
||||
# Reserve options to override askpass settings with:
|
||||
# rpm -ba|--rebuild --define 'skip_xxx 1'
|
||||
%{?skip_x11_askpass:%define no_x11_askpass 1}
|
||||
%{?skip_gnome_askpass:%define no_gnome_askpass 1}
|
||||
|
||||
# Add option to build without GTK2 for older platforms with only GTK+.
|
||||
# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples.
|
||||
# rpm -ba|--rebuild --define 'no_gtk2 1'
|
||||
%{?no_gtk2:%define gtk2 0}
|
||||
|
||||
# Is this a build for RHL 6.x or earlier?
|
||||
%{?build_6x:%define build6x 1}
|
||||
|
||||
# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc.
|
||||
%if %{build6x}
|
||||
%define _sysconfdir /etc
|
||||
%endif
|
||||
|
||||
# Options for static OpenSSL link:
|
||||
# rpm -ba|--rebuild --define "static_openssl 1"
|
||||
%{?static_openssl:%define static_libcrypto 1}
|
||||
|
||||
# Options for Smartcard support: (needs libsectok and openssl-engine)
|
||||
# rpm -ba|--rebuild --define "smartcard 1"
|
||||
%{?smartcard:%define scard 1}
|
||||
|
||||
# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
|
||||
%define rescue 0
|
||||
%{?build_rescue:%define rescue 1}
|
||||
|
||||
# Turn off some stuff for resuce builds
|
||||
%if %{rescue}
|
||||
%define kerberos5 0
|
||||
%endif
|
||||
|
||||
Summary: The OpenSSH implementation of SSH protocol version 2.
|
||||
Name: openssh
|
||||
Version: %{ver}
|
||||
%if %{rescue}
|
||||
Release: %{rel}rescue
|
||||
%else
|
||||
Release: %{rel}
|
||||
%endif
|
||||
URL: https://www.openssh.com/portable.html
|
||||
Source0: https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
||||
Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
|
||||
License: BSD
|
||||
Group: Applications/Internet
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
|
||||
Obsoletes: ssh
|
||||
%if %{build6x}
|
||||
PreReq: initscripts >= 5.00
|
||||
%else
|
||||
Requires: initscripts >= 5.20
|
||||
%endif
|
||||
BuildRequires: perl
|
||||
%if %{compat_openssl}
|
||||
BuildRequires: compat-openssl10-devel
|
||||
%else
|
||||
BuildRequires: openssl-devel >= 1.0.1
|
||||
BuildRequires: openssl-devel < 1.1
|
||||
%endif
|
||||
BuildRequires: /bin/login
|
||||
%if ! %{build6x}
|
||||
BuildRequires: glibc-devel, pam
|
||||
%else
|
||||
BuildRequires: /usr/include/security/pam_appl.h
|
||||
%endif
|
||||
%if ! %{no_x11_askpass}
|
||||
BuildRequires: /usr/include/X11/Xlib.h
|
||||
# Xt development tools
|
||||
BuildRequires: libXt-devel
|
||||
# Provides xmkmf
|
||||
BuildRequires: imake
|
||||
# Rely on relatively recent gtk
|
||||
BuildRequires: gtk2-devel
|
||||
%endif
|
||||
%if ! %{no_gnome_askpass}
|
||||
BuildRequires: pkgconfig
|
||||
%endif
|
||||
%if %{kerberos5}
|
||||
BuildRequires: krb5-devel
|
||||
BuildRequires: krb5-libs
|
||||
%endif
|
||||
|
||||
%package clients
|
||||
Summary: OpenSSH clients.
|
||||
Requires: openssh = %{version}-%{release}
|
||||
Group: Applications/Internet
|
||||
Obsoletes: ssh-clients
|
||||
|
||||
%package server
|
||||
Summary: The OpenSSH server daemon.
|
||||
Group: System Environment/Daemons
|
||||
Obsoletes: ssh-server
|
||||
Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
|
||||
%if ! %{build6x}
|
||||
Requires: /etc/pam.d/system-auth
|
||||
%endif
|
||||
|
||||
%package askpass
|
||||
Summary: A passphrase dialog for OpenSSH and X.
|
||||
Group: Applications/Internet
|
||||
Requires: openssh = %{version}-%{release}
|
||||
Obsoletes: ssh-extras
|
||||
|
||||
%package askpass-gnome
|
||||
Summary: A passphrase dialog for OpenSSH, X, and GNOME.
|
||||
Group: Applications/Internet
|
||||
Requires: openssh = %{version}-%{release}
|
||||
Obsoletes: ssh-extras
|
||||
|
||||
%description
|
||||
SSH (Secure SHell) is a program for logging into and executing
|
||||
commands on a remote machine. SSH is intended to replace rlogin and
|
||||
rsh, and to provide secure encrypted communications between two
|
||||
untrusted hosts over an insecure network. X11 connections and
|
||||
arbitrary TCP/IP ports can also be forwarded over the secure channel.
