From 2cf232ae627514bccc283ef3f578e422f7bcf745 Mon Sep 17 00:00:00 2001
From: Jean-Philippe Evrard <jean-philippe@evrard.me>
Date: Mon, 16 Oct 2017 13:04:05 +0000
Subject: [PATCH] Fix logic error

if security_sshd_permit_root_login is not set to yes, we should
override this and template a "no", instead of templating a "no"
when the value is set to yes.

Change-Id: I747a8818762119eee63fa03d175b66ae4021f6da
Closes-Bug: #1685194
---
 templates/sshd_config_block.j2 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/sshd_config_block.j2 b/templates/sshd_config_block.j2
index 49e14259..28c6fd9f 100644
--- a/templates/sshd_config_block.j2
+++ b/templates/sshd_config_block.j2
@@ -22,7 +22,7 @@ ClientAliveCountMax {{ security_sshd_client_alive_count_max }}
 # V-72245
 PrintLastLog yes
 {% endif %}
-{% if security_sshd_permit_root_login | bool %}
+{% if not (security_sshd_permit_root_login | bool) %}
 # V-72247
 PermitRootLogin no
 {% endif %}