diff options
| -rw-r--r-- | src/share/common | 8 | ||||
| -rw-r--r-- | src/share/ma/update_users | 2 |
2 files changed, 7 insertions, 3 deletions
diff --git a/src/share/common b/src/share/common index f9be05a..4dd46c8 100644 --- a/src/share/common +++ b/src/share/common @@ -100,15 +100,19 @@ su_monkeysphere_user() { # introduce an extra dependency just for this. This may be a # candidate for re-factoring if we switch implementation languages. + # singlequote-escape strings - like this bashism: + # printf -v CMDLINE "%q " "$@" + local CMDLINE="$(perl -0 -e "foreach (@ARGV) {s/'/'\\\\''/g; print \"'\$_' \"}" "$@")" + case $(id -un) in # if monkeysphere user, run the command under bash "$MONKEYSPHERE_USER") - bash -c "$*" + bash -c "$CMDLINE" ;; # if root, su command as monkeysphere user 'root') - su "$MONKEYSPHERE_USER" -c "$*" + su "$MONKEYSPHERE_USER" -c "$CMDLINE" ;; # otherwise, fail diff --git a/src/share/ma/update_users b/src/share/ma/update_users index 991c302..2066359 100644 --- a/src/share/ma/update_users +++ b/src/share/ma/update_users @@ -79,7 +79,7 @@ for uname in $unames ; do # process authorized_user_ids file, as monkeysphere user su_monkeysphere_user \ - . "${SYSSHAREDIR}/process_authorized_user_ids" "'$STRICT_MODES'" - \ + . "${SYSSHAREDIR}/process_authorized_user_ids" "$STRICT_MODES" - \ < "$authorizedUserIDs" \ > "$tmpAuthorizedKeys" |