Bug 2086934 - sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Include > /etc/ssh/sshd_config.d/*.conf"
Summary: sshd system role should not assume that RHEL 9 /etc/ssh/sshd_config has "Incl...
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: rhel-system-roles
Version: 8.7
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: 8.7
Assignee: Rich Megginson
QA Contact: David Jež
Jan Fiala
Whiteboard: role:sshd
Depends On: 2052081
TreeView+ depends on / blocked
Reported: 2022-05-16 20:09 UTC by Rich Megginson
Modified: 2023-02-14 08:14 UTC (History)
9 users (show)

Fixed In Version: rhel-system-roles-1.18.0-1.el8
Doc Type: Enhancement
Doc Text:
.The `sshd` RHEL System Role verifies the include directive for the drop-in directory The `sshd` RHEL System Role on RHEL 9 manages only a file in the drop-in directory, but previously did not verify that the directory is included from the main `sshd_config` file. With this update, the role verifies that `sshd_config` contains the include directive for the drop-in directory. As a result, the role more reliably applies the provided configuration.
Clone Of: 2052081
Last Closed: 2022-11-08 09:41:25 UTC
Type: Bug
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github willshersystems ansible-sshd pull 178 0 None Merged Make sure Include is in the main configuration file when drop-in directory is used 2022-05-16 20:22:47 UTC
Red Hat Issue Tracker RHELPLAN-122285 0 None None None 2023-02-14 08:14:23 UTC
Red Hat Product Errata RHEA-2022:7568 0 None None None 2022-11-08 09:41:41 UTC

Comment 4 Jakub Jelen 2022-05-17 07:24:27 UTC
The upstream test in tests/tests_include_present.yml verifies this use case.

Comment 15 errata-xmlrpc 2022-11-08 09:41:25 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (rhel-system-roles bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.