diff options
| author | Jameson Graef Rollins <jrollins@phys.columbia.edu> | 2008-10-28 19:20:14 -0400 |
|---|---|---|
| committer | Jameson Graef Rollins <jrollins@phys.columbia.edu> | 2008-10-28 19:20:14 -0400 |
| commit | f7242749c484cac12aacf8bcfe19bdea72c89aaa (patch) | |
| tree | 749d7a9c960d5deb4697cb8b8257be9f1edc980e /src | |
| parent | bee6028687945fd7d8d6eab98c26def2ecadf8b1 (diff) | |
chown authorized_keys files as jrollins, and add monkeysphere tmpdir in SYSDATADIR, for atomic moves of authorized_keys.
Diffstat (limited to 'src')
| -rwxr-xr-x | src/monkeysphere-server | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/monkeysphere-server b/src/monkeysphere-server index b6bf78b..846eb81 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -20,6 +20,11 @@ export SYSSHAREDIR SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"} export SYSDATADIR +# monkeysphere temp directory, in sysdatadir to enable atomic moves of +# authorized_keys files +MSTMPDIR="${SYSDATADIR}/tmp" +export MSTMPDIR + # UTC date in ISO 8601 format if needed DATE=$(date -u '+%FT%T') @@ -173,7 +178,7 @@ update_users() { log verbose "----- user: $uname -----" # make temporary directory - TMPLOC=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX) + TMPLOC=$(mktemp -d ${MSTMPDIR}/tmp.XXXXXXXXXX) # trap to delete temporary directory on exit trap "rm -rf $TMPLOC" EXIT @@ -244,7 +249,7 @@ update_users() { # authorized_keys file as the user in question, so the # file must be readable by that user at least. # FIXME: is there a better way to do this? - chown root "$AUTHORIZED_KEYS" + chown $(whoami) "$AUTHORIZED_KEYS" chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS" chmod g+r "$AUTHORIZED_KEYS" |