| Age | Commit message (Collapse) | Author |
|---|
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, and gets trickier when
more than a single command is wrapped together.
This patch simplifies convoluted shell calls to contain only one command
each.
|
|
|
|
output to stdout.
|
|
This is a fairly major overhaul to greatly reduce the number of
redundant code paths. We here created a new process_keys_for_file
function that processes key from a userid for a given key file. All
the main top elevel functions now call this one function.
The main top level monkeysphere functions for updating the user's
authorized_keys and known_hosts files are now moved to their own
sourced files, which greatly reduces the amount of code sourced with
common.
monkeysphere now updates authorized_keys and known_hosts in temporary
files that are then atomically moved into place upon completion.
Finally, removed the confusing return codes in the key/file processing
functions that were based on number of valid/invalid keys processed.
It was confusing in the presence of actual errors that stopped
processing.
|
|
|
|
This function now properly outputs to stdout exactly what would have
been written to the monkeysphere-controlled authorized_keys file, but
without actually touching it.
|
|
Get rid of 'MODE' stuff, since it was not very clear and wasn't really
being used.
|
|
properly, and that we set it to a literal "false" in the tests. This should resolve the FTBFS associated with MS #659
|
|
- list_user to list all users on the system
- get_homedir to return the path to a users home directory
These functions should provide compatibility on linux, FreeBSD and
Darwin systems.
|
|
running check_key_file_permissions in update_known_hosts,
update_authorized_keys, and process_authorized_user_ids. this is
fine, since the policy is just that a user is always updating their
own files. closes monkeysphere bug #630.
|
|
users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user.
|
|
likely to collide with other common uses of $USER.
|
|
permissions. add/modify some debug messages.
|
|
this allows the common file to be sourced without reseting variables
to their defaults, which was causing a problem with
su_monkeysphere_user.
also added some more debug messages.
|
|
name of return code variable in update_users, since all-caps variables should be reserved for global vars.
|
|
tested, in case things are being run set -e
|
|
old location at /var/lib/monkeysphere/authorized_keys
|
|
|
|
Makefile as well)
|
