updated 6 packages

cyrus-sasl-2.1.27-2

dnsmasq-2.81-1

freerdp-2.1.1-1

glib2-2.64.3-1

libmariadb-3.1.8-1

openssh-8.3p1-1

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@12413 ec354946-7b23-47d6-9f5a-488ba84defc7

c/cyrus-sasl/cyrus-sasl-vl.spec

@@ -1,3 +1,5 @@
+%bcond_with systemd
+
 %define build_compat32 %{?_with_compat32:1}%{!?_with_compat32:0}
 
 %define _plugindir2 %{_libdir}/sasl2
@@ -6,15 +8,18 @@ Summary: The Cyrus SASL library.
 Summary(ja): Cyrus SASL ライブラリ
 Name: cyrus-sasl
 Version: 2.1.27
-Release: 1%{?_dist_release}
-License: BSD with advertising
+Release: 2%{?_dist_release}%{?with_systemd:.systemd}
 Group: System Environment/Libraries
-URL: http://cyrusimap.org/
+Vendor: Project Vine
+Distribution: Vine Linux
 
+License: BSD with advertising
+URL: http://cyrusimap.org/
 Source0: ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-%{version}.tar.gz
 Source4: saslauthd.init
 Source5: README.RPM
 Source9: saslauthd.sysconfig
+Source10: saslauthd.service
 #
 Patch11: cyrus-sasl-2.1.25-no_rpath.patch
 Patch15: cyrus-sasl-2.1.20-saslauthd.conf-path.patch
@@ -25,7 +30,7 @@ Patch49: cyrus-sasl-2.1.26-md5global.patch
 Patch102: cyrus-sasl-2.1.26-configure.patch
 
 #security
-# none.
+Patch1000: cyrus-sasl-cve-2019-19906.patch
 
 Buildroot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: autoconf, automake, libtool
@@ -41,11 +46,15 @@ BuildRequires: pkgconfig
 BuildRequires: krb5-devel
 BuildRequires: groff
 BuildRequires: libxcrypt-devel
-Requires(post): /sbin/ldconfig, chkconfig
-Requires(postun): /sbin/ldconfig, chkconfig
+Requires(post): /sbin/ldconfig
+Requires(postun): /sbin/ldconfig
+%if %{with systemd}
+%{?systemd_requires}
+%else
+Requires(post): chkconfig
+Requires(postun): chkconfig
+%endif
 
-Vendor: Project Vine
-Distribution: Vine Linux
 
 %description
 The %{name} package contains the Cyrus implementation of SASL.
@@ -250,12 +259,18 @@ the GS2 authentication scheme.
 chmod -x doc/legacy/*.html
 chmod -x include/*.h
 %patch11 -p1 -b .no_rpath
+%if %{with systemd}
 %patch15 -p1 -b .path
+%else
+sed -i -e 's|/usr/local/etc|/etc|g' saslauthd/saslauthd.mdoc
+%endif
 %patch24 -p1 -b .sizes
 %patch49 -p1 -b .md5global.h
 
 %patch102 -p1 -b .configure
 
+%patch1000 -p1 -b .CVE-2019-19906
+
 %build
 # FIXME - we remove these files directly so that we can avoid using the -f
 # flag, which has a nasty habit of overwriting files like COPYING.
@@ -314,7 +329,11 @@ echo "$LDFLAGS"
 	--with-rc4 \
 	--with-dblib=berkeley \
         --with-bdb=db \
+%if %{with systemd}
+	--with-saslauthd=/run/saslauthd --without-pwcheck \
+%else
 	--with-saslauthd=/var/run/saslauthd --without-pwcheck \
+%endif
 	--with-ldap \
 	--with-devrandom=/dev/urandom \
 	--enable-anon \
@@ -353,13 +372,17 @@ install -m755 utils/dbconverter-2 $RPM_BUILD_ROOT%{_sbindir}/dbconverter-2
 install -m755 -d $RPM_BUILD_ROOT%{_mandir}/man8/
 install -m644 saslauthd/saslauthd.mdoc $RPM_BUILD_ROOT%{_mandir}/man8/saslauthd.8
 
