From 8151bc3154039cc6cff12d5ebfca211c7a1256e2 Mon Sep 17 00:00:00 2001 From: Flatcar Buildbot Date: Thu, 22 Jun 2023 16:00:49 +0200 Subject: [PATCH] overlay sys-auth/google-oslogin: Add an sshd config snippet The sshd config provided by this package is now marked as provided for compatibility only - it will be there in case there is still a symlink in /etc pointing to it. The new config snippet will be used by the enable oslogin stuff in the updated coreos-base/oem-gce package in following commits. --- .../google-oslogin/files/60-flatcar-google-oslogin.conf | 3 +++ .../coreos-overlay/sys-auth/google-oslogin/files/sshd_config | 4 +++- ...0910.00-r2.ebuild => google-oslogin-20200910.00-r3.ebuild} | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/60-flatcar-google-oslogin.conf rename sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/{google-oslogin-20200910.00-r2.ebuild => google-oslogin-20200910.00-r3.ebuild} (96%) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/60-flatcar-google-oslogin.conf b/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/60-flatcar-google-oslogin.conf new file mode 100644 index 0000000000..d9f62661bf --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/60-flatcar-google-oslogin.conf @@ -0,0 +1,3 @@ +# Needed for google oslogin +AuthorizedKeysCommand /usr/libexec/google_authorized_keys +AuthorizedKeysCommandUser root diff --git a/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/sshd_config b/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/sshd_config index 5b174fcad4..7b51b214e4 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/sshd_config +++ b/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/files/sshd_config @@ -1,5 +1,7 @@ +# This is an old SSHD config file, unused in new Flatcar +# installations. We provide it for backward compatibility. + # Use most defaults for sshd configuration. -# Keep this in sync with coreos/init/configs/sshd_config Subsystem sftp internal-sftp ClientAliveInterval 180 UseDNS no diff --git a/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/google-oslogin-20200910.00-r2.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/google-oslogin-20200910.00-r3.ebuild similarity index 96% rename from sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/google-oslogin-20200910.00-r2.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/google-oslogin-20200910.00-r3.ebuild index e0799cc036..679e0c0b3a 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/google-oslogin-20200910.00-r2.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/sys-auth/google-oslogin/google-oslogin-20200910.00-r3.ebuild @@ -49,6 +49,7 @@ src_install() { # config files the base Ignition config will create links to insinto /usr/share/google-oslogin doins "${FILESDIR}/sshd_config" + doins "${FILESDIR}/60-flatcar-google-oslogin.conf" doins "${FILESDIR}/nsswitch.conf" doins "${FILESDIR}/pam_sshd" doins "${FILESDIR}/oslogin-sudoers"