gentoo auto-resync : 05:02:2023 - 03:15:29

author: V3n3RiX <venerix@koprulu.sector> 2023-02-05 03:15:29 +0000
committer: V3n3RiX <venerix@koprulu.sector> 2023-02-05 03:15:29 +0000
commit: c75fb751e4fd18ca8d87b0198e91a1976ffb2f2d (patch)
tree: f5c67b2f37cf625a99a154e470bc5dd76a88dee1 /net-misc
parent: 2997df5d95cb64694ec91d50c93407e92c68e2a8 (diff)
8 files changed, 212 insertions, 10 deletions
diff --git a/net-misc/Manifest.gz b/net-misc/Manifest.gz
index 503be79c49bc..0b7c2d490fec 100644
--- a/net-misc/Manifest.gz
+++ b/net-misc/Manifest.gz
diff --git a/net-misc/frr/Manifest b/net-misc/frr/Manifest
index e05d41191990..aa2c9ae8000d 100644
--- a/net-misc/frr/Manifest
+++ b/net-misc/frr/Manifest
@@ -1,9 +1,12 @@
 AUX frr-7.5-ipctl-forwarding.patch 731 BLAKE2B 9c97d7fdc7b7facb59a73f4b693c285ebd91cb0ba8f7fea0ef49d5eddd8660100315ca7d74ece8d553cdd8ad79a9a0b1a4c173c6dedf90e0be2bdc72d948b2be SHA512 56bdeb8a1f350fea3ad8ed0cdba28964b00384878853e584746d8ce80c6f9ea5ca5adc4539e314f7fd82203c08d5f2ce6adeec61dac9a7a28282131d0d371447
 AUX frr-8.4.1-logrotate.patch 2487 BLAKE2B f3eb9b9ce25dd9dd796668ecef5dfeb51b5f3ea3428ef4c03bd78becaf26deb5cb59aa56918fdc3c0230a8905d7edf4a12582ab4e6f7d297e3c94c62b7468b0c SHA512 8658dd1280d201d9f3a7f8caa6c5bf513133a3928ba97334202b0fed84dc03f12c82d76cbb8aeae3f363024d2373161c9bda74e1d9a27a085071c524c9941ad0
+AUX frr-8.4.2-musl-gcc12.patch 525 BLAKE2B 8aa00d5a41445e6a035e77481bf6dc3cf45380d7fe91e0d884cc32a19f3594d8822376837d87988803950ca3bb90914a387767b9d766bfb8784567c989e1160e SHA512 1d3ebc40533037aad992d64f207ecc6ebbe599bedfa3f83cd0e4820e3579daea50ffcc8376bc24154ce0fe1cac9002de6e43665f8addfdf38554e82fd502e8fe
 AUX frr-openrc-v1 7078 BLAKE2B d5c0276540fa09318f6e92575dd7e03f3bc6ebfce186d062c2d65fa49c502b3b4de0fd32914ce7c4708bb6f6188296f75d387e0384c142381bb77cfb706c7e1c SHA512 8e6f0e58863402f0169b8a7625d049bf85db60bebe40a42dfb450a1bddfcd6f8f436002de6c1ff599c8f848e4ba85a70e4058cb55a9a49fafb1e69a8e7eb9f57
 AUX frr.pam 969 BLAKE2B 227dc91f51fab504229fa5489486fed1aa393d33c024849724ea3fb934e3fd78ee6c9147240133d458ec52021f13e8a27a2d8a0b4625415007c4595222b815ee SHA512 9a169d58232eba7481aee83d92b4e104b6c4ca95e5b31befe29117fbcebc187ad87c061f37ec7c571ff5702101a329ae0c113cf714e2d0dcd39ca4212734a9ed
 DIST frr-8.2.2.tar.gz 9439460 BLAKE2B 7ea4b44e3d167677e087ac8767c470b91c485e52f9e45513fb6da8498ff3c56e84dd90257eff3b0067c061e7596578968017cbec7de7ea951b6f80134332e1bf SHA512 52d8e82979823f61ec6f117db1eb41b23fd8ad3197ae3f9d2cfa3ad9d96636a3d2f0b36720b2041a9261c8b639ddd48e46a2351ce41cb596f7dc432cddf29256
