reyk/cloud-agent
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

If root, don't overwrite doas.conf

Browse source
This commit is contained in:
reykfloeter 2018-08-15 13:48:51 +02:00
parent 20e2f78f83
commit 3290c27210
1 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
agent/main.c
View file

@ -667,8 +667,6 @@ agent_configure(struct system_config *sc)
/* password */
if (sc->sc_password == NULL) {
str1 = "/PasswordAuthentication/"
"s/.*/PasswordAuthentication no/";
if (asprintf(&str2, "permit keepenv nopass %s as root\n"
"permit keepenv nopass root\n", sc->sc_username) == -1)
str2 = NULL;
@ -677,15 +675,14 @@ agent_configure(struct system_config *sc)
sc->sc_username, NULL) != 0)
log_warnx("password failed");
str1 = "/PasswordAuthentication/"
"s/.*/PasswordAuthentication yes/";
if (asprintf(&str2, "permit keepenv persist %s as root\n"
"permit keepenv nopass root\n", sc->sc_username) == -1)
str2 = NULL;
}
/* doas */
if (str2 == NULL || fileout(str2, "w", "/etc/doas.conf") != 0)
if ((strcmp("root", sc->sc_username) != 0) &&
(str2 == NULL || fileout(str2, "w", "/etc/doas.conf")) != 0)
log_warnx("doas failed");
free(str2);