|
||||
|
||||
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
|
||||
it up to date in terms of security and features, as well as removing
|
||||
all patented algorithms to separate libraries.
|
||||
|
||||
This package includes the core files necessary for both the OpenSSH
|
||||
client and server. To make this package useful, you should also
|
||||
install openssh-clients, openssh-server, or both.
|
||||
|
||||
%description clients
|
||||
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. This package includes
|
||||
the clients necessary to make encrypted connections to SSH servers.
|
||||
You'll also need to install the openssh package on OpenSSH clients.
|
||||
|
||||
%description server
|
||||
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. This package contains
|
||||
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
|
||||
securely connect to your SSH server. You also need to have the openssh
|
||||
package installed.
|
||||
|
||||
%description askpass
|
||||
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. This package contains
|
||||
an X11 passphrase dialog for OpenSSH.
|
||||
|
||||
%description askpass-gnome
|
||||
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
||||
into and executing commands on a remote machine. This package contains
|
||||
an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop
|
||||
environment.
|
||||
|
||||
%prep
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
%setup -q -a 1
|
||||
%else
|
||||
%setup -q
|
||||
%endif
|
||||
|
||||
%build
|
||||
%if %{rescue}
|
||||
CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
|
||||
%endif
|
||||
|
||||
%configure \
|
||||
--sysconfdir=%{_sysconfdir}/ssh \
|
||||
--libexecdir=%{_libexecdir}/openssh \
|
||||
--datadir=%{_datadir}/openssh \
|
||||
--with-default-path=/usr/local/bin:/bin:/usr/bin \
|
||||
--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
|
||||
--with-privsep-path=%{_var}/empty/sshd \
|
||||
--with-md5-passwords \
|
||||
--mandir=%{_mandir} \
|
||||
--with-mantype=man \
|
||||
--disable-strip \
|
||||
%if %{scard}
|
||||
--with-smartcard \
|
||||
%endif
|
||||
%if %{rescue}
|
||||
--without-pam \
|
||||
%else
|
||||
--with-pam \
|
||||
%endif
|
||||
%if %{kerberos5}
|
||||
--with-kerberos5=$K5DIR \
|
||||
%endif
|
||||
|
||||
|
||||
%if %{static_libcrypto}
|
||||
perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
|
||||
%endif
|
||||
|
||||
make
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
pushd x11-ssh-askpass-%{aversion}
|
||||
%configure --libexecdir=%{_libexecdir}/openssh
|
||||
xmkmf -a
|
||||
make
|
||||
popd
|
||||
%endif
|
||||
|
||||
# Define a variable to toggle gnome1/gtk2 building. This is necessary
|
||||
# because RPM doesn't handle nested %if statements.
|
||||
%if %{gtk2}
|
||||
gtk2=yes
|
||||
%else
|
||||
gtk2=no
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
pushd contrib
|
||||
if [ $gtk2 = yes ] ; then
|
||||
make gnome-ssh-askpass2
|
||||
mv gnome-ssh-askpass2 gnome-ssh-askpass
|
||||
else
|
||||
make gnome-ssh-askpass1
|
||||
mv gnome-ssh-askpass1 gnome-ssh-askpass
|
||||
fi
|
||||
popd
|
||||
%endif
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
|
||||
mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd
|
||||
|
||||
make install DESTDIR=$RPM_BUILD_ROOT
|
||||
|
||||
install -d $RPM_BUILD_ROOT/etc/pam.d/
|
||||
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
|
||||
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
||||
%if %{build6x}
|
||||
install -m644 contrib/redhat/sshd.pam.old $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||
%else
|
||||
install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||
%endif
|
||||
install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
install x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
|
||||
ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
install contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{scard}
|
||||
rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
||||
install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
||||
install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
||||
%endif
|
||||
|
||||
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%triggerun server -- ssh-server
