From 4f0be6f5e7a9efdd51972c9e93db7dc2dff428ab Mon Sep 17 00:00:00 2001
From: Tim Fletcher <tim@night-shade.org.uk>
Date: Sat, 17 Mar 2018 15:31:32 +0100
Subject: [PATCH] Add StreamLocalBindUnlink option

This option removes existing Unix-domain socket files before they are
used for forwarding targets.

Need to support gpg-agent forwarding with systemd
---
 meta/options_body        | 1 +
 templates/sshd_config.j2 | 1 +
 2 files changed, 2 insertions(+)

diff --git a/meta/options_body b/meta/options_body
index e1c2b98..2111fb4 100644
--- a/meta/options_body
+++ b/meta/options_body
@@ -69,6 +69,7 @@ RekeyLimit
 RevokedKeys
 RhostsRSAAuthentication
 ServerKeyBits
+StreamLocalBindUnlink
 StrictModes
 Subsystem
 SyslogFacility
diff --git a/templates/sshd_config.j2 b/templates/sshd_config.j2
index 4f12890..a9915e7 100644
--- a/templates/sshd_config.j2
+++ b/templates/sshd_config.j2
@@ -140,6 +140,7 @@ Match {{ match["Condition"] }}
 {{ body_option("RevokedKeys",sshd_RevokedKeys) -}}
 {{ body_option("RhostsRSAAuthentication",sshd_RhostsRSAAuthentication) -}}
 {{ body_option("ServerKeyBits",sshd_ServerKeyBits) -}}
+{{ body_option("StreamLocalBindUnlink",sshd_StreamLocalBindUnlink) -}}
 {{ body_option("StrictModes",sshd_StrictModes) -}}
 {{ body_option("Subsystem",sshd_Subsystem) -}}
 {{ body_option("SyslogFacility",sshd_SyslogFacility) -}}