mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-23 21:57:52 +03:00
modules/sshd: print the offending keys when we detect duplicate sshd keys.
This commit is contained in:
parent
20cb596dd4
commit
2b63df0a03
@ -570,14 +570,26 @@ in
|
||||
|
||||
assertions = [{ assertion = if cfg.settings.X11Forwarding then cfgc.setXAuthLocation else true;
|
||||
message = "cannot enable X11 forwarding without setting xauth location";}
|
||||
{ assertion = lib.lists.unique (map (x: lib.strings.toLower x) (attrNames cfg.settings))
|
||||
== (map (x: lib.strings.toLower x) (attrNames cfg.settings));
|
||||
message = "Duplicate sshd config key; does your capitalization match the option's?"; } ]
|
||||
(let
|
||||
duplicates =
|
||||
# Filter out the groups with more than 1 element
|
||||
lib.filter (l: lib.length l > 1) (
|
||||
# Grab the groups, we don't care about the group identifiers
|
||||
lib.attrValues (
|
||||
# Group the settings that are the same in lower case
|
||||
lib.groupBy lib.strings.toLower (attrNames cfg.settings)
|
||||
)
|
||||
);
|
||||
formattedDuplicates = lib.concatMapStringsSep ", " (dupl: "(${lib.concatStringsSep ", " dupl})") duplicates;
|
||||
in
|
||||
{
|
||||
assertion = lib.length duplicates == 0;
|
||||
message = ''Duplicate sshd config key; does your capitalization match the option's? Duplicate keys: ${formattedDuplicates}'';
|
||||
})]
|
||||
++ forEach cfg.listenAddresses ({ addr, ... }: {
|
||||
assertion = addr != null;
|
||||
message = "addr must be specified in each listenAddresses entry";
|
||||
});
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user