[X2Go-Commits] [live-build-x2go] 16/28: added check so key copy routine only runs when "copysecring" boot parameter is set
git-admin at x2go.org
git-admin at x2go.org
Sat Nov 18 02:33:06 CET 2017
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch feature/openbox-magic-pixel-workaround
in repository live-build-x2go.
commit 8e4c1743743dd1262897ccb25e72b6120ea2e08d
Author: Stefan Baur <kontakt at baur-itcs.de>
Date: Tue Nov 7 23:34:41 2017 +0100
added check so key copy routine only runs when "copysecring" boot parameter is set
---
.../lib/live/config/2270-getsshclientkeysfrommedia | 190 +++++++++++----------
1 file changed, 96 insertions(+), 94 deletions(-)
diff --git a/config/includes.chroot/lib/live/config/2270-getsshclientkeysfrommedia b/config/includes.chroot/lib/live/config/2270-getsshclientkeysfrommedia
index 19ebfbe..3bbf516 100755
--- a/config/includes.chroot/lib/live/config/2270-getsshclientkeysfrommedia
+++ b/config/includes.chroot/lib/live/config/2270-getsshclientkeysfrommedia
@@ -6,110 +6,112 @@ GetSSHClientKeysFromMedia ()
# Output startup message
#
echo -n " getsshclientkeysfrommedia"
- (
-
- # This script is for using the iso-hybrid image along with the "second partition" patch
- # or other suitable storage media. When used with the iso-hybrid image for X2Go in portable mode,
- # it allows you to share ssh secret keys between X2GoClient for Windows in portable
- # mode and the X2Go-ThinClientEnvironment on the same USB media using different partitions.
- # It also allows you to use USB media with your key on it together with a net-booted Debian Live, for example.
-
- while ! [ -c /dev/tty8 ] ; do
- echo -n "\n$(date +'%F | %T | ')'$0' is waiting for tty8 to become available."
- sleep 2
- done
-
- while ! [ -e /var/lib/live/config/opensshkeys ] ; do
- echo -n "\n$(date +'%F | %T | ')'$0' is waiting for getsshhostkeysfrommedia to finish."
- sleep 2
- done
-
- # Homedir of user account
- #
- USERHOME=$(getent passwd 1000 | awk -F':' '{ print $6 }')
-
- # nudge automounter, in case device was already plugged in at power-up
- if udevadm trigger --action=add ; then
- echo -n "\n$(date +'%F | %T | ')'$0' Successfully nudged udev-automounter." | tee -a /dev/tty8
- else
- echo -n "\n$(date +'%F | %T | ')'$0' Error while nudging udev-automounter." | tee -a /dev/tty8
- fi
-
- # list devices (and mountpoints, if present)
- X2GOTCELIVELABELS=$(lsblk -oLABEL,NAME,MOUNTPOINT -l | awk '$3~/^[^\/]/ && $3="" ; $1=="X2GO-TCE-LIVE" { print $2 " " $3}')
-
- # support for legacy label value
- PORTABLEAPPLABELS=$(lsblk -oLABEL,NAME,MOUNTPOINT -l | awk '$3~/^[^\/]/ && $3="" ; $1=="PORTABLEAPP" { print $2 " " $3}')
-
- # block device list, removable first (we want USB media to be able to override keys on fixed disks)
- BLOCKDEVS=$(grep -H '' /sys/block/*/removable | awk -F':' '{ print $2 ":" $1}' | sort -r | awk -F'/' '{print $4}')
-
- check_for_config (){
- if [ -d $1/config/ssh ] || [ -d $1/ssh ] || [ -d $1/.ssh ]; then
- echo -n "\n$(date +'%F | %T | ')'$0' Keyfile directory found at '$1/config/ssh', '$1//ssh', or '$1/./ssh'." | tee -a /dev/tty8
- # create .ssh-Directory in case it doesn't exist
- #
- mkdir -p $(readlink -m "$USERHOME/.ssh/")
-
- # any keyfile in the config dir will be copied over to live system
- #
- for KEYFILE in $1/config/ssh/* $1/ssh/* $1/.ssh/* ; do
- ([ -f "$KEYFILE" ] && [ -s "$KEYFILE" ]) || continue
- egrep -q "BEGIN .*(PRIVATE|PUBLIC) KEY" "$KEYFILE" || continue
- echo -n "\n$(date +'%F | %T | ')'$0' Keyfile '$KEYFILE' found, copying and adjusting ownership and permissions on destination." | tee -a /dev/tty8
- KEYDESTPATH="$USERHOME/.ssh/$(basename "$KEYFILE")"
- touch "$KEYDESTPATH"
- chown user:user \
- $KEYDESTPATH
- chmod 600 $KEYDESTPATH
- cat $(readlink -m "$KEYFILE")>$KEYDESTPATH
+ if grep -q "\W*copysecring\W*" /proc/cmdline ; then
+ (
+
+ # This script is for using the iso-hybrid image along with the "second partition" patch
+ # or other suitable storage media. When used with the iso-hybrid image for X2Go in portable mode,
+ # it allows you to share ssh secret keys between X2GoClient for Windows in portable
+ # mode and the X2Go-ThinClientEnvironment on the same USB media using different partitions.
