[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/openssh/, net-misc/openssh/files/
Date:	Thu, 17 Jun 2021 20:32:48
Message-Id:	`1623961920.08ab771b7280edd7adfc6ae3b2289bc0f4fc09b1.whissi@gentoo`

1

commit:     08ab771b7280edd7adfc6ae3b2289bc0f4fc09b1

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Thu Jun 17 20:08:15 2021 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Thu Jun 17 20:32:00 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08ab771b

7

8

net-misc/openssh: Fix MissingUseDepDefault for dev-libs/openssl[bindist]

9

10

Package-Manager: Portage-3.0.20, Repoman-3.0.3

11

Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

12

13

 net-misc/openssh/files/sshd-r2.initd      | 100 ++++++++++++++++++++++++++++++

14

 net-misc/openssh/openssh-8.5_p1-r1.ebuild |   6 +-

15

 net-misc/openssh/openssh-8.6_p1-r1.ebuild |   6 +-

16

 3 files changed, 106 insertions(+), 6 deletions(-)

17

18

diff --git a/net-misc/openssh/files/sshd-r2.initd b/net-misc/openssh/files/sshd-r2.initd

19

new file mode 100644

20

index 00000000000..3381fb965dd

21

--- /dev/null

22

+++ b/net-misc/openssh/files/sshd-r2.initd

23

@@ -0,0 +1,100 @@

24

+#!/sbin/openrc-run

25

+# Copyright 1999-2021 Gentoo Authors

26

+# Distributed under the terms of the GNU General Public License v2

27

+

28

+extra_commands="checkconfig"

29

+extra_started_commands="reload"

30

+

31

+: ${SSHD_CONFDIR:=${RC_PREFIX%/}/etc/ssh}

32

+: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}

33

+: ${SSHD_PIDFILE:=${RC_PREFIX%/}/run/${SVCNAME}.pid}

34

+: ${SSHD_BINARY:=${RC_PREFIX%/}/usr/sbin/sshd}

35

+: ${SSHD_KEYGEN_BINARY:=${RC_PREFIX%/}/usr/bin/ssh-keygen}

36

+

37

+command="${SSHD_BINARY}"

38

+pidfile="${SSHD_PIDFILE}"

39

+command_args="${SSHD_OPTS} -o PidFile=${pidfile} -f ${SSHD_CONFIG}"

40

+

41

+# Wait one second (length chosen arbitrarily) to see if sshd actually

42

+# creates a PID file, or if it crashes for some reason like not being

43

+# able to bind to the address in ListenAddress (bug 617596).

44

+: ${SSHD_SSD_OPTS:=--wait 1000}

45

+start_stop_daemon_args="${SSHD_SSD_OPTS}"

46

+

47

+depend() {

48

+	# Entropy can be used by ssh-keygen, among other things, but

49

+	# is not strictly required (bug 470020).

50

+	use logger dns entropy

51

+	if [ "${rc_need+set}" = "set" ] ; then

52

+		: # Do nothing, the user has explicitly set rc_need

53

+	else

54

+		local x warn_addr

55

+		for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do

56

+			case "${x}" in

57

+				0.0.0.0|0.0.0.0:*) ;;

58

+				::|\[::\]*) ;;

59

+				*) warn_addr="${warn_addr} ${x}" ;;

60

+			esac

61

+		done

62

+		if [ -n "${warn_addr}" ] ; then

63

+			need net

64

+			ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"

65

+			ewarn "You must add rc_need=\"net.FOO\" to your ${RC_PREFIX%/}/etc/conf.d/sshd"

66

+			ewarn "where FOO is the interface(s) providing the following address(es):"

67

+			ewarn "${warn_addr}"

68

+		fi

69

+	fi

70

+}

71

+

72

+checkconfig() {

73

+	checkpath --mode 0755 --directory "${RC_PREFIX%/}/var/empty"

74

+

75

+	if [ ! -e "${SSHD_CONFIG}" ] ; then

76

+		eerror "You need an ${SSHD_CONFIG} file to run sshd"

77

+		eerror "There is a sample file in /usr/share/doc/openssh"

78

+		return 1

79

+	fi

80

+

81

+	${SSHD_KEYGEN_BINARY} -A || return 2

82

+

83

+	"${command}" -t ${command_args} || return 3

84

+}

85

+

86

+start_pre() {

87

+	# Make sure that the user's config isn't busted before we try

88

+	# to start the daemon (this will produce better error messages

89

+	# than if we just try to start it blindly).

