[PR #126] [MERGED] enh: config: detect warnBefore/idleTimeout misconfiguration #258

New issue

Closed

opened 2026-05-07 00:20:02 +02:00 by BreizhHardware · 0 comments

BreizhHardware commented

2026-05-07 00:20:02 +02:00

Owner

📋 Pull Request Information

Original PR: https://github.com/ovh/the-bastion/pull/126
Author: @speed47
Created: 1/19/2021
Status: ✅ Merged
Merged: 1/19/2021
Merged by: @speed47

Base: master ← Head: issue125

📝 Commits (1)

fefdf05 enh: config: detect warnBefore/idleTimeout misconfiguration

📊 Changes

3 files changed (+17 additions, -6 deletions)

View changed files

📝 doc/sphinx/administration/bastion_conf.rst (+3 -3)
📝 etc/bastion/bastion.conf.dist (+3 -3)
📝 lib/perl/OVH/Bastion/configuration.inc (+11 -0)

📄 Description

Before, an inconsistency in the configuration settings of the warnBefore(Lock|Kill)Seconds
and idle(Lock|Kill)Timeout could break any new connection (ttyrec refuses to launch).

Now we detect this case properly, and fallback to a sane setting for
warnBefore(Lock|Kill)Seconds (zero) if those were set without enabling the corresponding
idle(Lock|Kill)Timeout setting. We also log an error to syslog when it happens,
so that the sysadmin can fix their configuration.

Added hints about how these configuration options work together in the bastion.conf.dist file.

Fixes #125

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ovh/the-bastion/pull/126 **Author:** [@speed47](https://github.com/speed47) **Created:** 1/19/2021 **Status:** ✅ Merged **Merged:** 1/19/2021 **Merged by:** [@speed47](https://github.com/speed47) **Base:** `master` ← **Head:** `issue125` --- ### 📝 Commits (1) - [`fefdf05`](https://github.com/ovh/the-bastion/commit/fefdf05c6b98be7970bacb00414428c40c92165e) enh: config: detect warnBefore/idleTimeout misconfiguration ### 📊 Changes **3 files changed** (+17 additions, -6 deletions) <details> <summary>View changed files</summary> 📝 `doc/sphinx/administration/bastion_conf.rst` (+3 -3) 📝 `etc/bastion/bastion.conf.dist` (+3 -3) 📝 `lib/perl/OVH/Bastion/configuration.inc` (+11 -0) </details> ### 📄 Description Before, an inconsistency in the configuration settings of the warnBefore(Lock|Kill)Seconds and idle(Lock|Kill)Timeout could break any new connection (ttyrec refuses to launch). Now we detect this case properly, and fallback to a sane setting for warnBefore(Lock|Kill)Seconds (zero) if those were set without enabling the corresponding idle(Lock|Kill)Timeout setting. We also log an error to syslog when it happens, so that the sysadmin can fix their configuration. Added hints about how these configuration options work together in the bastion.conf.dist file. Fixes #125 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>