Bug#1014234: marked as done (sshd: Move Include at the end to allow overriding default values)

To: Gioele Barabucci <gioele@svario.it>
Subject: Bug#1014234: marked as done (sshd: Move Include at the end to allow overriding default values)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 02 Jul 2022 16:00:03 +0000
Message-id: <[🔎] handler.1014234.D1014234.165677745311385.ackdone@bugs.debian.org>
Reply-to: 1014234@bugs.debian.org
References: <c25728aa-5be5-74bc-e532-daa35096f3c7@svario.it> <[🔎] 6f63231e-030b-4b48-9f00-a935b7c76c0a@svario.it>

Your message dated Sat, 2 Jul 2022 17:51:00 +0200
with message-id <c25728aa-5be5-74bc-e532-daa35096f3c7@svario.it>
and subject line Re: sshd: Move Include at the end to allow overriding default values
has caused the Debian Bug report #1014234,
regarding sshd: Move Include at the end to allow overriding default values
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1014234: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014234
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org

Subject: sshd: Move Include at the end to allow overriding default values

From: Gioele Barabucci <gioele@svario.it>

Date: Sat, 2 Jul 2022 17:10:32 +0200

Message-id: <[🔎] 6f63231e-030b-4b48-9f00-a935b7c76c0a@svario.it>
Package: openssh-server
Version: 1:8.9p1-3

Dear openssh maintainers,
could you please move the `Include /etc/ssh/sshd_config.d/*.conf` lineto the end of `/etc/sshd_config`?
Having that line at the beginning of the file makes it impossible tooverride in `.d` files the default settings set after it, for example`PasswordAuthentication` or `AcceptEnv`.
Regards,

--
Gioele Barabucci
--- End Message ---

--- Begin Message ---

To: Ansgar <ansgar@debian.org>

Cc: 1014234-close@bugs.debian.org

Subject: Re: sshd: Move Include at the end to allow overriding default values

From: Gioele Barabucci <gioele@svario.it>

Date: Sat, 2 Jul 2022 17:51:00 +0200

Message-id: <c25728aa-5be5-74bc-e532-daa35096f3c7@svario.it>

In-reply-to: <[🔎] c794a6ed07acba48fc1731dbbe1ee40216fba97d.camel@43-1.org>

References: <[🔎] 6f63231e-030b-4b48-9f00-a935b7c76c0a@svario.it> <[🔎] c794a6ed07acba48fc1731dbbe1ee40216fba97d.camel@43-1.org>
On 02/07/22 17:23, Ansgar wrote:
On Sat, 2 Jul 2022 17:10:32 +0200 Gioele Barabucci wrote:
could you please move the `Include /etc/ssh/sshd_config.d/*.conf` line
to the end of `/etc/sshd_config`?

Having that line at the beginning of the file makes it impossible to
override in `.d` files the default settings set after it, for example
`PasswordAuthentication` or `AcceptEnv`.
man:sshd_config(8) says "For each keyword, the first obtained value
will be used."

So having the `Include` at the beginning seems correct to allow
overriding the contents of /etc/ssh/sshd_config.
Thanks for the explanation. I was assuming a more "imperative" semantics
where the last value wins. Sorry for the noise.

Kind regards,

--
Gioele Barabucci
--- End Message ---

Reply to:

References:
- Bug#1014234: sshd: Move Include at the end to allow overriding default values
  - From: Gioele Barabucci <gioele@svario.it>

Prev by Date: Bug#1014234: sshd: Move Include at the end to allow overriding default values
Next by Date: Processed: fixed 1004427 in 1:8.7p1-1
Previous by thread: Bug#1014234: sshd: Move Include at the end to allow overriding default values
Next by thread: Processed: fixed 1004427 in 1:8.7p1-1
Index(es):
- Date
- Thread