+install -Dpm644 %{SOURCE9} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
+%if %{with systemd}
+install -Dpm644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/saslauthd.service
+sed -i -e 's|/var/run|/run|g' $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
+%else
+# Install the init script for saslauthd
+install -m755 -d $RPM_BUILD_ROOT/etc/rc.d/init.d
+install -m755 -p %{SOURCE4} $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
 # Create the saslauthd listening directory.
 install -m755 -d $RPM_BUILD_ROOT/var/run/saslauthd
-
-# Install the init script for saslauthd and the init script's config file.
-install -m755 -d $RPM_BUILD_ROOT/etc/rc.d/init.d $RPM_BUILD_ROOT/etc/sysconfig
-install -m755 -p %{SOURCE4} $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
-install -m644 -p %{SOURCE9} $RPM_BUILD_ROOT/etc/sysconfig/saslauthd
+%endif
 
 # Install the config dirs if they're not already there.
 install -m755 -d $RPM_BUILD_ROOT/%{_sysconfdir}/sasl2
@@ -375,20 +398,45 @@ rm -f $RPM_BUILD_ROOT%{_mandir}/cat8/saslauthd.8
 %clean
 test "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT
 
+
+%if %{with systemd}
+%pre
+getent group %{username} >/dev/null || groupadd -g 76 -r saslauth
+getent passwd %{username} >/dev/null || useradd -r -g saslauth -d /run/saslauthd -s /sbin/nologin -c "Saslauthd user" saslauth
+%endif
+
 %post
 /sbin/ldconfig
+%if %{with systemd}
+if [ -e %{_initdir}/saslauthd ]; then
+  /bin/systemctl --no-reload preset saslauthd.service || :
+fi
+%systemd_post saslauthd.service
+%else
 /sbin/chkconfig --add saslauthd
+%endif
 
 %preun
-if [ $1 = 0 ] ; then
+%if %{with systemd}
+%systemd_preun saslauthd.service
+%else
+if [ $1 = 0 -o -x /bin/systemctl ] ; then
+	/sbin/service saslauthd stop 2>&1 > /dev/null ||:
 	/sbin/chkconfig --del saslauthd
 fi
+exit 0
+%endif
 
 %postun
 /sbin/ldconfig
+%if %{with systemd}
+%systemd_postun_with_restart saslauthd.service
+%else
 if [ $1 != 0 ] ; then
-	/sbin/service saslauthd condrestart 2>&1 > /dev/null
+	/sbin/service saslauthd condrestart 2>&1 > /dev/null ||:
 fi
+exit 0
+%endif
 
 %if %{build_compat32}
 %post -n compat32-%{name} -p /sbin/ldconfig
@@ -413,8 +461,13 @@ fi
 %{_sbindir}/saslauthd
 %{_sbindir}/testsaslauthd
 %config(noreplace) /etc/sysconfig/saslauthd
+%if %{with systemd}
+%{_unitdir}/saslauthd.service
+%ghost /run/saslauthd
+%else
 %config /etc/rc.d/init.d/saslauthd
 /var/run/saslauthd
+%endif
 
 %files gssapi
 %defattr(-,root,root)
@@ -511,6 +564,9 @@ fi
 
 
 %changelog
+* Wed May 27 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.1.27-2
+- added systemd support (disables as default).
+
 * Mon May 13 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.1.27-1
 - new upstream release.
 - updated Patch11, 15, 21, 49 and 102.

d/dnsmasq/dnsmasq-vl.spec

@@ -1,27 +1,37 @@
+%bcond_with systemd
+
 Name:           dnsmasq
-Version:        2.80
-Release:        2%{?_dist_release}
+Version:        2.81
+Release:        1%{?_dist_release}%{?with_systemd:.systemd}
 Summary:        A lightweight DHCP/caching DNS server
 Summary(ja):    軽量 DHCP/DNSキャッシュサーバ
-
 Group:          System Environment/Daemons
+Vendor:         Project Vine
+Distribution:   Vine Linux
+
 License:        GPLv2 or GPLv3
 URL:            http://www.thekelleys.org.uk/dnsmasq/
 Source0:        http://www.thekelleys.org.uk/dnsmasq/%{name}-%{version}.tar.xz
+Source1:        %{name}.service
+Source2:        dnsmasq-systemd-sysusers.conf
 Patch0:         %{name}-2.33-initscript.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires:  dbus-devel, libidn2-devel, nettle-devel
 BuildRequires:  pkgconfig
 
-Requires(post):  /sbin/chkconfig
-Requires(post):  /sbin/service
-Requires(post):  /bin/sed /bin/grep
+Requires(pre): shadow-utils
+Requires(post): /bin/sed /bin/grep
+%if %{with systemd}
+BuildRequires:  systemd
+%{?systemd_requires}
+%else
+Requires(post): /sbin/chkconfig
+Requires(post): /sbin/service
 Requires(preun): /sbin/chkconfig
 Requires(preun): /sbin/service
-
-Vendor: Project Vine
-Distribution: Vine Linux
+Requires(postun): /sbin/service
+%endif
 
 %description
 Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. 
@@ -36,7 +46,9 @@ machines.
 
