+# update the known_hosts file for a set of hosts listed on command
+# line
+update_known_hosts() {
+ local host
+ local returnCode
+
+ # default return code is 0, which assumes a key was found for
+ # every host. code will be set to 1 if a key is not found for at
+ # least one host
+ returnCode=0
+
+ # set the trap to remove any lockfiles on exit
+ trap "lockfile-remove $KNOWN_HOSTS" EXIT
+
+ # create a lockfile on known_hosts
+ lockfile-create "$KNOWN_HOSTS"
+
+ for host ; do
+ # process the host, change return code if host key not found
+ process_host_known_hosts "$host" || returnCode=1
+
+ # touch the lockfile, for good measure.
+ lockfile-touch --oneshot "$KNOWN_HOSTS"
+ done
+
+ # remove the lockfile
+ lockfile-remove "$KNOWN_HOSTS"
+
+ return "$returnCode"
+}
+
+# process known_hosts file, going through line-by-line, extract each
+# host, and process with the host processing function
+process_known_hosts() {
+ local returnCode
+
+ # default return code is 0, which assumes a key was found for
+ # every host. code will be set to 1 if a key is not found for at
+ # least one host
+ returnCode=0
+
+ # take all the hosts from the known_hosts file (first field), grep
+ # out all the hashed hosts (lines starting with '|')...
+ for line in $(cat "$KNOWN_HOSTS" | meat | cut -d ' ' -f 1 | grep -v '^|.*$') ; do
+ # break up hosts into separate words
+ update_known_hosts $(echo "$line" | tr , ' ') || returnCode=1
+ done
+
+ return "$returnCode"
+}
+
+# process uids for the authorized_keys file