From 88b653b1a5e7002448d8e9796f9ee468146daea5 Mon Sep 17 00:00:00 2001
From: Flatcar Buildbot <buildbot@flatcar-linux.org>
Date: Thu, 22 Jun 2023 16:05:17 +0200
Subject: [PATCH] overlay coreos-base/oem-gce: Update oslogin enablement

We will be installing an sshd config snippet instead of replacing the
whole sshd config. In order to pull this off, we need to make sure
that the snippets directory exists and the main sshd config file
actually includes the snippets in the directory.
---
 .../coreos-base/oem-gce/files/bin/enable-oslogin      | 11 ++++++++---
 ...-20180823-r4.ebuild => oem-gce-20180823-r5.ebuild} |  0
 2 files changed, 8 insertions(+), 3 deletions(-)
 rename sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/{oem-gce-20180823-r4.ebuild => oem-gce-20180823-r5.ebuild} (100%)

diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/bin/enable-oslogin b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/bin/enable-oslogin
index abf9899b67..7a8cd816a1 100644
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/bin/enable-oslogin
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/bin/enable-oslogin
@@ -13,8 +13,13 @@ if [ "$(readlink -f /etc/nsswitch.conf)" != '/usr/share/baselayout/nsswitch.conf
 	exit 0
 fi
 
-if [ "$(readlink -f /etc/ssh/sshd_config)" != '/usr/share/ssh/sshd_config' ]; then
-	echo '/etc/ssh/sshd_config is not a symlink to /usr/share/ssh/sshd_config. Not enabling OS Login'
+if [[ ! -d '/etc/ssh/sshd_config.d' ]]; then
+	echo 'No /etc/ssh/sshd_config.d directory. Not enabling OS Login'
+	exit 0
+fi
+
+if ! grep --fixed-strings --no-messages --silent 'Include "/etc/ssh/sshd_config.d/*.conf"' '/etc/ssh/sshd_config'; then
+	echo '/etc/ssh/sshd_config does not include configuration snippets in /etc/ssh/sshd_config.d. Not enabling OS Login'
 	exit 0
 fi
 
@@ -25,6 +30,6 @@ mkdir -m 0750 -p '/var/lib/google-sudoers.d'
 mkdir -m 0750 -p '/var/lib/google-users.d'
 ln -f -s '/usr/share/google-oslogin/pam_sshd' '/etc/pam.d/sshd'
 ln -f -s '/usr/share/google-oslogin/nsswitch.conf' '/etc/nsswitch.conf'
-ln -f -s '/usr/share/google-oslogin/sshd_config' '/etc/ssh/sshd_config'
+ln -f -s '/usr/share/google-oslogin/60-flatcar-google-oslogin.conf' '/etc/ssh/sshd_config.d/60-flatcar-google-oslogin.conf'
 ln -f -s '/usr/share/google-oslogin/oslogin-sudoers' '/etc/sudoers.d/oslogin-sudoers'
 ln -f -s '/usr/share/google-oslogin/group.conf' '/etc/security/group.conf'
diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-20180823-r4.ebuild b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-20180823-r5.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-20180823-r4.ebuild
rename to sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/oem-gce-20180823-r5.ebuild