From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-catalyst+bounces-3893-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 4B3D7158043
	for <garchives@archives.gentoo.org>; Fri, 19 Apr 2024 10:57:53 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 78C6CE29EE;
	Fri, 19 Apr 2024 10:57:52 +0000 (UTC)
Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 62C1EE29EE
	for <gentoo-catalyst@lists.gentoo.org>; Fri, 19 Apr 2024 10:57:52 +0000 (UTC)
Received: by mail-lf1-x132.google.com with SMTP id 2adb3069b0e04-516d264d0e4so2840578e87.0
        for <gentoo-catalyst@lists.gentoo.org>; Fri, 19 Apr 2024 03:57:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1713524270; x=1714129070; darn=lists.gentoo.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=vJrHnE99UqtvDl9QQ4ZFOu3DHo5sQOFLQIYy8bZPsIs=;
        b=XZo4o/35/MpjNbczOJW2dODqXZR2wCsMAjanLc2l9mFQKJdFosbAjE0srcTRLOGoJY
         GE8KwUj4y1Lywuo7dT1lBCcJULQ5ibqkAwxk1/U+lGrhqcW5cF9IsVDgNK8+ld31ivsQ
         BvXWdDQdKlhuAffcfrG4hRp9t2yIwT6O1719r/1cR6uiqFcKwyzmDQZ5fPGg/y9lQDlg
         yQpdH3igxL78WmJGIeRRTrrVIRjPKAjaaPxeFiWkhDmG98yHr163w2IWbpn1JkFfam1C
         WHijTlw+BqnMXX6hzEfU28OcEUUZ6CBj8YjckiCU9tlQ+6VFaaGIIWT5QcvD7NNO3avs
         SbjQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1713524270; x=1714129070;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=vJrHnE99UqtvDl9QQ4ZFOu3DHo5sQOFLQIYy8bZPsIs=;
        b=r9kRIsSpiB4UTBwzazngg4Gut2ev11wzMg9vn3yLJZDaAaPtm6BOVbnjTr7WJV/BzL
         Vys3NErsneaPDf5L3cG8EKrhaETxk4hUtvOqFP5M7Ljr51o9DrmQvIT7IjJAZVE6qy7Y
         HLe0rq+QzwxNfIqUPmsw6r5N5gxDnM9tE3YxrXDtAU3ykU4CCdqMYIOagWhCbBxkL0Le
         AYIoF1aXDmUwtkgwUPcxlWKb8GksSOt5ItoxKUh4SeG9pDiLf4W5Js3Si3QT7NI2IrGW
         BHRTmDk7hbV74GTe0NJ8Mt/IGBprFUDUhqTet25gdJE7EgZ0furz4GF1MuY9kNxUcKAx
         8m1w==
X-Gm-Message-State: AOJu0YyKHvQaH7qli8tbAiGWyzP/qjrw0ZrUaLz1w3FNRKcZtDR+A1ox
	ke5eTV+WRqD3d+iNSeUYnLB3BpLzVK3cGrGfZWZV6rrDI9hXPSY2RJD8G9Dq
X-Google-Smtp-Source: AGHT+IHPKG/5UnJxTpeuIxNh0R4YdN3/VouVpKPavBuRhr1r1LGQSDjagPub+NqC1jZPnS9pjkhg+w==
X-Received: by 2002:a05:6512:289:b0:51a:a6a8:e3ce with SMTP id j9-20020a056512028900b0051aa6a8e3cemr1004107lfp.20.1713524270225;
        Fri, 19 Apr 2024 03:57:50 -0700 (PDT)
Received: from icewind.auth.lfstrm.tv ([185.119.0.162])
        by smtp.gmail.com with ESMTPSA id f5-20020a056512092500b005170a946960sm647829lft.87.2024.04.19.03.57.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 19 Apr 2024 03:57:49 -0700 (PDT)
From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
To: gentoo-catalyst@lists.gentoo.org
Cc: "Azamat H. Hackimov" <azamat.hackimov@gmail.com>
Subject: [gentoo-catalyst] [PATCH] Remove "PermitRootLogin Yes" injection to sshd_config
Date: Fri, 19 Apr 2024 13:56:34 +0300
Message-ID: <20240419105733.17568-1-azamat.hackimov@gmail.com>
X-Mailer: git-send-email 2.43.2
Precedence: bulk
List-Post: <mailto:gentoo-catalyst@lists.gentoo.org>
List-Help: <mailto:gentoo-catalyst+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-catalyst+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-catalyst+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-catalyst.gentoo.org>
X-BeenThere: gentoo-catalyst@lists.gentoo.org
Reply-to: gentoo-catalyst@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Archives-Salt: d118c26d-7ec5-4aea-a0df-3160dbf819bb
X-Archives-Hash: 517634919205660f0ba15ca75e5dfc9e

net-misc/openssh[livecd] does same thing, but places changes into
/etc/ssh/sshd_config.d/9999999gentoo-livecd.conf. Catalyst itself adds
USE=livecd on stage1 livecd preparation stage, so effectively
PermitRootLogin injection is now useless.

Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com>
---
 targets/support/livecdfs-update.sh | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/targets/support/livecdfs-update.sh b/targets/support/livecdfs-update.sh
index 687b9d4e..9fcaadf1 100755
--- a/targets/support/livecdfs-update.sh
+++ b/targets/support/livecdfs-update.sh
@@ -4,14 +4,6 @@ RUN_DEFAULT_FUNCS="no"
 
 source /tmp/chroot-functions.sh
 
-# Allow root logins to our CD by default
-if [ -e /etc/ssh/sshd_config ]
-then
-	sed -i \
-		-e '/^#PermitRootLogin/c# Allow root login with password on livecds.\nPermitRootLogin Yes' \
-		/etc/ssh/sshd_config
-fi
-
 # Clean up the time and set to UTC
 rm -rf /etc/localtime
 cp /usr/share/zoneinfo/UTC /etc/localtime
-- 
2.43.2