|
||||
if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
|
||||
touch /var/run/sshd.restart
|
||||
fi
|
||||
|
||||
%triggerun server -- openssh-server < 2.5.0p1
|
||||
# Count the number of HostKey and HostDsaKey statements we have.
|
||||
gawk 'BEGIN {IGNORECASE=1}
|
||||
/^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1}
|
||||
END {exit sawhostkey}' /etc/ssh/sshd_config
|
||||
# And if we only found one, we know the client was relying on the old default
|
||||
# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't
|
||||
# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying
|
||||
# one nullifies the default, which would have loaded both.
|
||||
if [ $? -eq 1 ] ; then
|
||||
echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config
|
||||
echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config
|
||||
fi
|
||||
|
||||
%triggerpostun server -- ssh-server
|
||||
if [ "$1" != 0 ] ; then
|
||||
/sbin/chkconfig --add sshd
|
||||
if test -f /var/run/sshd.restart ; then
|
||||
rm -f /var/run/sshd.restart
|
||||
/sbin/service sshd start > /dev/null 2>&1 || :
|
||||
fi
|
||||
fi
|
||||
|
||||
%pre server
|
||||
%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
|
||||
%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
|
||||
-g sshd -M -r sshd 2>/dev/null || :
|
||||
|
||||
%post server
|
||||
/sbin/chkconfig --add sshd
|
||||
|
||||
%postun server
|
||||
/sbin/service sshd condrestart > /dev/null 2>&1 || :
|
||||
|
||||
%preun server
|
||||
if [ "$1" = 0 ]
|
||||
then
|
||||
/sbin/service sshd stop > /dev/null 2>&1 || :
|
||||
/sbin/chkconfig --del sshd
|
||||
fi
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* PROTOCOL* TODO
|
||||
%attr(0755,root,root) %{_bindir}/scp
|
||||
%attr(0644,root,root) %{_mandir}/man1/scp.1*
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
||||
%if ! %{rescue}
|
||||
%attr(0755,root,root) %{_bindir}/ssh-keygen
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
|
||||
%attr(0755,root,root) %dir %{_libexecdir}/openssh
|
||||
%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-sk-helper
|
||||
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
|
||||
%attr(0644,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
|
||||
%attr(0644,root,root) %{_mandir}/man8/ssh-sk-helper.8*
|
||||
|
||||
%endif
|
||||
%if %{scard}
|
||||
%attr(0755,root,root) %dir %{_datadir}/openssh
|
||||
%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
|
||||
%endif
|
||||
|
||||
%files clients
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %{_bindir}/ssh
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
|
||||
%attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
|
||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||
%if ! %{rescue}
|
||||
%attr(2755,root,nobody) %{_bindir}/ssh-agent
|
||||
%attr(0755,root,root) %{_bindir}/ssh-add
|
||||
%attr(0755,root,root) %{_bindir}/ssh-keyscan
|
||||
%attr(0755,root,root) %{_bindir}/sftp
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
|
||||
%attr(0644,root,root) %{_mandir}/man1/sftp.1*
|
||||
%endif
|
||||
|
||||
%if ! %{rescue}
|
||||
%files server
|
||||
%defattr(-,root,root)
|
||||
%dir %attr(0111,root,root) %{_var}/empty/sshd
|
||||
%attr(0755,root,root) %{_sbindir}/sshd
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
|
||||
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
|
||||
%attr(0644,root,root) %{_mandir}/man5/moduli.5*
|
||||
%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
|
||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
||||
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
||||
%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
|
||||
%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
|
||||
%endif
|
||||
|
||||
%if ! %{no_x11_askpass}
|
||||
%files askpass
|
||||
%defattr(-,root,root)
|
||||
%doc x11-ssh-askpass-%{aversion}/README
|
||||
%doc x11-ssh-askpass-%{aversion}/ChangeLog
|
||||
%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
|
||||
%{_libexecdir}/openssh/ssh-askpass
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
|
||||
%endif
|
||||
|
||||
%if ! %{no_gnome_askpass}
|
||||
%files askpass-gnome
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
|
||||
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Sat Feb 10 2018 Darren Tucker <dtucker@dtucker.net>
|
||||
- Update openssl-devel dependency to match current requirements.
|
||||
- Handle Fedora >=6 openssl 1.0 compat libs.
|
||||
- Remove SSH1 from description.
|
||||
- Don't strip binaries at build time so that debuginfo package can be
|
||||
created.
|
||||
|
||||
* Sun Nov 16 2014 Nico Kadel-Garcia <nakdel@gmail.com>
|
||||
- Add '--mandir' and '--with-mantype' for RHEL 5 compatibility
|
||||
- Add 'dist' option to 'ver' so package names reflect OS at build time
|
||||
- Always include x11-ssh-askpass tarball in SRPM
|
||||
- Add openssh-x11-aspass BuildRequires for libXT-devel, imake, gtk2-devel
|
||||
- Discard 'K5DIR' reporting, not usable inside 'mock' for RHEL 5 compatibility
|
||||
- Discard obsolete '--with-rsh' configure option
|
||||
- Update openssl-devel dependency to 0.9.8f, as found in autoconf
|
||||
|
||||
* Wed Jul 14 2010 Tim Rice <tim@multitalents.net>
|
||||
- test for skip_x11_askpass (line 77) should have been for no_x11_askpass
|
||||
|
||||
* Mon Jun 2 2003 Damien Miller <djm@mindrot.org>
|
||||
- Remove noip6 option. This may be controlled at run-time in client config
|
||||
file using new AddressFamily directive
|
||||
|
||||
* Mon May 12 2003 Damien Miller <djm@mindrot.org>
|
||||
- Don't install profile.d scripts when not building with GNOME/GTK askpass
|
||||