 DIST frr-8.4.1.tar.gz 9886182 BLAKE2B be270f34e9ffdbf87a10c7bbd73e9f244128821f1c014060880015e4e7e06165dbc1dc3253894bda5dc1a0607a5bdbad21a70532e9019f1e06d0abd24beffff1 SHA512 69f936580d2e7838e1f15fdfa71a4fa00e7acaa93df4cdbd6129560fbcd45f3754cf5d03b4c9331bf4850477560d63d5509d185098583d19fa93d9e960e1483a
+DIST frr-8.4.2.tar.gz 9893223 BLAKE2B 670fb131c2959b0ce4f3133ef38caeb7832275844b16f8582a693033f5466ad0eb98ab45ed9615e0a121ab80bf034edafe7ee816c47d767bd8a13b52f3138eac SHA512 1ee9d17ef3b85c5c10df624a6560bcacb2b5daa3d6231e457f06d9eb6e5ccf375064a46e809d851c23cb6daf7a4299d1f25be589992ef729e80f9bad41a8d7f7
 EBUILD frr-8.2.2.ebuild 3482 BLAKE2B 1ecdd7877961ea2ba1629754dcaf13f8f6f784ec97f2156028028818205d19562db8a49abfa4476b8dcc5cba2abcdba744cb14cc1bd00812d4edc3e7e8f13ad1 SHA512 11153b799fc929bef902330fc1349f37ecfb0ebb7c1f2bacd795a50c42fc6f256c488b02df3538143bd4825c3ebf8ba78629b55296c91997d421f61faa02c800
 EBUILD frr-8.4.1.ebuild 3527 BLAKE2B 5cf9bc7c4b68d50208f522287ae4ae08f8c5efab7e4d467c5ed25b098eb768e4489d3f07364d45c8f5ad992066df14275e1e36ac9735d4e4990c07fcfd1f6c17 SHA512 4c2d8c0f39ce1a1e568453d2820bb7e78cfad084de8edfd4124ec84fce7ccadacf41f8aedb9dca79b92837f0468e5523e031c1877e710e22645609a21773f2c7
+EBUILD frr-8.4.2.ebuild 3571 BLAKE2B 17dba82c3ac741a59cb6b3c19cbc0776c6f4f22c5a6322e8199b085ecdbba816f0f6ed1d74b3705358a1fe6adbe35c463a309e7a622de24616d90ae9ac3bdc33 SHA512 18bc611dee687f1ce3ac2c02e68a5c25394084e46df34b4d0b2c319b904a37929d8439f430c60338109d07ad1365bea41efd788d6129182041b2bd2c446d640e
 MISC metadata.xml 845 BLAKE2B 5a563fb20d00884598122763e39d8ce4ef6f7a28b811517a4a01b892636c1ec7cfcf3b0e8bccf838882a8fac309bdbda8dd4fd093f7f58795bd0b711087aeff5 SHA512 1ba4423cf6be189aeec21a0f3a6623c48d61c39fca94dc7dc675fcfdd472c6063b3eefe3f11f5b0de385e759a5488f464a413b7ba1bfc8ae9913563bac6dd264
diff --git a/net-misc/frr/files/frr-8.4.2-musl-gcc12.patch b/net-misc/frr/files/frr-8.4.2-musl-gcc12.patch
new file mode 100644
index 000000000000..3c9374aefd6d
--- /dev/null
+++ b/net-misc/frr/files/frr-8.4.2-musl-gcc12.patch
@@ -0,0 +1,21 @@
+https://github.com/FRRouting/frr/pull/12741
+
+From def86a45a473a45bf8ac39ac4b82be3d09ae9cae Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sat, 4 Feb 2023 23:29:59 +0000
+Subject: [PATCH] pceplib: add <time.h> include for time_t
+
+Fixes build on musl. Used for time_t in the header.
