movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 04:35:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

sshd: Don't remove symlinks to host key files

Browse source 
If a host key file is a symlink pointing to an as of yet non-existent
file, we don't want to remove it, but instead follow the symlink and
create the file at that location.

See https://github.com/nix-community/impermanence/issues/101 for more
information on the issue the original behavior creates.
This commit is contained in:
talyz 2022-07-21 19:15:04 +02:00
parent 79870e6ab6
commit ddf8182d5b
No known key found for this signature in database
GPG key ID: 2DED2151F4671A2B
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nixos/modules/services/networking/ssh/sshd.nix
View file

@ -442,7 +442,9 @@ in
${flip concatMapStrings cfg.hostKeys (k: '' ${flip concatMapStrings cfg.hostKeys (k: ''
if ! [ -s "${k.path}" ]; then if ! [ -s "${k.path}" ]; then
rm -f "${k.path}" if ! [ -h "${k.path}" ]; then
rm -f "${k.path}"
fi
ssh-keygen \ ssh-keygen \
-t "${k.type}" \ -t "${k.type}" \
${if k ? bits then "-b ${toString k.bits}" else ""} \ ${if k ? bits then "-b ${toString k.bits}" else ""} \