5 files changed, 11 insertions, 160 deletions
diff --git a/sys-cluster/teleport/Manifest b/sys-cluster/teleport/Manifest
index 5e1d46a511db..b659b5f45921 100644
--- a/sys-cluster/teleport/Manifest
+++ b/sys-cluster/teleport/Manifest
@@ -1,12 +1,11 @@
-AUX teleport-2.6.yaml 4823 BLAKE2B ed9fc1cf1d70872fb7e0798707f4bc6b121a0ac417a5062451937240abd9f51999a8990bdf6714abd9517118aa9dc87c2bfbf4f8b8e9e309a080cc5e04f10d68 SHA512 1430a78b89fd758e967acf76c3166b9c50017d6df2f4e6e23b6e683c39e5a1e5cb13012dc218482f38abaca14d45b7df7ba0a55d1598f13dd2c46732d12f1b45
 AUX teleport.conf.d 442 BLAKE2B 089128fa5d277f5b7cda5d054a079c4cfd7990b503df2ac6818c83f79ea73b7ded2abf7eed2a66cd32394483e5494502355837e03883085db8afd92e537bfb47 SHA512 e50e3d0030e467afcfaf42c8f56ba1c0397e3dc6a445981b3f1533d7a0a9e550aabdc8bff394a5b01e44d3445b1981e2e955ea38b079386f675df8a37d7d20de
 AUX teleport.init.d 940 BLAKE2B a3b5fd197e6d8e173903aac6e9db4a684a986ab7d52227d40128ec16457990e78bc8345153b3c87558d3073b6acc7337050f4d21aa9f41acde8334aae8fc1c3e SHA512 9dd26daa519e9fef30b25ef5af505b8b35d8566eaa02f0ec47a6f7805227e94eb25ffb8fd007b73e7c3a91f9e783d47391c55dd8d659d683770aa9d5a02df923
 AUX teleport.service 310 BLAKE2B 410a8ca2e1273a0b9ef1ad93f4ff21f71ecedc979e52eb4f7e1b807b5434fba2b88bd1e0a5544ac68489d6e0db641cda4d76e606bed9cc96527156088b9b088b SHA512 72a43cce5f16bbed63e3b25917d3a4d63641b735acf63975c13c3cd2624c7971f40dc697d1da0d9b94b54e675e051d0a4e863696f7ebcea14f1c4b86e9e1218b
 AUX teleport.service.conf 90 BLAKE2B 7f12f281d73ac6573c882a7910e400f901ff6392e0c576e4b7076972f4ced046f709c8898766aaf38cc38fbfcf450b526d3045ff859eed2a48e19dbd92ec3131 SHA512 d17faa0deaf3c864e5159d3567e542e36d09c6ea0ac91c663d3ae9729d1bccf7d2139f1f48fec132eccc473e023ffdaed0b8f2ee75db5dedc6ff36f637f68e1c
-AUX teleport.yaml 5177 BLAKE2B 8280b9924497af772574faad5d01351d9c49dd1916dca8e3e0384579e7628b2c0b1833b72882231bfef4ae11b2fa9820a4785393ea8c9d00aef105263bbf5c15 SHA512 f9f854472d469d0822d5766517cc68364feca4f3345a69d616d073aaaf9af7be6f72aa55c7d0c801426c3fef42714c09b884e0e086a58a07208ebef0ffe3ca80
-DIST teleport-2.5.8.tar.gz 16219666 BLAKE2B dd64ef4ca5b26e025e46c88d58e7ec226810b583c4b740416f6cc0caec5ea7d050c732368917ec34c5f8a36c7670d2903baa6c32203a2c5cac972e3a2b4bcbbb SHA512 070eebc889adde017641a833ee0e414c5f56848ac36fa96fb66e83062212307904e8264da758042765ba13d6a0c1b4f5314c1b0e90a2c37723ef1c0aa22889be
+AUX teleport.yaml 4823 BLAKE2B ed9fc1cf1d70872fb7e0798707f4bc6b121a0ac417a5062451937240abd9f51999a8990bdf6714abd9517118aa9dc87c2bfbf4f8b8e9e309a080cc5e04f10d68 SHA512 1430a78b89fd758e967acf76c3166b9c50017d6df2f4e6e23b6e683c39e5a1e5cb13012dc218482f38abaca14d45b7df7ba0a55d1598f13dd2c46732d12f1b45
 DIST teleport-2.6.7.tar.gz 16655508 BLAKE2B a020ab999b7503cb7aec54ed81532baf9d08b98000f2c659f63859d89f7f2b5fb311c41d6fcafb7d9bf72ea1c97eecfc6ac621b7c90d74f5afe2717edb8b0402 SHA512 45002dcf7b99108ca6fffae94d6608188eb9b0bea05cd14068618bfb11c496cad5546e261f349fee70f2acb574e7fc44093683dd991001e01406da6982c5c4c3
-EBUILD teleport-2.5.8.ebuild 1302 BLAKE2B 052c06f2b2b00694483212d92e889e38f03e8e7834afeff7b9cdecde2397c82ff5e5ea6647e0e7c6c1a364a6c88f1be1ece55a38bd2d3c6fd0f8a91ce5b69838 SHA512 d8a4fab271d5cf26f76374914186f350f2740aa3fa696776d50b25f891d46a30d03757a4a527638eb60f32a881f32bc443a56d8cf274018db526f63b6f74aba5
-EBUILD teleport-2.6.7.ebuild 1253 BLAKE2B 3bfec03d58f100e08942cc138961af2b18e517db8551b495a2882824145f85c1c2e8434343ed84583b967d60de1414214f7b14f9c9c110cbdfbdbc067e69dd1e SHA512 ab51cd95e9e3ba9bf2c032dfa808c6d7fbd7d6819d83ba8fce0fe62d118e3788d09cc469b7a0d117f8058941ed1c2ba55a7b8621d131076d84c861946ee5dccd