(patch from bet@rahul.net)
|
||||
|
||||
* Tue Oct 01 2002 Damien Miller <djm@mindrot.org>
|
||||
- Install ssh-agent setgid nobody to prevent ptrace() key theft attacks
|
||||
|
||||
* Mon Sep 30 2002 Damien Miller <djm@mindrot.org>
|
||||
- Use contrib/ Makefile for building askpass programs
|
||||
|
||||
* Fri Jun 21 2002 Damien Miller <djm@mindrot.org>
|
||||
- Merge in spec changes from seba@iq.pl (Sebastian Pachuta)
|
||||
- Add new {ssh,sshd}_config.5 manpages
|
||||
- Add new ssh-keysign program and remove setuid from ssh client
|
||||
|
||||
* Fri May 10 2002 Damien Miller <djm@mindrot.org>
|
||||
- Merge in spec changes from RedHat, reorgansie a little
|
||||
- Add Privsep user, group and directory
|
||||
|
||||
* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-2
|
||||
- bump and grind (through the build system)
|
||||
|
||||
* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-1
|
||||
- require sharutils for building (mindrot #137)
|
||||
- require db1-devel only when building for 6.x (#55105), which probably won't
|
||||
work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck
|
||||
- require pam-devel by file (not by package name) again
|
||||
- add Markus's patch to compile with OpenSSL 0.9.5a (from
|
||||
http://bugzilla.mindrot.org/show_bug.cgi?id=141) and apply it if we're
|
||||
building for 6.x
|
||||
|
||||
* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-0
|
||||
- update to 3.1p1
|
||||
|
||||
* Tue Mar 5 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020305
|
||||
- update to SNAP-20020305
|
||||
- drop debug patch, fixed upstream
|
||||
|
||||
* Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020220
|
||||
- update to SNAP-20020220 for testing purposes (you've been warned, if there's
|
||||
anything to be warned about, gss patches won't apply, I don't mind)
|
||||
|
||||
* Wed Feb 13 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-3
|
||||
- add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key
|
||||
exchange, authentication, and named key support
|
||||
|
||||
* Wed Jan 23 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-2
|
||||
- remove dependency on db1-devel, which has just been swallowed up whole
|
||||
by gnome-libs-devel
|
||||
|
||||
* Sat Dec 29 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- adjust build dependencies so that build6x actually works right (fix
|
||||
from Hugo van der Kooij)
|
||||
|
||||
* Tue Dec 4 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-1
|
||||
- update to 3.0.2p1
|
||||
|
||||
* Fri Nov 16 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.1p1-1
|
||||
- update to 3.0.1p1
|
||||
|
||||
* Tue Nov 13 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to current CVS (not for use in distribution)
|
||||
|
||||
* Thu Nov 8 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0p1-1
|
||||
- merge some of Damien Miller <djm@mindrot.org> changes from the upstream
|
||||
3.0p1 spec file and init script
|
||||
|
||||
* Wed Nov 7 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 3.0p1
|
||||
- update to x11-ssh-askpass 1.2.4.1
|
||||
- change build dependency on a file from pam-devel to the pam-devel package
|
||||
- replace primes with moduli
|
||||
|
||||
* Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-9
|
||||
- incorporate fix from Markus Friedl's advisory for IP-based authorization bugs
|
||||
|
||||
* Thu Sep 13 2001 Bernhard Rosenkraenzer <bero@redhat.com> 2.9p2-8
|
||||
- Merge changes to rescue build from current sysadmin survival cd
|
||||
|
||||
* Thu Sep 6 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-7
|
||||
- fix scp's server's reporting of file sizes, and build with the proper
|
||||
preprocessor define to get large-file capable open(), stat(), etc.
|
||||
(sftp has been doing this correctly all along) (#51827)
|
||||
- configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247)
|
||||
- pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298)
|
||||
- mark profile.d scriptlets as config files (#42337)
|
||||
- refer to Jason Stone's mail for zsh workaround for exit-hanging quasi-bug
|
||||
- change a couple of log() statements to debug() statements (#50751)
|
||||
- pull cvs patch to add -t flag to sshd (#28611)
|
||||
- clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221)
|
||||
|
||||
* Mon Aug 20 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-6
|
||||
- add db1-devel as a BuildPrerequisite (noted by Hans Ecke)
|
||||
|
||||
* Thu Aug 16 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- pull cvs patch to fix remote port forwarding with protocol 2
|
||||
|
||||
* Thu Aug 9 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- pull cvs patch to add session initialization to no-pty sessions
|
||||
- pull cvs patch to not cut off challengeresponse auth needlessly
|
||||
- refuse to do X11 forwarding if xauth isn't there, handy if you enable
|
||||
it by default on a system that doesn't have X installed (#49263)
|
||||
|
||||
* Wed Aug 8 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- don't apply patches to code we don't intend to build (spotted by Matt Galgoci)
|
||||
|
||||
* Mon Aug 6 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- pass OPTIONS correctly to initlog (#50151)
|
||||
|
||||
* Wed Jul 25 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- switch to x11-ssh-askpass 1.2.2
|
||||
|
||||
* Wed Jul 11 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- rebuild in new environment
|
||||
|
||||
* Mon Jun 25 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- disable the gssapi patch
|
||||
|
||||
* Mon Jun 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 2.9p2
