Openssh has a BSD compatibility layer that prevents mkstemp64 from being used when large file support is enabled. This is triggering the QA check for arm-generic on ChromeOS: ``` openssh-9.3_p1: 20:53:50.610 * QA Notice: The following files were not built with LFS support: openssh-9.3_p1: 20:53:50.624 * Please see https://issuetracker.google.com/201531268 for details. openssh-9.3_p1: 20:53:50.639 * mkstemp /usr/bin/ssh-add openssh-9.3_p1: 20:53:50.643 * mkstemp /usr/bin/ssh-keyscan openssh-9.3_p1: 20:53:50.647 * mkstemp /usr/bin/ssh openssh-9.3_p1: 20:53:50.650 * mkstemp /usr/bin/ssh-keygen openssh-9.3_p1: 20:53:50.654 * mkstemp /usr/sbin/sshd openssh-9.3_p1: 20:53:50.667 * Full build files: openssh-9.3_p1: mkstemp /build/arm-generic/tmp/portage/net-misc/openssh-9.3_p1/work/openssh-9.3p1/ssh-add openssh-9.3_p1: mkstemp /build/arm-generic/tmp/portage/net-misc/openssh-9.3_p1/work/openssh-9.3p1/ssh-keyscan openssh-9.3_p1: mkstemp /build/arm-generic/tmp/portage/net-misc/openssh-9.3_p1/work/openssh-9.3p1/openbsd-compat/mktemp.o openssh-9.3_p1: mkstemp /build/arm-generic/tmp/portage/net-misc/openssh-9.3_p1/work/openssh-9.3p1/sshd openssh-9.3_p1: mkstemp /build/arm-generic/tmp/portage/net-misc/openssh-9.3_p1/work/openssh-9.3p1/ssh openssh-9.3_p1: mkstemp /build/arm-generic/tmp/portage/net-misc/openssh-9.3_p1/work/openssh-9.3p1/ssh-keygen ``` Adding this patch fixes the issue: diff --git a/net-misc/openssh/files/openssh-9.3_p1-fix-large-file-support.patch b/net-misc/openssh/files/openssh-9.3_p1-fix-large-file-support.patch new file mode 100644 index 000000000..d24020df4 --- /dev/null +++ b/net-misc/openssh/files/openssh-9.3_p1-fix-large-file-support.patch @@ -0,0 +1,20 @@ +Use mkstemp from the headers so mkstemp64 is used where appropriate. + +author: Allen Webb <allenwebb@google.com> + +diff --git a/openbsd-compat/mktemp.c b/openbsd-compat/mktemp.c +index cca956a..821a1b0 100644 +--- a/openbsd-compat/mktemp.c ++++ b/openbsd-compat/mktemp.c +@@ -34,11 +34,6 @@ + #include <ctype.h> + #include <unistd.h> + +-#ifdef mkstemp +-#undef mkstemp +-#endif +-int mkstemp(char *); +- + /* + * From glibc man page: 'In glibc versions 2.06 and earlier, the file is + * created with permissions 0666, that is, read and write for all users.' diff --git a/net-misc/openssh/openssh-9.3_p1.ebuild b/net-misc/openssh/openssh-9.3_p1.ebuild index 935999c77..f2acbde73 100644 --- a/net-misc/openssh/openssh-9.3_p1.ebuild +++ b/net-misc/openssh/openssh-9.3_p1.ebuild @@ -125,6 +125,7 @@ PATCHES=( "${FILESDIR}/${PN}-8.9_p1-allow-ppoll_time64.patch" #834019 "${FILESDIR}/${PN}-8.9_p1-gss-use-HOST_NAME_MAX.patch" #834044 "${FILESDIR}/${PN}-9.3_p1-openssl-version-compat-check.patch" + "${FILESDIR}/${PN}-9.3_p1-fix-large-file-support.patch" ) pkg_pretend() { Reproducible: Always
I think that file is maintained by the openssh-portable project. You should submit the change there. https://github.com/openssh/openssh-portable
The patch doesn't work as intended. It ends up resulting in a stack overflow since the undef was for the compat version of mkstemp rather than the libc version. The resolution is to replace: ret = mkstemp(template); with ret = mkstemp64(template);
(In reply to Allen Webb from comment #2) That will not work on musl; they are dropping the mkstemp64 function.