diff options
author | Darren Tucker <dtucker@zip.com.au> | 2012-12-07 13:03:10 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2012-12-07 13:03:10 +1100 |
commit | 3dfb877046b40638ac7c88de9bb07091eb463205 (patch) | |
tree | b96d477ccd573ce010d847b2bda3095d72cc69bb /regress/keys-command.sh | |
parent | 96ce9a1e45a2f2a1b8be7b97fde07e629dd9fa05 (diff) | |
download | openssh-git-3dfb877046b40638ac7c88de9bb07091eb463205.tar.gz |
- dtucker@cvs.openbsd.org 2012/12/06 06:06:54
[regress/keys-command.sh]
Fix some problems with the keys-command test:
- use string comparison rather than numeric comparison
- check for existing KEY_COMMAND file and don't clobber if it exists
- clean up KEY_COMMAND file if we do create it.
- check that KEY_COMMAND is executable (which it won't be if eg /var/run
is mounted noexec).
ok djm.
Diffstat (limited to 'regress/keys-command.sh')
-rw-r--r-- | regress/keys-command.sh | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/regress/keys-command.sh b/regress/keys-command.sh index 09f4db4b..b595a434 100644 --- a/regress/keys-command.sh +++ b/regress/keys-command.sh @@ -1,4 +1,4 @@ -# $OpenBSD: keys-command.sh,v 1.1 2012/11/22 22:49:30 djm Exp $ +# $OpenBSD: keys-command.sh,v 1.2 2012/12/06 06:06:54 dtucker Exp $ # Placed in the Public Domain. tid="authorized keys from command" @@ -14,7 +14,7 @@ fi KEY_COMMAND="/var/run/keycommand_${LOGNAME}" cat << _EOF | $SUDO sh -c "cat > '$KEY_COMMAND'" #!/bin/sh -test "x\$1" -ne "x${LOGNAME}" && exit 1 +test "x\$1" != "x${LOGNAME}" && exit 1 exec cat "$OBJ/authorized_keys_${LOGNAME}" _EOF $SUDO chmod 0755 "$KEY_COMMAND" @@ -27,7 +27,13 @@ cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak echo AuthorizedKeysCommandUser ${LOGNAME} ) > $OBJ/sshd_proxy -${SSH} -F $OBJ/ssh_proxy somehost true -if [ $? -ne 0 ]; then - fail "connect failed" +if [ -x $KEY_COMMAND ]; then + ${SSH} -F $OBJ/ssh_proxy somehost true + if [ $? -ne 0 ]; then + fail "connect failed" + fi +else + echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)" fi + +$SUDO rm -f $KEY_COMMAND |