From 5f818687e373cd5ccf16e32b693e050cf5719e92 Mon Sep 17 00:00:00 2001
From: Julien Dessaux
Date: Fri, 25 Aug 2017 17:49:43 +0200
Subject: Fixed sshd policy mistake

---
 services/applications/sshd.cf | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

(limited to 'services')

diff --git a/services/applications/sshd.cf b/services/applications/sshd.cf
index da602a1..1b5bca7 100644
--- a/services/applications/sshd.cf
+++ b/services/applications/sshd.cf
@@ -2,12 +2,6 @@ bundle agent sshd
 {
     files:
         freebsd::
-            "/etc/rc.conf"
-                create => "true",
-                edit_defaults => std_defs,
-                perms => system_owned("444"),
-                edit_line => append_if_no_line("sshd_enable=\"YES\""),
-                classes => if_repaired("sshd_rc_conf_file_repaired");
             "/root/.ssh/."
                 create => "true",
                 perms => system_owned("700"),
@@ -21,13 +15,15 @@ bundle agent sshd
     classes:
         freebsd::
             "sshd_service_running" expression => returnszero("/usr/sbin/service sshd status", "noshell");
+    methods:
+        freebsd::
+            "any"  usebundle => add_rc_conf_line("sshd_enable=\"YES\"");
     commands:
         freebsd.!sshd_service_running::
             "/usr/sbin/service sshd start" classes => if_repaired("sshd_service_repaired");
     reports:
         any::
-            "$(this.bundle): /etc/rc.conf repaired" ifvarclass => "sshd_rc_conf_file_repaired";
             "$(this.bundle): /root/.ssh directory repaired" ifvarclass => "sshd_ssh_dir_repaired";
-            "$(this.bundle): /root/.ssh/authorized_keys repaired" ifvarclass => "sshd_rc_conf_file_repaired";
+            "$(this.bundle): /root/.ssh/authorized_keys repaired" ifvarclass => "sshd_authorized_keys_files_repaired";
             "$(this.bundle): sshd service repaired" ifvarclass => "sshd_service_repaired";
 }
-- 
cgit v1.2.3