+
+Bug: https://bugs.gentoo.org/862558
+--- a/pceplib/pcep_utils_counters.h
++++ b/pceplib/pcep_utils_counters.h
+@@ -30,6 +30,7 @@
+ 
+ #include <stdbool.h>
+ #include <stdint.h>
++#include <time.h>
+ 
+ #ifdef __cplusplus
+ extern "C" {
+
diff --git a/net-misc/frr/frr-8.4.2.ebuild b/net-misc/frr/frr-8.4.2.ebuild
new file mode 100644
index 000000000000..ada6b8925460
--- /dev/null
+++ b/net-misc/frr/frr-8.4.2.ebuild
@@ -0,0 +1,150 @@
+# Copyright 2020-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{9..11} )
+inherit autotools pam python-single-r1 systemd
+
+DESCRIPTION="The FRRouting Protocol Suite"
+HOMEPAGE="https://frrouting.org/"
+SRC_URI="https://github.com/FRRouting/frr/archive/${P}.tar.gz"
+# FRR tarballs have weird format.
+S="${WORKDIR}/frr-${P}"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+IUSE="doc fpm grpc ipv6 nhrp ospfapi pam rpki snmp test"
+REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="
+	${PYTHON_DEPS}
+	acct-user/frr
+	dev-libs/json-c:0=
+	>=net-libs/libyang-2.0.0
+	sys-libs/libcap
+	sys-libs/readline:0=
+	virtual/libcrypt:=
+	grpc? ( net-libs/grpc:= )
+	nhrp? ( net-dns/c-ares:0= )
+	pam? ( sys-libs/pam )
+	rpki? ( >=net-libs/rtrlib-0.8.0[ssh] )
+	snmp? ( net-analyzer/net-snmp:= )
+"
+BDEPEND="
+	~dev-util/clippy-${PV}
+	sys-devel/flex
+	app-alternatives/yacc
+	doc? ( dev-python/sphinx )
+"
+DEPEND="
+	${COMMON_DEPEND}
+	elibc_musl? ( sys-libs/queue-standalone )
+	test? ( $(python_gen_cond_dep 'dev-python/pytest[${PYTHON_USEDEP}]') )
+"
+RDEPEND="
+	${COMMON_DEPEND}
+	$(python_gen_cond_dep 'dev-python/ipaddr[${PYTHON_USEDEP}]')
+	!net-misc/quagga
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-7.5-ipctl-forwarding.patch
+	"${FILESDIR}"/${PN}-8.4.1-logrotate.patch
+	"${FILESDIR}"/${PN}-8.4.2-musl-gcc12.patch
+)
+
+src_prepare() {
+	default
+
+	python_fix_shebang tools
+	eautoreconf
+}
+
+src_configure() {
+	local myconf=(
+		--disable-static
+		--with-pkg-extra-version="-gentoo"
+		--enable-configfile-mask=0640
+		--enable-logfile-mask=0640
+		--prefix="${EPREFIX}"/usr
+		--libdir="${EPREFIX}"/usr/lib/frr
+		--sbindir="${EPREFIX}"/usr/lib/frr
+		--libexecdir="${EPREFIX}"/usr/lib/frr
+		--sysconfdir="${EPREFIX}"/etc/frr
+		--localstatedir="${EPREFIX}"/run/frr
+		--with-moduledir="${EPREFIX}"/usr/lib/frr/modules
+		--with-clippy="${BROOT}"/usr/bin/clippy
+		--enable-user=frr
+		--enable-group=frr
+		--enable-vty-group=frr
+		--enable-multipath=64
+		$(use_enable doc)
+		$(use_enable fpm)
+		$(use_enable grpc)
+		$(use_enable ipv6 ospf6d)
+		$(use_enable ipv6 ripngd)