 %prep
 %setup -q -n %{name}-%{version}
+%if !%{with systemd}
 %patch0 -p1
+%endif
 
 # use /var/lib/dnsmasq instead of /var/lib/misc
 for file in dnsmasq.conf.example man/dnsmasq.8 man/es/dnsmasq.8 src/config.h; do
@@ -46,6 +58,13 @@ done
 # fix the path to the trust anchor
 sed -i 's|%%%%PREFIX%%%%|%{_prefix}|' dnsmasq.conf.example
 
+#set dnsmasq user / group
+sed -i 's|#user=|user=dnsmasq|' dnsmasq.conf.example
+sed -i 's|#group=|group=dnsmasq|' dnsmasq.conf.example
+#set default user /group in src/config.h
+sed -i 's|#define CHUSER "nobody"|#define CHUSER "dnsmasq"|' src/config.h
+sed -i 's|#define CHGRP "dip"|#define CHGRP "dnsmasq"|' src/config.h
+
 #enable dbus
 sed -i 's|/\* #define HAVE_DBUS \*/|#define HAVE_DBUS|g' src/config.h
 
@@ -64,13 +83,14 @@ EOF
 
 
 %build
-make %{?_smp_mflags}
+make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
+make %{?_smp_mflags} -C contrib/lease-tools CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
 
 
 %install
 rm -rf $RPM_BUILD_ROOT
 # normally i'd do 'make install'...it's a bit messy, though
-mkdir -p $RPM_BUILD_ROOT%{_sbindir} $RPM_BUILD_ROOT%{_initrddir} \
+mkdir -p $RPM_BUILD_ROOT%{_sbindir} \
         $RPM_BUILD_ROOT%{_mandir}/man8 \
         $RPM_BUILD_ROOT%{_var}/lib/dnsmasq \
         $RPM_BUILD_ROOT%{_sysconfdir}/dnsmasq.d \
@@ -78,13 +98,52 @@ mkdir -p $RPM_BUILD_ROOT%{_sbindir} $RPM_BUILD_ROOT%{_initrddir} \
 install src/dnsmasq $RPM_BUILD_ROOT%{_sbindir}/dnsmasq
 install dnsmasq.conf.example $RPM_BUILD_ROOT%{_sysconfdir}/dnsmasq.conf
 install dbus/dnsmasq.conf $RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d/
-install rpm/dnsmasq.init $RPM_BUILD_ROOT%{_initrddir}/dnsmasq
 install -m 644 man/dnsmasq.8 $RPM_BUILD_ROOT%{_mandir}/man8/
+install -D trust-anchors.conf $RPM_BUILD_ROOT%{_datadir}/%{name}/trust-anchors.conf
+
+# utils sub package
+mkdir -p $RPM_BUILD_ROOT%{_bindir} \
+         $RPM_BUILD_ROOT%{_mandir}/man1
+install -m 755 contrib/lease-tools/dhcp_release $RPM_BUILD_ROOT%{_bindir}/dhcp_release
+install -m 644 contrib/lease-tools/dhcp_release.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release.1
+install -m 755 contrib/lease-tools/dhcp_release6 $RPM_BUILD_ROOT%{_bindir}/dhcp_release6
+install -m 644 contrib/lease-tools/dhcp_release6.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_release6.1
+install -m 755 contrib/lease-tools/dhcp_lease_time $RPM_BUILD_ROOT%{_bindir}/dhcp_lease_time
+install -m 644 contrib/lease-tools/dhcp_lease_time.1 $RPM_BUILD_ROOT%{_mandir}/man1/dhcp_lease_time.1
+
+%if %{with systemd}
+# Systemd
+mkdir -p %{buildroot}%{_unitdir}
+install -m644 %{SOURCE1} %{buildroot}%{_unitdir}
+rm -rf %{buildroot}%{_initrddir}
+
+#install systemd sysuser file
+install -Dpm 644 %{SOURCE2} %{buildroot}%{_sysusersdir}/%{name}.conf
+%else
+mkdir -p $RPM_BUILD_ROOT%{_initrddir}
+install rpm/dnsmasq.init $RPM_BUILD_ROOT%{_initrddir}/dnsmasq
+%endif
+
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
+%pre
+%if %{with systemd}
+#precreate users so that rpm can install files owned by that user
+%sysusers_create_package %{name} %{SOURCE2}
+%else
+getent group dnsmasq >/dev/null || groupadd -r dnsmasq
+getent passwd dnsmasq >/dev/null || \
+    useradd -r -g dnsmasq -d /var/lib/dnsmasq -s /sbin/nologin \
+    -c "Dnsmasq DHCP and DNS server" dnsmasq
+exit 0
+%endif
+
 %post
+%if %{with systemd}
+%systemd_post dnsmasq.service
+%endif
 if [ "$1" = "2" ]; then # if we're being upgraded
     # if using the old leases location, move the file to the new one
     # but only if we're not clobbering another file
@@ -100,16 +159,30 @@ if [ "$1" = "2" ]; then # if we're being upgraded
         sed -e 's/var\/lib\/misc/var\/lib\/dnsmasq/' < %{_sysconfdir}/dnsmasq.conf.tmp > %{_sysconfdir}/dnsmasq.conf || :
         rm -f %{_sysconfdir}/dnsmasq.conf.tmp || :
     fi
-    /sbin/service dnsmasq condrestart >/dev/null 2>&1 || :
+%if !%{with systemd}
 else # if we're being installed
     /sbin/chkconfig --add dnsmasq
+%endif
 fi
 
