[__ssh_authorized_keys] Better path checks
This commit is contained in:
Dennis Camera
parent
95ab68a272
commit
259aa13b6a
|
|
@ -20,30 +20,42 @@
|
||||||
#
|
#
|
||||||
|
|
||||||
if [ -f "$__object/parameter/file" ]; then
|
if [ -f "$__object/parameter/file" ]; then
|
||||||
cat "$__object/parameter/file"
|
cat "$__object/parameter/file"
|
||||||
else
|
else
|
||||||
if [ -s "$__object/parameter/owner" ]
|
if [ -s "$__object/parameter/owner" ]
|
||||||
then
|
then
|
||||||
owner=$(cat "$__object/parameter/owner")
|
owner=$(cat "$__object/parameter/owner")
|
||||||
else
|
else
|
||||||
owner="$__object_id"
|
owner="$__object_id"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if command -v getent >/dev/null
|
if command -v getent >/dev/null
|
||||||
then
|
then
|
||||||
owner_line=$(getent passwd "$owner")
|
owner_line=$(getent passwd "$owner")
|
||||||
else
|
elif [ -f /etc/passwd ]
|
||||||
case $owner
|
then
|
||||||
in
|
case $owner
|
||||||
[0-9][0-9]*)
|
in
|
||||||
owner_line=$(awk -F: "\$3 == \"${owner}\" { print }" /etc/passwd)
|
[0-9][0-9]*)
|
||||||
;;
|
owner_line=$(awk -F: "\$3 == \"${owner}\" { print }" /etc/passwd)
|
||||||
*)
|
;;
|
||||||
owner_line=$(awk -F: "\$1 == \"${owner}\" { print }" /etc/passwd)
|
*)
|
||||||
;;
|
owner_line=$(awk -F: "\$1 == \"${owner}\" { print }" /etc/passwd)
|
||||||
esac
|
;;
|
||||||
fi
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
home=$(echo "$owner_line" | cut -d':' -f6)
|
if [ "$owner_line" ]
|
||||||
echo "$home/.ssh/authorized_keys"
|
then
|
||||||
|
home=$(echo "$owner_line" | cut -d':' -f6)
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -d "$home" ]
|
||||||
|
then
|
||||||
|
# Don't know how to determine user's home directory, fall back to ~
|
||||||
|
home="~$owner"
|
||||||
|
command -v realpath >/dev/null && home=$(realpath "$home")
|
||||||
|
fi
|
||||||
|
|
||||||
|
[ -d "$home" ] && echo "$home/.ssh/authorized_keys"
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
|
|
@ -23,6 +23,12 @@ owner="$(cat "$__object/parameter/owner" 2>/dev/null || echo "$__object_id")"
|
||||||
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
state="$(cat "$__object/parameter/state" 2>/dev/null)"
|
||||||
file="$(cat "$__object/explorer/file")"
|
file="$(cat "$__object/explorer/file")"
|
||||||
|
|
||||||
|
if [ ! -f "$__object/parameter/nofile" ] && [ -z "$file" ]
|
||||||
|
then
|
||||||
|
echo "Cannot determine path of authorized_keys file" >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then
|
if [ ! -f "$__object/parameter/noparent" ] || [ ! -f "$__object/parameter/nofile" ]; then
|
||||||
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
group="$(cut -d':' -f 1 "$__object/explorer/group")"
|
||||||
if [ -z "$group" ]; then
|
if [ -z "$group" ]; then
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue