From f26cd8d6ee03d58c5a08ca4fe704cc2097f9ad0f Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 8 Jan 2016 11:27:02 +0100
Subject: [PATCH] Update ssh-agent permissions (#1296724)

* It is no longer required to have ssh-agent with suid bit, because
  the ptrace attach is prevented using PR_SET_DUMPABLE 0 [1]

[1] https://anongit.mindrot.org/openssh.git/commit/?id=6c4914afccb0c188a2c412d12dfb1b73e362e07e
---
 openssh.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openssh.spec b/openssh.spec
index 932f5af..71025b8 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -740,7 +740,7 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_mandir}/man1/slogin.1*
 %attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
 %if ! %{rescue}
-%attr(2111,root,nobody) %{_bindir}/ssh-agent
+%attr(0755,root,root) %{_bindir}/ssh-agent
 %attr(0755,root,root) %{_bindir}/ssh-add
 %attr(0755,root,root) %{_bindir}/ssh-keyscan
 %attr(0755,root,root) %{_bindir}/sftp