From 2da3ad926459a271cf568c4355d16f2d8a8596ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gardais=20J=C3=A9r=C3=A9my?= Date: Mon, 6 Feb 2023 15:33:18 +0100 Subject: [PATCH] Fix acl on .ssh\* files --- duplicati/install.windows10.dsi.ps1 | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/duplicati/install.windows10.dsi.ps1 b/duplicati/install.windows10.dsi.ps1 index a5897e7..3a56b58 100644 --- a/duplicati/install.windows10.dsi.ps1 +++ b/duplicati/install.windows10.dsi.ps1 @@ -194,8 +194,7 @@ Try { [String]$NOMMACHINE = "$ENV:COMPUTERNAME" [String]$ENTITE = 'IPR' - $GetWMIObject = Get-WMIObject Win32_ComputerSystem -Computername $NOMMACHINE - [String]$CurrentUser = ($GetWMIObject.UserName).Substring(3,($GetWMIObject.UserName).length-3) + [String]$CurrentUser = (Get-WmiObject -Class win32_computersystem | Select-Object -ExpandProperty username).split('\')[1] # Ménage @@ -244,7 +243,7 @@ Try { ssh-keygen -t ed25519 -f "D:\Home\$CurrentUser\Duplicati\.ssh\duplicati_id_ed25519" -q -N '""' Write-Log -Message "Création des clefs SSH ed25519 IPR" -Component $CurrentScript -LogFile $LogFile - Send-MailMessage -SmtpServer smtpint.univ-rennes1.fr -From "$CurrentUser@univ-rennes.fr" -To IPR.ADMIN.EMAIL@univ-rennes.fr -Subject "$Hostname $CurrentUser - Nouvelle clef Duplicati" -Attachments D:\Home\$CurrentUser\Duplicati\.ssh\duplicati_id_ed25519.pub + Send-MailMessage -SmtpServer smtpint.univ-rennes1.fr -From "$CurrentUser@univ-rennes1.fr" -To IPR.ADMIN.EMAIL@listes.univ-rennes1.fr -Subject "$Hostname $CurrentUser - Nouvelle clef Duplicati" -Attachments D:\Home\$CurrentUser\Duplicati\.ssh\duplicati_id_ed25519.pub } $fichier = $fichier -replace "TARGETURLUR", "ssh://duplicati.ipr.univ-rennes1.fr//home//$CurrentUser//$NOMMACHINE//?auth-username=$CurrentUser&ssh-fingerprint=ssh-ed25519 32 4A:2D:A0:5F:66:7A:D5:3A:F4:B2:63:EC:EE:1E:D0:21&ssh-keyfile=D:\\Home\\$CurrentUser\\Duplicati\\.ssh\\duplicati_id_ed25519" } @@ -255,13 +254,16 @@ Try { ssh-keygen -t rsa -f "D:\Home\$CurrentUser\Duplicati\.ssh\id_rsa_duplicati" -q -N '""' Write-Log -Message "Création des clefs SSH RSA FOTON" -Component $CurrentScript -LogFile $LogFile - Send-MailMessage -SmtpServer smtpint.univ-rennes1.fr -From "$CurrentUser@univ-rennes.fr" -To FOTON.ADMIN.EMAIL@univ-rennes.fr -Subject "$Hostname $CurrentUser - Nouvelle clef Duplicati" -Attachments D:\Home\$CurrentUser\Duplicati\.ssh\duplicati_id_ed25519.pub + Send-MailMessage -SmtpServer smtpint.univ-rennes1.fr -From "$CurrentUser@univ-rennes1.fr" -To FOTON.ADMIN.EMAIL@univ-rennes.fr -Subject "$Hostname $CurrentUser - Nouvelle clef Duplicati" -Attachments D:\Home\$CurrentUser\Duplicati\.ssh\duplicati_id_ed25519.pub } $fichier = $fichier -replace "TARGETURLUR", "ssh://bkpdop.univ-rennes1.fr//mnt//datastore_backuppc//duplicati//$CurrentUser.$NOMMACHINE//?auth-username=$CurrentUser&ssh-fingerprint=ssh-rsa 2048 02:b9:38:a6:17:66:ba:90:e0:be:bb:7e:fb:a7:e6:14&ssh-keyfile=D:\\Home\\$CurrentUser\\Duplicati\\.ssh\\id_rsa_duplicati" } } + #Donne les droits à l'utilisateur courant aux clés ssh générées. + get-acl "D:\Home\$CurrentUser" | set-acl D:\Home\$CurrentUser\Duplicati\.ssh\* + $fichier = $fichier -replace "SESAME",$CurrentUser $Fichier | set-content "D:\Home\$CurrentUser\Duplicati\sauvegarde.duplicati.config.json"