The attached patch silences some annoying messages I've been getting when upgrading the freeipa-client package on F24:
"""
WARNING: 'UseLogin yes' is not supported in Fedora and may cause several problems.
Could not load host key: /etc/ssh/ssh_host_dsa_key
"""

Since the script causing the message only looks at the return code from sshd to determine the right options to use, I thought it might be ok to discard the output. What do you think?

Ben
From bb102411cceb557d9869a384af7d7473483f8d9a Mon Sep 17 00:00:00 2001
From: Ben Lipton <blip...@redhat.com>
Date: Wed, 29 Jun 2016 14:44:23 -0400
Subject: [PATCH] Silence sshd messages during install

During install we call sshd with no config file, sometimes leading to it
complaining about missing files or bad config options. Since we're just
looking for the return code to see if the options are correct, we can
discard these error messages.
---
 freeipa.spec.in | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/freeipa.spec.in b/freeipa.spec.in
index a4d3c067c6c2c0cf911476d950257170fa74e059..73fd47a7469ea27a3ff2883b513bed2be0d420da 100644
--- a/freeipa.spec.in
+++ b/freeipa.spec.in
@@ -1007,17 +1007,17 @@ if [ -f '/etc/ssh/sshd_config' -a $restore -ge 2 ]; then
             /^(AuthorizedKeysCommand(User|RunAs)|PubKeyAgentRunAs)[ \t]/ d
         ' /etc/ssh/sshd_config >/etc/ssh/sshd_config.ipanew
 
-        if /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandUser=nobody'; then
+        if /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandUser=nobody' 2>/dev/null; then
             sed -ri '
                 s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
                 s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandUser nobody/
             ' /etc/ssh/sshd_config.ipanew
-        elif /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandRunAs=nobody'; then
+        elif /usr/sbin/sshd -t -f /dev/null -o 'AuthorizedKeysCommand=/usr/bin/sss_ssh_authorizedkeys' -o 'AuthorizedKeysCommandRunAs=nobody' 2>/dev/null; then
             sed -ri '
                 s/^PubKeyAgent (.+) %u$/AuthorizedKeysCommand \1/
                 s/^AuthorizedKeysCommand .*$/\0\nAuthorizedKeysCommandRunAs nobody/
             ' /etc/ssh/sshd_config.ipanew
-        elif /usr/sbin/sshd -t -f /dev/null -o 'PubKeyAgent=/usr/bin/sss_ssh_authorizedkeys %u' -o 'PubKeyAgentRunAs=nobody'; then
+        elif /usr/sbin/sshd -t -f /dev/null -o 'PubKeyAgent=/usr/bin/sss_ssh_authorizedkeys %u' -o 'PubKeyAgentRunAs=nobody' 2>/dev/null; then
             sed -ri '
                 s/^AuthorizedKeysCommand (.+)$/PubKeyAgent \1 %u/
                 s/^PubKeyAgent .*$/\0\nPubKeyAgentRunAs nobody/
-- 
2.5.5

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to