Created attachment 384120 [details, diff] patch against gx86 version Tests need special privileges, bug#335343. Setting setuid bit may fail in Prefix - what about userpriv? Retrying in pkg_preinst, runs as root even with userpriv. Thanks!
Comment on attachment 384120 [details, diff] patch against gx86 version >+ # setting setuid bit may fail as non-priviledged user (prefix, userpriv?) >+ # during build, retry in pkg_preinst this comment is confused and shouldn't be >+ if [[ $(id -u) != 0 ]]; then it should be unconditional >- $(static_use_with kerberos kerberos5 /usr) \ >+ $(static_use_with kerberos kerberos5 "${EPREFIX}"/usr) \ feel free to commit >+ use prefix && return # horse drug, see #335343 this comment isn't terribly useful. i'm not sure it should be bound to USE=prefix either. >+ # retry setting setuid bit, may fail as non-priviledged user (prefix). >+ $(usex prefix 'nonfatal' '') fperms 4711 /usr/$(get_libdir)/misc/ssh-keysign* i don't see why this is done in openssh. we have lots of random packages that try to install set*id files. i don't think we should go about ignoring errors like this.
Created attachment 384568 [details, diff] updated patch Did I understand your comments right?
Created attachment 384866 [details, diff] updated patch, avoid wildcards with fperms Ohw, better not use wildcards with fperms - expands using host filesystem (bug#522950). Ignoring EXEEXT for now instead.
Comment on attachment 384866 [details, diff] updated patch, avoid wildcards with fperms >+ sed -i -e 's/-m 4711/-m 0711/' "${S}"/Makefile.in || die you're already in $S, so no need to prefix the var >- $(static_use_with kerberos kerberos5 /usr) \ >+ $(static_use_with kerberos kerberos5 "${EPREFIX}"/usr) \ again, feel free to commit this one line >+ [[ $(id -u) = 0 ]] || return #335343 this really should be tracked down. also, use ==, not =, when doing tests with [[...]]. >+ fperms 4711 /usr/$(get_libdir)/misc/ssh-keysign shouldn't that have $EPREFIX ? or does the tool do it for you.
(In reply to SpanKY from comment #4) i've included the kerberos line change when i was updating 6.7p1
Hi Michael, it is full merged to gx86?
Seems yes. Last commit to openssh in prefix-overlay was commit 15e618a1fdd34e952d0485cb9bcfdc8672aa25e8 Author: Fabian Groffen <grobian@gentoo.org> Date: Wed Sep 28 19:26:18 2016 +0200 net-misc/openssh: migrate to gx86