cleanup update_known_hosts
authorJameson Rollins <jrollins@finestructure.net>
Mon, 18 Oct 2010 22:21:55 +0000 (18:21 -0400)
committerJameson Rollins <jrollins@finestructure.net>
Mon, 18 Oct 2010 22:21:55 +0000 (18:21 -0400)
* don't update if unchanged
* proper trap setting
* cleanup comments

src/share/m/update_known_hosts

index 58cf78ad689f6f5a20381d3e232c6278f0d81bb2..a0311186cca972f74d70753332003568447285c3 100644 (file)
@@ -32,36 +32,33 @@ update_known_hosts() {
            || failure "Unable to create known_hosts file '$KNOWN_HOSTS'"
     fi
 
-    # check permissions on the known_hosts file path
     check_key_file_permissions $(whoami) "$KNOWN_HOSTS" \
        || failure "Bad permissions governing known_hosts file '$KNOWN_HOSTS'"
 
-    # create a lockfile on known_hosts:
     lock create "$KNOWN_HOSTS"
 
-    # make temp file
+    # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
+    trap "lock remove $KNOWN_HOSTS" EXIT
+
     tmpFile=$(mktemp "${KNOWN_HOSTS}.monkeysphere.XXXXXX")
 
-    # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
     trap "lock remove $KNOWN_HOSTS; rm -f $tmpFile" EXIT
 
     for host ; do
        FILE_TYPE='known_hosts' process_keys_for_file "$tmpFile" "ssh://${host}"
 
-       # touch the lockfile, for good measure.
        lock touch "$KNOWN_HOSTS"
     done
 
-    # note if the authorized_keys file was updated
     if [ "$(file_hash "$KNOWN_HOSTS")" != "$(file_hash "$tmpFile")" ] ; then
+       mv -f "$tmpFile" "$KNOWN_HOSTS"
        log debug "known_hosts file updated."
+    else
+       rm -f "$tmpFile"
     fi
-    mv -f "$tmpFile" "$KNOWN_HOSTS"
 
-    # remove the lockfile and the trap
     lock remove "$KNOWN_HOSTS"
 
-    # remove the trap
     trap - EXIT
 }
 
@@ -69,7 +66,6 @@ update_known_hosts() {
 process_known_hosts() {
     local hosts
 
-    # exit if the known_hosts file does not exist
     if [ ! -e "$KNOWN_HOSTS" ] ; then
        failure "known_hosts file '$KNOWN_HOSTS' does not exist."
     fi