diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:26:58 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:26:58 +0000 |
| commit | 4722d4b7980d6fd8145e2e9f08492d951ea261d1 (patch) | |
| tree | 7ab498b39f5bdce46b1bbc41ef5201322df4e2d4 /debian/openssh-server.config | |
| parent | Adding upstream version 1:7.9p1. (diff) | |
| download | openssh-debian/1%7.9p1-10+deb10u2.tar.xz openssh-debian/1%7.9p1-10+deb10u2.zip | |
Adding debian version 1:7.9p1-10+deb10u2.debian/1%7.9p1-10+deb10u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
| -rw-r--r-- | debian/openssh-server.config | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/debian/openssh-server.config b/debian/openssh-server.config new file mode 100644 index 0000000..4a66a35 --- /dev/null +++ b/debian/openssh-server.config @@ -0,0 +1,46 @@ +#! /bin/sh +set -e + +. /usr/share/debconf/confmodule +db_version 2.0 + +get_config_option() { + option="$1" + + [ -f /etc/ssh/sshd_config ] || return + + # TODO: actually only one '=' allowed after option + perl -lne ' + s/[[:space:]]+/ /g; s/[[:space:]]+$//; + print if s/^[[:space:]]*'"$option"'[[:space:]=]+//i' \ + /etc/ssh/sshd_config 2>/dev/null +} + +permit_root_login="$(get_config_option PermitRootLogin)" || true +password_authentication="$(get_config_option PasswordAuthentication)" || true +if [ -f /etc/ssh/sshd_config ]; then + # Make sure the debconf database is in sync with the current state + # of the system. + if [ "$permit_root_login" = yes ]; then + db_set openssh-server/permit-root-login false + else + db_set openssh-server/permit-root-login true + fi + if [ "$password_authentication" = no ]; then + db_set openssh-server/password-authentication false + else + db_set openssh-server/password-authentication true + fi +fi + +if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \ + [ "$permit_root_login" = yes ]; then + if [ "$(getent shadow root | cut -d: -f2)" = "!" ]; then + db_set openssh-server/permit-root-login true + else + db_input high openssh-server/permit-root-login || true + db_go + fi +fi + +exit 0 |