From 64dc38643ead5cb00f3f42562a92769de10ef7b5 Mon Sep 17 00:00:00 2001 From: Jan Cholasta Date: Fri, 20 Nov 2015 09:35:43 +0100 Subject: [PATCH] client install: do not corrupt OpenSSH config with Match sections https://fedorahosted.org/freeipa/ticket/5461 Reviewed-By: Martin Babinsky --- ipa-client/ipa-install/ipa-client-install | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index 793de4fc950ad73b1d88f9ab4bd5178afc8b813d..543c6f027f2312792e7ad33533db8e7c10a3cddb 100755 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -1330,6 +1330,7 @@ def change_ssh_config(filename, changes, sections): section_keys = tuple(key.lower() for key in sections) lines = [] + in_section = False for line in f: line = line.rstrip('\n') pline = line.strip() @@ -1338,7 +1339,7 @@ def change_ssh_config(filename, changes, sections): continue option = pline.split()[0].lower() if option in section_keys: - lines.append(line) + in_section = True break if option in change_keys: line = '#' + line @@ -1346,6 +1347,9 @@ def change_ssh_config(filename, changes, sections): for option, value in changes.items(): if value is not None: lines.append('%s %s' % (option, value)) + if in_section: + lines.append('') + lines.append(line) for line in f: line = line.rstrip('\n') lines.append(line) @@ -1386,7 +1390,7 @@ def configure_ssh_config(fstore, options): changes['VerifyHostKeyDNS'] = 'yes' changes['HostKeyAlgorithms'] = 'ssh-rsa,ssh-dss' - change_ssh_config(ssh_config, changes, ['Host']) + change_ssh_config(ssh_config, changes, ['Host', 'Match']) root_logger.info('Configured %s', ssh_config) def configure_sshd_config(fstore, options): -- 2.4.3