fi
if [ "$priority" = "$level" -a "$output" = 'true' ] ; then
if [ "$1" ] ; then
- echo -n "ms: " >&2
- echo "$@" >&2
+ echo "$@"
else
- cat >&2
- fi
+ cat
+ fi | sed 's/^/'"${LOG_PREFIX}"'/' >&2
fi
done
}
file="$1"
- if [ -z "$file" ] ; then
+ # return error if file does not exist
+ if [ ! -e "$file" ] ; then
return 1
fi
- if [ ! -e "$file" ] ; then
- return 1
+ # just return ok if the file is empty, since there aren't any
+ # lines to remove
+ if [ ! -s "$file" ] ; then
+ return 0
fi
tempfile=$(mktemp "${file}.XXXXXXX") || \
# return 1 if path has invalid owner
if [ "$owner" != "$uname" -a "$owner" != 'root' ] ; then
- log error "improper ownership on path '$path'."
+ log error "improper ownership on path '$path':"
+ log error " $owner != ($uname|root)"
return 1
fi
# return 2 if path has group or other writability
if is_write "$gAccess" || is_write "$oAccess" ; then
- log error "improper group or other writability on path '$path'."
+ log error "improper group or other writability on path '$path':"
+ log error " group: $gAccess, other: $oAcess"
return 2
fi
if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
log verbose " * acceptable primary key."
if [ -z "$sshKey" ] ; then
- log error " ! primary key could not be translated (not RSA or DSA?)."
+ log error " ! primary key could not be translated (not RSA?)."
else
echo "0:${sshKey}"
fi
else
log debug " - unacceptable primary key."
if [ -z "$sshKey" ] ; then
- log debug " ! primary key could not be translated (not RSA or DSA?)."
+ log debug " ! primary key could not be translated (not RSA?)."
else
echo "1:${sshKey}"
fi
if [ "$keyOK" -a "$uidOK" -a "$lastKeyOK" ] ; then
log verbose " * acceptable sub key."
if [ -z "$sshKey" ] ; then
- log error " ! sub key could not be translated (not RSA or DSA?)."
+ log error " ! sub key could not be translated (not RSA?)."
else
echo "0:${sshKey}"
fi
else
log debug " - unacceptable sub key."
if [ -z "$sshKey" ] ; then
- log debug " ! sub key could not be translated (not RSA or DSA?)."
+ log debug " ! sub key could not be translated (not RSA?)."
else
echo "1:${sshKey}"
fi
(umask 0022 && touch "$KNOWN_HOSTS")
# check permissions on the known_hosts file path
- check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure
+ check_key_file_permissions $(whoami) "$KNOWN_HOSTS" || failure
# create a lockfile on known_hosts:
lock create "$KNOWN_HOSTS"
log debug " $AUTHORIZED_KEYS"
# check permissions on the authorized_keys file path
- check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" || failure
+ check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" || failure
# create a lockfile on authorized_keys
lock create "$AUTHORIZED_KEYS"
log debug " $authorizedUserIDs"
# check permissions on the authorized_user_ids file path
- check_key_file_permissions "$USER" "$authorizedUserIDs" || failure
+ check_key_file_permissions $(whoami) "$authorizedUserIDs" || failure
if ! meat "$authorizedUserIDs" > /dev/null ; then
log debug " no user IDs to process."