openssh: fix sandbox profile location

I left a comment in dupes somewhere months ago about how to fix this but nobody filed a PR, and to be fair, neither did I, so I guess I can't blame anyone but myself for leaving this broken for so long eh. Fixes #12488. Closes #13045. Signed-off-by: ilovezfs <ilovezfs@icloud.com>
Homebrew · Apr 30, 2017 · fd1a953 · fd1a953
1 parent cc533cb
commit fd1a953
Showing 1 changed file with 22 additions and 1 deletion.
diff --git a/Formula/openssh.rb b/Formula/openssh.rb
@@ -1,11 +1,11 @@
 class Openssh < Formula
   desc "OpenBSD freely-licensed SSH connectivity tools"
   homepage "https://www.openssh.com/"
-
   url "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz"
   mirror "https://www.mirrorservice.org/pub/OpenBSD/OpenSSH/portable/openssh-7.5p1.tar.gz"
   version "7.5p1"
   sha256 "9846e3c5fab9f0547400b4d2c017992f914222b3fd1f8eee6c7dc6bc5e59f9f0"
+  revision 1
 
   bottle do
     sha256 "5b40ddc62eb4356cc446b17af0ceb902e9ab1bb19149b54001a023c1d54da1a3" => :sierra
@@ -31,9 +31,18 @@ class Openssh < Formula
     sha256 "3505c58bf1e584c8af92d916fe5f3f1899a6b15cc64a00ddece1dc0874b2f78f"
   end
 
+  resource "com.openssh.sshd.sb" do
+    url "https://opensource.apple.com/source/OpenSSH/OpenSSH-209.50.1/com.openssh.sshd.sb"
+    sha256 "a273f86360ea5da3910cfa4c118be931d10904267605cdd4b2055ced3a829774"
+  end
+
   def install
     ENV.append "CPPFLAGS", "-D__APPLE_SANDBOX_NAMED_EXTERNAL__"
 
+    # Ensure sandbox profile prefix is correct.
+    # We introduce this issue with patching, it's not an upstream bug.
+    inreplace "sandbox-darwin.c", "@PREFIX@/share/openssh", etc/"ssh"
+
     args = %W[
       --with-libedit
       --with-kerberos5
@@ -53,9 +62,21 @@ def install
     # potential to break scripts, so recreate it for now.
     # Debian have done the same thing.
     bin.install_symlink bin/"ssh" => "slogin"
+
+    buildpath.install resource("com.openssh.sshd.sb")
+    (etc/"ssh").install "com.openssh.sshd.sb" => "org.openssh.sshd.sb"
   end
 
   test do
     assert_match "OpenSSH_", shell_output("#{bin}/ssh -V 2>&1")
+
+    begin
+      pid = fork { exec sbin/"sshd", "-D", "-p", "8022" }
+      sleep 2
+      assert_match "sshd", shell_output("lsof -i :8022")
+    ensure
+      Process.kill(9, pid)
+      Process.wait(pid)
+    end
   end
 end