Merge pull request #205 from asteven/issue/205

__ssh_authorized_keys resets owner and permissions of the ~/.ssh/authorized_keys file when removing an existing/updated entry
12 years ago · 393d335f40
parent 58f19df386 d166224e68
commit 393d335f40
1 changed files with 5 additions and 3 deletions
--- a/cdist/conf/type/__ssh_authorized_keys/gencode-remote
+++ b/cdist/conf/type/__ssh_authorized_keys/gencode-remote
@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# 2012 Steven Armstrong (steven-cdist at armstrong.cc)
+# 2012-2013 Steven Armstrong (steven-cdist at armstrong.cc)
 #
 # This file is part of cdist.
 #
@ -24,7 +24,7 @@ if [ -f "$__object/parameter/file" ]; then
 else
   home="$(cut -d':' -f 6 "$__object/explorer/passwd")"
   file="$home/.ssh/authorized_keys"
-fi 
+fi

 entry="$__object/files/entry"
 if [ ! -s "$__object/explorer/entry" ]; then
@ -47,7 +47,9 @@ remove_entry() {
   prefix="#cdist:$__object_name"
   suffix="#/cdist:$__object_name"
   cat << DONE
-tmpfile=\$(mktemp)
+tmpfile=\$(mktemp ${file}.cdist.XXXXXXXXXX)
+# preserve ownership and permissions by copying existing file over tmpfile
+cp -p "$file" "\$tmpfile"
 awk -v prefix="$prefix" -v suffix="$suffix" '
 {
   if (index(\$0,prefix)) {