+		$(use_enable ipv6 rtadv)
+		$(use_enable kernel_linux realms)
+		$(use_enable nhrp nhrpd)
+		$(usex ospfapi '--enable-ospfclient' '' '' '')
+		$(use_enable rpki)
+		$(use_enable snmp)
+	)
+
+	econf "${myconf[@]}"
+}
+
+src_compile() {
+	default
+
+	use doc && emake -C doc html
+}
+
+src_install() {
+	default
+	find "${ED}" -name '*.la' -delete || die
+
+	# Install user documentation if asked
+	use doc && dodoc -r doc/user/_build/html
+
+	# Create configuration directory with correct permissions
+	keepdir /etc/frr
+	fowners frr:frr /etc/frr
+	fperms 775 /etc/frr
+
+	# Create logs directory with the correct permissions
+	keepdir /var/log/frr
+	fowners frr:frr /var/log/frr
+	fperms 775 /var/log/frr
+
+	# Install the default configuration files
+	insinto /etc/frr
+	doins tools/etc/frr/vtysh.conf
+	doins tools/etc/frr/frr.conf
+	doins tools/etc/frr/daemons
+
+	# Fix permissions/owners.
+	fowners frr:frr /etc/frr/vtysh.conf
+	fowners frr:frr /etc/frr/frr.conf
+	fowners frr:frr /etc/frr/daemons
+	fperms 640 /etc/frr/vtysh.conf
+	fperms 640 /etc/frr/frr.conf
+	fperms 640 /etc/frr/daemons
+
+	# Install logrotate configuration
+	insinto /etc/logrotate.d
+	newins redhat/frr.logrotate frr
+
+	# Install PAM configuration file
+	use pam && newpamd "${FILESDIR}"/frr.pam frr
+
+	# Install init scripts
+	systemd_dounit tools/frr.service
+	newinitd "${FILESDIR}"/frr-openrc-v1 frr
+
+	# Conflict files, installed by net-libs/libsmi, bug #758383
+	rm "${ED}"/usr/share/yang/ietf-interfaces.yang || die
+}
diff --git a/net-misc/openssh/Manifest b/net-misc/openssh/Manifest
index e44331728f86..7d26d8a979b9 100644
--- a/net-misc/openssh/Manifest
+++ b/net-misc/openssh/Manifest
@@ -14,8 +14,10 @@ AUX sshd-r1.confd 774 BLAKE2B df3f3f28cb4d35b49851399b52408c42e242ae3168ff3fc79a
 AUX sshd-r1.initd 2675 BLAKE2B 47e87cec2d15b90aae362ce0c8e8ba08dada9ebc244e28be1fe67d24deb00675d3d9b8fef40def8a9224a3e2d15ab717574a3d837e099133c1cf013079588b55 SHA512 257d6437162b76c4a3a648ecc5d4739ca7eaa60b192fde91422c6c05d0de6adfa9635adc24d57dc3da6beb92b1b354ffe8fddad3db453efb610195d5509a4e27
 AUX sshd.pam_include.2 156 BLAKE2B 91ebefbb1264fe3fe98df0a72ac22a4cd8a787b3b391af5769798e0b0185f0a588bc089d229c76138fd2db39fbe6bd33924f0d53e0513074d9c2d7abf88dcb78 SHA512 d3f7e6ca8c9f2b5060ebccb259316bb59c9a7e158e8ef9466765a20db263a4043a590811f1a3ab072b718dbd70898bc69b77e0b19603d7f394b5ac1bd0a4a56c
 AUX sshd.service 259 BLAKE2B e65ea7227658295584c3fdee3bf46f098c1c5a53a0b433e88ae8d43f0823fade25846a5f3abbacf939a13af8195a888d0ffb937e8da943478e76eea7c0e13c82 SHA512 9656ae4c045ba47ad28f983e50d1119d51c1d0a7471fe8e792d6f734a71c8d4d900431b591f2f40bb8af3a382e6215933ae32eff56de6da0f2f166d6fb855987
