CI: Increase sshd MaxAuthRetries to 50 on macOS runners

refs #1186
pull/1184/head
Alex Willmer 2 weeks ago
parent 8cfcb66cda
commit 3a1b5ec620

@ -51,6 +51,9 @@ with ci_lib.Fold('machine_prep'):
subprocess.check_call('sudo chmod 700 ~root/.ssh', shell=True) subprocess.check_call('sudo chmod 700 ~root/.ssh', shell=True)
subprocess.check_call('sudo chmod 600 ~root/.ssh/authorized_keys', shell=True) subprocess.check_call('sudo chmod 600 ~root/.ssh/authorized_keys', shell=True)
os.chdir(IMAGE_PREP_DIR)
ci_lib.run("ansible-playbook -c local -i localhost, macos_localhost.yml")
if os.path.expanduser('~mitogen__user1') == '~mitogen__user1': if os.path.expanduser('~mitogen__user1') == '~mitogen__user1':
os.chdir(IMAGE_PREP_DIR) os.chdir(IMAGE_PREP_DIR)
ci_lib.run("ansible-playbook -c local -i localhost, _user_accounts.yml") ci_lib.run("ansible-playbook -c local -i localhost, _user_accounts.yml")

@ -0,0 +1,7 @@
- name: Configure macOS
hosts: all
gather_facts: true
strategy: mitogen_free
become: true
roles:
- role: sshd

@ -1 +1,3 @@
sshd_config_file: /etc/ssh/sshd_config sshd_config_file: /etc/ssh/sshd_config
sshd_config__max_auth_tries: 50

@ -12,7 +12,20 @@
loop: loop:
- line: Banner /etc/ssh/banner.txt - line: Banner /etc/ssh/banner.txt
regexp: '^#? *Banner.*' regexp: '^#? *Banner.*'
- line: MaxAuthTries {{ sshd_config__max_auth_tries }}
regexp: '^#? *MaxAuthTries.*'
- line: PermitRootLogin yes - line: PermitRootLogin yes
regexp: '.*PermitRootLogin.*' regexp: '.*PermitRootLogin.*'
loop_control: loop_control:
label: "{{ item.line }}" label: "{{ item.line }}"
register: configure_sshd_result
- name: Restart sshd
shell: |
launchctl unload /System/Library/LaunchDaemons/ssh.plist
wait 5
launchctl load -w /System/Library/LaunchDaemons/ssh.plist
changed_when: true
when:
- ansible_facts.distribution == "MacOSX"
- configure_sshd_result is changed

Loading…
Cancel
Save