From 46effa63da643a0024f213827b79f3f49af3925c Mon Sep 17 00:00:00 2001
From: Alexander Weidinger <aw@sz9i.net>
Date: Fri, 9 Feb 2024 01:02:51 +0100
Subject: [PATCH] fix(sshd_config): drop UsePrivilegeSeparation (fixes #183)

---
 openssh/config.sls                | 11 -----------
 openssh/files/default/sshd_config |  3 ---
 2 files changed, 14 deletions(-)

diff --git a/openssh/config.sls b/openssh/config.sls
index ea082f25..363fdb14 100644
--- a/openssh/config.sls
+++ b/openssh/config.sls
@@ -129,14 +129,3 @@ ssh_host_{{ keyType }}_key.pub:
       - service: {{ openssh.service }}
 {%-   endif %}
 {%- endfor %}
-
-{%- if sshd_config.get('UsePrivilegeSeparation', '')|lower == 'yes' %}
-/var/run/sshd:
-  file.directory:
-    - user: root
-    - mode: 755
-    - require_in:
-      - file: sshd_config
-    - watch_in:
-      - service: {{ openssh.service }}
-{%- endif %}
diff --git a/openssh/files/default/sshd_config b/openssh/files/default/sshd_config
index a6f5ac1e..21b8246f 100644
--- a/openssh/files/default/sshd_config
+++ b/openssh/files/default/sshd_config
@@ -86,9 +86,6 @@
 {#- HostKeys for protocol version 2 -#}
 {{- option('HostKey') -}}
 
-{#- Privilege Separation is turned on for security -#}
-{{- option('UsePrivilegeSeparation') -}}
-
 {#- Logging -#}
 {{- option('SyslogFacility') -}}
 {{- option('LogLevel') -}}