Lazy evaluation of exec clause in ssh Match statement
Iain Morgan
imorgan at nas.nasa.gov
Thu Oct 31 11:01:18 EST 2013
On Wed, Oct 30, 2013 at 14:09:58 -0700, Iain Morgan wrote:
> On Wed, Oct 30, 2013 at 12:02:03 -0700, Iain Morgan wrote:
> > Hello,
> >
> > At present, if a ssh Match block contains an exec clause, the specified
> > command is executed regardless of whether any preceding clauses are
> > true. Thus,
> >
> > Match host !*.* exec "some_command %h"
> > ...
> >
> > would always execute some_command regardless of whether the host matches
> > the preceding pattern. That seems undesirable, particularly as the
> > user-specified command may do name lookups or other operations that may
> > introduce delays.
> >
> > Using a lazy approach, where the command is only executed if the
> > preceding clauses are true would seem to be better.
> >
> > --
> > Iain Morgan
> > _______________________________________________
> > openssh-unix-dev mailing list
> > openssh-unix-dev at mindrot.org
> > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
> It looks like there is alos an issue with negation, so a better example
> of the initial issue would be:
>
> Match user someuser exec "some_command %h"
> ...
>
> --
> Iain Morgan
Oops! Please ignore what I said about negation. I should have used "host
*,!*.*" in the first example.
--
Iain Morgan
More information about the openssh-unix-dev
mailing list