diff --git a/linux-system-roles.spec b/linux-system-roles.spec index 84f27d1..550c05c 100644 --- a/linux-system-roles.spec +++ b/linux-system-roles.spec @@ -155,7 +155,7 @@ BuildRequires: ansible >= 2.9.10 %global forgeorg15 https://github.com/willshersystems/ %global repo15 ansible-sshd %global rolename15 sshd -%defcommit 15 e1de59b3c54e9d48a010eeca73755df339c7e628 +%defcommit 15 428d390668077f0baf5e88c5834ee810ae11113c %defcommit 16 21adc637511db86b5ba279a70a7301ef3a170669 %global rolename16 ssh @@ -204,9 +204,6 @@ Patch54: network-ansible-test.diff Patch61: storage-ansible-test.diff -Patch151: sshd-example.diff -Patch152: sshd-work-on-ansible28-jinja27.diff - BuildArch: noarch # These are needed for md2html.sh to build the documentation @@ -279,8 +276,6 @@ cd %{rolename6} %patch61 -p1 cd .. cd %{rolename15} -%patch151 -p1 -%patch152 -p1 sed -r -i -e "s/ansible-sshd/linux-system-roles.sshd/" tests/*.yml examples/*.yml sed -r -i -e "s/ willshersystems.sshd/ linux-system-roles.sshd/" tests/*.yml examples/*.yml README.md cd .. diff --git a/sshd-example.diff b/sshd-example.diff deleted file mode 100644 index 48243e3..0000000 --- a/sshd-example.diff +++ /dev/null @@ -1,43 +0,0 @@ -diff --git a/README.md b/README.md -index 676ad72..dc06d85 100644 ---- a/README.md -+++ b/README.md -@@ -190,7 +190,7 @@ defaults. This is useful if the role is used in deployment stage to make sure - the service is able to start on the first attempt. To disable this check, set - this to empty list. - --* `sshd_hostkey_owner`, `sshd_hostkey_group`, `sshd_hostkey_group` -+* `sshd_hostkey_owner`, `sshd_hostkey_group`, `sshd_hostkey_mode` - - Use these variables to set the ownership and permissions for the host keys from - the above list. -@@ -273,6 +273,8 @@ for example: - X11Forwarding: yes - ``` - -+More example playbooks can be found in [`examples/`](examples/) directory. -+ - Template Generation - ------------------- - -diff --git a/examples/example-root-login.yml b/examples/example-root-login.yml -new file mode 100644 -index 0000000..156e629 ---- /dev/null -+++ b/examples/example-root-login.yml -@@ -0,0 +1,15 @@ -+--- -+- hosts: all -+ tasks: -+ - name: Configure sshd to prevent root and password login except from particular subnet -+ include_role: -+ name: ansible-sshd -+ vars: -+ sshd: -+ # root login and password login is enabled only from a particular subnet -+ PermitRootLogin: no -+ PasswordAuthentication: no -+ Match: -+ - Condition: "Address 192.0.2.0/24" -+ PermitRootLogin: yes -+ PasswordAuthentication: yes diff --git a/sshd-work-on-ansible28-jinja27.diff b/sshd-work-on-ansible28-jinja27.diff deleted file mode 100644 index 268d31f..0000000 --- a/sshd-work-on-ansible28-jinja27.diff +++ /dev/null @@ -1,25 +0,0 @@ -From bb612fb6c5f76a40fce368acb43d2847e699213d Mon Sep 17 00:00:00 2001 -From: Rich Megginson -Date: Thu, 28 Jan 2021 15:56:14 -0700 -Subject: [PATCH] use state: absent instead of state: missing - ---- - tests/tests_hostkeys_missing.yml | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/tests_hostkeys_missing.yml b/tests/tests_hostkeys_missing.yml -index 9dfe77b..5790684 100644 ---- a/tests/tests_hostkeys_missing.yml -+++ b/tests/tests_hostkeys_missing.yml -@@ -40,7 +40,7 @@ - - name: Make sure the key was not created - file: - path: /tmp/missing_ssh_host_rsa_key -- state: missing -+ state: absent - register: key - failed_when: key.changed - tags: tests::verify --- -2.29.2 -