From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id B4E646818A for ; Tue, 10 Nov 2020 18:24:32 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B1F9E25728 for ; Tue, 10 Nov 2020 18:24:32 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 8ACA12571B for ; Tue, 10 Nov 2020 18:24:31 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 2A5A646066 for ; Tue, 10 Nov 2020 18:24:31 +0100 (CET) Date: Tue, 10 Nov 2020 18:23:47 +0100 (CET) From: =?UTF-8?Q?Fabian_Gr=C3=BCnbichler?= To: Thomas Lamprecht , Proxmox Backup Server development discussion Message-ID: <1080066201.1049.1605029027398@webmail.proxmox.com> In-Reply-To: <51915fa2-338c-646c-3c0e-f0d6a4f7f8c0@proxmox.com> References: <20201110155927.2650445-1-f.gruenbichler@proxmox.com> <51915fa2-338c-646c-3c0e-f0d6a4f7f8c0@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Priority: 3 Importance: Normal X-Mailer: Open-Xchange Mailer v7.10.4-Rev12 X-Originating-Client: open-xchange-appsuite X-SPAM-LEVEL: Spam detection results: 0 AWL 0.024 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pbs-devel] [PATCH proxmox-backup] unbreak get_subscription without sshd installed X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Nov 2020 17:24:32 -0000 > Thomas Lamprecht hat am 10.11.2020 17:54 geschr= ieben: >=20 > =20 > On 10.11.20 16:59, Fabian Gr=C3=BCnbichler wrote: > > which might be the case e.g. in a PBS container > >=20 >=20 > rather breaks it further, as in, one cannot use subscriptions at all > anymore... not sure how, this patch just changes the GET for when no subscription and = no ssh host key is available? it does not fix setting/checking subscriptions for the subscription but no = sshd case, but it does not break anything further AFAICT? >=20 > > Signed-off-by: Fabian Gr=C3=BCnbichler > > --- > >=20 > > Notes: > > we might want to switch to a different file as base? or even genera= te a file > > just for the server ID derivation? >=20 > using the openssh-server one has quite some advantages, be it only to > avoid tampering. I'd for now suggest adding the diff below to the meta > package - we can see if another option makes more sense for the next > major release. I still disagree with adding openssh-server as dep just for this (and I don= 't see how this prevents tampering in any way - the host key path is config= urable on the sshd side?), but I can live with it (I can just touch the fil= e and still not install openssh-server after all :-P) > btw, a specific container meta package like PMG has, without the kernel > dependencies could make sense to add. I just installed proxmox-backup-server + proxmox-archive-keyring for that s= o far, with no problems except this one which seems to be a recent addition= ;) > ----8<---- > diff --git a/debian/control b/debian/control > index e88b965..d961da0 100644 > --- a/debian/control > +++ b/debian/control > @@ -7,6 +7,7 @@ Maintainer: Proxmox Support Team > Package: proxmox-backup > Architecture: all > Depends: libc6, > + openssh-server, > proxmox-archive-keyring, > proxmox-backup-client, > proxmox-backup-server, > --