From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Mon, 23 Jun 2008 23:09:25 +0000 (-0400)
Subject: authorized_keys files appear to need to be readable by the user logging in.
X-Git-Tag: monkeysphere_0.2-1~2
X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=0fac6a0db5524d6b9824ef205bdd809ad762fd32;hp=438d1fa8881a1f8359b5e91932bf42addefbffca;p=monkeysphere.git

authorized_keys files appear to need to be readable by the user logging in.
---

diff --git a/src/monkeysphere-server b/src/monkeysphere-server
index 11e593b..35e0096 100755
--- a/src/monkeysphere-server
+++ b/src/monkeysphere-server
@@ -231,6 +231,13 @@ case $COMMAND in
 		fi
 	    fi
 
+            # openssh appears to check the contents of the
+            # authorized_keys file as the user in question, so the file
+            # must be readable by that user at least.
+            # FIXME: is there a better way to do this?
+            chgrp $(getent passwd "$uname" | cut -f4 -d:) "$AUTHORIZED_KEYS"
+            chmod g+r "$AUTHORIZED_KEYS"
+
 	    # move the temp authorized_keys file into place
 	    mv -f "$AUTHORIZED_KEYS" "${CACHE}/authorized_keys/${uname}"