From 602125ac95b971e9075f9b97b66dcbc0bb7081d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gardais=20J=C3=A9r=C3=A9my?= Date: Wed, 25 Jan 2023 11:23:36 +0100 Subject: [PATCH] Rename pubkey if everything is fine --- duplicati/add.ssh.pubkey.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/duplicati/add.ssh.pubkey.sh b/duplicati/add.ssh.pubkey.sh index 19e7c92..7c41061 100755 --- a/duplicati/add.ssh.pubkey.sh +++ b/duplicati/add.ssh.pubkey.sh @@ -335,7 +335,6 @@ Create authorized_keys file for ${USER_NAME} (${RED}${USER_AUTHORIZED_KEYS_FILE} ## If pubkey is already in authorized_keys file {{{ ## --fixed-strings to be able to manage backslash ### AND Ensure it's set with the right options - ### AND Exit the script if grep --fixed-strings --word-regexp --quiet -- "${SSH_PUBKEY}" "${USER_AUTHORIZED_KEYS_FILE}"; then sed -i "s|.*${SSH_PUBKEY}.*|${SSH_PUBKEY_OPTION} ${SSH_PUBKEY}|" "${USER_AUTHORIZED_KEYS_FILE}" \ || error_message "Error during SSH_PUBKEY replacement with expected options in authorized_keys file (${USER_AUTHORIZED_KEYS_FILE})." 31 @@ -349,10 +348,13 @@ Create authorized_keys file for ${USER_NAME} (${RED}${USER_AUTHORIZED_KEYS_FILE} debug_message "The given pubkey is now present in authorized_keys file (${RED}${USER_AUTHORIZED_KEYS_FILE}${COLOR_DEBUG}) with expected permissions." fi ## }}} - ## If the key is present, exit with success {{{ + ## If the key is present {{{ ## --fixed-strings to be able to manage backslash if grep --fixed-strings --word-regexp --quiet -- "${SSH_PUBKEY_OPTION} ${SSH_PUBKEY}" "${USER_AUTHORIZED_KEYS_FILE}"; then - printf "%b" "The given pubkey (${RED}${SSH_PUBKEY_FILE}${RESET}) for ${RED}${USER_NAME}${RESET} user was successfully added to it's authorized_keys file (${RED}${USER_AUTHORIZED_KEYS_FILE}${COLOR_DEBUG})." \ + ## Rename the pubkey file to keep a trace + ## AND exit with success + printf "%b\n" "The given pubkey (${RED}${SSH_PUBKEY_FILE}${RESET}) for ${RED}${USER_NAME}${RESET} user was successfully added to it's authorized_keys file (${RED}${USER_AUTHORIZED_KEYS_FILE}${COLOR_DEBUG})." \ + && mv --force -- "${SSH_PUBKEY_FILE}" "${SSH_PUBKEY_FILE}.done.${USER_NAME}" \ && exit 0 else error_message "Error with verification of user authorized_keys content (${USER_AUTHORIZED_KEYS_FILE}). Can't detect the new SSH_PUBKEY." 33