+AUX sshd.service.1 298 BLAKE2B 7a4f2e2656096b09a8b435d393ea9b0a7bd10a2a9f0e9d9cf49b9ae9600cccfb19a64e09f4cf718e8054fc997f21656f609eb3af15ee2e3576531a88b5709842 SHA512 efc936ca412999e3b1acabe6cf4e87c033fe468cede1c3c499499e252cf7cdeca0841e5e1862ebe316ff3f4bf758fba674f08d081b403713e154b6bbc37da365
 AUX sshd.socket 136 BLAKE2B 22e218c831fc384a3151ef97c391253738fa9002e20cf4628c6fe3d52d4b0ac3b957da58f816950669d0a6f8f2786251c6dfc31bbb863f837a3f52631341dc2e SHA512 4d31d373b7bdae917dc0cf05418c71d4743e98e354aefcf055f88f55c9c644a5a0e0e605dbb8372c1b98d17c0ea1c8c0fee27d38ab8dbe23c7e420a6a78c6d42
 AUX sshd_at.service 177 BLAKE2B 0e78184f58cb4c68fb834953fac3ce01f9e39e9eb1a84c03f720205f5b611365c9a48fba445962c06c7e18bdb310cdb9ffe4fc49e95f69608922d224b00c890b SHA512 423120ea2e1ac0b92575ce4eb05347483f902238dc104848e74088f49483c37d30c27364e7fe8599b3e85562159c69284ecf25a4c5394b4cfa18c5c77c6beacd
+AUX sshd_at.service.1 163 BLAKE2B b5c77d69e3860d365ba96a5b2fe14514bda9425e170fc7f324dcaf95fb02756ef9c5c2658904e812232f40fac9a3c2f4abf61b9129038bde66bb7d3a992d2606 SHA512 fbfe0aed3a5e99f15dc68838975cc49a206d697fb3549d8b31db25617dc7b7b8dd2397d865d89f305d5da391cd56a69277c2215c4335fccb4dd6a9b95ba34e2f
 DIST openssh-8_5_P1-hpn-AES-CTR-15.2.diff 30096 BLAKE2B f0c020dd2403806c79d4c37a019996d275655b04997301e247f5c4dd7fad35d12b3b7c25afb1b078d915ef2a4ae02f736f0aec9ba2a8c56a405d7ca303bcadf7 SHA512 4c2dbf99a9b5953fdb955f700272bbaeaa025f108a8860d2190197962b849f8385327af82c4d6a3a130a7fba35a74a8ec9437d642867601acb29817c49632a8f
 DIST openssh-8_5_P1-hpn-DynWinNoneSwitch-15.2.diff 51428 BLAKE2B 370b88a7da7f148bf5a4d445f05cf593b486e9df53bba027e2e179726f534b68cf9d94edd6e53024e0b6ff5f20e568727bc9d26c94d0d415603602a80d3ad241 SHA512 2d8d887901164b33b2799ff3ec72e86a39ae4a1696e52bcee0872dbae7772fcc534351e6e7f87126ee71b164c74e9091350f14b782f4b242a09f09b4f50d047a
 DIST openssh-8_5_P1-hpn-PeakTput-15.2.diff 2429 BLAKE2B 849bf3c313719ab7a25c75e82d5dc5ac98365a038b2a66fe58d01eae5b20c7777258b94b5830e799d6909e75c69753cda05a910f3bdab9606fb7d5efa68e05f1 SHA512 c4a56fab55fabd1d902d45f235b603708d43f969920e45c9a57e557dccfa9cade2ec61f26d1ace938f6f73e79f17b12f119b5aea9166cbda8e3435b910500914
@@ -33,5 +35,5 @@ DIST openssh-9.2p1-sctp-1.2.patch.xz 6828 BLAKE2B 8a57b85ce5d18dca34ef71b486f2f2
 DIST openssh-9.2p1.tar.gz 1852380 BLAKE2B 8d0b5e43cb42cba105a1fe303c447a2b85151cb33ec7ed47747d75c5a61d0f07f0ee4b1020b79c13eb8de4b451c5a844a8afc7ebbbea7ffeceafc3bf59cb8d21 SHA512 c4b79ef3a05b96bfc477ffb31f734635bffd5be213ab58e043111c3232dbe999ff24665fa1069518237cffa5126ded0dda8984e1b8f098f4f09b8c1dae20e604