|
||||
- refresh to a new version of the gssapi patch
|
||||
|
||||
* Thu Jun 7 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- change Copyright: BSD to License: BSD
|
||||
- add Markus Friedl's unverified patch for the cookie file deletion problem
|
||||
so that we can verify it
|
||||
- drop patch to check if xauth is present (was folded into cookie patch)
|
||||
- don't apply gssapi patches for the errata candidate
|
||||
- clear supplemental groups list at startup
|
||||
|
||||
* Fri May 25 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- fix an error parsing the new default sshd_config
|
||||
- add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not
|
||||
dealing with comments right
|
||||
|
||||
* Thu May 24 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- add in Simon Wilkinson's GSSAPI patch to give it some testing in-house,
|
||||
to be removed before the next beta cycle because it's a big departure
|
||||
from the upstream version
|
||||
|
||||
* Thu May 3 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- finish marking strings in the init script for translation
|
||||
- modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd
|
||||
at startup (change merged from openssh.com init script, originally by
|
||||
Pekka Savola)
|
||||
- refuse to do X11 forwarding if xauth isn't there, handy if you enable
|
||||
it by default on a system that doesn't have X installed
|
||||
|
||||
* Wed May 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 2.9
|
||||
- drop various patches that came from or went upstream or to or from CVS
|
||||
|
||||
* Wed Apr 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- only require initscripts 5.00 on 6.2 (reported by Peter Bieringer)
|
||||
|
||||
* Sun Apr 8 2001 Preston Brown <pbrown@redhat.com>
|
||||
- remove explicit openssl requirement, fixes builddistro issue
|
||||
- make initscript stop() function wait until sshd really dead to avoid
|
||||
races in condrestart
|
||||
|
||||
* Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- mention that challengereponse supports PAM, so disabling password doesn't
|
||||
limit users to pubkey and rsa auth (#34378)
|
||||
- bypass the daemon() function in the init script and call initlog directly,
|
||||
because daemon() won't start a daemon it detects is already running (like
|
||||
open connections)
|
||||
- require the version of openssl we had when we were built
|
||||
|
||||
* Fri Mar 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- make do_pam_setcred() smart enough to know when to establish creds and
|
||||
when to reinitialize them
|
||||
- add in a couple of other fixes from Damien for inclusion in the errata
|
||||
|
||||
* Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 2.5.2p2
|
||||
- call setcred() again after initgroups, because the "creds" could actually
|
||||
be group memberships
|
||||
|
||||
* Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- update to 2.5.2p1 (includes endianness fixes in the rijndael implementation)
|
||||
- don't enable challenge-response by default until we find a way to not
|
||||
have too many userauth requests (we may make up to six pubkey and up to
|
||||
three password attempts as it is)
|
||||
- remove build dependency on rsh to match openssh.com's packages more closely
|
||||
|
||||
* Sat Mar 3 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- remove dependency on openssl -- would need to be too precise
|
||||
|
||||
* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- rebuild in new environment
|
||||
|
||||
* Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Revert the patch to move pam_open_session.
|
||||
- Init script and spec file changes from Pekka Savola. (#28750)
|
||||
- Patch sftp to recognize '-o protocol' arguments. (#29540)
|
||||
|
||||
* Thu Feb 22 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Chuck the closing patch.
|
||||
- Add a trigger to add host keys for protocol 2 to the config file, now that
|
||||
configuration file syntax requires us to specify it with HostKey if we
|
||||
specify any other HostKey values, which we do.
|
||||
|
||||
* Tue Feb 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Redo patch to move pam_open_session after the server setuid()s to the user.
|
||||
- Rework the nopam patch to use be picked up by autoconf.
|
||||
|
||||
* Mon Feb 19 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update for 2.5.1p1.
|
||||
- Add init script mods from Pekka Savola.
|
||||
- Tweak the init script to match the CVS contrib script more closely.
|
||||
- Redo patch to ssh-add to try to adding both identity and id_dsa to also try
|
||||
adding id_rsa.
|
||||
|
||||
* Fri Feb 16 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update for 2.5.0p1.
|
||||
- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass
|
||||
- Resync with parts of Damien Miller's openssh.spec from CVS, including
|
||||
update of x11 askpass to 1.2.0.
|
||||
- Only require openssl (don't prereq) because we generate keys in the init
|
||||
script now.
|
||||
|
||||
* Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Don't open a PAM session until we've forked and become the user (#25690).
|
||||
- Apply Andrew Bartlett's patch for letting pam_authenticate() know which
|
||||
host the user is attempting a login from.
|
||||
- Resync with parts of Damien Miller's openssh.spec from CVS.
|
||||
- Don't expose KbdInt responses in debug messages (from CVS).
|
||||
- Detect and handle errors in rsa_{public,private}_decrypt (from CVS).
|
||||
|
||||
* Wed Feb 7 2001 Trond Eivind Glomsrxd <teg@redhat.com>
|
||||
- i18n-tweak to initscript.
