Nicolas Williams writes: > On Mon, Mar 17, 2008 at 06:55:54PM -0400, Jeffrey Hutzelman wrote: > > I'm inclined to prefer that parameters set in the config file (especially > > one given explicitly on the command line) take precedence over those found > > in SMF. In fact, I believe this is necessary in order to satisfy the > > principle of least surprise. Similarly, the as-shipped sshd_config should > > contain a comment to the effect that parameters may be set in SMF. > > I was inclined to think the opposite... (so that a single config file > could be shared by multiple instances with overrides in SMF for > parameters that differ).
I can see the command line parameters overriding SMF, but I'm not sure I agree with having the text config file preferred over SMF. The problem is that the text config file is less expressive. It doesn't deal with instances (except by way of an annoying "-f" option -- annoying because the upgrade system doesn't know where those files might be), so I suspect SMF should generally override the configuration file. Perhaps I could live with "sshd_config rules" if we could manage to ship a copy of that file that sets _nothing_ and that includes "please don't change me; use SMF" comments. In other words, make it a no-op for the normal case. -- James Carlson, Solaris Networking <james.d.carlson at sun.com> Sun Microsystems / 35 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
