Fix ssh group membership. #94
No reviewers
Labels
No labels
Bug
Doc
Feature
Forge
Mode
Cluster
Mode
MultiPHP
Script
Server
Web
wontfix
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: evolix/evoadmin-web#94
Loading…
Reference in a new issue
No description provided.
Delete branch "fix-ssh-memebership"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
We now use split SSH configuration files, so the user was never a member
of the ssh group on newly installed systems. This change don't modify
the SSH configuration of new systems since evolinux-ssh members' are
already allowed to connect by SSH.
Hey
I had a fix in the works, but you were faster to push. Thanks !
We took different paths as I adapted the grep command to go recursively, hence not changing the initial logic of the script and just broadening it to englobe old and new configuration ways
It was a simple :
The question would remain for the AllowUsers cases, the grep could be extended, but then we need to change the right file, otherwise we'd break the ssh config. Unless we decide that AllowUsers is exclusively in
/etc/ssh/sshd_config
PS : Beware of the missing dash in the usermod command (for the
--group
argument)@ -373,1 +367,4 @@
sed -i "s/^AllowUsers .*/& $in_login/" /etc/ssh/sshd_config
else
if getent group "$SSH_GROUP" 1>/dev/null 2>&1; then
usermod --append -groups "$SSH_GROUP" "$in_login"
This wont work (missing '-' in group argument)
Fixed.
e66b095733
toc9ba84107f
c9ba84107f
to99741826f6
We had a chat with @lpoujol about the implementation. I added the missing dash to the
--groups
options.This can be merged as if, or if some one want it add
/etc/ssh/sshd_config.d/*.conf
after/etc/ssh/sshd_config
.Works for me.
Let's go forward with that