+DIST teleport-2.7.1.tar.gz 18222601 BLAKE2B 86852a1c7f0b083d8fc46bb2e51e287f0d54ca8bd1a6306e21ad325b6f1487682f853eb313a1f6f6fc4dc4d25d93e909ed65dad6d00eb37f878904d6df30f98c SHA512 703056eb99aa91062c8d9cfa7852e3573c8968ce9dea0ff5b076d5225caf8d67b965948a47785cdc7e4341993ef3ed005677859d37653f7d22c05cb2db51efd7
+EBUILD teleport-2.6.7.ebuild 1249 BLAKE2B 01c6f8a1581bc6fd38569b67721f4e5a24447cd9c6ccf625bba939605663f5bb643e343d6c46da1091bc872d64d049e639a4be55a5a375c20ddb59d609c9e119 SHA512 c921673cf7955253255dd41b7f53954acce2a9b53b55b88c7385bf65d087b084159152966d172151f5567a67c3794c50fc5756f871ffd1b0e5c3253553ac2cc8
+EBUILD teleport-2.7.1.ebuild 1249 BLAKE2B 01c6f8a1581bc6fd38569b67721f4e5a24447cd9c6ccf625bba939605663f5bb643e343d6c46da1091bc872d64d049e639a4be55a5a375c20ddb59d609c9e119 SHA512 c921673cf7955253255dd41b7f53954acce2a9b53b55b88c7385bf65d087b084159152966d172151f5567a67c3794c50fc5756f871ffd1b0e5c3253553ac2cc8
 EBUILD teleport-9999.ebuild 1237 BLAKE2B 8b5f4312a98799074029bbb3ccc66105ba7534434b4a553905e467114fccfb2ae0636c71fe2d6556dff2c5fa2667fe9f8e36a36df74e7bf21fa4c3ff7da85a1e SHA512 e526b41dc228bbf1143ea15e879360e94e4ad6dd10764f4d31a07eb682605247ba4d653ed3d91f0e0dc076c015c796d9a24a2ff6bccbd91c73510385ca9d3030
 MISC metadata.xml 630 BLAKE2B ad22bb63ecf79ddd45b62fe0dcadd6d0d7fd475938b18ec868b56b0f4afe7ee5d3e0908eb0b13249a7c7b5031a3296bec406fea6fb487069a087c9e29dcf0ef2 SHA512 2aa911f2a91bfdea340b38715d69cbe59bcd460d34ac6d1d641f2badf2ba72f4e02cdd2f8a2ca387c9a9d19ea2c22e2be80ab4bb582d9395c1517b818f343c74
diff --git a/sys-cluster/teleport/files/teleport-2.6.yaml b/sys-cluster/teleport/files/teleport-2.6.yaml
deleted file mode 100644
index 384dea937c97..000000000000
--- a/sys-cluster/teleport/files/teleport-2.6.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
-# By default, this file should be stored in /etc/teleport.yaml
-## IMPORTANT ##
-#When editing YAML configuration, please pay attention to how your editor handles white space. YAML requires consistent handling of tab characters
-# This section of the configuration file applies to all teleport
-# services.
-teleport:
-    # nodename allows to assign an alternative name this node can be reached by.
-    # by default it's equal to hostname
-    # nodename: graviton
-
-    # Data directory where Teleport keeps its data, like keys/users for 
-    # authentication (if using the default BoltDB back-end)
-    data_dir: /var/lib/teleport
-
-    # one-time invitation token used to join a cluster. it is not used on 
-    # subsequent starts
-    auth_token: xxxx-token-xxxx
-
-    # when running in multi-homed or NATed environments Teleport nodes need 
-    # to know which IP it will be reachable at by other nodes
-    # public_addr: 10.1.0.5
-
-    # list of auth servers in a cluster. you will have more than one auth server
-    # if you configure teleport auth to run in HA configuration
-    auth_servers: 
-        - localhost:3025
-
-    # Teleport throttles all connections to avoid abuse. These settings allow
-    # you to adjust the default limits
-    connection_limits:
-        max_connections: 1000
-        max_users: 250
-
-    # Logging configuration. Possible output values are 'stdout', 'stderr' and 
-    # 'syslog'. Possible severity values are INFO, WARN and ERROR (default).
-    log:
-        output: stderr
-        severity: ERROR
-
-    # Type of storage used for keys. You need to configure this to use etcd
-    # backend if you want to run Teleport in HA configuration.
-    storage:
-        type: bolt
-
-# This section configures the 'auth service':
-auth_service:
-    enabled: yes
-
-    # defines the types and second factors the auth server supports
-    authentication:
