Tim Landscheidt has uploaded a new change for review. https://gerrit.wikimedia.org/r/181789
Change subject: Fix motd on Trusty instances ...................................................................... Fix motd on Trusty instances Trusty removed the /etc/motd symlink. For console logins, this is a no-op as /etc/pam.d/login explicitly passes "motd=/run/motd.dynamic" to pam_motd. However, we define a separate pam.d file for sshd that uses the default (now no longer existing) /etc/motd file which makes Trusty instances do not display any motd at all. This change copies the respective section from Trusty's /etc/pam.d/login. I tested this on a Labs Precise instance to ensure that it does not change behaviour for these. In the long run, it might be prudent to refactor the pam configuration. The stated purpose of Gerrit change Idbd2521594fa8467b3dd86b798cf999510cdb5df that introduced /etc/pam.d/sshd was "Change pam configuration to only require pam_access for sshd", so it might be useful to find a way to do just that without inadvertently overwriting other parts of the default configuration. Bug: T85307 Change-Id: I2ffc1ded3bb7cb42a52f8d6ef8d21f866a2758a5 --- M modules/ldap/files/sshd 1 file changed, 6 insertions(+), 2 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/operations/puppet refs/changes/89/181789/1 diff --git a/modules/ldap/files/sshd b/modules/ldap/files/sshd index 97ae78a..648e9af 100644 --- a/modules/ldap/files/sshd +++ b/modules/ldap/files/sshd @@ -23,8 +23,12 @@ # Standard Un*x session setup and teardown. @include common-session -# Print the message of the day upon successful login. -session optional pam_motd.so # [1] +# Prints the message of the day upon succesful login. +# (Replaces the `MOTD_FILE' option in login.defs) +# This includes a dynamically generated part from /run/motd.dynamic +# and a static (admin-editable) part from /etc/motd. +session optional pam_motd.so motd=/run/motd.dynamic noupdate +session optional pam_motd.so # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] -- To view, visit https://gerrit.wikimedia.org/r/181789 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I2ffc1ded3bb7cb42a52f8d6ef8d21f866a2758a5 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Tim Landscheidt <t...@tim-landscheidt.de> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
