9c12812735
Some major changes: * the charm has been rebased (from a Python perspective) to be rooted in the charm directory. This is a single root. * Imports have been changed so that the don't add lots of imports to the namespace of the module doing the import. * The code that used to run at module import time has been made lazy such that it only has to run if the relevant functions are called. This includes restart_on_change parameters, the harden function and the parameters to the guard_map. Appropriate changes will be submitted to charm-helpers. * Several tests had to be re-written as (incorrect) mocking meant that text fixtures didn't actually match what the code was doing. Thus, the tests were meaningless. * This has had a net positive impact on the unit tests wrt to importing modules and mocking. Change-Id: Id07d9d1caaa9b29453a63c2e49ba831071e9457f
43 lines
852 B
Plaintext
43 lines
852 B
Plaintext
# NOTE: this schema must contain all valid keys from it's associated defaults
|
|
# file. It is used to validate user-provided overrides.
|
|
common:
|
|
service_name:
|
|
network_ipv6_enable:
|
|
ports:
|
|
remote_hosts:
|
|
client:
|
|
package:
|
|
cbc_required:
|
|
weak_hmac:
|
|
weak_kex:
|
|
roaming:
|
|
password_authentication:
|
|
server:
|
|
host_key_files:
|
|
cbc_required:
|
|
weak_hmac:
|
|
weak_kex:
|
|
allow_root_with_key:
|
|
allow_tcp_forwarding:
|
|
allow_agent_forwarding:
|
|
allow_x11_forwarding:
|
|
use_privilege_separation:
|
|
listen_to:
|
|
use_pam:
|
|
package:
|
|
password_authentication:
|
|
alive_interval:
|
|
alive_count:
|
|
sftp_enable:
|
|
sftp_group:
|
|
sftp_chroot:
|
|
deny_users:
|
|
allow_users:
|
|
deny_groups:
|
|
allow_groups:
|
|
print_motd:
|
|
print_last_log:
|
|
use_dns:
|
|
max_auth_tries:
|
|
max_sessions:
|