Add /etc/ssh/sshd_config.d to the file list
This is a bit of a mess: sshd can only load configuration from /etc/ssh/sshd_config.d, and that directory is declared as non-world-readable. This is in violation of the packaging guidelines which say that packaged files must be world-readable, and also makes very little sense, since those files are part of the package payload. If we create the directory with different permissions, and list it in %files, installation will fail. If we don't list it in %files, and the user doesn't have openssh-server installed, they will have an unowned directory. Another option would be to depend on owner of this directory, i.e. openssh-server, but we don't want to have that dependency. So let's copy the %files line from openssh-server and figure out what to do if it changes in openssh-server again.
This commit is contained in:
Zbigniew Jędrzejewski-Szmek
parent
29eb35530b
commit
245a2587e0
@ -8,6 +8,7 @@ known_files = '''
|
|||||||
%ghost %attr(0444,root,root) /etc/udev/hwdb.bin
|
%ghost %attr(0444,root,root) /etc/udev/hwdb.bin
|
||||||
/etc/inittab
|
/etc/inittab
|
||||||
/usr/lib/systemd/purge-nobody-user
|
/usr/lib/systemd/purge-nobody-user
|
||||||
|
%dir %attr(0700,root,root) /etc/ssh/sshd_config.d
|
||||||
%ghost %config(noreplace) /etc/vconsole.conf
|
%ghost %config(noreplace) /etc/vconsole.conf
|
||||||
%ghost %config(noreplace) /etc/X11/xorg.conf.d/00-keyboard.conf
|
%ghost %config(noreplace) /etc/X11/xorg.conf.d/00-keyboard.conf
|
||||||
%ghost %attr(0664,root,root) %verify(not group) /run/utmp
|
%ghost %attr(0664,root,root) %verify(not group) /run/utmp
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user