diff options
| author | Colin Guthrie <colin@mageia.org> | 2015-02-06 08:04:35 +0000 |
|---|---|---|
| committer | Colin Guthrie <colin@mageia.org> | 2015-02-06 08:04:38 +0000 |
| commit | cf688362c5b3f6efee011f57b51e4e32a03fcd93 (patch) | |
| tree | 3284e5a2215af7fc017ac27c6bc3600a1533335e /modules/openssh | |
| parent | 53b9c5728c70e6cab5a291188043fda797122eb4 (diff) | |
| download | puppet-cf688362c5b3f6efee011f57b51e4e32a03fcd93.tar puppet-cf688362c5b3f6efee011f57b51e4e32a03fcd93.tar.gz puppet-cf688362c5b3f6efee011f57b51e4e32a03fcd93.tar.bz2 puppet-cf688362c5b3f6efee011f57b51e4e32a03fcd93.tar.xz puppet-cf688362c5b3f6efee011f57b51e4e32a03fcd93.zip | |
openssh: Ensure ownership is set correctly on authorized_keys
This was highlighted by a problem encountered by Nicolas Salguero.
Many thanks for your patience.
Diffstat (limited to 'modules/openssh')
| -rwxr-xr-x | modules/openssh/templates/ldap-sshkey2file.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/openssh/templates/ldap-sshkey2file.py b/modules/openssh/templates/ldap-sshkey2file.py index 1c474038..475030ec 100755 --- a/modules/openssh/templates/ldap-sshkey2file.py +++ b/modules/openssh/templates/ldap-sshkey2file.py @@ -90,6 +90,11 @@ def write_keys(keys, user, uid, gid): os.chmod(tmpname, 0600) os.chown(tmpname, uid, gid) shutil.move(tmpname, keyfile) + # Hmm, aparently shutil.move does not preserve user/group so lets reapply + # them. I still like doing it before as this should be more "automic" + # if it actually worked, so it's "good practice", even if shutil.move sucks + os.chown(keyfile, uid, gid) + os.chmod(keyfile, 0600) return True return False |