glusterfs

1
#!/bin/bash
2

3
user=$1
4
pub_file=$2
5

6
if [ "$user" == "" ]; then
7
    echo "Invalid User";
8
    exit 1;
9
fi
10

11
if [ "$pub_file" == "" ]; then
12
    echo "Invalid pub file";
13
    exit 1;
14
fi
15

16
home_dir=`getent passwd $user | cut -d ':' -f 6`;
17

18
if [ "$home_dir" == "" ]; then
19
    echo "Invalid home dir";
20
    exit 1;
21
fi
22

23
authorized_keys_file=$(cat /etc/ssh/sshd_config | \
24
                              grep -e "^AuthorizedKeysFile" | \
25
                              awk '{print $2}' | tail -1);
26

27
# If not set, use default location
28
if [ "x$authorized_keys_file" == "x" ]; then
29
    authorized_keys_file="%h/.ssh/authorized_keys"
30
fi
31

32
# If default location
33
if [ "$authorized_keys_file" == ".ssh/authorized_keys" ]; then
34
    authorized_keys_file="%h/$authorized_keys_file"
35
fi
36

37
# Replace %u with user name (ex: /etc/ssh/keys/%u/authorized_keys)
38
authorized_keys_file="${authorized_keys_file//%u/$user}";
39

40
# Replace %h with home dir (ex: %h/.ssh/authorized_keys)
41
authorized_keys_file="${authorized_keys_file//%h/$home_dir}";
42
ssh_dir=$(dirname $authorized_keys_file);
43

44
if [ ! -d $ssh_dir ]; then
45
    mkdir $ssh_dir;
46
    chmod 700 $ssh_dir;
47
    chown $user: $ssh_dir;
48
fi
49

50
if [ ! -d $authorized_keys_file ]; then
51
    touch $authorized_keys_file;
52
    chmod 600 $authorized_keys_file;
53
    chown $user: $authorized_keys_file;
54
fi
55

56
# Restore SELinux security contexts. This is required
57
# for passwdless SSH to work.
58

59
if type restorecon >/dev/null 2>&1; then
60
    restorecon -F $ssh_dir $authorized_keys_file;
61
fi
62

63
# Add to authorized_keys file only if not exists already
64
while read line
65
do
66
    grep -Fxq "$line" $authorized_keys_file;
67
    [ $? -ne 0 ] && echo "$line" >> $authorized_keys_file;
68
done < "$GLUSTERD_WORKDIR"/$pub_file;
69

70
exit 0;
71