From d6b2cfce6182c7153f12584a1292335adef61855 Mon Sep 17 00:00:00 2001
From: Michele Baldessari <michele@acksyn.org>
Date: Mon, 18 May 2020 15:48:30 +0200
Subject: [PATCH] Remove deprecated UsePrivilegeSeparation option

From https://www.openssh.com/releasenotes.html:

 * This release deprecates the sshd_config UsePrivilegeSeparation
   option, thereby making privilege separation mandatory. Privilege
   separation has been on by default for almost 15 years and
   sandboxing has been on by default for almost the last five.

Since master only targets CentOS 8 and onwards which has
openssh-8.0p1-4.el8 or later, we can safely remove this and get rid of
the following warning:
May 18 10:50:02 underCloud.localDomain sshd[131346]: rexec line 21: Deprecated option UsePrivilegeSeparation

Change-Id: Idff6074d8f01d6a5a784c42521f0cf9d7c6dfbf1
---
 deployment/sshd/sshd-baremetal-puppet.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/deployment/sshd/sshd-baremetal-puppet.yaml b/deployment/sshd/sshd-baremetal-puppet.yaml
index 01545cf60c..d8412a4f5a 100644
--- a/deployment/sshd/sshd-baremetal-puppet.yaml
+++ b/deployment/sshd/sshd-baremetal-puppet.yaml
@@ -52,7 +52,6 @@ parameters:
       UsePAM: 'yes'
       UseDNS: 'no'
       X11Forwarding: 'yes'
-      UsePrivilegeSeparation: 'sandbox'
       AcceptEnv:
         - 'LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES'
         - 'LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT'