From 33b10dfa76826ebc076514a9bd01002cba823296 Mon Sep 17 00:00:00 2001
From: Adam Henry Lewenberg <adamhl@stanford.edu>
Date: Fri, 27 Oct 2017 09:05:57 -0700
Subject: [PATCH] fix some whitespace issues in /etc/pam.d/sshd

---
 NEWS                             |  3 ++-
 templates/ssh/etc/pam.d/sshd.erb | 12 ++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/NEWS b/NEWS
index 8913ef2..54b590d 100644
--- a/NEWS
+++ b/NEWS
@@ -3,7 +3,8 @@ unreleased (207x-xx-xx)
     [ssh] Change interface parameter. The parameter
     base::ssh::extra_gssapi_only_users has been renamed to
     base::ssh::extra_skip_duo_users to more accurately reflect what this
-    parameter does. [adamhl]
+    parameter does. Also, fix some whitespace messiness in
+    /etc/pam.d/sshd [adamhl]
 
 release/005.010 (2017-10-02)
 
diff --git a/templates/ssh/etc/pam.d/sshd.erb b/templates/ssh/etc/pam.d/sshd.erb
index 5b148ad..22d1d44 100644
--- a/templates/ssh/etc/pam.d/sshd.erb
+++ b/templates/ssh/etc/pam.d/sshd.erb
@@ -9,16 +9,16 @@
 #    credential), then "jump over" the pam_duo module to step 3. If not,
 #    go to the next module in the stack (2).
 # 2. If the user is _not_ root, require Duo.
-<% if @pam_afs %>
-# 3. Set up the AFS session and then, whether the AFS sesssion setup works
-#    or not, quit the pam stack
-<% end %>
+<%- if @pam_afs -%>
+# 3. Set up the AFS session and then, whether the AFS session setup works
+#    or not, quit the pam stack.
+<%- end -%>
 
 auth    [success=1 default=ignore]  pam_succeed_if.so uid eq 0
 auth    required                    pam_duo.so conf=/etc/security/pam_duo_ssh.conf
-<% if @pam_afs %>
+<%- if @pam_afs -%>
 auth    [success=done default=die]  pam_afs_session.so
-<% end %>
+<%- end -%>
 
 ##############################################################################
 # account
-- 
GitLab