ssh-copy-id: Do not fail in case remote system is out of space

openssh-7.9p1-ssh-copy-id.patch

@@ -0,0 +1,12 @@
+diff -up openssh-7.9p1/contrib/ssh-copy-id.ssh-copy-id openssh-7.9p1/contrib/ssh-copy-id
+--- openssh-7.9p1/contrib/ssh-copy-id.ssh-copy-id	2019-01-23 20:44:32.880912180 +0100
++++ openssh-7.9p1/contrib/ssh-copy-id	2019-01-23 20:44:24.512842410 +0100
+@@ -296,7 +296,7 @@ case "$REMOTE_VERSION" in
+     # in ssh below - to defend against quirky remote shells: use 'exec sh -c' to get POSIX;
+     #     'cd' to be at $HOME; add a newline if it's missing; and all on one line, because tcsh.
+     [ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | \
+-      ssh "$@" "exec sh -c 'cd ; umask 077 ; mkdir -p .ssh && { [ -z "'`tail -1c .ssh/authorized_keys 2>/dev/null`'" ] || echo >> .ssh/authorized_keys ; } && cat >> .ssh/authorized_keys || exit 1 ; if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi'" \
++      ssh "$@" "exec sh -c 'cd ; umask 077 ; mkdir -p .ssh && { [ -z "'`tail -1c .ssh/authorized_keys 2>/dev/null`'" ] || echo >> .ssh/authorized_keys || exit 1; } && cat >> .ssh/authorized_keys || exit 1 ; if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi'" \
+       || exit 1
+     ADDED=$(printf '%s\n' "$NEW_IDS" | wc -l)
+     ;;

openssh.spec

@@ -233,6 +233,9 @@ Patch955: openssh-7.9p1-match-final.patch
 Patch956: openssh-7.9p1-backports.patch
 # Backport patch for CVE-2018-20685 (#1665786)
 Patch957: openssh-7.9p1-CVE-2018-20685.patch
+# ssh-copy-id is unmaintained: Aggreagete patches
+#  - do not return 0 if the write fails (full disk)
+Patch958: openssh-7.9p1-ssh-copy-id.patch
 
 License: BSD
 Requires: /sbin/nologin
@@ -452,6 +455,7 @@ popd
 %patch955 -p1 -b .match-final
 %patch956 -p1 -b .backports
 %patch957 -p1 -b .CVE-2018-20685
+%patch958 -p1 -b .ssh-copy-id
 
 %patch200 -p1 -b .audit
 %patch201 -p1 -b .audit-race