feat(openssh): add config file for PermitRootLogin#17082
Draft
corvus-callidus wants to merge 1 commit intotomls/base/mainfrom
Draft
feat(openssh): add config file for PermitRootLogin#17082corvus-callidus wants to merge 1 commit intotomls/base/mainfrom
corvus-callidus wants to merge 1 commit intotomls/base/mainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This pull request updates the azurelinux-release component to ship an OpenSSH sshd_config.d drop-in that explicitly disables SSH root login by default, and refreshes the rendered spec + component lock fingerprint accordingly.
Changes:
- Add
50-permit-root-login.confwithPermitRootLogin nounder/etc/ssh/sshd_config.d/. - Update
azurelinux-releasespec(s) to include/install/package the new drop-in (and bumpReleaseto14). - Update the
azurelinux-releaselockinput-fingerprintto match the new component inputs.
Reviewed changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| base/comps/azurelinux-release/azurelinux-release.spec | Adds Source24, installs the drop-in for variants, updates file lists, bumps Release, and updates changelog. |
| base/comps/azurelinux-release/50-permit-root-login.conf | New sshd drop-in setting PermitRootLogin no. |
| specs/a/azurelinux-release/azurelinux-release.spec | Rendered spec updated to reflect the component spec changes. |
| specs/a/azurelinux-release/50-permit-root-login.conf | Rendered copy of the new sshd drop-in. |
| locks/azurelinux-release.lock | Updated input-fingerprint after component change. |
corvus-callidus
force-pushed
the
lyrydber/tomls/base/main/permit-root-login
branch
from
6915dd1 to
b7fcf60
Compare
Add a config file with the PermitRootLogin setting to no. Fixes: AB#19769
corvus-callidus
force-pushed
the
lyrydber/tomls/base/main/permit-root-login
branch
from
b7fcf60 to
33564b9
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Add an sshd drop-in config file with
PermitRootLogin no.Change Log
Does this affect the toolchain?
NO
Associated issues
Links to CVEs
Test Methodology