|
||||
|
||||
* Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- More gettextizing.
|
||||
- Close all files after going into daemon mode (needs more testing).
|
||||
- Extract patch from CVS to handle auth banners (in the client).
|
||||
- Extract patch from CVS to handle compat weirdness.
|
||||
|
||||
* Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Finish with the gettextizing.
|
||||
|
||||
* Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Fix a bug in auth2-pam.c (#23877)
|
||||
- Gettextize the init script.
|
||||
|
||||
* Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Incorporate a switch for using PAM configs for 6.x, just in case.
|
||||
|
||||
* Tue Dec 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Incorporate Bero's changes for a build specifically for rescue CDs.
|
||||
|
||||
* Wed Nov 29 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Don't treat pam_setcred() failure as fatal unless pam_authenticate() has
|
||||
succeeded, to allow public-key authentication after a failure with "none"
|
||||
authentication. (#21268)
|
||||
|
||||
* Tue Nov 28 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to x11-askpass 1.1.1. (#21301)
|
||||
- Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290)
|
||||
|
||||
* Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Merge multiple PAM text messages into subsequent prompts when possible when
|
||||
doing keyboard-interactive authentication.
|
||||
|
||||
* Sun Nov 26 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Disable the built-in MD5 password support. We're using PAM.
|
||||
- Take a crack at doing keyboard-interactive authentication with PAM, and
|
||||
enable use of it in the default client configuration so that the client
|
||||
will try it when the server disallows password authentication.
|
||||
- Build with debugging flags. Build root policies strip all binaries anyway.
|
||||
|
||||
* Tue Nov 21 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Use DESTDIR instead of %%makeinstall.
|
||||
- Remove /usr/X11R6/bin from the path-fixing patch.
|
||||
|
||||
* Mon Nov 20 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Add the primes file from the latest snapshot to the main package (#20884).
|
||||
- Add the dev package to the prereq list (#19984).
|
||||
- Remove the default path and mimic login's behavior in the server itself.
|
||||
|
||||
* Fri Nov 17 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Resync with conditional options in Damien Miller's .spec file for an errata.
|
||||
- Change libexecdir from %%{_libexecdir}/ssh to %%{_libexecdir}/openssh.
|
||||
|
||||
* Tue Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to OpenSSH 2.3.0p1.
|
||||
- Update to x11-askpass 1.1.0.
|
||||
- Enable keyboard-interactive authentication.
|
||||
|
||||
* Mon Oct 30 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to ssh-askpass-x11 1.0.3.
|
||||
- Change authentication related messages to be private (#19966).
|
||||
|
||||
* Tue Oct 10 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Patch ssh-keygen to be able to list signatures for DSA public key files
|
||||
it generates.
|
||||
|
||||
* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always
|
||||
build PAM authentication in.
|
||||
- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
|
||||
- Clean out no-longer-used patches.
|
||||
- Patch ssh-add to try to add both identity and id_dsa, and to error only
|
||||
when neither exists.
|
||||
|
||||
* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update x11-askpass to 1.0.2. (#17835)
|
||||
- Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will
|
||||
always find them in the right place. (#17909)
|
||||
- Set the default path to be the same as the one supplied by /bin/login, but
|
||||
add /usr/X11R6/bin. (#17909)
|
||||
- Try to handle obsoletion of ssh-server more cleanly. Package names
|
||||
are different, but init script name isn't. (#17865)
|
||||
|
||||
* Wed Sep 6 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to 2.2.0p1. (#17835)
|
||||
- Tweak the init script to allow proper restarting. (#18023)
|
||||
|
||||
* Wed Aug 23 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to 20000823 snapshot.
|
||||
- Change subpackage requirements from %%{version} to %%{version}-%%{release}
|
||||
- Back out the pipe patch.
|
||||
|
||||
* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to 2.1.1p4, which includes fixes for config file parsing problems.
|
||||
- Move the init script back.
|
||||
- Add Damien's quick fix for wackiness.
|
||||
|
||||
* Wed Jul 12 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok().
|
||||
|
||||
* Thu Jul 6 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Move condrestart to server postun.
|
||||
- Move key generation to init script.
|
||||
- Actually use the right patch for moving the key generation to the init script.
|
||||
- Clean up the init script a bit.
|
||||
|
||||
* Wed Jul 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Fix X11 forwarding, from mail post by Chan Shih-Ping Richard.
|
||||
|
||||
* Sun Jul 2 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to 2.1.1p2.
|
||||
- Use of strtok() considered harmful.
|
||||
|
||||
* Sat Jul 1 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Get the build root out of the man pages.
|
||||
|
||||
* Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Add and use condrestart support in the init script.
|
||||
- Add newer initscripts as a prereq.
|
||||
|
||||
* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Build in new environment (release 2)
|
||||
- Move -clients subpackage to Applications/Internet group
|
||||
|
||||
* Fri Jun 9 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update to 2.2.1p1
|
||||
|
||||
* Sat Jun 3 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Patch to build with neither RSA nor RSAref.
