From: Peter Tribble <peter.tribble@gmail.com>
To: illumos-developer <developer@lists.illumos.org>
Subject: Re: [developer] Sshd fails on OS upgrade
Date: Wed, 6 Nov 2024 21:38:00 +0000 [thread overview]
Message-ID: <CAEgYsbHw3voZQV6UQ9uLO7bt2evwKXJ_1TQ5jJmtEm1cOjXX7g@mail.gmail.com> (raw)
In-Reply-To: <CAEwA5nKSGDFWdU6iHWvi=WdT_2VRrecoWBmS6-UHMjQMj9c73Q@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1912 bytes --]
On Wed, Nov 6, 2024 at 12:15 AM Joshua M. Clulow via illumos-developer <
developer@lists.illumos.org> wrote:
> On Tue, 5 Nov 2024 at 12:27, Till Wegmüller <toasterson@gmail.com> wrote:
> > This file gets delivered in a working state by the package but as soon
> > as you edit it, it will never be touched again by the package system. We
> > can only destroy everyones edits by removing preserve=true attribute
> > from the file or have this situation happen,
>
> FWIW, there are at least two other options:
>
> - only deliver new software that is compatible with the existing
> configuration file (patch software as needed)
>
> - deliver an SMF service that "upgrades" the configuration, where
> it is mechanically possible to do so, prior to starting the service
>
> Ultimately this is an OpenIndiana-specific issue, though, as we no
> longer deliver SSH in illumos itself. Other distributions are
> presumably making different decisions with respect to backwards
> compatibility and upgrades, etc.
>
As those of us who lived through it will remember, the transition from
SunSSH
to OpenSSH in OmniOS was fun. I remember having to push out a specially
fixed
sshd_conf that worked (and satisfied our requirements) with the old and new
ssh,
and then we had to do it again.
https://omnios.org/info/sunssh.html
In Tribblix, I've traditionally unconditionally overwritten sshd_conf on
update, but
recently switched over to retaining a modified version. Time will tell
whether that
causes more problems than it solves.
--
-Peter Tribble
http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
------------------------------------------
illumos: illumos-developer
Permalink: https://illumos.topicbox.com/groups/developer/Tb0111d8c22b37938-M0693e3de48b55c9690f812e0
Delivery options: https://illumos.topicbox.com/groups/developer/subscription
[-- Attachment #2: Type: text/html, Size: 3268 bytes --]
prev parent reply other threads:[~2024-11-06 21:40 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-05 19:30 Gary Mills
2024-11-05 20:05 ` Marcel Telka
2024-11-05 21:34 ` Gary Mills
2024-11-05 21:40 ` Marcel Telka
2024-11-05 20:27 ` Till Wegmüller
2024-11-05 21:49 ` Gary Mills
2024-11-06 0:14 ` Joshua M. Clulow via illumos-developer
2024-11-06 21:38 ` Peter Tribble [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAEgYsbHw3voZQV6UQ9uLO7bt2evwKXJ_1TQ5jJmtEm1cOjXX7g@mail.gmail.com \
--to=peter.tribble@gmail.com \
--cc=developer@lists.illumos.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).