blob: 9b81812de74117fd24f6026d4c3fcf872dd9e59f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
# frozen_string_literal: true
module SystemCheck
module App
class AuthorizedKeysPermissionCheck < SystemCheck::BaseCheck
set_name 'Is authorized keys file accessible?'
set_skip_reason 'skipped (authorized keys not enabled)'
def skip?
!authorized_keys_enabled?
end
def check?
authorized_keys.accessible?
end
def repair!
authorized_keys.create
end
def show_error
try_fixing_it(
[
"sudo chmod 700 #{File.dirname(authorized_keys.file)}",
"touch #{authorized_keys.file}",
"sudo chmod 600 #{authorized_keys.file}"
])
fix_and_rerun
end
private
def authorized_keys_enabled?
Gitlab::CurrentSettings.current_application_settings.authorized_keys_enabled
end
def authorized_keys
@authorized_keys ||= Gitlab::AuthorizedKeys.new
end
end
end
end
|