The previous justification for using "VERBOSE" is incorrect,
because OpenSSH does use level INFO to log "which key was used
to log in" for sccessful logins, see:
6247812c76/auth.c (L323-L328)
Also update description to the wording of the sshd_config man page.
`fail2ban` needs, sshd to be "VERBOSE" to work well, thus
the `fail2ban` module sets it to "VERBOSE" if enabled.
The docs are updated accordingly.
ChangeLog: https://github.com/privacyidea/privacyidea/releases/tag/v3.6
Unfortunately we have to use `sqlalchemy` at 1.3 for `sqlsoup`. As
`sqlalchemy` is required by a lot of packages, I decided to move this
package out of `pythonPackages` itself and instantiate a new
`pythonPackages` inside the expression where `sqlalchemy` points to
`sqlalchemy_1_3`.
nixos tests are blended with other system configurations, hence
their settings must be either enforced or defaulted.
This particular setting is set via lib.nixosSystem as
`system.nixos.revision = final.mkIf (self ? rev) self.rev;` which would
mean that without this change no flake generated nixos could be blended
with nixos testing.
This setting was made previously constant in
169c6b4b14 in order to avoid pointless
rebuilds of the testing VMs, but was set without enforcing it.
- remove check for `connected .JID: focus@auth.server` because
- log format was changed in c1945ea6cb
- connection.getUser() in jicofo also appears to be broken, returning null instead of username
- testing for this log line shouldn't be necessary, as we also test for "Authenticated as focus@auth.server"
- remove check for `External component successfully authenticated` because
- [JVB no longer uses component](https://community.jitsi.org/t/jvb-not-connecting/91157/2)
- increase VM memory
Apparently this looks like it was forgotten when doing commit
3884ff70ba, which refactored the test
runner and driver a bit.
The passthru argument actually was correctly reintroduced in
setupDriverForTest, but the actual makeTest function didn't use it.
This fixes the nixpkgs tarball job, which previously failed with:
attribute 'elkPackages' missing, at /build/source/pkgs/tools/misc/logstash/6.x.nix:58:30
Signed-off-by: aszlig <aszlig@nix.build>
Acked-by: David Arnold <dar@xoe.solutions>
Fixes: https://github.com/NixOS/nixpkgs/issues/127274
Merges: https://github.com/NixOS/nixpkgs/pull/127346
This essentially fixes the overlayfs test, which was broken since a
while but since commit b7749c7671 was
pushed to master the error has actually surfaced.
The reason why I'm merging this immediately without additional review is
because the change is fixing something that's currently broken so the
worst that could happen is that things are still broken.
However, since I did open a pull request, the checks done by @ofborg at
least seem to suggest that this is indeed fixing the test.
This reverts the test to be similar to its original Perl version, where
the test steps were performed as individual commands instead of what we
have now, where commands are sent to the machine as one giant string.
While this change doesn't seem like it would make a big difference, it
makes a huge difference if the test fails because you then get an error
about which command has failed exactly instead of just knowing that
"something in there" has failed.
I also switched 2 spaces indentation, because it is more in line with
Nix coding conventions.
Signed-off-by: aszlig <aszlig@nix.build>
Since commit b7749c7671, commands run as
part of VM tests are exiting immediately if an error happens.
When converting the overlayfs test to Python in commit
5ae92144ba, the individual test commands
were crammed into one big string instead of using a series of test
commands like done in the Perl version.
Additionally, the backslash-escaped dollar signs were necessary in
Perl's double-quoted strings to avoid variable interpolation, for Python
however, this results in an actual backslash being inserted into the
command.
While this obviously results in an exit code of 1 (without an error
message, since it's using bash's expression evaluation command), the
test didn't fail because putting all these commands in one string will
result in only the last error code being relevant.
With the change to "set -e" for commands sent to test machines, this has
changed and with the exit code of all commands now relevant, the test
now fails because the errors from individual command substitutions that
were prevented by escaping the dollar sign are now actually visible.
This in turn also means that until now, we wouldn't have noticed if the
overlayfs test would have failed for real.
Signed-off-by: aszlig <aszlig@nix.build>
Reload only works with a static configuration path as there is no way to
pass the dynamically generated config path to a running solanum
instance, therefore we symlink the configuration to
/etc/solanum/ircd.conf.
But that will prevent reloads of the ircd, because the systemd unit
wouldn't change when the configuration changes. That is why we add the
actual location of the config file to restartTriggers and enable
reloadIfChanged, so changes will not restart, but reload on changes.