 %preun
-if [ "$1" = "0" ]; then     # execute this only if we are NOT doing an upgrade
+%if %{with systemd}
+%systemd_preun dnsmasq.service
+%else
+if [ "$1" = "0" -o -x /bin/systemctl ]; then     # execute this only if we are NOT doing an upgrade
     /sbin/service dnsmasq stop >/dev/null 2>&1 || :
     /sbin/chkconfig --del dnsmasq
 fi
+%endif
+
+%postun
+%if %{with systemd}
+%systemd_postun_with_restart dnsmasq.service
+%else
+if [ "$1" -gt "0" ]; then
+    /sbin/service dnsmasq condrestart >/dev/null 2>&1 || :
+fi
+%endif
 
 
 %files
@@ -120,12 +193,24 @@ fi
 %dir /etc/dnsmasq.d
 %dir %{_var}/lib/dnsmasq
 %config(noreplace) %attr(644,root,root) %{_sysconfdir}/dbus-1/system.d/dnsmasq.conf
-%{_initrddir}/dnsmasq
+%dir %{_datadir}/dnsmasq
+%{_datadir}/dnsmasq/*
 %{_sbindir}/dnsmasq
 %{_mandir}/man8/dnsmasq*
-
+%if %{with systemd}
+%{_unitdir}/%{name}.service
+%{_sysusersdir}/dnsmasq.conf
+%else
+%{_initrddir}/dnsmasq
+%endif
+%{_bindir}/dhcp_*
+%{_mandir}/man1/dhcp_*
 
 %changelog
+* Sat May 23 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.81-1
+- new upstream release.
+- added systemd support (disabled as default).
+
 * Sat Mar 21 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.80-2
 - rebuilt with libidn2.
 

f/freerdp/freerdp-vl.spec

@@ -3,7 +3,7 @@
 Name:           freerdp
 Summary:        Remote Desktop Protocol client
 Summary(ja):    リモートデスクトッププロトコルクライアント
-Version:        2.1.0
+Version:        2.1.1
 Release:        1%{?rcnumber:.%{rcnumber}}%{?_dist_release}
 Group:          Applications/Internet
 Vendor:         Project Vine
@@ -175,6 +175,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 
 
 %changelog
+* Wed May 27 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.1.1-1
+- updated to 2.1.1.
+
 * Sat May 16 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.1.0-1
 - updated to 2.1.0.
 

g/glib2/glib2-vl.spec

@@ -3,8 +3,8 @@
 
 Summary:        A library of handy utility functions.
 Name:           glib2
-Version:        2.64.2
-Release:        2%{?_dist_release}
+Version:        2.64.3
+Release:        1%{?_dist_release}
 Group:          System Environment/Libraries
 Vendor:         Project Vine
 Distribution:   Vine Linux
@@ -90,6 +90,9 @@ The glib-devel package includes the header files for
 version %{shortver} of the GLib library. 
 
