Add forgotten reading of ACL for all servers

3 years ago · fb145c1e96
parent 644506e891
commit fb145c1e96
1 changed files with 8 additions and 1 deletions
--- a/duma-ssh-central-auth.sh
+++ b/duma-ssh-central-auth.sh
@ -16,6 +16,7 @@ _main(){
 		echo_err "No user defined!"
 		return 1
 	fi
+	ALLOWED=0
 	user="$1"
 	# not --fqdn, it may give strange results,
 	# e.g. webinar.dumalogiya.ru -> webinar
@ -43,9 +44,15 @@ _main(){
 	ACL="${DIR}/servers/${hostname}"
 	if [ ! -f "$ACL" ] || [ ! -r "$ACL" ]; then
 		echo_err "ACL for this server does not exist or cannot be read!"
-		return 2
 	fi
 	if grep -q "^${user}$" "$ACL"; then
+		ALLOWED=1
+	else
+		if grep -q "^${user}$" "${DIR}/servers/all"; then
+			ALLOWED=1
+		fi
+	fi
+	if [ "$ALLOWED" = 1 ]; then
 		# Выводим все публичные ключи пользователя на stdout
 		# Если файлы не будут найдены, xargs сделает ненулевой код возврата
 		find "${DIR}/users/${user}" -name "*.key" -type f | xargs cat