From c0ca282ac7cae4b874b70cdb095409a50d6a794c Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sun, 19 Mar 2023 15:49:00 +0100
Subject: [PATCH] openssh: Change privsep directory to /var/lib/sshd

The old one /var/empty/sshd violated our FHS

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 openssh/openssh.nm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/openssh/openssh.nm b/openssh/openssh.nm
index 9ccff01e5..2d90ee6ba 100644
--- a/openssh/openssh.nm
+++ b/openssh/openssh.nm
@@ -5,7 +5,7 @@
 
 name       = openssh
 version    = 9.1p1
-release    = 3
+release    = 4
 
 groups     = Application/Internet
 url        = https://www.openssh.com/portable.html
@@ -41,7 +41,7 @@ build
 		--libexecdir=%{libdir}/openssh \
 		--with-default-path=/usr/local/bin:/bin:/usr/bin \
 		--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
-		--with-privsep-path=/var/empty/sshd \
+		--with-privsep-path=%{sharedstatedir}/sshd \
 		--enable-vendor-patchlevel="%{DISTRO_NAME} %{thisver}" \
 		--disable-strip \
 		--with-ssl-engine \
@@ -147,7 +147,7 @@ packages
 			%{mandir}/man5/moduli.5*
 			%{mandir}/man8/sshd.8*
 			%{mandir}/man8/sftp-server.8*
-			/var/empty/sshd
+			%{sharedstatedir}/sshd
 		end
 
 		configfiles
@@ -164,7 +164,7 @@ packages
 			getent group sshd >/dev/null || groupadd -r sshd
 			getent passwd sshd >/dev/null || useradd -r -g sshd \
 				-c "Privilege-separated SSH" \
-				-d /var/empty/sshd -s /sbin/nologin sshd
+				-d /var/lib/sshd -s /sbin/nologin sshd
 		end
 
 		script postin
-- 
2.39.2