From f7242749c484cac12aacf8bcfe19bdea72c89aaa Mon Sep 17 00:00:00 2001
From: Jameson Graef Rollins <jrollins@phys.columbia.edu>
Date: Tue, 28 Oct 2008 19:20:14 -0400
Subject: chown authorized_keys files as jrollins, and add monkeysphere tmpdir
 in SYSDATADIR, for atomic moves of authorized_keys.

---
 src/monkeysphere-server | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'src/monkeysphere-server')

diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index b6bf78b..846eb81 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -20,6 +20,11 @@ export SYSSHAREDIR
 SYSDATADIR=${MONKEYSPHERE_SYSDATADIR:-"/var/lib/monkeysphere"}
 export SYSDATADIR
 
+# monkeysphere temp directory, in sysdatadir to enable atomic moves of
+# authorized_keys files
+MSTMPDIR="${SYSDATADIR}/tmp"
+export MSTMPDIR
+
 # UTC date in ISO 8601 format if needed
 DATE=$(date -u '+%FT%T')
 
@@ -173,7 +178,7 @@ update_users() {
 	log verbose "----- user: $uname -----"
 
         # make temporary directory
-        TMPLOC=$(mktemp -d ${TMPDIR:-/tmp}/tmp.XXXXXXXXXX)
+        TMPLOC=$(mktemp -d ${MSTMPDIR}/tmp.XXXXXXXXXX)
 
 	# trap to delete temporary directory on exit
 	trap "rm -rf $TMPLOC" EXIT
@@ -244,7 +249,7 @@ update_users() {
 	    # authorized_keys file as the user in question, so the
 	    # file must be readable by that user at least.
 	    # FIXME: is there a better way to do this?
-	    chown root "$AUTHORIZED_KEYS"
+	    chown $(whoami) "$AUTHORIZED_KEYS"
 	    chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS"
 	    chmod g+r "$AUTHORIZED_KEYS"
 
-- 
cgit v1.2.3