42 lines
2.0 KiB
Diff
42 lines
2.0 KiB
Diff
From f6588061b85c5b6862ff424fbdab2dc29266c506 Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Thu, 5 May 2022 20:06:51 +0200
|
|
Subject: [PATCH 21/39] If the config is not modified, leave it up to RPM
|
|
|
|
Neither of the inhibitor are useful if the configuration file was not
|
|
modified and the upgrade of the file will be handled by RPM, keeping the
|
|
root logins enabled by pulling the new configuration file from new
|
|
package.
|
|
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
---
|
|
.../actors/opensshpermitrootlogincheck/actor.py | 11 ++++++++---
|
|
1 file changed, 8 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py b/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py
|
|
index f7ee61da..ae3b4586 100644
|
|
--- a/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py
|
|
+++ b/repos/system_upgrade/common/actors/opensshpermitrootlogincheck/actor.py
|
|
@@ -55,10 +55,15 @@ class OpenSshPermitRootLoginCheck(Actor):
|
|
.format(get_source_major_version()))
|
|
|
|
def process7to8(self, config):
|
|
- # When the configuration does not contain the PermitRootLogin directive and
|
|
+ # when the config was not modified, we can pass this check and let the
|
|
+ # rpm handle the configuration file update
|
|
+ if not config.modified:
|
|
+ return
|
|
+
|
|
+ # When the configuration does not contain *any* PermitRootLogin directive and
|
|
# the configuration file was locally modified, it will not get updated by
|
|
- # RPM and the user might be locked away from the server. Warn the user here.
|
|
- if not config.permit_root_login and config.modified:
|
|
+ # RPM and the user might be locked away from the server with new default
|
|
+ if not config.permit_root_login:
|
|
create_report([
|
|
reporting.Title('Possible problems with remote login using root account'),
|
|
reporting.Summary(
|
|
--
|
|
2.35.3
|
|
|