 DIST openssh-9.2p1.tar.gz.asc 833 BLAKE2B 36210757aaa4ee8e6bdf4cfbb5590e6c54a617817d1657ebb446e54530d01a9e9f5559408b3d424d5efdb4ba06f0c02755637f5480dc81f9b4e32963de91087a SHA512 2a56f8946ed00fcd5a92935e090523d40b5c3747e25661d575b799b1825bf5e47a95eed5e7ed968fe042349c2c7d94d6b0e6bf2d9145b5c6ff5df2ca538d56e5
 EBUILD openssh-9.1_p1-r3.ebuild 18562 BLAKE2B 8fd485e9a362653105f7eaededc3785b21e7e183ed555cc007adb936c3182721d68a637b10fb83a655ccc3bb82dc22a06301457a25a699ddf20e670bfe053cc4 SHA512 81f8748b45b019e7c1025efa6d5b7b5b22bd37792915206c0dc262db8befdfb143d072de10c9bb8fa0002e09ad0309e740598e9bb8d91f830797b571fa86d269
-EBUILD openssh-9.2_p1.ebuild 17834 BLAKE2B c1a4f5e033eeda367cb92461a7647c8006c61f5795ad89b120505d528cfe2a857d9c28b9c1100b732b48dcd9c018fb3ff389522385aa6dd8cf2b589fcfb97aef SHA512 8e14c5dc1c239eb56a38a071fa7b215e423b7b5b884557287785642b0b71f41377013f8298bffe03d8d24317b414035004f42135c760e1d2f9e2759a76c76093
+EBUILD openssh-9.2_p1-r1.ebuild 18262 BLAKE2B c217ae3cae457b776d77ce8fd89e0f16e00f33e241843b3fc7400ebd45b60dea3c7deb610fd95548d3f905ff4eaeb1214993c712330fe2387c6658e8998e5858 SHA512 09acf9d10695b1b0a9e09995d3684d595f12fb3b6156bd6f9216a867acd7cf502e38d9d57d6ddbb8568d125373efaa808cedbef255a0e75afd7c24ccbf6373cb
 MISC metadata.xml 1957 BLAKE2B f5921abe3735fc6b8f8c6e88f3c3c11201c32ac91f7426150a51619b430f8c15c2afb0a9dcb9b3b5099fe7e5f193a05514064029392df6d0815a7fb67c2b96cf SHA512 6189845b640943147020d4a0fe04be66f58433809edded6fe98824b51c704faef9c3fc4c0d7a604391afcfcee62c0a47e25d36024b9145c4f1e332fe27db7f0a
diff --git a/net-misc/openssh/files/sshd.service.1 b/net-misc/openssh/files/sshd.service.1
new file mode 100644
index 000000000000..a541164cd7f2
--- /dev/null
+++ b/net-misc/openssh/files/sshd.service.1
@@ -0,0 +1,15 @@
+[Unit]
+Description=OpenSSH server daemon
+After=network.target auditd.service
+
+[Service]
+ExecStartPre=/usr/bin/ssh-keygen -A
+ExecStart=/usr/sbin/sshd -D -e
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+OOMPolicy=continue
+Restart=on-failure
+RestartSec=42s
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-misc/openssh/files/sshd_at.service.1 b/net-misc/openssh/files/sshd_at.service.1
new file mode 100644
index 000000000000..e43a457994f4
--- /dev/null
+++ b/net-misc/openssh/files/sshd_at.service.1
@@ -0,0 +1,8 @@
+[Unit]
+Description=OpenSSH per-connection server daemon
+After=auditd.service
+
+[Service]
+ExecStart=-/usr/sbin/sshd -i -e
+StandardInput=socket
+StandardError=journal
