small bug fix, and readbility improvements

[monkeysphere.git] / src / share / common

diff --git a/src/share/common b/src/share/common
index c10e71b5c3f87485ef9e64966db50a3af8948a8d..3f71719f8fe4cbbb35c8ed45e8a0b6cd06368eb2 100644 (file)
--- a/src/share/common
+++ b/src/share/common
@@ -887,6 +887,7 @@ update_known_hosts() {
     local nHostsBAD
     local fileCheck
     local host
+    local newUmask
 
     # the number of hosts specified on command line
     nHosts="$#"
@@ -897,12 +898,19 @@ update_known_hosts() {
     # touch the known_hosts file so that the file permission check
     # below won't fail upon not finding the file
     if [ ! -f "$KNOWN_HOSTS" ]; then
-       [ -d $(dirname "$KNOWN_HOSTS") ] || mkdir -m 0700 $(dirname "$KNOWN_HOSTS")
-       touch "$KNOWN_HOSTS"
+       # make sure to create any files or directories with the appropriate write bits turned off:
+       newUmask=$(printf "%04o" $(( 0$(umask) | 0022 )) )
+       [ -d $(dirname "$KNOWN_HOSTS") ] \
+           || (umask "$newUmask" && mkdir -p -m 0700 $(dirname "$KNOWN_HOSTS") ) \
+           || failure "Could not create path to known_hosts file '$KNOWN_HOSTS'"
+       # make sure to create this file with the appropriate bits turned off:
+       (umask "$newUmask" && touch "$KNOWN_HOSTS") \
+           || failure "Unable to create known_hosts file '$KNOWN_HOSTS'"
     fi
 
     # check permissions on the known_hosts file path
-    check_key_file_permissions $(whoami) "$KNOWN_HOSTS" || failure
+    check_key_file_permissions $(whoami) "$KNOWN_HOSTS" \
+       || failure "Bad permissions governing known_hosts file '$KNOWN_HOSTS'"
 
     # create a lockfile on known_hosts:
     lock create "$KNOWN_HOSTS"
@@ -910,7 +918,7 @@ update_known_hosts() {
     trap "lock remove $KNOWN_HOSTS" EXIT
 
     # note pre update file checksum
-    fileCheck="$(file_hash "$KNOWN_HOSTS")"
+    fileCheck=$(file_hash "$KNOWN_HOSTS")
 
     for host ; do
        # process the host