2 # This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
4 # Monkeysphere update_authorized_keys subcommand
6 # The monkeysphere scripts are written by:
7 # Jameson Rollins <jrollins@finestructure.net>
8 # Jamie McClelland <jm@mayfirst.org>
9 # Daniel Kahn Gillmor <dkg@fifthhorseman.net>
11 # They are Copyright 2010, and are all released under the GPL, version
14 update_authorized_keys() {
17 log debug "updating authorized_keys file:"
18 log debug " $AUTHORIZED_KEYS"
20 check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" || failure
21 check_key_file_permissions $(whoami) "$AUTHORIZED_USER_IDS" || failure
23 lock create "$AUTHORIZED_KEYS"
25 # FIXME: we're discarding any pre-existing EXIT trap; is this bad?
26 trap "lock remove $AUTHORIZED_KEYS" EXIT
28 tmpFile=$(mktemp "${AUTHORIZED_KEYS}.monkeysphere.XXXXXX")
30 trap "lock remove $AUTHORIZED_KEYS; rm -f $tmpFile" EXIT
32 # remove any monkeysphere lines from authorized_keys file this is
33 # to insure that that all old authorized keys that are no longer
34 # authorized are removed
35 remove_monkeysphere_lines "$AUTHORIZED_KEYS" > "$tmpFile"
37 process_authorized_user_ids "$tmpFile" \
38 < "$AUTHORIZED_USER_IDS"
40 if [ "$(file_hash "$AUTHORIZED_KEYS")" != "$(file_hash "$tmpFile")" ] ; then
41 mv -f "$tmpFile" "$AUTHORIZED_KEYS"
42 log verbose "authorized_keys file updated."
47 lock remove "$AUTHORIZED_KEYS"