Open Krinkle opened 8 months ago
provision-instance.sh
is meant to be non-interactive, but during the upgrade of sshd it asks the following
A new version (/tmp/tmp.s8CAJsQh4K) of configuration file /etc/ssh/sshd_config
is available, but the version installed currently has been locally modified.
1. install the package maintainer's version
2. keep the local version currently installed
3. show the differences between the versions
4. show a side-by-side difference between the versions
5. show a 3-way difference between available versions
6. do a 3-way merge between available versions
7. start a new shell to examine the situation
What do you want to do about modified configuration file sshd_config? 3
Line by line differences between versions
--- /etc/ssh/sshd_config root.root 0644 2023-06-27 17:58:59
+++ /tmp/tmp.s8CAJsQh4K root.root 0644 2023-11-12 19:39:52
@@ -78,7 +78,7 @@
# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via KbdInteractiveAuthentication may bypass
-# the setting of "PermitRootLogin yes
+# the setting of "PermitRootLogin prohibit-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and KbdInteractiveAuthentication to 'no'.
@@ -120,4 +120,3 @@
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
-ClientAliveInterval 120
I'm guessing this from apt-get -o Dpkg::Options::="--force-confold" upgrade -y
where perhaps force-confold
is insufficient in this case.
In practice, the answer doesn't matter since Puppet will replace this file on the first run a few seconds later. But, for now I picked 2: keep the local version since that's closest to what we provision.
Main differences:
Debian 11 Bullseye hosts today:
wp-02.stage.ops.jquery.net
builder-04.stage.ops.jquery.net
puppet-03.ops.jquery.net
search-02.ops.jquery.net
https://github.com/jquery/infrastructure-puppet/issues/36codeorigin-02.stage.ops.jquery.net
codeorigin-02.ops.jquery.net
wpblogs-01.ops.jquery.net
gruntjs-02.stage.ops.jquery.net
gruntjs-02.ops.jquery.net
miscweb-01.ops.jquery.net
contentorigin-02.ops.jquery.net
swarm-02.ops.jquery.net
~ (decommissioned) #51The following went straight from legacy Debian 7 to Debian 12 Bookworm, via https://github.com/jquery/infrastructure-puppet/issues/8, and were never on Debian Bullseye.
wp-*.ops
builder-*.ops
filestash-*.ops