forked from tildetown/town
WIP keyfile stuff
parent
2acc042fe7
commit
e5cf8a5521
|
@ -21,6 +21,7 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"os/user"
|
"os/user"
|
||||||
"path"
|
"path"
|
||||||
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
const keyfileName = "authorized_keys2"
|
const keyfileName = "authorized_keys2"
|
||||||
|
@ -39,10 +40,15 @@ func main() {
|
||||||
sshPath := path.Join("/home", u.Username, ".ssh")
|
sshPath := path.Join("/home", u.Username, ".ssh")
|
||||||
keyfilePath := path.Join(sshPath, keyfileName)
|
keyfilePath := path.Join(sshPath, keyfileName)
|
||||||
|
|
||||||
if err = os.Mkdir(sshPath, os.FileMode(0600)); err != nil {
|
if err = os.Mkdir(sshPath, os.FileMode(0700)); err != nil {
|
||||||
quit(err.Error())
|
quit(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_, err := os.Open(keyfileName)
|
||||||
|
if err == nil {
|
||||||
|
quit(fmt.Sprintf("%s already exists", keyfileName))
|
||||||
|
}
|
||||||
|
|
||||||
f, err := os.Create(keyfilePath)
|
f, err := os.Create(keyfilePath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
quit(err.Error())
|
quit(err.Error())
|
||||||
|
@ -54,7 +60,7 @@ func main() {
|
||||||
quit(err.Error())
|
quit(err.Error())
|
||||||
}
|
}
|
||||||
|
|
||||||
stdin := []byte{}
|
stdin := make([]byte, 90000) // arbitrary limit
|
||||||
|
|
||||||
n, err := os.Stdin.Read(stdin)
|
n, err := os.Stdin.Read(stdin)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -63,6 +69,13 @@ func main() {
|
||||||
quit("nothing passed on STDIN")
|
quit("nothing passed on STDIN")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
stdin = stdin[0:n]
|
||||||
|
|
||||||
|
if !strings.HasPrefix(string(stdin), "########## GREETINGS! ##########") {
|
||||||
|
// TODO further validation?
|
||||||
|
quit(fmt.Sprintf("file contents look wrong: %s", string(stdin)))
|
||||||
|
}
|
||||||
|
|
||||||
n, err = f.Write(stdin)
|
n, err = f.Write(stdin)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
quit(err.Error())
|
quit(err.Error())
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/mail"
|
"net/mail"
|
||||||
|
@ -274,12 +275,30 @@ func createUser(data newUserData) (err error) {
|
||||||
return fmt.Errorf("usermod failed: %w", err)
|
return fmt.Errorf("usermod failed: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO create keyfile by running helper (helper should also make ~/.ssh)
|
cmd = exec.Command("sudo", "/town/bin/createkeyfile")
|
||||||
// TODO generate welcome gift
|
cmd.Stdin = bytes.NewBufferString(keyfileText(data))
|
||||||
|
if err = cmd.Run(); err != nil {
|
||||||
|
return fmt.Errorf("createkeyfile failed: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
cmd = exec.Command("sudo", "/town/bin/generate_welcome_present.sh", data.Username)
|
||||||
|
if err = cmd.Run(); err != nil {
|
||||||
|
// TODO log this. no reason to bail out.
|
||||||
|
}
|
||||||
|
|
||||||
// TODO any alerts
|
// TODO any alerts
|
||||||
return errors.New("not implemented")
|
return errors.New("not implemented")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func keyfileText(data newUserData) string {
|
||||||
|
header := `########## GREETINGS! ##########
|
||||||
|
# Hi! This file was automatically generated by tilde.town when
|
||||||
|
# your account was created. You can edit it if you want, but we
|
||||||
|
# recommend adding stuff to ~/.ssh/authorized_keys instead.`
|
||||||
|
|
||||||
|
return fmt.Sprintf("%s\n%s", header, data.PubKey)
|
||||||
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
// TODO friendlier error handling
|
// TODO friendlier error handling
|
||||||
err := _main()
|
err := _main()
|
||||||
|
|
Loading…
Reference in New Issue