90

+	#

91

+	# We always need to call checkconfig because this function will

92

+	# also generate any missing host key and you can start a

93

+	# non-running service with "restart" argument.

94

+	checkconfig || return $?

95

+}

96

+

97

+stop_pre() {

98

+	if [ "${RC_CMD}" = "restart" ] ; then

99

+		# If this is a restart, check to make sure the user's config

100

+		# isn't busted before we stop the running daemon.

101

+		checkconfig || return $?

102

+	elif yesno "${RC_GOINGDOWN}" && [ -s "${pidfile}" ] && hash pgrep 2>/dev/null ; then

103

+		# Disconnect any clients before killing the master process

104

+		local pid=$(cat "${pidfile}" 2>/dev/null)

105

+		if [ -n "${pid}" ] ; then

106

+			local ssh_session_pattern='sshd: \S.*@pts/[0-9]+'

107

+

108

+			IFS="${IFS}@"

109

+			local daemon pid pty user

110

+			pgrep -a -P ${pid} -f "$ssh_session_pattern" | while read pid daemon user pty ; do

111

+				ewarn "Found ${daemon%:} session ${pid} on ${pty}; sending SIGTERM ..."

112

+				kill "${pid}" || true

113

+			done

114

+		fi

115

+	fi

116

+}

117

+

118

+reload() {

119

+	checkconfig || return $?

120

+	ebegin "Reloading ${SVCNAME}"

121

+	start-stop-daemon --signal HUP --pidfile "${pidfile}"

122

+	eend $?

123

+}

124

125

diff --git a/net-misc/openssh/openssh-8.5_p1-r1.ebuild b/net-misc/openssh/openssh-8.5_p1-r1.ebuild

126

index 8aea025ac78..96e4f161abd 100644

127

--- a/net-misc/openssh/openssh-8.5_p1-r1.ebuild

128

+++ b/net-misc/openssh/openssh-8.5_p1-r1.ebuild

129

@@ -61,10 +61,10 @@ LIB_DEPEND="

130

 	ssl? (

131

 			|| (

132

(

133

-					>=dev-libs/openssl-1.0.1:0[bindist=]

134

-					<dev-libs/openssl-1.1.0:0[bindist=]

135

+					>=dev-libs/openssl-1.0.1:0[bindist(-)=]

136

+					<dev-libs/openssl-1.1.0:0[bindist(-)=]

137

)

138

-				>=dev-libs/openssl-1.1.0g:0[bindist=]

139

+				>=dev-libs/openssl-1.1.0g:0[bindist(-)=]

140

)

141

 			dev-libs/openssl:0=[static-libs(+)]

142

)

143

144

diff --git a/net-misc/openssh/openssh-8.6_p1-r1.ebuild b/net-misc/openssh/openssh-8.6_p1-r1.ebuild

145

index 0e9654a5044..f896a51951a 100644

146

--- a/net-misc/openssh/openssh-8.6_p1-r1.ebuild

147

+++ b/net-misc/openssh/openssh-8.6_p1-r1.ebuild

148

@@ -66,10 +66,10 @@ LIB_DEPEND="

149

 	ssl? (

150

 			|| (

151

(

152

-					>=dev-libs/openssl-1.0.1:0[bindist=]

153

-					<dev-libs/openssl-1.1.0:0[bindist=]

154

+					>=dev-libs/openssl-1.0.1:0[bindist(-)=]

155

+					<dev-libs/openssl-1.1.0:0[bindist(-)=]

156

)

157

-				>=dev-libs/openssl-1.1.0g:0[bindist=]

158

+				>=dev-libs/openssl-1.1.0g:0[bindist(-)=]

