1 |
commit: 08ab771b7280edd7adfc6ae3b2289bc0f4fc09b1 |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Jun 17 20:08:15 2021 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Jun 17 20:32:00 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=08ab771b |
7 |
|
8 |
net-misc/openssh: Fix MissingUseDepDefault for dev-libs/openssl[bindist] |
9 |
|
10 |
Package-Manager: Portage-3.0.20, Repoman-3.0.3 |
11 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
12 |
|
13 |
net-misc/openssh/files/sshd-r2.initd | 100 ++++++++++++++++++++++++++++++ |
14 |
net-misc/openssh/openssh-8.5_p1-r1.ebuild | 6 +- |
15 |
net-misc/openssh/openssh-8.6_p1-r1.ebuild | 6 +- |
16 |
3 files changed, 106 insertions(+), 6 deletions(-) |
17 |
|
18 |
diff --git a/net-misc/openssh/files/sshd-r2.initd b/net-misc/openssh/files/sshd-r2.initd |
19 |
new file mode 100644 |
20 |
index 00000000000..3381fb965dd |
21 |
--- /dev/null |
22 |
+++ b/net-misc/openssh/files/sshd-r2.initd |
23 |
@@ -0,0 +1,100 @@ |
24 |
+#!/sbin/openrc-run |
25 |
+# Copyright 1999-2021 Gentoo Authors |
26 |
+# Distributed under the terms of the GNU General Public License v2 |
27 |
+ |
28 |
+extra_commands="checkconfig" |
29 |
+extra_started_commands="reload" |
30 |
+ |
31 |
+: ${SSHD_CONFDIR:=${RC_PREFIX%/}/etc/ssh} |
32 |
+: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config} |
33 |
+: ${SSHD_PIDFILE:=${RC_PREFIX%/}/run/${SVCNAME}.pid} |
34 |
+: ${SSHD_BINARY:=${RC_PREFIX%/}/usr/sbin/sshd} |
35 |
+: ${SSHD_KEYGEN_BINARY:=${RC_PREFIX%/}/usr/bin/ssh-keygen} |
36 |
+ |
37 |
+command="${SSHD_BINARY}" |
38 |
+pidfile="${SSHD_PIDFILE}" |
39 |
+command_args="${SSHD_OPTS} -o PidFile=${pidfile} -f ${SSHD_CONFIG}" |
40 |
+ |
41 |
+# Wait one second (length chosen arbitrarily) to see if sshd actually |
42 |
+# creates a PID file, or if it crashes for some reason like not being |
43 |
+# able to bind to the address in ListenAddress (bug 617596). |
44 |
+: ${SSHD_SSD_OPTS:=--wait 1000} |
45 |
+start_stop_daemon_args="${SSHD_SSD_OPTS}" |
46 |
+ |
47 |
+depend() { |
48 |
+ # Entropy can be used by ssh-keygen, among other things, but |
49 |
+ # is not strictly required (bug 470020). |
50 |
+ use logger dns entropy |
51 |
+ if [ "${rc_need+set}" = "set" ] ; then |
52 |
+ : # Do nothing, the user has explicitly set rc_need |
53 |
+ else |
54 |
+ local x warn_addr |
55 |
+ for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do |
56 |
+ case "${x}" in |
57 |
+ 0.0.0.0|0.0.0.0:*) ;; |
58 |
+ ::|\[::\]*) ;; |
59 |
+ *) warn_addr="${warn_addr} ${x}" ;; |
60 |
+ esac |
61 |
+ done |
62 |
+ if [ -n "${warn_addr}" ] ; then |
63 |
+ need net |
64 |
+ ewarn "You are binding an interface in ListenAddress statement in your sshd_config!" |
65 |
+ ewarn "You must add rc_need=\"net.FOO\" to your ${RC_PREFIX%/}/etc/conf.d/sshd" |
66 |
+ ewarn "where FOO is the interface(s) providing the following address(es):" |
67 |
+ ewarn "${warn_addr}" |
68 |
+ fi |
69 |
+ fi |
70 |
+} |
71 |
+ |
72 |
+checkconfig() { |
73 |
+ checkpath --mode 0755 --directory "${RC_PREFIX%/}/var/empty" |
74 |
+ |
75 |
+ if [ ! -e "${SSHD_CONFIG}" ] ; then |
76 |
+ eerror "You need an ${SSHD_CONFIG} file to run sshd" |
77 |
