From c927a7aeef90f5c88355b112d137658c48996f69 Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Thu, 30 Nov 2023 11:29:09 +0100 Subject: [PATCH 1/3] net-misc/openssh: fix duplicate slash Signed-off-by: Mathieu Tortuyaux --- .../{openssh-9.5_p1.ebuild => openssh-9.5_p1-r1.ebuild} | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) rename sdk_container/src/third_party/coreos-overlay/net-misc/openssh/{openssh-9.5_p1.ebuild => openssh-9.5_p1-r1.ebuild} (98%) diff --git a/sdk_container/src/third_party/coreos-overlay/net-misc/openssh/openssh-9.5_p1.ebuild b/sdk_container/src/third_party/coreos-overlay/net-misc/openssh/openssh-9.5_p1-r1.ebuild similarity index 98% rename from sdk_container/src/third_party/coreos-overlay/net-misc/openssh/openssh-9.5_p1.ebuild rename to sdk_container/src/third_party/coreos-overlay/net-misc/openssh/openssh-9.5_p1-r1.ebuild index c4c68abbcc5..fddfbe6e64d 100644 --- a/sdk_container/src/third_party/coreos-overlay/net-misc/openssh/openssh-9.5_p1.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/net-misc/openssh/openssh-9.5_p1-r1.ebuild @@ -232,6 +232,10 @@ insert_include() { local src_config="${1}" options="${2}" includedir="${3}" local name copy regexp_options regexp lineno comment_options + if [[ ! "${includedir}" =~ ^/.* ]]; then + die "includir must be an absolute path (i.e, starting with /). Got: ${includedir}" + fi + name=${src_config##*/} copy="${T}/${name}" cp -a "${src_config}" "${copy}" || die @@ -251,7 +255,7 @@ insert_include() { head -n "${lineno}" "${copy}" || die cat <<-EOF || die # Make sure that all ${comment_options} options are below this Include! - Include "${EPREFIX}/${includedir}/*.conf" + Include "${EPREFIX}${includedir}/*.conf" EOF tail -n "+${lineno}" "${copy}" || die From 64ef372858f9dbe63e6f4c8188c13324de2c824d Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Thu, 30 Nov 2023 11:31:08 +0100 Subject: [PATCH 2/3] changelog: add entry Signed-off-by: Mathieu Tortuyaux --- changelog/bugfixes/2023-11-30-gce-oslogin.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog/bugfixes/2023-11-30-gce-oslogin.md diff --git a/changelog/bugfixes/2023-11-30-gce-oslogin.md b/changelog/bugfixes/2023-11-30-gce-oslogin.md new file mode 100644 index 00000000000..7083bcd4e7b --- /dev/null +++ b/changelog/bugfixes/2023-11-30-gce-oslogin.md @@ -0,0 +1 @@ +- GCP: Fixed OS Login enabling ([scripts#1445](https://github.com/flatcar/scripts/pull/1445)) From 31f4f31622547eb9ac26a4972e68f3b1210d9536 Mon Sep 17 00:00:00 2001 From: Mathieu Tortuyaux Date: Fri, 1 Dec 2023 10:52:28 +0100 Subject: [PATCH 3/3] coreos-base/oem-gce: keep unit after its run Otherwise it gets restarted a few times, which displays this line in the logs: ``` Nov 30 13:28:41.819250 enable-oslogin[1232]: /etc/pam.d/sshd already exists. Not enabling OS Login ``` Signed-off-by: Mathieu Tortuyaux --- .../oem-gce/files/units/oem-gce-enable-oslogin.service | 1 + 1 file changed, 1 insertion(+) diff --git a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/units/oem-gce-enable-oslogin.service b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/units/oem-gce-enable-oslogin.service index 24515226728..8b09d5dd691 100644 --- a/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/units/oem-gce-enable-oslogin.service +++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/oem-gce/files/units/oem-gce-enable-oslogin.service @@ -8,6 +8,7 @@ Before=sshd.socket [Service] Type=oneshot +RemainAfterExit=true ExecStart=/oem/bin/enable-oslogin