From 2be7543af6a883d1e08790a12ed3345f6519f15a Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 12 Feb 2009 13:33:17 -0500 Subject: add some debug logging to some common functions --- src/share/common | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'src/share/common') diff --git a/src/share/common b/src/share/common index 2a20c1c..d60631e 100644 --- a/src/share/common +++ b/src/share/common @@ -136,6 +136,7 @@ lock() { else lockfile -r 20 "${file}.lock" || failure "unable to lock '$file'" fi + log debug "lock created on '$file'." ;; touch) if [ -n "$use_lockfileprogs" ] ; then @@ -143,6 +144,7 @@ lock() { else : Nothing to do here fi + log debug "lock touched on '$file'." ;; remove) if [ -n "$use_lockfileprogs" ] ; then @@ -150,6 +152,7 @@ lock() { else rm -f "${file}.lock" fi + log debug "lock removed on '$file'." ;; *) failure "bad argument for lock subfunction '$action'" @@ -430,6 +433,8 @@ check_key_file_permissions() { uname="$1" path="$2" + log debug "checking path permission '$path'..." + # return 255 if cannot stat file if ! stat=$(ls -ld "$path" 2>/dev/null) ; then log error "could not stat path '$path'." @@ -1018,6 +1023,8 @@ update_authorized_keys() { # remove the lockfile and the trap lock remove "$AUTHORIZED_KEYS" + + # remove the trap trap - EXIT # note if the authorized_keys file was updated -- cgit v1.2.3 From c27c0ad208919590a118d5f271d28b044beea9bb Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 12 Feb 2009 18:59:01 -0500 Subject: fix the su_monkeysphere_user function so that it does 'bash -c' instead of 'eval', if the user already is the monkeysphere user, so that a proper subshell is invoked. --- src/share/common | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/share/common') diff --git a/src/share/common b/src/share/common index d60631e..42df684 100644 --- a/src/share/common +++ b/src/share/common @@ -95,7 +95,7 @@ su_monkeysphere_user() { # if the current user is the monkeysphere user, then just eval # command if [ $(id -un) = "$MONKEYSPHERE_USER" ] ; then - eval "$@" + bash -c "$@" # otherwise su command as monkeysphere user else -- cgit v1.2.3 From f85639e234d72429a2d848b1b875d615a47bf120 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Tue, 17 Feb 2009 19:07:24 -0500 Subject: add test to su_monkeysphere_user to check that the user is monkeysphere user or root, and fail otherwise. this is so that there is no password prompt for unpriviledged users (see bug #519). --- src/share/common | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) (limited to 'src/share/common') diff --git a/src/share/common b/src/share/common index 42df684..773c11f 100644 --- a/src/share/common +++ b/src/share/common @@ -92,15 +92,22 @@ log() { # run command as monkeysphere user su_monkeysphere_user() { - # if the current user is the monkeysphere user, then just eval - # command - if [ $(id -un) = "$MONKEYSPHERE_USER" ] ; then - bash -c "$@" + case $(id -un) in + # if monkeysphere user, run the command under bash + "$MONKEYSPHERE_USER") + bash -c "$@" + ;; - # otherwise su command as monkeysphere user - else - su "$MONKEYSPHERE_USER" -c "$@" - fi + # if root, su command as monkeysphere user + 'root') + su "$MONKEYSPHERE_USER" -c "$@" + ;; + + # otherwise, fail + *) + log error "non-privileged user." + ;; + esac } # cut out all comments(#) and blank lines from standard input -- cgit v1.2.3