+ # It also allows you to use USB media with your key on it together with a net-booted Debian Live, for example.
+
+ while ! [ -c /dev/tty8 ] ; do
+ echo -n "\n$(date +'%F | %T | ')'$0' is waiting for tty8 to become available."
+ sleep 2
+ done
+ while ! [ -e /var/lib/live/config/opensshkeys ] ; do
+ echo -n "\n$(date +'%F | %T | ')'$0' is waiting for getsshhostkeysfrommedia to finish."
+ sleep 2
done
- # this is so the path name in the sessions file matches again
- # (cannot use .ssh on FAT, for example)
+ # Homedir of user account
#
- ln -s $USERHOME/.ssh $USERHOME/ssh
-
- return 0
- else
- return 1
- fi
- }
-
- for BLOCKDEV in $BLOCKDEVS; do
- NEXTDEVICE=$(echo "$X2GOTCELIVELABELS\n$PORTABLEAPPLABELS" | grep "$BLOCKDEV")
- if [ -n "$NEXTDEVICE" ] ; then
- MNTPT=$(echo $NEXTDEVICE | awk '{print $2}')
- NEXTDEVICE=$(echo $NEXTDEVICE | awk '{print $1}')
-
- if [ -n "$MNTPT" ] ; then
- echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is mounted at: '$MNTPT'" | tee -a /dev/tty8
- if check_for_config $MNTPT ; then
- touch /var/lib/live/config/opensshclientkeys
- exit 0
- fi
- else
- echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is not mounted." | tee -a /dev/tty8
- if grep -q "^0$" /sys/block/*/removable ; then
- echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is a fixed disk, mounting ..." | tee -a /dev/tty8
- mkdir -p /media/fixeddisks/$NEXTDEVICE
- mount -o ro /dev/$NEXTDEVICE /media/fixeddisks/$NEXTDEVICE
- if check_for_config /media/fixeddisks/$NEXTDEVICE ; then
- umount /media/fixeddisks/$NEXTDEVICE
+ USERHOME=$(getent passwd 1000 | awk -F':' '{ print $6 }')
+
+ # nudge automounter, in case device was already plugged in at power-up
+ if udevadm trigger --action=add ; then
+ echo -n "\n$(date +'%F | %T | ')'$0' Successfully nudged udev-automounter." | tee -a /dev/tty8
+ else
+ echo -n "\n$(date +'%F | %T | ')'$0' Error while nudging udev-automounter." | tee -a /dev/tty8
+ fi
+
+ # list devices (and mountpoints, if present)
+ X2GOTCELIVELABELS=$(lsblk -oLABEL,NAME,MOUNTPOINT -l | awk '$3~/^[^\/]/ && $3="" ; $1=="X2GO-TCE-LIVE" { print $2 " " $3}')
+
+ # support for legacy label value
+ PORTABLEAPPLABELS=$(lsblk -oLABEL,NAME,MOUNTPOINT -l | awk '$3~/^[^\/]/ && $3="" ; $1=="PORTABLEAPP" { print $2 " " $3}')
+
+ # block device list, removable first (we want USB media to be able to override keys on fixed disks)
+ BLOCKDEVS=$(grep -H '' /sys/block/*/removable | awk -F':' '{ print $2 ":" $1}' | sort -r | awk -F'/' '{print $4}')
+
+ check_for_config (){
+ if [ -d $1/config/ssh ] || [ -d $1/ssh ] || [ -d $1/.ssh ]; then