159

)

160

 			dev-libs/openssl:0=[static-libs(+)]

161

)

1	commit: 08ab771b7280edd7adfc6ae3b2289bc0f4fc09b1
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Thu Jun 17 20:08:15 2021 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Thu Jun 17 20:32:00 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08ab771b
7
8	net-misc/openssh: Fix MissingUseDepDefault for dev-libs/openssl[bindist]
9
10	Package-Manager: Portage-3.0.20, Repoman-3.0.3
11	Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
12
13	net-misc/openssh/files/sshd-r2.initd \| 100 ++++++++++++++++++++++++++++++
14	net-misc/openssh/openssh-8.5_p1-r1.ebuild \| 6 +-
15	net-misc/openssh/openssh-8.6_p1-r1.ebuild \| 6 +-
16	3 files changed, 106 insertions(+), 6 deletions(-)
17
18	diff --git a/net-misc/openssh/files/sshd-r2.initd b/net-misc/openssh/files/sshd-r2.initd
19	new file mode 100644
20	index 00000000000..3381fb965dd
21	--- /dev/null
22	+++ b/net-misc/openssh/files/sshd-r2.initd
23	@@ -0,0 +1,100 @@
24	+#!/sbin/openrc-run
25	+# Copyright 1999-2021 Gentoo Authors
26	+# Distributed under the terms of the GNU General Public License v2
27	+
28	+extra_commands="checkconfig"
29	+extra_started_commands="reload"
30	+
31	+: ${SSHD_CONFDIR:=${RC_PREFIX%/}/etc/ssh}
32	+: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}
33	+: ${SSHD_PIDFILE:=${RC_PREFIX%/}/run/${SVCNAME}.pid}
34	+: ${SSHD_BINARY:=${RC_PREFIX%/}/usr/sbin/sshd}
35	+: ${SSHD_KEYGEN_BINARY:=${RC_PREFIX%/}/usr/bin/ssh-keygen}
36	+
37	+command="${SSHD_BINARY}"
38	+pidfile="${SSHD_PIDFILE}"
39	+command_args="${SSHD_OPTS} -o PidFile=${pidfile} -f ${SSHD_CONFIG}"
40	+
41	+# Wait one second (length chosen arbitrarily) to see if sshd actually
42	+# creates a PID file, or if it crashes for some reason like not being
43	+# able to bind to the address in ListenAddress (bug 617596).
44	+: ${SSHD_SSD_OPTS:=--wait 1000}
45	+start_stop_daemon_args="${SSHD_SSD_OPTS}"
46	+
47	+depend() {
48	+ # Entropy can be used by ssh-keygen, among other things, but
49	+ # is not strictly required (bug 470020).
50	+ use logger dns entropy
51	+ if [ "${rc_need+set}" = "set" ] ; then
52	+ : # Do nothing, the user has explicitly set rc_need
53	+ else
54	+ local x warn_addr
55	+ for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
56	+ case "${x}" in
57	+ 0.0.0.0\|0.0.0.0:*) ;;
58	+ ::\|\[::\]*) ;;
59	+ *) warn_addr="${warn_addr} ${x}" ;;
60	+ esac
61	+ done
62	+ if [ -n "${warn_addr}" ] ; then
63	+ need net
64	+ ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
65	+ ewarn "You must add rc_need=\"net.FOO\" to your ${RC_PREFIX%/}/etc/conf.d/sshd"
66	+ ewarn "where FOO is the interface(s) providing the following address(es):"
67	+ ewarn "${warn_addr}"
68	+ fi
69	+ fi
70	+}
71	+
72	+checkconfig() {
73	+ checkpath --mode 0755 --directory "${RC_PREFIX%/}/var/empty"
74	+
75	+ if [ ! -e "${SSHD_CONFIG}" ] ; then
76	+ eerror "You need an ${SSHD_CONFIG} file to run sshd"
