So, last night I did a make update on openssh because I had updated pkgsrc
through CVS and noticed that there was a new version.

This morning, at work, I tried to su, only to discover that instead of
using /usr/bin/su, I had somehow installed a su in /usr/pkgsrc/bin/su that
only did Kerberos authentication (or at least, it didn't work for my
passwords, whereas /usr/bin/su did). I also noticed that a whole bunch of
stuff like nessus and isakmod had somehow gotten installed, and tried to
launch when I rebooted (despite my never having installed them or creating
entries for them in rc.conf).

The long and short of it is that doing make update on openssh has
installed all sorts of junk that I didn't have installed, don't want, and
don't think I need. I now have KDE libraries installed to do kssh, I have
qt junk, etc, etc... this is a server that I never access on the console.

Is there any way to avoid this problem? There was a discussion about using
Gentoo USE flags, which would have prevented this problem. Has anyone else
experienced this? I have never experienced anything like this using 'make
update' on any other package, so this seems like an isolated incident.

I have been happily using NetBSD for about a year now, and I feel fairly
competant most of the time. But this is really frustrating.

-- Erik

P.S. I have included a list of the new packages which I believe were
updated or installed by openssh. While some of these were installed
before, the vast majority (anything to do with SASL, Gnome, KDE, Nessus,
GPG gui stuff, etc) were not.

fontconfig-2.1nb5   Library for configuring and customizing font access
Xft2-2.1nb4         Library for configuring and customizing font access
openldap-2.0.27nb3  Lightweight directory access protocol server and
client pack
libaudiofile-0.2.3nb1 Sound library for SGI audio file
qt3-tools-3.1.2nb2  QT GUI (WYSIWYG) builder and other tools
arts-1.1.3          Analog Real-Time Synthesizer
libart2-2.3.11      High-performance 2D graphics library
libxslt-1.0.31nb1   XSLT parser library for GNOME
kdelibs-3.1.3       Support libraries for the KDE integrated X11 desktop
kdebase-3.1.3       Base modules for the KDE 3 integrated X11 desktop
kdenetwork-3.1.3    Network modules for the KDE integrated X11 desktop
kssh-0.7nb2         KDE Front-end to SSH
kth-krb4-1.2.1      Kerberos IV distribution from KTH
libbf-0.8.2b        Blowfish block cipher library
libdes-4.04b        Small DES (Data Encryption Standard) lib & standalone
progra
libident-0.22       Small library to interface to the ident protocol
server (rfc
libmcrypt-2.5.6     Crypto algorithms library
nessus-libraries-2.0.6a Libs required by the Nessus Network security
scanner
libnasl-2.0.6a      Nessus Attack Scripting Language library
logcheck-1.1.1nb1   Auditing tool for system logs on Unix boxes
mcrypt-2.6.4nb1     Replacement to crypt(1), supports many crypto
algorithms
mirrordir-0.10.49   Directory mirroring tool
msu-1.06            Mini passwordless su
msudir-0.13         Easy setuid script management
nessus-core-2.0.6anb1 Core module of the Nessus Network Security Scanner
nessus-plugins-2.0.6anb1 Plugins for the Nessus Network Security Scanner
nessus-2.0.6anb1    The Nessus Network Security Scanner
netramet-4.4.20     NEtwork TRaffic METer
nfsshell-1.0        NFS security verification suite
otpCalc-0.96nb2     OTP and S/Key calculator for X
p0f-1.8.3           Passive OS fingerprinting tool
p5-Crypt-Blowfish-2.09 Perl5 Blowfish implementation
p5-Crypt-CBC-2.02   Perl5 cipher block chaining mode for various crypto
algorith
p5-Crypt-DES-2.03   XS-based DES implementation for Perl
p5-Crypt-DES_EDE3-0.01 Perl5 module for Triple-DES EDE
encryption/decryption
teTeX-share-1.0.2nb2 Machine-independent part of teTeX
dialog-0.6znb2      Display dialog boxes from shell scripts
automake14-1.4.6    GNU Standards-compliant Makefile generator (old
version)
autoconf213-2.13    Generates automatic source code configuration scripts
(old v
libwww-5.4.0        The W3C Reference Library
teTeX-bin-1.0.7nb3  TeX distribution for UNIX compatible systems -
executables
teTeX-sharesrc-1.0.1nb1 Sources for machine-independent part of teTeX
texi2html-1.64nb1   Texinfo-to-HTML direct translator
teTeX-1.0.7nb2      Thomas Esser's TeX distribution for UNIX compatible
systems
pari-2.1.5nb1       Software package for computer-aided number theory
p5-Math-Pari-2.001804nb2 Perl5 interface to the pari math library
p5-Class-Loader-2.02 Perl5 module for module loading and on-demand object
creatio
p5-Crypt-Random-1.11nb1 Perl5 interface to /dev/random
p5-Data-Buffer-0.04 Perl5 module for low-level binary buffer
p5-Convert-ASN1-0.16 Perl5 module to encode/decode ASN.1 data
p5-Convert-PEM-0.06 Perl5 module to read/write ASN.1-encoded PEM files
p5-Crypt-DSA-0.12nb1 Perl5 module for the DSA public key algorithm
p5-Crypt-IDEA-1.01  Perl5 module for the IDEA symmetric key algorithm
p5-Compress-Zlib-1.21 Perl5 module interface to the zlib compression
library
p5-Crypt-Twofish-2.12 Perl5 module for the Twofish symmetric key algorithm
p5-Crypt-Rijndael-0.05 Perl5 module of the Rijndael symmetric key
algorithm
p5-Crypt-RIPEMD160-0.04 Perl5 module of the RIPEMD160 hash function
p5-Crypt-Primes-0.49nb1 Perl5 module for provable prime number generation
p5-Tie-EncryptedHash-1.1 Perl5 module for hashes with encrypting fields
p5-Convert-ASCII-Armour-1.4 Perl5 module to convert binary octets into
ASCII armour
p5-SortVersions-1.1 Perl5 module for sorting of revision-like numbers
p5-Digest-MD2-2.01  Perl5 module for MD2
p5-Crypt-RSA-1.47nb1 Perl5 module of the RSA public key algorithm