puppet/ssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert sshd_config_sendenv_xmodifiers which introduced a bug

Browse Source
This commit is contained in:
Garrett Honeycutt 2013-10-31 20:20:35 +01:00
parent 8c1e058343
commit b1fec9ba95
5 changed files with 1 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Modulefile
View File

@ -1,5 +1,5 @@
name 'ghoneycutt-ssh' name 'ghoneycutt-ssh'
version '2.5.0' version '2.5.1'
source 'git://github.com/ghoneycutt/puppet-module-ssh.git' source 'git://github.com/ghoneycutt/puppet-module-ssh.git'
author 'ghoneycutt' author 'ghoneycutt'
license 'Apache License, Version 2.0' license 'Apache License, Version 2.0'

6
README.md
View File

@ -180,12 +180,6 @@ This option applies to protocol version 2 only.
- *Default*: '0' - *Default*: '0'
sshd_config_sendenv_xmodifiers
-----------------------
Set 'SendEnv XMODIFIERS' in sshd_config.
- *Default*: false
keys keys
---- ----
Hash of keys for user's ~/.ssh/authorized_keys Hash of keys for user's ~/.ssh/authorized_keys

13
manifests/init.pp
View File

@ -27,7 +27,6 @@ class ssh (
$sshd_config_banner = 'none', $sshd_config_banner = 'none',
$sshd_config_xauth_location = '/usr/bin/xauth', $sshd_config_xauth_location = '/usr/bin/xauth',
$sshd_config_subsystem_sftp = 'USE_DEFAULTS', $sshd_config_subsystem_sftp = 'USE_DEFAULTS',
$sshd_config_sendenv_xmodifiers = false,
$service_ensure = 'running', $service_ensure = 'running',
$service_name = 'USE_DEFAULTS', $service_name = 'USE_DEFAULTS',
$service_enable = 'true', $service_enable = 'true',
@ -64,18 +63,6 @@ class ssh (
} }
} }
case type($sshd_config_sendenv_xmodifiers) {
'string': {
$sshd_config_sendenv_xmodifiers_real = str2bool($sshd_config_sendenv_xmodifiers)
}
'boolean': {
$sshd_config_sendenv_xmodifiers_real = $sshd_config_sendenv_xmodifiers
}
default: {
fail("sshd_config_sendenv_xmodifiers type must be true or false.")
}
}
case $permit_root_login { case $permit_root_login {
'no', 'yes', 'without-password', 'forced-commands-only': { 'no', 'yes', 'without-password', 'forced-commands-only': {
# noop # noop

38
spec/classes/init_spec.rb
View File

@ -400,7 +400,6 @@ describe 'ssh' do
:sshd_x11_forwarding => 'no', :sshd_x11_forwarding => 'no',
:sshd_use_pam => 'no', :sshd_use_pam => 'no',
:sshd_client_alive_interval => '242', :sshd_client_alive_interval => '242',
:sshd_config_sendenv_xmodifiers => true,
} }
end end
@ -429,7 +428,6 @@ describe 'ssh' do
it { should contain_file('sshd_config').with_content(/^X11Forwarding no$/) } it { should contain_file('sshd_config').with_content(/^X11Forwarding no$/) }
it { should contain_file('sshd_config').with_content(/^UsePAM no$/) } it { should contain_file('sshd_config').with_content(/^UsePAM no$/) }
it { should contain_file('sshd_config').with_content(/^ClientAliveInterval 242$/) } it { should contain_file('sshd_config').with_content(/^ClientAliveInterval 242$/) }
it { should contain_file('sshd_config').with_content(/^SendEnv XMODIFIERS$/) }
end end
context 'with manage_root_ssh_config set to \'true\' on valid osfamily' do context 'with manage_root_ssh_config set to \'true\' on valid osfamily' do
@ -622,42 +620,6 @@ describe 'ssh' do
it { should contain_file('ssh_config').with_content(/^ SendEnv XMODIFIERS$/) } it { should contain_file('ssh_config').with_content(/^ SendEnv XMODIFIERS$/) }
end end
context 'with sshd_config_sendenv_xmodifiers set to invalid type, array' do
let :facts do
{
:fqdn => 'monkey.example.com',
:osfamily => 'RedHat',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
let :params do
{ :sshd_config_sendenv_xmodifiers => ['invalid','type'] }
end
it 'should fail' do
expect {
should include_class('ssh')
}.to raise_error(Puppet::Error,/sshd_config_sendenv_xmodifiers type must be true or false./)
end
end
context 'with sshd_config_sendenv_xmodifiers set to stringified true' do
let :facts do
{
:fqdn => 'monkey.example.com',
:osfamily => 'RedHat',
:sshrsakey => 'AAAAB3NzaC1yc2EAAAABIwAAAQEArGElx46pD6NNnlxVaTbp0ZJMgBKCmbTCT3RaeCk0ZUJtQ8wkcwTtqIXmmiuFsynUT0DFSd8UIodnBOPqitimmooAVAiAi30TtJVzADfPScMiUnBJKZajIBkEMkwUcqsfh630jyBvLPE/kyQcxbEeGtbu1DG3monkeymanOBW1AKc5o+cJLXcInLnbowMG7NXzujT3BRYn/9s5vtT1V9cuZJs4XLRXQ50NluxJI7sVfRPVvQI9EMbTS4AFBXUej3yfgaLSV+nPZC/lmJ2gR4t/tKvMFF9m16f8IcZKK7o0rK7v81G/tREbOT5YhcKLK+0wBfR6RsmHzwy4EddZloyLQ=='
}
end
let :params do
{
:sshd_config_sendenv_xmodifiers => 'true',
}
end
it { should contain_file('sshd_config').with_content(/^SendEnv XMODIFIERS$/) }
end
context 'with manage_firewall set to true on valid osfamily' do context 'with manage_firewall set to true on valid osfamily' do
let :facts do let :facts do
{ {

4
templates/sshd_config.erb
View File

@ -130,7 +130,3 @@ XAuthLocation <%= @sshd_config_xauth_location %>
# override default of no subsystems # override default of no subsystems
Subsystem sftp <%= @sshd_config_subsystem_sftp_real %> Subsystem sftp <%= @sshd_config_subsystem_sftp_real %>
<% if @sshd_config_sendenv_xmodifiers_real == true -%>
SendEnv XMODIFIERS
<% end -%>