From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 8BCC0158041 for ; Mon, 25 Mar 2024 15:28:22 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id B5E54E2A2C; Mon, 25 Mar 2024 15:28:21 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 937FDE2A2C for ; Mon, 25 Mar 2024 15:28:21 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id A059534300C for ; Mon, 25 Mar 2024 15:28:20 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 4122DB29 for ; Mon, 25 Mar 2024 15:28:19 +0000 (UTC) From: "Mike Gilbert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Gilbert" Message-ID: <1711380372.b6150ddac2b5cf1d8d1421afeaa1a9c3e9615d9e.floppym@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-misc/openssh/openssh-9.7_p1-r1.ebuild net-misc/openssh/openssh-9.7_p1.ebuild X-VCS-Directories: net-misc/openssh/ X-VCS-Committer: floppym X-VCS-Committer-Name: Mike Gilbert X-VCS-Revision: b6150ddac2b5cf1d8d1421afeaa1a9c3e9615d9e X-VCS-Branch: master Date: Mon, 25 Mar 2024 15:28:19 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: f50b13bf-632b-46ba-9365-c9a894e632df X-Archives-Hash: 64a8c32a3eea61d6bce26855a30c173c commit: b6150ddac2b5cf1d8d1421afeaa1a9c3e9615d9e Author: Mike Gilbert gentoo org> AuthorDate: Mon Mar 25 15:26:12 2024 +0000 Commit: Mike Gilbert gentoo org> CommitDate: Mon Mar 25 15:26:12 2024 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6150dda net-misc/openssh: fix install mode for config dropins Closes: https://bugs.gentoo.org/906639 Closes: https://bugs.gentoo.org/915840 Signed-off-by: Mike Gilbert gentoo.org> ...nssh-9.7_p1.ebuild => openssh-9.7_p1-r1.ebuild} | 78 +++++++++++++--------- 1 file changed, 48 insertions(+), 30 deletions(-) diff --git a/net-misc/openssh/openssh-9.7_p1.ebuild b/net-misc/openssh/openssh-9.7_p1-r1.ebuild similarity index 93% rename from net-misc/openssh/openssh-9.7_p1.ebuild rename to net-misc/openssh/openssh-9.7_p1-r1.ebuild index 9508c8162da3..fdead7192a13 100644 --- a/net-misc/openssh/openssh-9.7_p1.ebuild +++ b/net-misc/openssh/openssh-9.7_p1-r1.ebuild @@ -217,24 +217,18 @@ src_configure() { econf "${myconf[@]}" } -src_test() { - local tests=( compat-tests ) - local shell=$(egetshell "${UID}") - if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then - ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" - ewarn "user, so we will run a subset only." - tests+=( interop-tests ) - else - tests+=( tests ) - fi +tweak_ssh_configs() { + cat <<-EOF >> ssh_config.out || die - local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 - mkdir -p "${HOME}"/.ssh || die - emake -j1 "${tests[@]}" > sshd_config.out || die + + Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" + EOF } -# Gentoo tweaks to default config files. -tweak_ssh_configs() { +create_config_dropins() { local locale_vars=( # These are language variables that POSIX defines. # http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_02 @@ -245,15 +239,9 @@ tweak_ssh_configs() { LANGUAGE LC_ADDRESS LC_IDENTIFICATION LC_MEASUREMENT LC_NAME LC_PAPER LC_TELEPHONE ) - dodir /etc/ssh/ssh_config.d /etc/ssh/sshd_config.d - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config || die - Include "${EPREFIX}/etc/ssh/ssh_config.d/*.conf" - EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config || die - Include "${EPREFIX}/etc/ssh/sshd_config.d/*.conf" - EOF + mkdir -p "${WORKDIR}"/etc/ssh/{ssh_config.d,sshd_config.d} || die - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_config.d/9999999gentoo.conf || die # Send locale environment variables (bug #367017) SendEnv ${locale_vars[*]} @@ -261,16 +249,16 @@ tweak_ssh_configs() { SendEnv COLORTERM EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_config.d/9999999gentoo-security.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_config.d/9999999gentoo-security.conf || die RevokedHostKeys "${EPREFIX}/etc/ssh/ssh_revoked_hosts" EOF - cat <<-EOF >> "${ED}"/etc/ssh/ssh_revoked_hosts || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/ssh_revoked_hosts || die # https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== EOF - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/sshd_config.d/9999999gentoo.conf || die # Allow client to pass locale environment variables (bug #367017) AcceptEnv ${locale_vars[*]} @@ -279,7 +267,7 @@ tweak_ssh_configs() { EOF if use pam ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-pam.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/sshd_config.d/9999999gentoo-pam.conf || die UsePAM yes # This interferes with PAM. PasswordAuthentication no @@ -290,13 +278,36 @@ tweak_ssh_configs() { fi if use livecd ; then - cat <<-EOF >> "${ED}"/etc/ssh/sshd_config.d/9999999gentoo-livecd.conf || die + cat <<-EOF > "${WORKDIR}"/etc/ssh/sshd_config.d/9999999gentoo-livecd.conf || die # Allow root login with password on livecds. PermitRootLogin Yes EOF fi } +src_compile() { + default + tweak_ssh_configs + create_config_dropins +} + +src_test() { + local tests=( compat-tests ) + local shell=$(egetshell "${UID}") + if [[ ${shell} == */nologin ]] || [[ ${shell} == */false ]] ; then + ewarn "Running the full OpenSSH testsuite requires a usable shell for the 'portage'" + ewarn "user, so we will run a subset only." + tests+=( interop-tests ) + else + tests+=( tests ) + fi + + local -x SUDO= SSH_SK_PROVIDER= TEST_SSH_UNSAFE_PERMISSIONS=1 + mkdir -p "${HOME}"/.ssh || die + emake -j1 "${tests[@]}"