I do not know if /var/empty is picked as the privilege separation directory for openssh for a reason. But I cannot imagine a good one. The directory is called, well, 'empty' for a reason. It should be left empty. On some BSD's for instance it is actually immutable to make sure it stays empty, so it is on my machines. I suggest to pick another directory such as /var/{lib,run}/openssh to carry the live data. I fail to see why openssh, in particular, should have the right to highjack /var/empty for its purposes as other programs might well depend on the emptiness properties of this directory. Reproducible: Always
what "live" data are you talking about exactly ? the only thing in there is /dev/ and that's when USE=hpn is enabled, and we can probably drop that.
I don't know what live data openssh needs, but at least the hpn patch introduces a directory in /var/empty and portage also introduces a .keep file. And this kind of contradicts the meaning of '/var/empty'.
starting with openssh-6.9_p1-r2, openssh no longer carries the server logging patch, which means the modifications to /var/empty are no longer needed
