ncm-ssh: /software/components/ssh/daemon/comment_options/GSSAPIKexAlgorithms = "" ends up adding a new line on each ncm-ssh run

[ulrich1919]

if I specify:
/software/components/ssh/daemon/comment_options/GSSAPIKexAlgorithms = "" (empty value)
then ncm-ssh adds
"#GSSAPIKexAlgorithms" line to sshd_config on each run, and restarts sshd. I believe this behaviour is not normal. Please check and fix. Thanks

• The version of the component you are using (rpm -q $component) ncm-ssh-23.6.0-1.noarch
• What OS version you are using (/etc/redhat-release or similar) Red Hat Enterprise Linux Server release 7.9 (Maipo)
• Steps required to reproduce the problem: see above
• Actual result versus expected result.
  Expected result:
  It should comment out any GSSAPIKexAlgorithms options with any values from sshd_config and restart sshd.
  It should not add #GSSAPIKexAlgorithms lines on each run.
  Of course this affects any sshd option, not particularly just GSSAPIKexAlgorithms. It probably affects other ncm components as well(CAF::FileEditor::add_or_replace_lines)

[jrha]

Apologies for the delay, I tried to reproduce this today, but GSSAPIKexAlgorithms isn't a valid option in the schema, are you using a local fork?

I can however replicate the same behaviour with:

"/software/components/ssh/daemon/comment_options/Protocol" = "";

It appears to happen when an option is present in both options and comment_options and the comment version has no associated value.

[ulrich1919]

Yes, we added GSSAPIKexAlgorithms to our schema. Forgot to raise a PR here. Will do now.
I think GSSAPIKexalgorithms was only present in comment_options with an empty value. It was not added to options.
Can you reproduce the behaviour If an option is only present in comment_options(and not present in options)?

[ulrich1919]

raised #1714

[jrha]

I think the underlying issue is still present, but the schema changes make it harder to trigger.