You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
|
|
|
|
|
set -efu
|
|
|
|
|
|
|
|
|
|
DIRS="${PWD};@DATADIR@/duma-ssh-central-auth"
|
|
|
|
|
|
|
|
|
|
echo_err(){
|
|
|
|
|
echo "$@" 1>&2
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Коды возврата:
|
|
|
|
|
# 1 - некая ошибка
|
|
|
|
|
# 2 - отказ в доступе
|
|
|
|
|
_main(){
|
|
|
|
|
if [ -z "$1" ]; then
|
|
|
|
|
echo_err "No user defined!"
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
ALLOWED=0
|
|
|
|
|
user="$1"
|
|
|
|
|
# not --fqdn, it may give strange results,
|
|
|
|
|
# e.g. webinar.dumalogiya.ru -> webinar
|
|
|
|
|
hostname="$(hostname)"
|
|
|
|
|
if [ -z "$hostname" ]; then
|
|
|
|
|
echo_err "Empty hostname!"
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
IFS_old="$IFS"
|
|
|
|
|
IFS=";"
|
|
|
|
|
# При запуске из папки с исходным кодом использовать ее,
|
|
|
|
|
# иначе - общесистемную папку
|
|
|
|
|
DIR=""
|
|
|
|
|
for dir in ${DIRS}
|
|
|
|
|
do
|
|
|
|
|
if [ -d "$dir"/users ] && [ -d "$dir"/servers ]; then
|
|
|
|
|
DIR="$dir"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
IFS="$IFS_old"
|
|
|
|
|
if [ -z "$DIR" ]; then
|
|
|
|
|
echo_err "No directory with data has been found!"
|
|
|
|
|
return 1
|
|
|
|
|
fi
|
|
|
|
|
ACL="${DIR}/servers/${hostname}"
|
|
|
|
|
if [ ! -f "$ACL" ] || [ ! -r "$ACL" ]; then
|
|
|
|
|
echo_err "ACL for this server does not exist or cannot be read!"
|
|
|
|
|
fi
|
|
|
|
|
if grep -q "^${user}$" "$ACL"; then
|
|
|
|
|
ALLOWED=1
|
|
|
|
|
else
|
|
|
|
|
if grep -q "^${user}$" "${DIR}/servers/all"; then
|
|
|
|
|
ALLOWED=1
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
if [ "$ALLOWED" = 1 ]; then
|
|
|
|
|
# Выводим все публичные ключи пользователя на stdout
|
|
|
|
|
# Если файлы не будут найдены, xargs сделает ненулевой код возврата
|
|
|
|
|
find -L "${DIR}/users/${user}" -name "*.key" -type f | xargs cat
|
|
|
|
|
else
|
|
|
|
|
echo_err "User ${user} does not have access to ${hostname}!"
|
|
|
|
|
return 2
|
|
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
_main "$*"
|