+ eerror "There is a sample file in /usr/share/doc/openssh" |
78 |
+ return 1 |
79 |
+ fi |
80 |
+ |
81 |
+ ${SSHD_KEYGEN_BINARY} -A || return 2 |
82 |
+ |
83 |
+ "${command}" -t ${command_args} || return 3 |
84 |
+} |
85 |
+ |
86 |
+start_pre() { |
87 |
+ # Make sure that the user's config isn't busted before we try |
88 |
+ # to start the daemon (this will produce better error messages |
89 |
+ # than if we just try to start it blindly). |
90 |
+ # |
91 |
+ # We always need to call checkconfig because this function will |
92 |
+ # also generate any missing host key and you can start a |
93 |
+ # non-running service with "restart" argument. |
94 |
+ checkconfig || return $? |
95 |
+} |
96 |
+ |
97 |
+stop_pre() { |
98 |
+ if [ "${RC_CMD}" = "restart" ] ; then |
99 |
+ # If this is a restart, check to make sure the user's config |
100 |
+ # isn't busted before we stop the running daemon. |
101 |
+ checkconfig || return $? |
102 |
+ elif yesno "${RC_GOINGDOWN}" && [ -s "${pidfile}" ] && hash pgrep 2>/dev/null ; then |
103 |
+ # Disconnect any clients before killing the master process |
104 |
+ local pid=$(cat "${pidfile}" 2>/dev/null) |
105 |
+ if [ -n "${pid}" ] ; then |
106 |
+ local ssh_session_pattern='sshd: \S.*@pts/[0-9]+' |
107 |
+ |
108 |
+ IFS="${IFS}@" |
109 |
+ local daemon pid pty user |
110 |
+ pgrep -a -P ${pid} -f "$ssh_session_pattern" | while read pid daemon user pty ; do |
111 |
+ ewarn "Found ${daemon%:} session ${pid} on ${pty}; sending SIGTERM ..." |
112 |
+ kill "${pid}" || true |
113 |
+ done |
114 |
+ fi |
115 |
+ fi |
116 |
+} |
117 |
+ |
118 |
+reload() { |
119 |
+ checkconfig || return $? |
120 |
+ ebegin "Reloading ${SVCNAME}" |
121 |
+ start-stop-daemon --signal HUP --pidfile "${pidfile}" |
122 |
+ eend $? |
123 |
+} |
124 |
|
125 |
diff --git a/net-misc/openssh/openssh-8.5_p1-r1.ebuild b/net-misc/openssh/openssh-8.5_p1-r1.ebuild |
126 |
index 8aea025ac78..96e4f161abd 100644 |
127 |
--- a/net-misc/openssh/openssh-8.5_p1-r1.ebuild |
128 |
+++ b/net-misc/openssh/openssh-8.5_p1-r1.ebuild |
129 |
@@ -61,10 +61,10 @@ LIB_DEPEND=" |
130 |
ssl? ( |
131 |
|| ( |
132 |
( |
133 |
- >=dev-libs/openssl-1.0.1:0[bindist=] |
134 |
- <dev-libs/openssl-1.1.0:0[bindist=] |
135 |
+ >=dev-libs/openssl-1.0.1:0[bindist(-)=] |
136 |
+ <dev-libs/openssl-1.1.0:0[bindist(-)=] |
137 |
) |
138 |
- >=dev-libs/openssl-1.1.0g:0[bindist=] |
139 |
+ >=dev-libs/openssl-1.1.0g:0[bindist(-)=] |
140 |
) |
141 |
dev-libs/openssl:0=[static-libs(+)] |
142 |
) |
143 |
|
144 |
diff --git a/net-misc/openssh/openssh-8.6_p1-r1.ebuild b/net-misc/openssh/openssh-8.6_p1-r1.ebuild |
145 |
index 0e9654a5044..f896a51951a 100644 |
146 |
--- a/net-misc/openssh/openssh-8.6_p1-r1.ebuild |
147 |
+++ b/net-misc/openssh/openssh-8.6_p1-r1.ebuild |
148 |
@@ -66,10 +66,10 @@ LIB_DEPEND=" |
149 |
ssl? ( |
150 |
|| ( |
151 |
( |
152 |
- >=dev-libs/openssl-1.0.1:0[bindist=] |
153 |
- <dev-libs/openssl-1.1.0:0[bindist=] |
154 |
+ >=dev-libs/openssl-1.0.1:0[bindist(-)=] |
155 |
+ <dev-libs/openssl-1.1.0:0[bindist(-)=] |
156 |
) |
157 |
- >=dev-libs/openssl-1.1.0g:0[bindist=] |
158 |
+ >=dev-libs/openssl-1.1.0g:0[bindist(-)=] |
159 |
) |
160 |
dev-libs/openssl:0=[static-libs(+)] |
161 |
) |