2 # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
4 # Monkeysphere update_known_hosts subcommand
6 # The monkeysphere scripts are written by:
7 # Jameson Rollins <jrollins@finestructure.net>
8 # Jamie McClelland <jm@mayfirst.org>
9 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
11 # They are Copyright 2010, and are all released under the GPL, version
14 # update the known_hosts file for a set of hosts listed on command
16 update_known_hosts() {
21 # touch the known_hosts file so that the file permission check
22 # below won't fail upon not finding the file
23 touch_key_file_or_fail "$KNOWN_HOSTS"
24 check_key_file_permissions $(whoami) "$KNOWN_HOSTS" \
25 || failure "Bad permissions governing known_hosts file $KNOWN_HOSTS"
27 lock create "$KNOWN_HOSTS"
29 # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
30 trap "log debug TRAP; lock remove $KNOWN_HOSTS" EXIT
32 tmpFile=$(mktemp "${KNOWN_HOSTS}.monkeysphere.XXXXXX")
34 trap "log debug TRAP; lock remove $KNOWN_HOSTS; rm -f $tmpFile" EXIT
36 cat "$KNOWN_HOSTS" >"$tmpFile"
39 FILE_TYPE='known_hosts' process_keys_for_file "$tmpFile" "ssh://${host}"
41 lock touch "$KNOWN_HOSTS"
44 if [ "$(file_hash "$KNOWN_HOSTS")" != "$(file_hash "$tmpFile")" ] ; then
45 mv -f "$tmpFile" "$KNOWN_HOSTS"
46 log debug "known_hosts file updated."
51 lock remove "$KNOWN_HOSTS"
56 # process hosts from a known_hosts file
57 process_known_hosts() {
60 if [ ! -e "$KNOWN_HOSTS" ] ; then
61 failure "known_hosts file '$KNOWN_HOSTS' does not exist."
64 log debug "processing known_hosts file:"
65 log debug " $KNOWN_HOSTS"
67 hosts=$(meat "$KNOWN_HOSTS" | cut -d ' ' -f 1 | grep -v '^|.*$' | tr , ' ' | tr '\n' ' ')
69 if [ -z "$hosts" ] ; then
70 log debug "no hosts to process."
74 # take all the hosts from the known_hosts file (first
75 # field), grep out all the hashed hosts (lines starting
77 update_known_hosts $hosts