mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-27 13:39:19 -05:00
* Ensure .ssh dir exists before rewriting public keys * Ensure .ssh dir exists before appending to authorized_keys * Log the error because it would be useful to know where it is trying to MkdirAll * Only try to create RootPath if it's not empty
This commit is contained in:
parent
f2a3abc683
commit
300d9a1c70
1 changed files with 24 additions and 0 deletions
|
@ -358,6 +358,18 @@ func appendAuthorizedKeysToFile(keys ...*PublicKey) error {
|
||||||
sshOpLocker.Lock()
|
sshOpLocker.Lock()
|
||||||
defer sshOpLocker.Unlock()
|
defer sshOpLocker.Unlock()
|
||||||
|
|
||||||
|
if setting.SSH.RootPath != "" {
|
||||||
|
// First of ensure that the RootPath is present, and if not make it with 0700 permissions
|
||||||
|
// This of course doesn't guarantee that this is the right directory for authorized_keys
|
||||||
|
// but at least if it's supposed to be this directory and it doesn't exist and we're the
|
||||||
|
// right user it will at least be created properly.
|
||||||
|
err := os.MkdirAll(setting.SSH.RootPath, 0700)
|
||||||
|
if err != nil {
|
||||||
|
log.Error("Unable to MkdirAll(%s): %v", setting.SSH.RootPath, err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")
|
fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")
|
||||||
f, err := os.OpenFile(fPath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600)
|
f, err := os.OpenFile(fPath, os.O_CREATE|os.O_WRONLY|os.O_APPEND, 0600)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -645,6 +657,18 @@ func rewriteAllPublicKeys(e Engine) error {
|
||||||
sshOpLocker.Lock()
|
sshOpLocker.Lock()
|
||||||
defer sshOpLocker.Unlock()
|
defer sshOpLocker.Unlock()
|
||||||
|
|
||||||
|
if setting.SSH.RootPath != "" {
|
||||||
|
// First of ensure that the RootPath is present, and if not make it with 0700 permissions
|
||||||
|
// This of course doesn't guarantee that this is the right directory for authorized_keys
|
||||||
|
// but at least if it's supposed to be this directory and it doesn't exist and we're the
|
||||||
|
// right user it will at least be created properly.
|
||||||
|
err := os.MkdirAll(setting.SSH.RootPath, 0700)
|
||||||
|
if err != nil {
|
||||||
|
log.Error("Unable to MkdirAll(%s): %v", setting.SSH.RootPath, err)
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")
|
fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")
|
||||||
tmpPath := fPath + ".tmp"
|
tmpPath := fPath + ".tmp"
|
||||||
t, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
t, err := os.OpenFile(tmpPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
||||||
|
|
Loading…
Reference in a new issue