Introduce support for the distributed SSHd configuration #6926
Commits on Jul 30, 2021
-
Updated checks and remediations of the sshd template.
Configuration of sshd moves from one config file to a config directory. Therefore, checks should consider all those files, and the remediation should aim to deliver fixes to one of those files in the config directory. Tests that interact with this behavior have been added and are applicable for Fedora and RHEL9 products.
-
Improved the lineinfile template.
It now escapes the text contents if parts of them could be incorrectly interpreted as regexes.
-
Introduced the sshd_use_directory_configuration rule.
The rule makes sure that the sshd configuration is distributed in the /etc/ssh/sshd_config.d/ directory, and therefore it makes sense to scan that directory in another rules.
-
-
Removed devault values that are variables from Jinja
Support in older jinja2 packages is not in a good shape.
Commits on Aug 3, 2021
-
Don't remediate when it is inappropriate
Don't remediate when the config file already contains the include directive.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.