 
+%debug_package
+
+
 %prep
 %setup -q -n glib-%{version}
 
@@ -214,6 +217,9 @@ gio-querymodules %{_libdir}/gio/modules
 %endif
 
 %changelog
+* Sat May 30 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.64.3-1
+- new upstream release.
+
 * Wed Apr 15 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 2.64.2-2
 - rebuilt with libffi-3.3.
 

lib/libm/libmariadb/libmariadb-vl.spec

@@ -1,17 +1,18 @@
 Name:           libmariadb
-Version:        3.1.7
-Release:        1%{?_dist_release}
-Epoch:          1
 Summary:        The MariaDB Native Client library (C driver)
+Epoch:          1
+Version:        3.1.8
+Release:        1%{?_dist_release}
 Group:          System Environment/Libraries
-License:        LGPLv2+
 Vendor:         Project Vine
 Distribution:   Vine Linux
 Packager:       tomop
+
+License:        LGPLv2+
+Url:            http://mariadb.org/
 Source:         https://downloads.mariadb.com/Connectors/c/connector-c-%{version}/mariadb-connector-c-%{version}-src.tar.gz
 Source2:        my.cnf
 Source3:        client.cnf
-Url:            http://mariadb.org/
 # More information: https://mariadb.com/kb/en/mariadb/building-connectorc-from-source/
 
 Requires:       mariadb-common
@@ -194,6 +195,9 @@ end
 #   https://jira.mariadb.org/browse/CONC-291
 
 %changelog
+* Sat May 23 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 3.1.8-1
+- new upstream release.
+
 * Fri Feb 14 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 3.1.7-1
 - new upstream release.
 

o/openssh/openssh-vl.spec

@@ -1,5 +1,4 @@
-%define ver 8.2p1
-%define rel 1%{_dist_release}
+%bcond_with systemd
 
 # SELinux
 %define WITH_SELINUX 0
@@ -8,9 +7,6 @@
 %define sshd_uid    74
 %define sshd_gid    74
 
-# Version of ssh-askpass
-%define aversion 1.2.4.1
-
 # Do we want to disable building of gnome-askpass? (1=yes 0=no)
 %define no_gnome_askpass 0
 
@@ -60,11 +56,24 @@
 Summary: The OpenSSH implementation of SSH.
 Summary(ja): OpenSSH - フリーの Secure Shell (SSH) の実装
 Name: openssh
-Version: %{ver}
-Release: %{rel}
-URL: https://www.openssh.com/portable.html
+Version: 8.3p1
+Release: 1%{_dist_release}%{?with_systemd:.systemd}
+Group: Applications/Internet
+Vendor: Project Vine
+Distribution: Vine Linux
+Packager: daisuke
 
+License: BSD
+URL: https://www.openssh.com/portable.html
 Source0: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
+# files for systemd
+Source9: sshd@.service
+Source10: sshd.socket
+Source11: sshd.service
+Source12: sshd-keygen@.service
+Source13: sshd-keygen
+Source14: sshd.tmpfiles
+Source15: sshd-keygen.target
 
 Patch0: openssh-7.6p1-vine.patch
 #Patch4: openssh-8.0p1-vendor.patch
@@ -78,12 +87,13 @@ Patch26: openssh-5.2p1-pam-no-stack.patch
 # Patch31: openssh-3.9p1-skip-used.patch
 Patch35: openssh-8.2p1-askpass-progress-gtk3.patch
 
+# Help systemd to track the running service
+Patch948: openssh-7.4p1-systemd.patch
+
 # Vine Source
 Source100: sshd.init.vine
 Source110: sshd.sysconfig.vine
 
-License: BSD
-Group: Applications/Internet
 BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
 
 Obsoletes: ssh
@@ -104,10 +114,10 @@ BuildRequires: gtk3-devel
 BuildRequires: xorg-x11-xauth
 BuildRequires: groff
 BuildRequires: libedit-devel
+%if %{with systemd}
+BuildRequires: systemd-devel
+%endif
 
-Vendor: Project Vine
-Distribution: Vine Linux
-Packager: daisuke
 
 %package clients
 Summary: OpenSSH clients.
@@ -234,8 +244,8 @@ OpenSSH は OpenBSD による最後のフリーのバージョンの再実装で
 
 このパッケージは GNOME 用のパスフレーズ入力ダイアログを含んでいます。
 
-%prep
 
+%prep
 %setup -q
 %patch0 -p1 -b .vine
 #patch4 -p1 -b .vendor
@@ -252,6 +262,10 @@ OpenSSH は OpenBSD による最後のフリーのバージョンの再実装で
 # %patch30 -p1 -b .exit-deadlock
 %patch35 -p1 -b .progress
 