77	+ eerror "There is a sample file in /usr/share/doc/openssh"
78	+ return 1
79	+ fi
80	+
81	+ ${SSHD_KEYGEN_BINARY} -A \|\| return 2
82	+
83	+ "${command}" -t ${command_args} \|\| return 3
84	+}
85	+
86	+start_pre() {
87	+ # Make sure that the user's config isn't busted before we try
88	+ # to start the daemon (this will produce better error messages
89	+ # than if we just try to start it blindly).
90	+ #
91	+ # We always need to call checkconfig because this function will
92	+ # also generate any missing host key and you can start a
93	+ # non-running service with "restart" argument.
94	+ checkconfig \|\| return $?
95	+}
96	+
97	+stop_pre() {
98	+ if [ "${RC_CMD}" = "restart" ] ; then
99	+ # If this is a restart, check to make sure the user's config
100	+ # isn't busted before we stop the running daemon.
101	+ checkconfig \|\| return $?
102	+ elif yesno "${RC_GOINGDOWN}" && [ -s "${pidfile}" ] && hash pgrep 2>/dev/null ; then
103	+ # Disconnect any clients before killing the master process
104	+ local pid=$(cat "${pidfile}" 2>/dev/null)
105	+ if [ -n "${pid}" ] ; then
106	+ local ssh_session_pattern='sshd: \S.*@pts/[0-9]+'
107	+
108	+ IFS="${IFS}@"
109	+ local daemon pid pty user
110	+ pgrep -a -P ${pid} -f "$ssh_session_pattern" \| while read pid daemon user pty ; do
111	+ ewarn "Found ${daemon%:} session ${pid} on ${pty}; sending SIGTERM ..."
112	+ kill "${pid}" \|\| true
113	+ done
114	+ fi
115	+ fi
116	+}
117	+
118	+reload() {
119	+ checkconfig \|\| return $?
120	+ ebegin "Reloading ${SVCNAME}"
121	+ start-stop-daemon --signal HUP --pidfile "${pidfile}"
122	+ eend $?
123	+}
124
125	diff --git a/net-misc/openssh/openssh-8.5_p1-r1.ebuild b/net-misc/openssh/openssh-8.5_p1-r1.ebuild
126	index 8aea025ac78..96e4f161abd 100644
127	--- a/net-misc/openssh/openssh-8.5_p1-r1.ebuild
128	+++ b/net-misc/openssh/openssh-8.5_p1-r1.ebuild
129	@@ -61,10 +61,10 @@ LIB_DEPEND="
130	ssl? (
131	\|\| (
132	(
133	- >=dev-libs/openssl-1.0.1:0[bindist=]
134	- <dev-libs/openssl-1.1.0:0[bindist=]
135	+ >=dev-libs/openssl-1.0.1:0[bindist(-)=]
136	+ <dev-libs/openssl-1.1.0:0[bindist(-)=]
137	)
138	- >=dev-libs/openssl-1.1.0g:0[bindist=]
139	+ >=dev-libs/openssl-1.1.0g:0[bindist(-)=]
140	)
141	dev-libs/openssl:0=[static-libs(+)]
142	)
143
144	diff --git a/net-misc/openssh/openssh-8.6_p1-r1.ebuild b/net-misc/openssh/openssh-8.6_p1-r1.ebuild
145	index 0e9654a5044..f896a51951a 100644
146	--- a/net-misc/openssh/openssh-8.6_p1-r1.ebuild
147	+++ b/net-misc/openssh/openssh-8.6_p1-r1.ebuild
148	@@ -66,10 +66,10 @@ LIB_DEPEND="
149	ssl? (
150	\|\| (
151	(
152	- >=dev-libs/openssl-1.0.1:0[bindist=]
153	- <dev-libs/openssl-1.1.0:0[bindist=]
154	+ >=dev-libs/openssl-1.0.1:0[bindist(-)=]
155	+ <dev-libs/openssl-1.1.0:0[bindist(-)=]
156	)
157	- >=dev-libs/openssl-1.1.0g:0[bindist=]
158	+ >=dev-libs/openssl-1.1.0g:0[bindist(-)=]
159	)
160	dev-libs/openssl:0=[static-libs(+)]
161	)

Gentoo Archives: gentoo-commits