-        # second_factor can be off, otp, or u2f
-        second_factor: otp
-
-        # this section is only used if using u2f
-        u2f:
-            # app_id should point to the Web UI.
-            app_id: https://localhost:3080
-
-            # facets should list all proxy servers.
-            facets:
-            - https://localhost
-            - https://localhost:3080
-
-    # IP and the port to bind to. Other Teleport nodes will be connecting to
-    # this port (AKA "Auth API" or "Cluster API") to validate client 
-    # certificates 
-    listen_addr: 0.0.0.0:3025
-
-    # Pre-defined tokens for adding new nodes to a cluster. Each token specifies
-    # the role a new node will be allowed to assume. The more secure way to 
-    # add nodes is to use `ttl node add --ttl` command to generate auto-expiring 
-    # tokens. 
-    #
-    # We recommend to use tools like `pwgen` to generate sufficiently random
-    # tokens of 32+ byte length.
-    tokens:
-        - "proxy,node:xxxxx"
-        - "auth:yyyy"
-
-    # Optional "cluster name" is needed when configuring trust between multiple
-    # auth servers. A cluster name is used as part of a signature in certificates
-    # generated by this CA.
-    # 
-    # By default an automatically generated GUID is used.
-    #
-    # IMPORTANT: if you change cluster_name, it will invalidate all generated 
-    # certificates and keys (may need to wipe out /var/lib/teleport directory)
-    cluster_name: "main"
-
-# This section configures the 'node service':
-ssh_service:
-    enabled: yes
-    # IP and the port for SSH service to bind to. 
-    listen_addr: 0.0.0.0:3022
-    # See explanation of labels in "Labeling Nodes" section below
-    labels:
-        role: master
-        type: postgres
-    # List (YAML array) of commands to periodically execute and use
-    # their output as labels. 
-    # See explanation of how this works in "Labeling Nodes" section below
-    commands:
-    - name: hostname
-      command: [/usr/bin/hostname]
-      period: 1m0s
-    - name: arch
-      command: [/usr/bin/uname, -p]
-      period: 1h0m0s
-
-# This section configures the 'proxy servie'
-proxy_service:
-    enabled: yes
-    # SSH forwarding/proxy address. Command line (CLI) clients always begin their
-    # SSH sessions by connecting to this port
-    listen_addr: 0.0.0.0:3023
-
-    # Reverse tunnel listening address. An auth server (CA) can establish an 
-    # outbound (from behind the firewall) connection to this address. 
-    # This will allow users of the outside CA to connect to behind-the-firewall 
-    # nodes.
-    tunnel_listen_addr: 0.0.0.0:3024
-
-    # The HTTPS listen address to serve the Web UI and also to authenticate the 
-    # command line (CLI) users via password+HOTP
-    web_listen_addr: 0.0.0.0:3080
-
-    # TLS certificate for the HTTPS connection. Configuring these properly is 
-    # critical for Teleport security.
-    https_key_file: /etc/teleport/teleport.key
-    https_cert_file: /etc/teleport/teleport.crt
diff --git a/sys-cluster/teleport/files/teleport.yaml b/sys-cluster/teleport/files/teleport.yaml
index e297bb89b571..384dea937c97 100644
--- a/sys-cluster/teleport/files/teleport.yaml
+++ b/sys-cluster/teleport/files/teleport.yaml
@@ -1,5 +1,6 @@
 # By default, this file should be stored in /etc/teleport.yaml
-
+## IMPORTANT ##
+#When editing YAML configuration, please pay attention to how your editor handles white space. YAML requires consistent handling of tab characters
 # This section of the configuration file applies to all teleport
 # services.
 teleport:
@@ -17,7 +18,7 @@ teleport:
 
