action #92617
closed
[qe-core] ssh: test needs adjustment for usr/etc config
Added by dimstar almost 3 years ago.
Updated almost 3 years ago.
Category:
Bugs in existing tests
Description
Observation¶
openQA test in scenario opensuse-Staging:E-Staging-DVD-x86_64-textmode@64bit fails in
sshd
Openssh is being updated to have the distro default config in usr/etc
Admin is supposed to write config to etc, there is also a etc/ssh/sshd_config.d drop-in directory
Test suite description¶
Maintainer: QE Yast
Installation in textmode and selecting the textmode "desktop" during installation.
Reproducible¶
Fails since (at least) Build E.502.2
Expected result¶
Last good: E.502.1 (or more recent)
Further details¶
Always latest result in this scenario: latest
- Subject changed from she: test needs adjustment for usr/etc config to ssh: test needs adjustment for usr/etc config
- Subject changed from ssh: test needs adjustment for usr/etc config to [yast] ssh: test needs adjustment for usr/etc config
- Subject changed from [yast] ssh: test needs adjustment for usr/etc config to [y] ssh: test needs adjustment for usr/etc config
dimstar wrote:
Proposal:
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/12655
First copy the file from /usr/etc/ssh to /etc/ssh, then handle the case no longer different
Is this really what we want to do?
I would rather update the sshd.pm
test to use both files, e.g:
- if
/usr/etc/ssh/sshd_config
exists then read from it, otherwise read from /etc/ssh/sshd_config
- Do all the changes in
/etc/ssh/sshd_config
and keep the /usr/etc/ssh/sshd_config
untouched.
But of course we can merge the proposal mentioned above and then improve it later.
pdostal wrote:
dimstar wrote:
Proposal:
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/12655
First copy the file from /usr/etc/ssh to /etc/ssh, then handle the case no longer different
Is this really what we want to do?
I would rather update the sshd.pm
test to use both files, e.g:
- if
/usr/etc/ssh/sshd_config
exists then read from it, otherwise read from /etc/ssh/sshd_config
- Do all the changes in
/etc/ssh/sshd_config
and keep the /usr/etc/ssh/sshd_config
untouched.
But of course we can merge the proposal mentioned above and then improve it later.
My proposal is very close to what you suggest and is even closer to what the sshd daemon itself does: read /usr/etc/ssh//sshd_config unless /etc/ssh/sshd_config exists.
Modifications by an admin are only every supposed to be in /etc/ssh/sshd_config (or even /etc/ssh/sshd_config.d since a few weeks)
So the test code proposal does basically what a 'normal' admin that wants to modify the config would do:
- copy the template config from /usr/etc/ssh to /etc/ssh (if it does not exist there yet)
- modify the file in /etc/ssh
If we want to do the test smarter, we should go for the /etc/ssh/sshd_config.d approach though
dimstar wrote:
My proposal is very close to what you suggest and is even closer to what the sshd daemon itself does: read /usr/etc/ssh//sshd_config unless /etc/ssh/sshd_config exists.
So the test code proposal does basically what a 'normal' admin that wants to modify the config would do:
- copy the template config from /usr/etc/ssh to /etc/ssh (if it does not exist there yet)
- modify the file in /etc/ssh
I am not sure about this. In my opinion the first point is not necessary.
In my opinion, the /etc/ssh/sshd_config is only for changes made by the user.
if you have an /etc/ssh/sshd_config, this overrides ALL settings from /usr/etc/ssh/sshd_config;
So just adding 'modifications in an empty' file will destroy your config, unless you copied the template over and modify it.
OR you do not modify /etc/ssh/sshd_config, but rather place snippets into /etc/ssh/sshd_config.d/
In all honesty, I do not care in what direction the fix goes. My motivation for the proposal was to get things moving to not block the openssh request forever - and as your attention is now on the case, I am happy to leave the decision with you (who will have to maintain the test into all eternity :) )
- Subject changed from [y] ssh: test needs adjustment for usr/etc config to [qe-core] ssh: test needs adjustment for usr/etc config
- Status changed from New to Resolved
Also available in: Atom
PDF