/usr/share/monkeysphere/m/update_authorized_keys is in monkeysphere 0.41-1ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 | # -*-shell-script-*-
# This should be sourced by bash (though we welcome changes to make it POSIX sh compliant)
# Monkeysphere update_authorized_keys subcommand
#
# The monkeysphere scripts are written by:
# Jameson Rollins <jrollins@finestructure.net>
# Jamie McClelland <jm@mayfirst.org>
# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
#
# They are Copyright 2010, and are all released under the GPL, version
# 3 or later.
update_authorized_keys() {
local newUmask
local tmpFile
if [ ! -s "$AUTHORIZED_USER_IDS" ] ; then
log error "empty or absent authorized_user_ids file."
failure
fi
check_key_file_permissions $(whoami) "$AUTHORIZED_USER_IDS" \
|| failure "Bad permissions governing authorized_user_ids file '$AUTHORIZED_USER_IDS'"
# touch the authorized_keys file so that the file permission check
# below won't fail upon not finding the file
touch_key_file_or_fail "$AUTHORIZED_KEYS"
check_key_file_permissions $(whoami) "$AUTHORIZED_KEYS" \
|| failure "Bad permissions governing authorized_keys file $AUTHORIZED_KEYS"
lock create "$AUTHORIZED_KEYS"
# FIXME: we're discarding any pre-existing EXIT trap; is this bad?
trap "log debug TRAP; lock remove $AUTHORIZED_KEYS" EXIT
tmpFile=$(mktemp "${AUTHORIZED_KEYS}.monkeysphere.XXXXXX")
trap "log debug TRAP; lock remove $AUTHORIZED_KEYS; rm -f $tmpFile" EXIT
# remove any monkeysphere lines from authorized_keys file this is
# to insure that that all old authorized keys that are no longer
# authorized are removed
log debug "removing old monkeysphere lines..."
remove_monkeysphere_lines <"$AUTHORIZED_KEYS" >"$tmpFile" || true
process_authorized_user_ids "$tmpFile" \
< "$AUTHORIZED_USER_IDS"
if [ "$(file_hash "$AUTHORIZED_KEYS")" != "$(file_hash "$tmpFile")" ] ; then
mv -f "$tmpFile" "$AUTHORIZED_KEYS"
log verbose "authorized_keys file updated."
else
rm -f "$tmpFile"
fi
lock remove "$AUTHORIZED_KEYS"
trap - EXIT
}
|