WIP keyfile stuff

pull/1/head
vilmibm 2023-03-04 00:15:12 +00:00
parent 2acc042fe7
commit e5cf8a5521
2 changed files with 36 additions and 4 deletions

View File

@ -21,6 +21,7 @@ import (
"os"
"os/user"
"path"
"strings"
)
const keyfileName = "authorized_keys2"
@ -39,10 +40,15 @@ func main() {
sshPath := path.Join("/home", u.Username, ".ssh")
keyfilePath := path.Join(sshPath, keyfileName)
if err = os.Mkdir(sshPath, os.FileMode(0600)); err != nil {
if err = os.Mkdir(sshPath, os.FileMode(0700)); err != nil {
quit(err.Error())
}
_, err := os.Open(keyfileName)
if err == nil {
quit(fmt.Sprintf("%s already exists", keyfileName))
}
f, err := os.Create(keyfilePath)
if err != nil {
quit(err.Error())
@ -54,7 +60,7 @@ func main() {
quit(err.Error())
}
stdin := []byte{}
stdin := make([]byte, 90000) // arbitrary limit
n, err := os.Stdin.Read(stdin)
if err != nil {
@ -63,6 +69,13 @@ func main() {
quit("nothing passed on STDIN")
}
stdin = stdin[0:n]
if !strings.HasPrefix(string(stdin), "########## GREETINGS! ##########") {
// TODO further validation?
quit(fmt.Sprintf("file contents look wrong: %s", string(stdin)))
}
n, err = f.Write(stdin)
if err != nil {
quit(err.Error())

View File

@ -1,6 +1,7 @@
package main
import (
"bytes"
"errors"
"fmt"
"net/mail"
@ -274,12 +275,30 @@ func createUser(data newUserData) (err error) {
return fmt.Errorf("usermod failed: %w", err)
}
// TODO create keyfile by running helper (helper should also make ~/.ssh)
// TODO generate welcome gift
cmd = exec.Command("sudo", "/town/bin/createkeyfile")
cmd.Stdin = bytes.NewBufferString(keyfileText(data))
if err = cmd.Run(); err != nil {
return fmt.Errorf("createkeyfile failed: %w", err)
}
cmd = exec.Command("sudo", "/town/bin/generate_welcome_present.sh", data.Username)
if err = cmd.Run(); err != nil {
// TODO log this. no reason to bail out.
}
// TODO any alerts
return errors.New("not implemented")
}
func keyfileText(data newUserData) string {
header := `########## GREETINGS! ##########
# Hi! This file was automatically generated by tilde.town when
# your account was created. You can edit it if you want, but we
# recommend adding stuff to ~/.ssh/authorized_keys instead.`
return fmt.Sprintf("%s\n%s", header, data.PubKey)
}
func main() {
// TODO friendlier error handling
err := _main()