|
||||
- Miscellaneous FHS-compliance tweaks.
|
||||
- Fix for possibly-compressed man pages.
|
||||
|
||||
* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
|
||||
- Updated for new location
|
||||
- Updated for new gnome-ssh-askpass build
|
||||
|
||||
* Sun Dec 26 1999 Damien Miller <djm@mindrot.org>
|
||||
- Added Jim Knoble's <jmknoble@pobox.com> askpass
|
||||
|
||||
* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
|
||||
- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
|
||||
|
||||
* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
|
||||
- Added 'Obsoletes' directives
|
||||
|
||||
* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Use make install
|
||||
- Subpackages
|
||||
|
||||
* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Added links for slogin
|
||||
- Fixed perms on manpages
|
||||
|
||||
* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Renamed init script
|
||||
|
||||
* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Back to old binary names
|
||||
|
||||
* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Use autoconf
|
||||
- New binary names
|
||||
|
||||
* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
|
||||
- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
#%PAM-1.0
|
||||
auth required /lib/security/pam_pwdb.so shadow nodelay
|
||||
auth required /lib/security/pam_nologin.so
|
||||
account required /lib/security/pam_pwdb.so
|
||||
password required /lib/security/pam_cracklib.so
|
||||
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
|
||||
session required /lib/security/pam_pwdb.so
|
||||
session required /lib/security/pam_limits.so
|
|
@ -1,120 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
# Run with faketime -f '-2d' $1 on non-trading day
|
||||
#
|
||||
|
||||
export LC_TIME=en_US
|
||||
|
||||
if [ "$1" = "-t" ]; then
|
||||
MAILTO=xpk@headdesk.me
|
||||
else
|
||||
MAILTO=list.k0k9oxbxrir2n3t7@headdesk.me
|
||||
fi
|
||||
|
||||
WORKDIR="/my/scripts/finance"
|
||||
cd $WORKDIR
|
||||
|
||||
MONTH=$(date +%b)
|
||||
NEXTMONTH=$(date +%b -d 'next month')
|
||||
|
||||
# get the same in sqlite. but the date column gets translated to a date without year. so can't use it just yet
|
||||
http -pb "https://www.hkex.com.hk/eng/stat/dmstat/dayrpt/hsio$(date +%y%m%d).htm" \
|
||||
| pcre2grep '^[A-Z]*\S+[0-9]+' | awk '($21>10) {print $1,$2,$3,$21,$22}' \
|
||||
| csvsql -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --tables mo --insert
|
||||
|
||||
sleep 1
|
||||
|
||||
echo "* HSI options big player positions" > /tmp/msg
|
||||
echo "3000 support | 4000 strong support | 5000 iron | 6000 steel" >> /tmp/msg
|
||||
|
||||
echo "" >> /tmp/msg
|
||||
echo -e "//////// Monthly option this month ////////\n" >> /tmp/msg
|
||||
echo -e "*Resistance*" >> /tmp/msg
|
||||
sql2csv -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --query "select * from (select * from mo \
|
||||
where a like '$MONTH%' and c = 'C' order by d desc limit 6) as t1 order by 2 desc;" | tr ',' ' ' | column -t >> /tmp/msg
|
||||
|
||||
echo -e "\n*Support*" >> /tmp/msg
|
||||
sql2csv -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --query "select * from (select * from mo \
|
||||
where a like '$MONTH%' and c = 'P' order by d desc limit 6) as t1 order by 2 desc;" | tr ',' ' ' | column -t >> /tmp/msg
|
||||
|
||||
echo -e "\n//////// Monthly option next month /////////\n" >> /tmp/msg
|
||||
echo -e "*Resistance*" >> /tmp/msg
|
||||
sql2csv -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --query "select * from (select * from mo \
|
||||
where a like '$NEXTMONTH%' and c = 'C' order by d desc limit 6) as t1 order by 2 desc;" | tr ',' ' ' | column -t >> /tmp/msg
|
||||
|
||||
|
||||
echo -e "\n*Support*" >> /tmp/msg
|
||||
sql2csv -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --query "select * from (select * from mo \
|
||||
