--On Wednesday, March 19, 2008 08:57:24 PM +0100 Jan Pechanec <Jan.Pechanec at Sun.COM> wrote:
> On Wed, 19 Mar 2008, Jeffrey Hutzelman wrote: > >>> unfortunately I don't know too much about SMF so I'm also concerned >>> about probably not only my favourite way of running ssh with changed >>> configuration: >>> >>> sshd -f /dev/null -o .... -o .... >>> >>> this way would now mean to consult SMF which is something completely >>> different. Would I have to create a new SMF instance for this? We could >>> introduce something like UseSMF keyword but that could just add more >>> complexity. >> >> No. If -f is used, that file should be required to exist, and its >> contents should be the configuration, period, even if it is empty. >> This is a case of a command-line argument overriding both SMF and the >> default config file. > > yes, but the consensus so far was that if the config contains just > empty lines or comments it means that the configuration is in SMF. That > clearly doesn't fit into the situation where I can now use /dev/null to > force all options to be set to default. consensus is meant to be refined. I believe the empty-config-means-use-SMF approach is a good one, but that it should be applied only to the default config file. BTW, I really don't think this is a discussion that is specific to sshd, or that should be repeated for every service that makes this transition. As someone pointed out, architectural consistency is important, sometimes even if the architecture in question is wrong (as I believe is the case here, but I admin to not having read the relevant ARC case). -- Jeff
