Created attachment 219000 [details] the moduli.sample patch Currently , if the moduli file is self-generated, pkg complains about the file having been changed: [root@abox /etc]# pkg check -s openssh-portable Checking openssh-portable: 0% openssh-portable-8.2.p1_1,1: checksum mismatch for /usr/local/etc/ssh/moduli Checking openssh-portable: 100% The patch installs the moduli file as `/usr/local/etc/ssh/moduli.sample` instead, and symlinks it as `/usr/local/etc/ssh/moduli`. the `moduli.sample` is added to `pkg-plist`, but `moduli` is not -- making it possible to self-generate a moduli file without having pkg complain about checksum mismatch for it. This is a bit improved version of a patch created by @mpts here: https://mastodon.social/@mpts/105044922334515993 (credit where credit's due)
Comment on attachment 219000 [details] the moduli.sample patch >diff -u ./Makefile ../openssh-portable-moduli-patch/Makefile >--- ./Makefile 2020-03-23 23:15:09.000000000 +0000 >+++ ../openssh-portable-moduli-patch/Makefile 2020-10-22 22:04:34.305030000 +0000 >@@ -191,8 +191,12 @@ > @${ECHO_CMD} "#define WITH_XMSS 1" >> ${WRKSRC}/config.h > > post-install: >+ ${MV} ${STAGEDIR}${ETCDIR}/moduli \ >+ ${STAGEDIR}${ETCDIR}/moduli.sample >+ ${RLN} ${STAGEDIR}${ETCDIR}/moduli.sample \ >+ ${STAGEDIR}${ETCDIR}/moduli I am not sure but this RLN command should not be needed. AFAIR, @sample in pkg-plist instructs pkg to 1. copy file.sample to file if file does not exist 2. on package upgrade, the new file.sample is copied again to file if it has not been modified since the last time. I'd have to double check with the documentation/implementation.
A commit references this bug: Author: 0mp Date: Sat Nov 7 14:46:39 UTC 2020 New revision: 554395 URL: https://svnweb.freebsd.org/changeset/ports/554395 Log: Install the moduli file as a @sample PR: 250559 Submitted by: Micha? "rysiek" Wo?niak <rysiek % isnic.is> Approved by: maintainer timeout Changes: head/security/openssh-portable/Makefile head/security/openssh-portable/pkg-plist
Committed! Thanks!