+%if %{with systemd}
+%patch948 -p1
+%endif
+
 autoreconf
 
 
@@ -288,10 +302,14 @@ LDFLAGS="$LDFLAGS -pie"; export LDFLAGS
 	--with-ipv4-default \
 %endif
 %if %{rescue}
-	--without-pam --with-md5-passwords
+	--without-pam --with-md5-passwords \
 %else
-	--with-pam
+	--with-pam \
 %endif
+%if %{with systemd}
+	--with-systemd \
+%endif
+	%{nil}
 
 %if %{static_libcrypto}
 perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
@@ -332,9 +350,23 @@ install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
 install -d $RPM_BUILD_ROOT/etc/sysconfig/
 install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
 install -m644 contrib/redhat/sshd.pam     $RPM_BUILD_ROOT/etc/pam.d/sshd
-install -m755 %{SOURCE100} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
 install -m644 %{SOURCE110} $RPM_BUILD_ROOT/etc/sysconfig/sshd
 
+%if %{with systemd}
+install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
+install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
+install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
+install -m644 %{SOURCE11} $RPM_BUILD_ROOT/%{_unitdir}/sshd.service
+install -m644 %{SOURCE12} $RPM_BUILD_ROOT/%{_unitdir}/sshd-keygen@.service
+install -m644 %{SOURCE15} $RPM_BUILD_ROOT/%{_unitdir}/sshd-keygen.target
+install -m744 %{SOURCE13} $RPM_BUILD_ROOT/%{_libexecdir}/openssh/sshd-keygen
+install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT%{_bindir}/
+install contrib/ssh-copy-id.1 $RPM_BUILD_ROOT%{_mandir}/man1/
+install -m644 -D %{SOURCE14} $RPM_BUILD_ROOT%{_tmpfilesdir}/%{name}.conf
+%else
+install -m755 %{SOURCE100} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
+%endif
+
 %if ! %{scard}
         rm -f $RPM_BUILD_ROOT%{_datadir}/openssh/Ssh.bin
 %endif
@@ -388,26 +420,43 @@ if [ "$1" != 0 ] ; then
 	fi
 fi
 
+%if %{with systemd}
+%pre
+getent group ssh_keys >/dev/null || groupadd -r ssh_keys || :
+%endif
+
 %pre server
 %{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
 %{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
         -g sshd -M -r sshd 2>/dev/null || :
 
 %post server
+%if %{with systemd}
+%systemd_post sshd.service sshd.socket
+%else
 /sbin/chkconfig --add sshd
+%endif
 
 %postun server
+%if %{with systemd}
+%systemd_postun_with_restart sshd.service
+%else
 # /sbin/service sshd condrestart > /dev/null 2>&1 || :
 /sbin/service sshd condrestart
 exit 0
+%endif
 
 %preun server
-if [ "$1" = 0 ]
-then
+%if %{with systemd}
+%systemd_preun sshd.service sshd.socket
+%else
+if [ "$1" = 0 -o -x /bin/systemctl ]; then
 	/sbin/service sshd stop > /dev/null 2>&1 || :
 	/sbin/chkconfig --del sshd
+%endif
 fi
 
+
 %files
 %defattr(-,root,root)
 %license LICENCE
@@ -468,8 +517,18 @@ fi
 %attr(0755,root,root) %dir %{_sysconfdir}/ssh
 %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
 %attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
-%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
 %attr(0755,root,root) %config /etc/sysconfig/sshd
+%if %{with systemd}
+%attr(0755,root,root) %{_libexecdir}/openssh/sshd-keygen
+%attr(0644,root,root) %{_unitdir}/sshd.service
+%attr(0644,root,root) %{_unitdir}/sshd@.service
+%attr(0644,root,root) %{_unitdir}/sshd.socket
+%attr(0644,root,root) %{_unitdir}/sshd-keygen@.service
+%attr(0644,root,root) %{_unitdir}/sshd-keygen.target
+%attr(0644,root,root) %{_tmpfilesdir}/openssh.conf
+%else
+%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
+%endif
 %endif
 
 %if ! %{no_gnome_askpass}
@@ -481,6 +540,12 @@ fi
 
 
 %changelog
+* Wed May 27 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 8.3p1-1
+- new upstream release.
+
+* Thu Apr 02 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 8.2p1-2
+- added systemd support (disabled as default).
+
 * Thu Mar 19 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 8.2p1-1
 - new upstream release.
 - updated Patch35.