where a like '$NEXTMONTH%' and c = 'P' order by d desc limit 6) as t1 order by 2 desc;" | tr ',' ' ' | column -t >> /tmp/msg
|
||||
|
||||
# weekly option
|
||||
echo -e "\n//////// Weekly option ////////" >> /tmp/msg
|
||||
http "https://www.hkex.com.hk/eng/stat/dmstat/dayrpt/hsiwo$(date +%y%m%d).htm" | awk '(/^[0-9].* [CP]/) && ($21>0) {print $1,$2,$3,$21,$22}' | csvsql -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --tables wo --insert
|
||||
|
||||
sleep 1
|
||||
|
||||
echo -e "\n*Resistance*" >> /tmp/msg
|
||||
sql2csv -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --query "select * from (select a,b,c,d,e \
|
||||
from wo where c = 'C' order by d desc limit 5) as t1 order by 1 asc ,2 desc;" | tr ',' ' ' | column -t >> /tmp/msg
|
||||
|
||||
echo -e "\n*Support*" >> /tmp/msg
|
||||
sql2csv -H --db "mysql://kn:qwerty-asdf@localhost/hsi" --query "select * from (select a,b,c,d,e \
|
||||
from wo where c = 'P' order by d desc limit 5) as t1 order by 1 asc ,2 desc;" | tr ',' ' ' | column -t >> /tmp/msg
|
||||
|
||||
echo -e "\n//////// HSIF position day end ////////" >> /tmp/msg
|
||||
|
||||
mkdir -p /tmp/hsif-tmp
|
||||
FILENAME="DTOP_F_$(date +%Y%m%d).zip"
|
||||
wget -q -O- "https://www.hkex.com.hk/eng/stat/dmstat/oi/$FILENAME" | bsdtar -C/tmp/hsif-tmp -xf -
|
||||
if [ -f "/tmp/hsif-tmp/${FILENAME%.*}/no_trading_activities.txt" ]; then
|
||||
echo -e "Not a trading day, no data..." >> /tmp/msg
|
||||
# terminate script
|
||||
rm -rf /tmp/hsif-tmp
|
||||
exit 0
|
||||
else
|
||||
cat /tmp/hsif-tmp/*dtop_f_hkcc_fut_dtl_hsi.rpt | grep ^HSI | head -1 | awk '{print $5,$6}' > /my/scripts/finance/hsif-today
|
||||
paste /my/scripts/finance/hsif-last /my/scripts/finance/hsif-today | tr -d ',' \
|
||||
| awk '{gc = $3 - $1; nc = $4 - $2; printf "Gross: %d %+d Net: %d %+d\n", $3, gc, $4, nc}' >> /tmp/msg
|
||||
cat /my/scripts/finance/hsif-last > /my/scripts/finance/hsif-last.1
|
||||
cat /my/scripts/finance/hsif-today > /my/scripts/finance/hsif-last
|
||||
rm -f /my/scripts/finance/hsif-today
|
||||
rm -rf /tmp/hsif-tmp
|
||||
fi
|
||||
|
||||
# Get HSI today
|
||||
echo -e "\n//////// HSI closing ////////" >> /tmp/msg
|
||||
links2 -dump 'http://www.aastocks.com/en/stocks/market/index/hk-index.aspx' | grep HSI | head -1 | awk '{print $2, $3, $5}' | cut -b4- >> /tmp/msg
|
||||
|
||||
# Calculate fluctuation based on VHSI
|
||||
echo -e "\n//////// 用VHSI計未來30日波 ////////" >> /tmp/msg
|
||||
/my/scripts/finance/vhsi.py >> /tmp/msg
|
||||
|
||||
# Disclaimer and unsubscribe link
|
||||
echo -e "\n--\nData in this message are extracted from HKEX and AASTOCKs and sent to you via MAILGUN. To unsubscribe, please use the link %mailing_list_unsubscribe_url%" >> /tmp/msg
|
||||
|
||||
echo -e "\n\nData sources:
|
||||
https://www.hkex.com.hk/eng/stat/dmstat/dayrpt/hsio$(date +%y%m%d).htm
|
||||
https://www.hkex.com.hk/eng/stat/dmstat/oi/$FILENAME
|
||||
http://www.aastocks.com/en/stocks/market/index/hk-index.aspx
|
||||
https://www.ifec.org.hk/web/common/pdf/ouhk2012/02.pdf
|
||||
https://hk.finance.yahoo.com/quote/%5EHSIL/
|
||||
https://www.investing.com/indices/hong-kong-40-futures-historical-data
|
||||
https://www.hkex.com.hk/eng/stat/dmstat/dayrpt/hsiwo$(date +%y%m%d).htm" >> /tmp/msg
|
||||
|
||||
if [ "$1" = "-t" ]; then
|
||||
cat /tmp/msg
|
||||
cp hsif-last.1 hsif-last
|
||||
else
|
||||
# hsi list is on mailgun
|
||||
makemime -c "text/plain; charset=utf-8" -a "Subject: HSIO 大戶位 / HSIF day end // $(date +%x)" \
|
||||
-a "From: do-not-reply@headdesk.me" -o /tmp/msg.mime /tmp/msg
|
||||
|
||||
curl -s --user 'api:key-30aa61423c7d63a1432ede669c22da5e' \
|
||||
https://api.mailgun.net/v3/headdesk.me/messages.mime \
|
||||
-F to=$MAILTO \
|
||||
-F message=@/tmp/msg.mime
|
||||
fi
|
||||
|
||||
rm -f /tmp/msg /tmp/msg.mime /tmp/hsio.txt
|
||||
mysql hsi -Nse "drop table mo;"
|
||||
mysql hsi -Nse "drop table wo;"
|
||||
|
Loading…
Reference in New Issue