diff --git a/net-misc/openssh/openssh-9.2_p1.ebuild b/net-misc/openssh/openssh-9.2_p1-r1.ebuild
index 9fa1599bd620..8a348bd91862 100644
--- a/net-misc/openssh/openssh-9.2_p1.ebuild
+++ b/net-misc/openssh/openssh-9.2_p1-r1.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2023 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=7
+EAPI=8
 
 inherit user-info flag-o-matic autotools pam systemd toolchain-funcs verify-sig
 
@@ -269,10 +269,6 @@ src_prepare() {
 			"${S}"/version.h || die "Failed to patch SSH_RELEASE (version.h)"
 	fi
 
-	sed -i \
-		-e "/#UseLogin no/d" \
-		"${S}"/sshd_config || die "Failed to remove removed UseLogin option (sshd_config)"
-
 	eapply_user #473004
 
 	# These tests are currently incompatible with PORTAGE_TMPDIR/sandbox
@@ -282,8 +278,6 @@ src_prepare() {
 	tc-export PKG_CONFIG
 	local sed_args=(
 		-e "s:-lcrypto:$(${PKG_CONFIG} --libs openssl):"
-		# Disable PATH reset, trust what portage gives us #254615
-		-e 's:^PATH=/:#PATH=/:'
 		# Disable fortify flags ... our gcc does this for us
 		-e 's:-D_FORTIFY_SOURCE=2::'
 	)
@@ -443,8 +437,9 @@ src_install() {
 	dodir /etc/skel/.ssh
 	rmdir "${ED}"/var/empty || die
 
-	systemd_dounit "${FILESDIR}"/sshd.{service,socket}
-	systemd_newunit "${FILESDIR}"/sshd_at.service 'sshd@.service'
+	systemd_dounit "${FILESDIR}"/sshd.socket
+	systemd_newunit "${FILESDIR}"/sshd.service.1 sshd.service
+	systemd_newunit "${FILESDIR}"/sshd_at.service.1 'sshd@.service'
 }
 
 pkg_preinst() {
@@ -492,6 +487,14 @@ pkg_postinst() {
 			ewarn "will not be able to establish new sessions. Restarting sshd over a ssh"
 			ewarn "connection is generally safe."
 		fi
+		if ver_test "${old_ver}" -lt "9.2_p1-r1" && systemd_is_booted; then
+			ewarn "From openssh-9.2_p1-r1 the supplied systemd unit file defaults to"
+			ewarn "'Restart=on-failure', which causes the service to automatically restart if it"
+			ewarn "terminates with an unclean exit code or signal. This feature is useful for most users,"
+			ewarn "but it can increase the vulnerability of the system in the event of a future exploit."
+			ewarn "If you have a web-facing setup or are concerned about security, it is recommended to"
+			ewarn "set 'Restart=no' in your sshd unit file."
+		fi
 	done
 
 	if [[ -n ${show_ssl_warning} ]]; then
author	V3n3RiX <venerix@koprulu.sector>	2023-02-05 03:15:29 +0000
committer	V3n3RiX <venerix@koprulu.sector>	2023-02-05 03:15:29 +0000
commit	c75fb751e4fd18ca8d87b0198e91a1976ffb2f2d (patch)
tree	f5c67b2f37cf625a99a154e470bc5dd76a88dee1 /net-misc
parent	2997df5d95cb64694ec91d50c93407e92c68e2a8 (diff)