     # when running in multi-homed or NATed environments Teleport nodes need 
     # to know which IP it will be reachable at by other nodes
-    # advertise_ip: 10.1.0.5
+    # public_addr: 10.1.0.5
 
     # list of auth servers in a cluster. you will have more than one auth server
     # if you configure teleport auth to run in HA configuration
@@ -43,19 +44,10 @@ teleport:
 
 # This section configures the 'auth service':
 auth_service:
-    # Turns 'auth' role on. Default is 'yes'
     enabled: yes
 
-    # Turns on dynamic configuration. Dynamic configuration defines the source
-    # for configuration information, configuration files on disk or what's
-    # stored in the backend. Default is false if no backend is specified,
-    # otherwise if backend is specified, it is assumed to be true.
-    dynamic_config: false
-
     # defines the types and second factors the auth server supports
     authentication:
-        # type can be local or oidc
-        type: local
         # second_factor can be off, otp, or u2f
         second_factor: otp
 
@@ -97,9 +89,7 @@ auth_service:
 
 # This section configures the 'node service':
 ssh_service:
-    # Turns 'ssh' role on. Default is 'yes'
     enabled: yes
-
     # IP and the port for SSH service to bind to. 
     listen_addr: 0.0.0.0:3022
     # See explanation of labels in "Labeling Nodes" section below
@@ -119,9 +109,7 @@ ssh_service:
 
 # This section configures the 'proxy servie'
 proxy_service:
-    # Turns 'proxy' role on. Default is 'yes'
     enabled: yes
-
     # SSH forwarding/proxy address. Command line (CLI) clients always begin their
     # SSH sessions by connecting to this port
     listen_addr: 0.0.0.0:3023
diff --git a/sys-cluster/teleport/teleport-2.6.7.ebuild b/sys-cluster/teleport/teleport-2.6.7.ebuild
index a187d11ee22a..4a7a27e42a48 100644
--- a/sys-cluster/teleport/teleport-2.6.7.ebuild
+++ b/sys-cluster/teleport/teleport-2.6.7.ebuild
@@ -35,7 +35,7 @@ src_install() {
 	dobin src/${EGO_PN%/*}/build/{tsh,tctl,teleport}
 
 	insinto /etc/${PN}
-	newins "${FILESDIR}"/${PN}-2.6.yaml ${PN}.yaml
+	newins "${FILESDIR}"/${PN}.yaml ${PN}.yaml
 
 	newinitd "${FILESDIR}"/${PN}.init.d ${PN}
 	newconfd "${FILESDIR}"/${PN}.conf.d ${PN}
diff --git a/sys-cluster/teleport/teleport-2.5.8.ebuild b/sys-cluster/teleport/teleport-2.7.1.ebuild
index 597ac0e391f4..4a7a27e42a48 100644
--- a/sys-cluster/teleport/teleport-2.5.8.ebuild
+++ b/sys-cluster/teleport/teleport-2.7.1.ebuild
@@ -18,19 +18,13 @@ else
 	KEYWORDS="~amd64 ~arm"
 fi
 
-IUSE=""
+IUSE="pam"
 LICENSE="Apache-2.0"
 RESTRICT="test strip"
 SLOT="0"
 
 DEPEND="app-arch/zip"
-RDEPEND=""
-
-src_prepare() {
-	default
-
-	sed -i -e 's/-j 3/-j 1/g' src/${EGO_PN%/*}/Makefile || die
-}
+RDEPEND="pam? ( sys-libs/pam )"
 
 src_compile() {
 	BUILDFLAGS="" GOPATH="${S}" emake -j1 -C src/${EGO_PN%/*} full
@@ -41,7 +35,7 @@ src_install() {
 	dobin src/${EGO_PN%/*}/build/{tsh,tctl,teleport}
 
 	insinto /etc/${PN}
-	doins "${FILESDIR}"/${PN}.yaml
+	newins "${FILESDIR}"/${PN}.yaml ${PN}.yaml
 
 	newinitd "${FILESDIR}"/${PN}.init.d ${PN}
 	newconfd "${FILESDIR}"/${PN}.conf.d ${PN}