From b3e6b8a3176cd448f3868adf7093808aa838c634 Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Dec 11 2023 08:55:14 +0000
Subject: Add /etc/ssh/sshd_config.d to the file list


This is a bit of a mess: sshd can only load configuration from
/etc/ssh/sshd_config.d, and that directory is declared as non-world-readable.
This is in violation of the packaging guidelines which say that packaged files
must be world-readable, and also makes very little sense, since those files
are part of the package payload.

If we create the directory with different permissions, and list it in %files,
installation will fail. If we don't list it in %files, and the user doesn't have
openssh-server installed, they will have an unowned directory. Another option
would be to depend on owner of this directory, i.e. openssh-server, but we don't
want to have that dependency. So let's copy the %files line from openssh-server
and figure out what to do if it changes in openssh-server again.

(cherry picked from commit 245a2587e095a08a61af4e48f7daa57dee3629e6)

---

diff --git a/systemd.spec b/systemd.spec
index 173ff7b..129416b 100644
--- a/systemd.spec
+++ b/systemd.spec
@@ -913,6 +913,7 @@ python3 %{SOURCE2} %buildroot "%{?rhel}" <<EOF
 %ghost %attr(0444,root,root) /etc/udev/hwdb.bin
 /etc/inittab
 /usr/lib/systemd/purge-nobody-user
+%dir %attr(0700,root,root) /etc/ssh/sshd_config.d
 %ghost %config(noreplace) /etc/vconsole.conf
 %ghost %config(noreplace) /etc/X11/xorg.conf.d/00-keyboard.conf
 %ghost %attr(0664,root,root) %verify(not group) /run/utmp