summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJameson Graef Rollins <jrollins@phys.columbia.edu>2008-10-28 19:20:14 -0400
committerJameson Graef Rollins <jrollins@phys.columbia.edu>2008-10-28 19:20:14 -0400
commitf7242749c484cac12aacf8bcfe19bdea72c89aaa (patch)
tree749d7a9c960d5deb4697cb8b8257be9f1edc980e /src
parentbee6028687945fd7d8d6eab98c26def2ecadf8b1 (diff)
chown authorized_keys files as jrollins, and add monkeysphere tmpdir in SYSDATADIR, for atomic moves of authorized_keys.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/monkeysphere-server9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index b6bf78b..846eb81 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -20,6 +20,11 @@ export SYSSHAREDIR
SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
export SYSDATADIR
+# monkeysphere temp directory, in sysdatadir to enable atomic moves of
+# authorized_keys files
+MSTMPDIR="${SYSDATADIR}/tmp"
+export MSTMPDIR
+
# UTC date in ISO 8601 format if needed
DATE=$(date -u '+%FT%T')
@@ -173,7 +178,7 @@ update_users() {
log verbose "----- user: $uname -----"
# make temporary directory
- TMPLOC=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX)
+ TMPLOC=$(mktemp -d ${MSTMPDIR}/tmp.XXXXXXXXXX)
# trap to delete temporary directory on exit
trap "rm -rf $TMPLOC" EXIT
@@ -244,7 +249,7 @@ update_users() {
# authorized_keys file as the user in question, so the
# file must be readable by that user at least.
# FIXME: is there a better way to do this?
- chown root "$AUTHORIZED_KEYS"
+ chown $(whoami) "$AUTHORIZED_KEYS"
chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS"
chmod g+r "$AUTHORIZED_KEYS"