From: Jameson Graef Rollins Date: Mon, 28 Jul 2008 05:24:31 +0000 (-0700) Subject: Don't fail when authorized_user_ids or known_hosts files are not found. X-Git-Tag: monkeysphere_0.5-1~1 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;ds=sidebyside;h=acb3000647031defca23b38d85e48954085a4d2a;p=monkeysphere.git Don't fail when authorized_user_ids or known_hosts files are not found. --- diff --git a/debian/changelog b/debian/changelog index 4f3c905..adfed52 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,9 @@ monkeysphere (0.5-1) experimental; urgency=low * Tweak how empty authorized_user_ids and known_hosts files are handled. + * Do not fail when authorized_user_ids or known_hosts file is not found. - -- Jameson Graef Rollins Sun, 27 Jul 2008 12:03:30 -0700 + -- Jameson Graef Rollins Sun, 27 Jul 2008 22:24:23 -0700 monkeysphere (0.4-1) experimental; urgency=low diff --git a/src/monkeysphere b/src/monkeysphere index 3f127e6..cd77193 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -203,8 +203,9 @@ case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') MODE='known_hosts' + # check permissions on the known_hosts file path if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then - failure "Improper permissions on known_hosts file." + failure "Improper permissions on known_hosts file path." fi # if hosts are specified on the command line, process just @@ -216,8 +217,10 @@ case $COMMAND in # otherwise, if no hosts are specified, process every host # in the user's known_hosts file else + # exit if the known_hosts file does not exist if [ ! -e "$KNOWN_HOSTS" ] ; then - failure "known_hosts file '$KNOWN_HOSTS' does not exist." + log "known_hosts file '$KNOWN_HOSTS' does not exist." + exit fi process_known_hosts @@ -228,13 +231,20 @@ case $COMMAND in 'update-authorized_keys'|'update-authorized-keys'|'a') MODE='authorized_keys' - # fail if the authorized_user_ids file is empty - if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then - failure "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." + # check permissions on the authorized_user_ids file path + if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then + failure "Improper permissions on authorized_user_ids file path." fi - if ! check_key_file_permissions "$USER" "$AUTHORIZED_USER_IDS" ; then - failure "Improper permissions on authorized_user_ids file." + # check permissions on the authorized_keys file path + if ! check_key_file_permissions "$USER" "$AUTHORIZED_KEYS" ; then + failure "Improper permissions on authorized_keys file path." + fi + + # exit if the authorized_user_ids file is empty + if [ ! -e "$AUTHORIZED_USER_IDS" ] ; then + log "authorized_user_ids file '$AUTHORIZED_USER_IDS' does not exist." + exit fi # process authorized_user_ids file diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 19b457f..ce80059 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -143,13 +143,15 @@ update_users() { log "----- user: $uname -----" + # exit if the authorized_user_ids file is empty if ! check_key_file_permissions "$uname" "$AUTHORIZED_USER_IDS" ; then - log "Improper permissions on authorized_user_ids file." + log "Improper permissions on authorized_user_ids file path." continue fi + # check permissions on the authorized_keys file path if ! check_key_file_permissions "$uname" "$RAW_AUTHORIZED_KEYS" ; then - log "Improper permissions on authorized_keys file." + log "Improper permissions on authorized_keys file path path." continue fi @@ -206,8 +208,7 @@ update_users() { chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS" chmod g+r "$AUTHORIZED_KEYS" - # if the resulting authorized_keys file is not empty, move - # it into place + # move the resulting authorized_keys file into place mv -f "$AUTHORIZED_KEYS" "${VARLIB}/authorized_keys/${uname}" # destroy temporary directory