Age | Commit message (Collapse) | Author |
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, but not impossible:
Bourne-derived shells treat single-quoting literally, which means that
shell command arguments (i.e. an array of strings) should be safe to
serialize (dual-quote) using these simple rules:
b) each single-quote inside each string is escaped as '\''
a) each string is surrounded by single-quotes
This patch applies above single-quote serialization for
su_monkeysphere_user(), and adapts ma/update_users $STRICT_MODES on
line 82 to match.
If serialization routine should turn out to be broken, it will
therefore only affect $STRICT_MODES in ma/update_users badly. All other
variables passed through su_monkeysphere_user() should not possibly be
treated any worse than previous non-quoting.
|
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
This patch improves argument passing like this:
a) Each argument is passed individually (not all as a single string)
b) Arguments containing no variables are not quoted
c) Dynamic arguments are double-quoted ( "$@" )
Due to su_monkeysphere_user() expanding arguments using "$*" (not "$@")
arguments are mostly¹ coollapsed into single strings, and this change is
therefore only cosmetic.
It does improve clarity, however. Also, it eases switching to safer
quoted arguments in the future.
¹As sole excepion ma/update_users line 82 has $STRICT_MODES dual-quoted.
|
|
It is a healthy coding practice to keep each argument separate when
executing system calls, i.e. quote each variable separately instead of
relying on whitespace to indicate argument separation.
Quoting shell-inside-shell is tricky to do right, and gets trickier when
more than a single command is wrapped together.
This patch simplifies convoluted shell calls to contain only one command
each.
|
|
files (thanks, Jonas!)
|
|
|
|
|
|
output to stdout.
|
|
This is a fairly major overhaul to greatly reduce the number of
redundant code paths. We here created a new process_keys_for_file
function that processes key from a userid for a given key file. All
the main top elevel functions now call this one function.
The main top level monkeysphere functions for updating the user's
authorized_keys and known_hosts files are now moved to their own
sourced files, which greatly reduces the amount of code sourced with
common.
monkeysphere now updates authorized_keys and known_hosts in temporary
files that are then atomically moved into place upon completion.
Finally, removed the confusing return codes in the key/file processing
functions that were based on number of valid/invalid keys processed.
It was confusing in the presence of actual errors that stopped
processing.
|
|
|
|
This function now properly outputs to stdout exactly what would have
been written to the monkeysphere-controlled authorized_keys file, but
without actually touching it.
|
|
|
|
This is an attempt to fix #600304 by properly passing the string
litteral in to be processed, instead of escaping problematic
characters.
|
|
90166e0bb8e4ebc1c1174d9bc2021c604b7a1bd7
There were another calls to gpg_sphere that were packing everything
into a single argument. Since we fixed the need to do that, we fix
all these other calls that were fixed in the first round.
|
|
This subcommand will output all valid key for a given user. The
user's authorized_user_ids file will be read for OpenPGP user IDs, one
per line. The ssh-formated RSA keys will be output to stdout.
Also included is a simple script that takes the user as it's one
argument and exec's this command. This is something that would be
suitable for the proposed sshd AuthorizedKeysCommand.
|
|
and mh (closes MS #2288)
|
|
|
|
|
|
|
|
Get rid of 'MODE' stuff, since it was not very clear and wasn't really
being used.
|
|
|
|
properly, and that we set it to a literal "false" in the tests. This should resolve the FTBFS associated with MS #659
|
|
|
|
|
|
The monkeysphere group is now determined from the system "groups"
command, and then MONKEYSPHERE_GROUP is explicitly set from this, and
then used when setting group ownership.
|
|
- list_user to list all users on the system
- get_homedir to return the path to a users home directory
These functions should provide compatibility on linux, FreeBSD and
Darwin systems.
|
|
|
|
|
|
shown gpg noise.
|
|
|
|
running check_key_file_permissions in update_known_hosts,
update_authorized_keys, and process_authorized_user_ids. this is
fine, since the policy is just that a user is always updating their
own files. closes monkeysphere bug #630.
|
|
users authorized_user_ids file, we should only check filesystem permissions against the monkeysphere user, not the target user.
|
|
likely to collide with other common uses of $USER.
|
|
permissions. add/modify some debug messages.
|
|
this allows the common file to be sourced without reseting variables
to their defaults, which was causing a problem with
su_monkeysphere_user.
also added some more debug messages.
|
|
|
|
if it cannot write to stdout. Because we are setting pipefail, this causes the pipeline checking for any certifiers to return untrue. solution? do not use -q, and send the output to /dev/null
|
|
|
|
name of return code variable in update_users, since all-caps variables should be reserved for global vars.
|
|
|
|
|
|
functions that are doing that sort of thing
|
|
found when adding by using key ID.
|
|
tested, in case things are being run set -e
|
|
|
|
|
|
add_revoker and add_certifier to many similar procedures, so I'm
trying to keep them in sync as I figure out the right way to handle
things.
|
|
|
|
|
|
|
|
|