From: Jameson Graef Rollins Date: Wed, 29 Oct 2008 02:32:56 +0000 (-0400) Subject: touch known_hosts file in monkeysphere so that permission checking X-Git-Tag: monkeysphere_0.18-1~5 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=4af6e62dee8d977ab52f16b61d38051175655082;p=monkeysphere.git touch known_hosts file in monkeysphere so that permission checking down't fail. remove spurios directory in monkeysphere.dirs. more work on test suite. --- diff --git a/debian/monkeysphere.dirs b/debian/monkeysphere.dirs index b2bd77c..cfafe15 100644 --- a/debian/monkeysphere.dirs +++ b/debian/monkeysphere.dirs @@ -10,4 +10,3 @@ usr/share/man/man1 usr/share/man/man5 usr/share/man/man8 etc/monkeysphere -etc/monkeysphere/authorized_user_ids diff --git a/src/monkeysphere b/src/monkeysphere index 5703995..7e800cc 100755 --- a/src/monkeysphere +++ b/src/monkeysphere @@ -318,10 +318,12 @@ case $COMMAND in 'update-known_hosts'|'update-known-hosts'|'k') MODE='known_hosts' + # touch the known_hosts file so that the file permission check + # below won't fail upon not finding the file + (umask 0022 && touch "$KNOWN_HOSTS") + # check permissions on the known_hosts file path - if ! check_key_file_permissions "$USER" "$KNOWN_HOSTS" ; then - failure "Improper permissions on known_hosts file path." - fi + check_key_file_permissions "$USER" "$KNOWN_HOSTS" || failure # if hosts are specified on the command line, process just # those hosts diff --git a/tests/basic b/tests/basic index 1f4930f..ec92e1a 100755 --- a/tests/basic +++ b/tests/basic @@ -104,19 +104,19 @@ cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ # set up environment for testuser -export HOME="$TEMPDIR"/testuser -export GNUPGHOME="$HOME"/.gnupg -export SSH_ASKPASS="$HOME"/.ssh/askpass -export MONKEYSPHERE_HOME="$HOME"/.monkeysphere - -cat <> "$HOME"/.ssh/config -UserKnownHostsFile $HOME/.ssh/known_hosts -IdentityFile $HOME/.ssh/no-such-identity -ProxyCommand $HOME/.ssh/proxy-command %h %p $SOCKET +TESTHOME="$TEMPDIR"/testuser +export GNUPGHOME="$TESTHOME"/.gnupg +export SSH_ASKPASS="$TESTHOME"/.ssh/askpass +export MONKEYSPHERE_HOME="$TESTHOME"/.monkeysphere + +cat <> "$TESTHOME"/.ssh/config +UserKnownHostsFile $TESTHOME/.ssh/known_hosts +IdentityFile $TESTHOME/.ssh/no-such-identity +ProxyCommand $TESTHOME/.ssh/proxy-command %h %p $SOCKET EOF cat <> "$MONKEYSPHERE_HOME"/monkeysphere.conf -KNOWN_HOSTS=$HOME/.ssh/known_hosts +KNOWN_HOSTS=$TESTHOME/.ssh/known_hosts EOF get_gpg_prng_arg >> "$GNUPGHOME"/gpg.conf @@ -128,7 +128,7 @@ EOF ### SERVER TESTS -# setup monkeysphere temp gnupghome directories +# setup monkeysphere directories mkdir -p -m 750 "$MONKEYSPHERE_SYSDATADIR"/gnupg-host mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/authorized_keys @@ -195,7 +195,7 @@ ssh_test # authorized_keys file, this is to make sure that the ssh # authentication FAILS... echo "### removing testuser authorized_user_ids and reupdating authorized_keys..." -rm -f "$TEMPDIR"/testuser/.monkeysphere/authorized_user_ids +rm -f "$TESTHOME"/.monkeysphere/authorized_user_ids monkeysphere-server update-users $(whoami) # make sure the user can NOT connect diff --git a/tests/home/testuser/.monkeysphere/monkeysphere.conf b/tests/home/testuser/.monkeysphere/monkeysphere.conf index 59cc0cf..dbe0233 100644 --- a/tests/home/testuser/.monkeysphere/monkeysphere.conf +++ b/tests/home/testuser/.monkeysphere/monkeysphere.conf @@ -1,3 +1,5 @@ # monkeysphere config for testuser in monkeysphere test suite +LOG_LEVEL=DEBUG + # KNOWN_HOSTS will be dynamically defined after creation.