From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 59B9715808B for ; Mon, 19 Feb 2024 06:23:57 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E9A36E2D79; Mon, 19 Feb 2024 06:16:20 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A2741E2D7A for ; Mon, 19 Feb 2024 06:16:20 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id DC156343172 for ; Mon, 19 Feb 2024 06:16:19 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 252AA14C8 for ; Mon, 19 Feb 2024 06:16:18 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1708323362.e6268410df9427a59a9a4f08a0a10f7139f5d3a4.sam@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/openssh/openssh-9.6_p1-r3.ebuild X-VCS-Directories: net-misc/openssh/ X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: e6268410df9427a59a9a4f08a0a10f7139f5d3a4 X-VCS-Branch: master Date: Mon, 19 Feb 2024 06:16:18 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 029498d1-255e-4de6-9c17-98ff42b2f6d1 X-Archives-Hash: 2729d3e84e0609c0ccc73eec9959936d commit: e6268410df9427a59a9a4f08a0a10f7139f5d3a4 Author: Eli Schwartz gmail com> AuthorDate: Mon Feb 19 06:07:41 2024 +0000 Commit: Sam James gentoo org> CommitDate: Mon Feb 19 06:16:02 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e6268410 net-misc/openssh: use an officially supported approach to overriding xauth Instead of patching out a header file, use the ./configure option dedicated for this purpose. It has the side effect of correctly sed'ing out config files / manpages with the updated location. When not explicitly passed, the builtin default is used as a fallback, but when USE=X, portage as an implementation detail guarantees that xauth will be installed before openssh is compiled. ... as long as you don't use --buildpkg. So, "probably" if you used USE=X the paths were correct, but: - this is overall a poor approach to reliability - it misses the point of also overriding the path when USE="-X" - we just removed the USE flag and the RDEPEND Signed-off-by: Eli Schwartz gmail.com> Signed-off-by: Sam James gentoo.org> net-misc/openssh/openssh-9.6_p1-r3.ebuild | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/net-misc/openssh/openssh-9.6_p1-r3.ebuild b/net-misc/openssh/openssh-9.6_p1-r3.ebuild index 164c30ecc6c8..3876e99bb31c 100644 --- a/net-misc/openssh/openssh-9.6_p1-r3.ebuild +++ b/net-misc/openssh/openssh-9.6_p1-r3.ebuild @@ -128,10 +128,6 @@ pkg_pretend() { } src_prepare() { - sed -i \ - -e "/_PATH_XAUTH/s:/usr/X11R6/bin/xauth:${EPREFIX}/usr/bin/xauth:" \ - pathnames.h || die - # don't break .ssh/authorized_keys2 for fun sed -i '/^AuthorizedKeysFile/s:^:#:' sshd_config || die @@ -185,6 +181,8 @@ src_configure() { --datadir="${EPREFIX}"/usr/share/openssh --with-privsep-path="${EPREFIX}"/var/empty --with-privsep-user=sshd + # optional at runtime; guarantee a known path + --with-xauth="${EPREFIX}"/usr/bin/xauth # --with-hardening adds the following in addition to flags we # already set in our toolchain: