+++ /dev/null
-#!/bin/bash
-#
-# ssh-keysync-merge
-#
-# Merge the client ssh host keys to one file
-#
-# Maximilian Wilhelm <mwilhelm@math.uni-paderborn.de>
-# -- Sat, 17 Apr 2004 17:21:09 +0200
-#
-
-if [ "${USE_OLD_SSH_KEYSYNC_MERGE}" != "Yes, I will." ]; then
- cat << EOF >&2
-This version of ssh-keysync-merge is deprecheated.
-
-If you *really* want to use this version, set \$USE_OLD_SSH_KEYSYNC_MERGE to
-"Yes, I will." and run it again.
-
-However, we encourage you to use the newer version...
-If not allready automagically done, run 'upgrade_sshkeysync' to upgrade
-your installation.
-EOF
-
- exit 0
-fi
-
-# Be verbose by default
-debug=1
-
-# Environment (to be checked!)
-CONFIG_FILE="/etc/rbm/ssh-keysync-server.conf"
-BASE_DIR="/var/cache/ssh-keysync"
-KEY_FILES_DIR="${BASE_DIR}/keys"
-KNOWN_HOSTS="${BASE_DIR}/ssh_known_hosts"
-KNOWN_HOSTS_OLD="${KNOWN_HOSTS}.old"
-
-VALID_USER="skeysync"
-
-# Check some things
-init()
-{
- if [ -f ${CONFIG_FILE} -a -r ${CONFIG_FILE} ]; then
- if ! source ${CONFIG_FILE}; then
- echo "Failed to load config file \"${CONFIG_FILE}\", exiting." >&2
- exit 1
- fi
- else
- echo "Unable to load config file \"${CONFIG_FILE}\". File does not exist or is not accessable, exiting." >&2
- exit 1;
- fi
-
-
- # Who has called us?
- if [ `whoami` != "${VALID_USER}" ]; then
- echo "Script `basename $0` can only be run as user \"${VALID_USER}\"." >&2
- exit 1;
- fi
-
- # Is there room for us?
- for dir in "${BASE_DIR}" "${KEY_FILES_DIR}"; do
- if [ ! -d "${dir}" ]; then
- echo "The directory ${dir} does not exist, but is neccessary for this script to work!" >&2
- echo -n "Please create ${dir}" >&2
- [ "${dir}" == "${BASE_DIR}" ] && echo " and allow user '${VALID_USER}' to write there." >&2
- echo ""
- exit 1;
- fi
- done
-
- # DOMAIN_LIST given?
- if [ -z "${DOMAIN_LIST}" ]; then
- echo "Error: DOMAIN_LIST not set in $0!" >&2
- echo "Please edit ${CONFIG_FILE} an set DOMAIN_LIST to the correct value." >&2
- exit 1
- fi
-}
-
-
-# Merge all client host keys
-merge()
-{
- if [ `ls "${KEY_FILES_DIR}"/*.key 2>/dev/null | wc -l` == 0 ]; then
- echo "No client host keys available, aborting" >&2
- exit 0;
- else
-
- [ "${debug}" ] && echo -n "Merging client hosts keys "
-
-
- # create an empty file, if there is no known_hosts file
- [ ! -f "${KNOWN_HOSTS}" ] && touch "${KNOWN_HOSTS}"
- # Make backup of old ssh_known_hosts file
- mv "${KNOWN_HOSTS}" "${KNOWN_HOSTS_OLD}"
- [ "${debug}" ] && echo -n "."
-
-
- # Go to the working directory
- cd "${KEY_FILES_DIR}"
- [ "${debug}" ] && echo -n ". "
-
-
- echo "# ssh_known_hosts generated by ssh-keysync-merge at "$(date +%d.%m.%Y) > ${KNOWN_HOSTS}
- echo "# " >> "${KNOWN_HOSTS}"
-
- # Building new one
- for file in *.key; do
- convert_file "${file}" >> "${KNOWN_HOSTS}"
- [ "${debug}" ] && echo -n "."
- done
-
- [ "${debug}" ] && echo " done."
- fi
-}
-
-
-
-# convert host key into the right format
-#
-# convert_file <hostname>.<keytype>
-convert_file()
-{
- if [ $# == 1 ]; then
- # get all needed information
- HOST=$(echo $1 | cut -d. -f1);
- IP=`host ${HOST} | awk '{ print $NF }'`
-
- expr="s/,/,${HOST}./g"
-# HOSTNAMES="${HOST},${HOST}."`echo ${DOMAIN_LIST} | tr -d '[:space:]' | sed -e "${expr}"`",${IP}"
- HOSTNAMES="${HOST},${HOST}.`echo ${DOMAIN_LIST} | sed -e ${expr}`,${IP}"
-
- # make sure that ${HOSTNAMES} does not include any white spaces
- # and appand one white space at the end of ${HOSTNAMES}, to
- # seperate the following key
- echo -n ${HOSTNAMES} | tr -d '[:space:]'
- echo -n " "
- cat "${1}"
- else
- echo "Usage: convert_file <hostname>.<type>" >&2
- fi
-}
-
-# Compare present and last version of ssh_known_hosts
-diff_files()
-{
- [ "${debug}" ] && echo -n "Comparing present and last version of knonw_hosts: "
-
- # Create a tempfile
- TEMPFILE=`tempfile -d /tmp -s skeysync`
- touch "${TEMPFILE}"
-
- # one first run, there will not be an old file
- if [ ! -f "${KNOWN_HOSTS_OLD}" ]; then
- touch "${KNOWN_HOSTS_OLD}"
- fi
-
- diff -u "${KNOWN_HOSTS_OLD}" "${KNOWN_HOSTS}" > "${TEMPFILE}"
-
- if [ -s "${TEMPFILE}" ]; then
- # There are differences...
- if [ `grep -c '^-# ssh_known_hosts\|^+# ssh_known_hosts' "${TEMPFILE}"` == 2 ]; then
- echo "Attention: Files are different!"
- echo "==============================="
- echo ""
- cat "${TEMPFILE}"
- rm "${TEMPFILE}"
- return 1
- fi
- else
- # Nothing changed
- [ "${debug}" ] && echo "equal."
- "rm ${TEMPFILE}"
- return 0
- fi
-
-}
-
-
-# Put ssh_known_hosts file in public web dir
-publish()
-{
- [ "${debug}" ] && echo -n "Putting ssh_known_hosts into web directory: "
- cp "${KNOWN_HOSTS}" "${BASE_DIR}/pub"
- [ "${debug}" ] && echo " done."
-}
-
-
-# Print a little help message
-help()
-{
- echo "Usage: $0 [ -quiet ] [ -help ]"
- echo " -quiet Only show warnings"
- echo " -help Print this help"
- exit 0
-}
-
-# What to do
-while [ $# -gt 0 ]; do
- case "$1" in
- -quiet) unset debug ;;
- -help) help ;;
- *) help;;
- esac
- shift
-done
-
-#
-# Let the show begin
-#
-
-# everything ok?
-init
-
-# build the file
-merge
-
-# publish it
-publish
-
-# if file has changed, send mail
-diff_files
projects / ssh-keysync.git / commitdiff