+ echo -n "\n$(date +'%F | %T | ')'$0' Keyfile directory found at '$1/config/ssh', '$1//ssh', or '$1/./ssh'." | tee -a /dev/tty8
+ # create .ssh-Directory in case it doesn't exist
+ #
+ mkdir -p $(readlink -m "$USERHOME/.ssh/")
+
+ # any keyfile in the config dir will be copied over to live system
+ #
+ for KEYFILE in $1/config/ssh/* $1/ssh/* $1/.ssh/* ; do
+ ([ -f "$KEYFILE" ] && [ -s "$KEYFILE" ]) || continue
+ egrep -q "BEGIN .*(PRIVATE|PUBLIC) KEY" "$KEYFILE" || continue
+ echo -n "\n$(date +'%F | %T | ')'$0' Keyfile '$KEYFILE' found, copying and adjusting ownership and permissions on destination." | tee -a /dev/tty8
+ KEYDESTPATH="$USERHOME/.ssh/$(basename "$KEYFILE")"
+ touch "$KEYDESTPATH"
+ chown user:user \
+ $KEYDESTPATH
+ chmod 600 $KEYDESTPATH
+ cat $(readlink -m "$KEYFILE")>$KEYDESTPATH
+
+ done
+
+ # this is so the path name in the sessions file matches again
+ # (cannot use .ssh on FAT, for example)
+ #
+ ln -s $USERHOME/.ssh $USERHOME/ssh
+
+ return 0
+ else
+ return 1
+ fi
+ }
+
+ for BLOCKDEV in $BLOCKDEVS; do
+ NEXTDEVICE=$(echo "$X2GOTCELIVELABELS\n$PORTABLEAPPLABELS" | grep "$BLOCKDEV")
+ if [ -n "$NEXTDEVICE" ] ; then
+ MNTPT=$(echo $NEXTDEVICE | awk '{print $2}')
+ NEXTDEVICE=$(echo $NEXTDEVICE | awk '{print $1}')
+
+ if [ -n "$MNTPT" ] ; then
+ echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is mounted at: '$MNTPT'" | tee -a /dev/tty8
+ if check_for_config $MNTPT ; then
touch /var/lib/live/config/opensshclientkeys
exit 0
fi
- umount /media/fixeddisks/$NEXTDEVICE
else
- echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is a removable disk, not mounted by automounter, skipping." | tee -a /dev/tty8
- :
+ echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is not mounted." | tee -a /dev/tty8
+ if grep -q "^0$" /sys/block/*/removable ; then
+ echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is a fixed disk, mounting ..." | tee -a /dev/tty8
+ mkdir -p /media/fixeddisks/$NEXTDEVICE
+ mount -o ro /dev/$NEXTDEVICE /media/fixeddisks/$NEXTDEVICE
+ if check_for_config /media/fixeddisks/$NEXTDEVICE ; then
+ umount /media/fixeddisks/$NEXTDEVICE
+ touch /var/lib/live/config/opensshclientkeys
+ exit 0
+ fi
+ umount /media/fixeddisks/$NEXTDEVICE
+ else
+ echo -n "\n$(date +'%F | %T | ')'$0' Device '$NEXTDEVICE' is a removable disk, not mounted by automounter, skipping." | tee -a /dev/tty8
+ :
+ fi
fi
fi
- fi
- done
- touch /var/lib/live/config/opensshclientkeys
- ) &
+ done
+ touch /var/lib/live/config/opensshclientkeys
+ ) &
+ fi
}
GetSSHClientKeysFromMedia
--
Alioth's /srv/git/code.x2go.org/live-build-x2go.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/live-build-x2go.git
More information about the x2go-commits
mailing list