https://bugzilla.mindrot.org/show_bug.cgi?id=2468
Jakub Jelen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2706|0 |1 is obsolete| | --- Comment #3 from Jakub Jelen <[email protected]> --- Created attachment 2869 --> https://bugzilla.mindrot.org/attachment.cgi?id=2869&action=edit Include server side (with same semantics as client) (In reply to Zdenek Sedlak from comment #2) > I would propose to simply pasting the lines from the config file at > the position where the Include option is placed in the sshd_config That was the initial idea and, if I am right. It is the way how it was initially implemented. But the client side config was implemented in more complex manner, that even the Include depends on the Match context so implementing server side in different way does not seem like a good idea. > it would be nice to have an Includedir option like > the sudo has. Include with GLOB expansion does the same without additional complexity of another option. Reading the implementation of the client side config include, there should be certainly some limit to the recursion and some regression sanity test to make sure it does what it is supposed to do. Introducing some more complexity would make it much harder to understand what is going on there (though the debug log level is very helpful here). (In reply to Damien Miller from comment #1) > If inclusion operates just by pasting text in, then config_a could > radically alter the following configuration if it includes a Match > directive. > > Similarly, config_c's application conditional on the previous Match > succeeding? The other possibility would be to reset the context for each include file, but that looks even more confusing to me. > I wish we had a brace-ful configuration language - it would make > resolving these way simpler :/ That would be nice-to-have, but probably impossible to change now. Attaching a new patch with a regression tests, providing the same behavior as the client side config include. Also added a check to make sure that the Include list is not empty (missing in the client). -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
