diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/share/common | 19 | ||||
-rw-r--r-- | src/share/m/update_authorized_keys | 23 | ||||
-rw-r--r-- | src/share/m/update_known_hosts | 18 |
3 files changed, 38 insertions, 22 deletions
diff --git a/src/share/common b/src/share/common index d286145..0f760c3 100644 --- a/src/share/common +++ b/src/share/common @@ -383,6 +383,23 @@ test_gpg_expire() { echo "$1" | egrep -q "^[0-9]+[mwy]?$" } +# touch a key file if it doesn't exist, including creating needed +# directories with correct permissions +touch_key_file_or_fail() { + local keyFile="$1" + if [ ! -f "$keyFile" ]; then + # make sure to create files and directories with the + # appropriate write bits turned off: + newUmask=$(printf "%04o" $(( 0$(umask) | 0022 )) ) + [ -d $(dirname "$keyFile") ] \ + || (umask "$newUmask" && mkdir -p -m 0700 $(dirname "$keyFile") ) \ + || failure "Could not create path to $keyFile" + # make sure to create this file with the appropriate bits turned off: + (umask "$newUmask" && touch "$keyFile") \ + || failure "Unable to create $keyFile" + fi +} + # check that a file is properly owned, and that all it's parent # directories are not group/other writable check_key_file_permissions() { @@ -886,7 +903,7 @@ process_authorized_user_ids() { fi ;; (*) - ((nline++)) + ((++nline)) userIDs[${nline}]="$line" unset koptions[${nline}] || true ;; diff --git a/src/share/m/update_authorized_keys b/src/share/m/update_authorized_keys index 5449951..7fae9cd 100644 --- a/src/share/m/update_authorized_keys +++ b/src/share/m/update_authorized_keys @@ -12,27 +12,36 @@ # 3 or later. update_authorized_keys() { + local newUmask local tmpFile - log debug "updating authorized_keys file:" - log debug " $AUTHORIZED_KEYS" + if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then + log error "empty or absent authorized_user_ids file." + failure + fi + check_key_file_permissions $(whoami) "$AUTHORIZED_USER_IDS" \ + || failure "Bad permissions governing authorized_user_ids file '$AUTHORIZED_USER_IDS'" - check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" || failure - check_key_file_permissions $(whoami) "$AUTHORIZED_USER_IDS" || failure + # touch the authorized_keys file so that the file permission check + # below won't fail upon not finding the file + touch_key_file_or_fail "$AUTHORIZED_KEYS" + check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" \ + || failure "Bad permissions governing authorized_keys file $AUTHORIZED_KEYS" lock create "$AUTHORIZED_KEYS" # FIXME: we're discarding any pre-existing EXIT trap; is this bad? - trap "lock remove $AUTHORIZED_KEYS" EXIT + trap "log debug TRAP; lock remove $AUTHORIZED_KEYS" EXIT tmpFile=$(mktemp "${AUTHORIZED_KEYS}.monkeysphere.XXXXXX") - trap "lock remove $AUTHORIZED_KEYS; rm -f $tmpFile" EXIT + trap "log debug TRAP; lock remove $AUTHORIZED_KEYS; rm -f $tmpFile" EXIT # remove any monkeysphere lines from authorized_keys file this is # to insure that that all old authorized keys that are no longer # authorized are removed - remove_monkeysphere_lines <"$AUTHORIZED_KEYS" >"$tmpFile" + log debug "removing old monkeysphere lines..." + remove_monkeysphere_lines <"$AUTHORIZED_KEYS" >"$tmpFile" || true process_authorized_user_ids "$tmpFile" \ < "$AUTHORIZED_USER_IDS" diff --git a/src/share/m/update_known_hosts b/src/share/m/update_known_hosts index 737666d..57176b8 100644 --- a/src/share/m/update_known_hosts +++ b/src/share/m/update_known_hosts @@ -21,28 +21,18 @@ update_known_hosts() { # touch the known_hosts file so that the file permission check # below won't fail upon not finding the file - if [ ! -f "$KNOWN_HOSTS" ]; then - # make sure to create any files or directories with the appropriate write bits turned off: - newUmask=$(printf "%04o" $(( 0$(umask) | 0022 )) ) - [ -d $(dirname "$KNOWN_HOSTS") ] \ - || (umask "$newUmask" && mkdir -p -m 0700 $(dirname "$KNOWN_HOSTS") ) \ - || failure "Could not create path to known_hosts file '$KNOWN_HOSTS'" - # make sure to create this file with the appropriate bits turned off: - (umask "$newUmask" && touch "$KNOWN_HOSTS") \ - || failure "Unable to create known_hosts file '$KNOWN_HOSTS'" - fi - + touch_key_file_or_fail "$KNOWN_HOSTS" check_key_file_permissions $(whoami) "$KNOWN_HOSTS" \ - || failure "Bad permissions governing known_hosts file '$KNOWN_HOSTS'" + || failure "Bad permissions governing known_hosts file $KNOWN_HOSTS" lock create "$KNOWN_HOSTS" # FIXME: we're discarding any pre-existing EXIT trap; is this bad? - trap "lock remove $KNOWN_HOSTS" EXIT + trap "log debug TRAP; lock remove $KNOWN_HOSTS" EXIT tmpFile=$(mktemp "${KNOWN_HOSTS}.monkeysphere.XXXXXX") - trap "lock remove $KNOWN_HOSTS; rm -f $tmpFile" EXIT + trap "log debug TRAP; lock remove $KNOWN_HOSTS; rm -f $tmpFile" EXIT cat "$KNOWN_HOSTS" >"$tmpFile" |